Virus and Spyware Removal Guides, uninstall instructions

Cricket Start Browser Hijacker

What is Cricket Start?

While inspecting dubious download websites, we found the Cricket Start browser extension. It promises quick access to Cricket sports results and updates. After analyzing this piece of software, we determined that it operates as a browser hijacker promoting the fake search engine.

World Health Organization Beneficiary Email Scam

What kind of email is "World Health Organization Beneficiary"?

Following our inspection of the "World Health Organization Beneficiary" email, we determined that it is spam that operates as a phishing scam.

These fake letters attempt to extract recipients' personally identifiable details - by claiming that this information must be provided to receive a huge financial grant. These spam emails are disguised as letters from the World Health Organization (WHO).

Ultimate Ad Eraser Adware

What is Ultimate Ad Eraser?

While inspecting dubious download websites, our researchers found the Ultimate Ad Eraser browser extension. This piece of software is promoted as an adblocker - a tool capable of removing and altering online ads. However, after analyzing Ultimate Ad Eraser, we learned that it operates as adware instead. In addition to running intrusive advertisement campaigns, this extension also spies on users' browsing activity.

Nominatus Ransomware 2

What is Nominatus Ransomware 2?

Nominatus Ransomware 2 is malware that encrypts files and generates a ransom note (the "NominatusRansomware2Message.txt" file). We have discovered this ransomware while inspecting malware samples submitted to the VirusTotal website. Unlike most ransomware variants, Nominatus Ransomware 2 does not rename the encrypted files.

Words Malware

What is Words malware?

Words is the name of a malicious program, which our research team found while inspecting fake "cracked" software download sites. The Words malware is capable of force-opening untrustworthy and hazardous websites, and it might have other harmful abilities as well.

It is noteworthy that this program attempts to avoid user detection by using the Microsoft Word icon and the process name "words" on the Task Manager.

Shade Area Adware

What kind of application is shade area?

shade area adware is promoted as a tool for changing the color of the selected areas on websites. We have discovered this app on a deceptive website claiming that it is required to install a secure Chrome extension. After installing this app, we found that it generates advertisements. Thus, we classified shade area as adware.

Safety Shield Malware

What kind of software is Safety Shield?

Safety Shield is a malicious application designed to open various websites. We discovered this malware after downloading an installer from a fake website supposedly offering cracks for various software. The installer distributing Safety Shield may also contain other unwanted software.

Dllhost.exe Malware

What is Dllhost.exe malware?

While inspecting fake "cracked" software download websites, we discovered the Dllhost.exe malicious program. It masquerades as the legitimate Windows process - dllhost.exe (COM Surrogate), thereby attempting to avoid appearing suspicious on Task Manager.

Nerbian RAT

What kind of malware is Nerbian?

Nerbian is the name of a remote access Trojan (RAT). RATs allow attackers to control infected computers remotely. Nerbian is a RAT written in the Go programming language. It can log keystrokes and capture the screen. It also may have additional capabilities. We discovered it after receiving an email containing a malicious attachment.

Ifla Ransomware

What is Ifla ransomware?

During a routine inspection of new submissions to VirusTotal, our researchers found the Ifla ransomware-type program. We determined that this piece of malicious software is part of the Djvu ransomware family.

After being launched onto our test system, this ransomware encrypted files and appended their filenames with a ".ifla" extension. For example, a file originally named "1.jpg" appeared as "1.jpg.ifla", "2.png" as "2.png.ifla", etc. Once the encryption was completed, a ransom note titled "_readme.txt" was created.


Page 9 of 1561

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
About PCrisk

PCrisk logo

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal