Virus and Spyware Removal Guides, uninstall instructions

Queclink Ransomware

What is Queclink ransomware?

Queclink is a ransomware-type program designed to encrypt data (render files inaccessible) and demand payment for the decryption (access recovery). During the encryption process, files are appended with the ".queclink" extension. For example, a file initially named something similar to "1.jpg" would appear as "1.jpg.queclink", and so forth.

After this process is complete, ransom notes are created in a pop-up ("RESTORE_FILES_INFO.hta") and "RESTORE_FILES_INFO.txt" text file. Queclink also creates a file titled according to infected machine's username (e.g., "TOMASMESKAUFFFE_1E857D00BFEBFBFF000A0655.txt"). All of these files are dropped onto the desktop.

   
Darliament.space Ads

What is the darliament[.]space site?

Sharing many similarities with echanged.space, matrix-news.net, hisurnhuh.com, and thousands of others, darliament[.]space is a rogue website. It operates by presenting visitors with dubious material and/or redirecting them to different sites (likely, unreliable or malicious ones).

Users typically access these websites unintentionally; most get redirected to them by rogue webpages, intrusive advertisements, or installed PUAs (Potentially Unwanted Applications). These apps can infiltrate systems without explicit permission.

   
Echanged.space Ads

What is the echanged[.]space site?

Echanged[.]space is a rogue website, sharing many similarities with matrix-news.net, push-news.org, news-mosuka.cc, and thousands of others. This page is designed to load questionable content and/or redirect visitors to different sites (likely, unreliable/malicious ones).

These websites are usually accessed unintentionally; most users get redirected to them by rogue pages, intrusive adverts, or installed PUAs (Potentially Unwanted Applications). This software can infiltrate devices without user permission; hence, users may be unaware of its presence.

   
Wage Increase Email Scam

What is "Wage Increase email scam"?

"Wage Increase email scam" is the name of a spam campaign - a mass-scale operation during which thousands of deceptive emails are sent. The scam emails sent through this campaign - notify recipients of a change within the payment structure and a supposed wage increase.

The aim of this spam mail is to promote a phishing website, which targets email account log-in credentials (i.e., email addresses and corresponding passwords). The promoted site uses Google APIs - a legitimate service for improving web and app functionalities.

   
DECcenter Ransomware

What is DECcenter?

DECcenter ransomware is part of the VoidCrypt family. As a rule, cybercriminals behind malware of this type use it to encrypt victim's files and demand a ransom payment in return for data decryption. Like most ransomware variants, DECcenter creates a ransom note, the "Decrypt-info.txt" text file.

Also, this ransomware renames files by appending the decryptioncenter2016@gmail.com email address, random characters, and the ".DECcenter" file extension. For example, DECcenter renames "1.jpg" to "1.jpg.[Decryptioncenter2016@gmail.com][MJ-IM0518673942].DECcenter", "2.jpg" to "2.jpg.[Decryptioncenter2016@gmail.com][MJ-IM0518673942].DECcenter", etc.

   
Matrix-news.net Ads

What is matrix-news[.]net?

Similar to news-mosuka.ccserchboustahe.comfewergkit.comloloclicks.biz, and thousands of others, matrix-news[.]net is a rogue webpage. It is designed to load dubious material and/or redirect visitors to different sites (likely, unreliable or malicious ones).

Users typically access such websites unintentionally. Most get redirected to them by rogue pages, intrusive ads, or installed PUAs (Potentially Unwanted Applications). These apps can cause redirects, run intrusive advertisement campaigns, and collect browsing-related data.

   
Push-news.org Ads

What is push-news[.]org?

Push-news[.]org is designed to trick visitors into agreeing to receive its notifications and open about two, three other unreliable pages (it depends on the geolocation of its visitors). Push-news[.]org is similar to news-mosuka[.]cc, neehoose[.]com, boustahe[.]com, and hundreds of other pages of this type.

   
Cypress Ransomware

What is Cypress ransomware?

Cypress is another variant of the Nitro ransomware. This malicious program is designed to encrypt data for the purpose of making ransom demands for the decryption. In other words, the files affected by Cypress are rendered inaccessible, and victims are asked to pay - to recover access to their data.

During the encryption process, affected files are appended with the ".cypress" extension. For example, a file initially titled something like "1.jpg" would appear as "1.jpg.cypress", "2.jpg" as "2.jpg.cypress", and so on. Once this process is complete, a pop-up window is displayed, which contains the ransom note.

   
Freshy Browser Hijacker

What is Freshy?

Freshy is a browser hijacker endorsed as a tool that can provide top news, as well as sports and entertainment content in new browser tabs/windows. It operates by making modifications to browsers - to promote the freshysearch.com fake search engine.

Additionally, this piece of software has data tracking abilities, which are used to spy on users' browsing activity. Due to the questionable methods used to distribute browser hijackers, they are also classified as PUAs (Potentially Unwanted Applications).

   
Makeklick.biz Ads

What is the makeklick[.]biz site?

Sharing similarities with ctivetothe.online, special-update.online, wcoulditbe.club, and countless others, makeklick[.]biz is an untrustworthy website. Visitors to this page are presented with questionable content and/or redirected to rogue or possibly malicious sites.

Webpages of this type are rarely entered intentionally. Users usually access them via redirects caused by intrusive adverts or PUAs (Potentially Unwanted Applications) already installed onto their devices.

This software does not need explicit user permission to be installed onto systems. PUAs operate by causing redirects, delivering intrusive advertisement campaigns, and gathering browsing-related information.

   

Page 793 of 2105

<< Start < Prev 791 792 793 794 795 796 797 798 799 800 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal