Virus and Spyware Removal Guides, uninstall instructions

2023lock Ransomware

What kind of malware is 2023lock?

2023lock is a ransomware-type program. This malicious program is designed to encrypt data and demand ransoms for its decryption.

On our testing machine, 2023lock encrypted files and appended their filenames with a ".2023lock" extension. For example, a file originally titled as "1.jpg" appeared as "1.jpg.2023lock", "2.png" as "2.png.2023lock", and so on.

After the encryption process was concluded, the ransomware created two identical ransom notes – "README.html" and "README.txt" – and dropped them into the C drive.

GoldPickaxe Trojan (Android)

What is GoldPickaxe?

Discovered by Group-IB, GoldPickaxe is a trojan. This malware has two variants – an Android and an iOS version. The trojan targets information, but most importantly, it seeks biometrics – specifically facial recognition data.

GoldPickaxe is used by a sophisticated threat actor dubbed GoldFactory. This group is behind a malware family comprising GoldPickaxe, GoldDigger, GoldDiggerPlus, and GoldKefu.

GoldFactory is a Chinese-speaking threat actor that may employ native or proficient speakers of other languages, as evidenced by the group's use of multilingual social engineering. GoldPickaxe has been active in Thailand and, based on GoldFactory's previous activities, may soon expand to Vietnam.

ExpandedControl Adware (Mac)

What kind of application is ExpandedControl?

In our evaluation of the ExpandedControl application, we found that it showcases intrusive advertisements, prompting us to categorize it as adware. It is important to mention that software falling into this classification frequently has the capability to collect various types of data.

ResolutionRanking Adware (Mac)

What kind of application is ResolutionRanking?

During our assessment of the ResolutionRanking application, we discovered that it displays intrusive advertisements, leading us to classify it as adware. It is worth noting that software in this category often possesses the ability to gather diverse forms of information.

Greenbean Banking Trojan (Android)

What kind of malware is Greenbean?

Greenbean is the name of a banking trojan. It is designed to infect Android operating systems. This malicious program has been around since at least 2023. As its classification implies, this trojan seeks banking and other finance-related information. There is evidence suggesting that Greenbean targets users in Vietnam and China.

GoBear Backdoor

What kind of malware is GoBear?

GoBear is a backdoor malware crafted in the Go language and authenticated with a legitimate D2innovation Co.,LTD certificate. This insidious threat operates by executing malicious commands received from a Command and Control (C&C) server. Notably, GoBear enhances its capabilities by integrating SOCKS5 proxy functionality.

Troll Stealer

What kind of malware is Troll?

Written in Go language, Troll is a piece of malware that specializes in stealing sensitive information from infected computers. This malware operates through a multi-faceted approach, initially infiltrating systems via a deceptively innocent facade - a dropper masquerading as a benign security program installation file.

Win32/OfferCore Malware

What is "Win32/OfferCore"?

"Win32/OfferCore" (or simply "OfferCore") is a generic detection name used by many security vendors to track bundled setups. Basically, bundlers refer to installers containing several pieces of software. Bundled setups may comprise a single legitimate program with untrustworthy additions or only unwanted/malicious applications and extensions.

It is noteworthy that if "Win32/OfferCore" is detected, it indicates a high likelihood that multiple potentially hazardous programs have infiltrated the system.

Press-Tab Browser Hijacker

What kind of application is Press-Tab?

Our analysis of the Press-Tab browser extension showed that it promotes by modifying the browser settings, a tactic known as browser hijacking. It is crucial to note that users often unintentionally add extensions like Press-Tab to their browsers. Pretty often, browser hijackers are promoted using deceptive methods.

Win32/Grenam Malware

What is Win32/Grenam?

Win32/Grenam is the detection name employed by cybersecurity software to pinpoint a hybrid form of malware blending trojan, worm, and virus characteristics. It is important to note that even after successfully detecting and eliminating this specific threat, conducting a comprehensive scan may uncover additional hidden malware lurking within computers.


Page 9 of 2074

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal