Virus and Spyware Removal Guides, uninstall instructions
What is Ofoq ransomware?
After we executed a sample of this ransomware on our test machine, it began encrypting files and changed their titles. The original filenames were appended with a ".ofoq" extension, e.g., a file named "1.jpg" appeared as "1.jpg.ofoq", "2.png" as "2.png.ofoq", etc. Once this process was completed, a ransom note - "_readme.txt" - was created.
What kind of malware is Ofww?
Our malware researchers have discovered a new Djvu ransomware called Ofww. We found it while examining malware samples submitted to the VirusTotal site. Ofww is ransomware that encrypts files and appends the ".ofww" extension to filenames. It also provides a ransom note (creates the "_readme.txt" file).
An example of how Ofww renames files: it changes "1.jpg" to "1.jpg.ofww", "2.png" to "2.png.ofww", and so forth.
What kind of malware is Oflg?
While inspecting malware samples submitted to the VirusTotal page, our team discovered ransomware called Oflg. It is part of the Djvu ransomware family. Oflg encrypts the victim's files, appends its extension (".oflg") to the filenames of all encrypted files, and creates the "_readme.txt" file/a ransom note.
An example of how Oflg modifies filenames: it changes "1.jpg" to "1.jpg.oflg", "2.png" to "2.png.oflg", "3.exe" to "3.exe.oflg", and so forth.
What kind of page is cousonelly[.]com?
While inspecting cousonelly[.]com, we learned that the purpose of this page is to trick visitors into allowing it to show notifications. It displays deceptive content to get that permission.
Our team discovered cousonelly[.]com while examining websites that use rogue advertising networks (illegal movie streaming pages, torrent sites, and similar pages).
What kind of page is steady-protection[.]com?
Steady-protection[.]com is a rogue webpage that our researchers discovered while investigating untrustworthy websites. This page runs scams, promotes spam browser notifications, and redirects visitors to other (likely unreliable/harmful) sites.
Most users access steady-protection[.]com and webpages akin to it - through redirects caused by sites using rogue advertising networks.
What is Weather Forecast Online?
During a routine inspection of questionable software-promoting webpages, our researchers found the Weather Forecast Online browser extension. It is endorsed as a quick-access tool for local weather forecasts, humidity reports, and other related online content. However, our analysis revealed that this extension operates as advertising-supported software (adware) instead.
What is ORCA ransomware?
When we executed a sample of ORCA on our test system, it began encrypting files and altered their titles. Original filenames were appended with the ".ORCA.victim's_ID" extension, e.g., a file named "1.jpg" appeared as "1.jpg.ORCA.1D1-617-F3E", and so on.
After the encryption process was finished, ORCA created a ransom note - "HOW_TO_RECOVER_DATA.hta" - on the desktop. It is noteworthy that this ransomware employs double extortion tactics.
What kind of application is Secure Text Search?
While testing the Secure Text Search browser extension, we noticed that it displays intrusive advertisements. Apps that display unwanted ads are called advertising-supported apps (or adware). Typically, users download and install adware on computers (or add it to browsers) without knowing that it shows ads. We discovered Secure Text Search on a deceptive page.
What is search-tap.com?
While testing the search-tap.com search engine, our team discovered that it includes advertisements in its results and generates questionable results. Thus, search-tap.com should not be used to browse the Internet. Typically, questionable (or fake) search engines are promoted by browser hijackers that modify the web browser's settings.
What is Trochilus?
Trochilus is a piece of malicious software classified as a RAT (Remote Access Trojan). This type of malware operates by enabling remote access/control over infected devices.
Trochilus has been around for a while, and it was even available on the GitHub software repository. However, new and updated versions of this RAT have been discovered. There is evidence suggesting that this trojan is in use by a Chinese threat actor for cyber-espionage purposes.
Page 8 of 1661<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>