Virus and Spyware Removal Guides, uninstall instructions

Mine Ransomware

What is Mine ransomware?

While inspecting submissions to VirusTotal, we discovered the Mine malicious program that belongs to the Djvu ransomware family. Programs within this malware classification are designed to encrypt data and demand payment for the decryption.

We launched a sample of Mine on our test machine, and it began encrypting files and appending their filenames with a ".mine" extension. To elaborate, a file initially titled "1.jpg" appeared as "1.jpg.mine", "2.png" as "2.png.mine", and so on for all of the affected files. Afterwards, a ransom-demanding message - "_readme.txt" - was created.

   
Mous0.biz Ads

What is mous0[.]biz?

We have examined the mous0[.]biz page and learned that it uses a clickbait technique to trick visitors into agreeing to receive its notifications. Moreover, it redirects visitors to an identical page. Our team has discovered mous0[.]biz while examining other pages that use rogue advertising networks.

   
Protectionsrequired.com Ads

What kind of website is protectionsrequired[.]com?

Protectionsrequired[.]com is one of the many deceptive websites designed to trick visitors into believing that their computers are infected. Protectionsrequired[.]com promotes McAfee antivirus - a legitimate software.

This page is operated by affiliates who aim to collect illegitimate commissions from purchases made through this page. Our team has discovered it while inspecting questionable pages (websites that use rogue advertising networks).

   
Stealerium Malware

What kind of malware is Stealerium?

Stealerium is the name of an information stealer written in the C# programming language. It sends logs (stolen information) to a Discord channel controlled by the attackers using a webhook. Stealerium malware can extract data, log keystrokes, capture screenshots, and hijack the clipboard.

   
Prime Adware

What is Prime adware?

Prime is the name of a rogue application that we discovered while inspecting deceptive download websites. After analyzing this piece of software, we determined that it operates as advertising-supported software (adware). Additionally, we noted that Prime is practically identical to Healthiness adware.

   
GUCCI Ransomware

What kind of malware is GUCCI?

Our malware researchers have discovered a ransomware variant (belonging to the Phobos family) called GUCCI. It was found while analyzing malware samples submitted to VirusTotal. GUCCI is ransomware that encrypts files, appends the ".GUCCI" extension (and the victim's ID) to filenames, and generates two ransom notes.

GUCCI creates "info.txt" and "info.hta" files that contain ransom notes. An example of how it renames files: it changes "1.jpg" to "1.jpg.id[9ECFA84E-3208].[tox].GUCCI", "2.png" to "2.png.id[9ECFA84E-3208].[tox].GUCCI", and so forth.

   
Xcvf Ransomware

What is Xcvf ransomware?

Xcvf is a malicious program categorized as ransomware. It is designed to encrypt data and demand ransoms for the decryption. We found Xcvf while inspecting new malware submissions to VirusTotal. Additionally, we determined that this program is part of the Djvu ransomware family.

After being launched onto our test machine, this ransomware encrypted files and appended their filenames with a ".xcvf" extension. For example, a file originally named "1.jpg" appeared as "1.jpg.xcvf", "2.png" as "2.png.xcvf", etc. Once this process was completed, Xcvf created a text file titled "_readme.txt", which contained the ransom note.

   
InfoMajorSearch Adware (Mac)

What kind of application is InfoMajorSearch?

We have discovered the InfoMajorSearch application after downloading a fake Adobe Flash Player installer from a deceptive website. It was found that this application serves annoying advertisements. It functions as adware.

   
News-waxawo.com Ads

What kind of page is news-waxawo[.]com?

While inspecting shady websites, our research team discovered news-waxawo[.]com. This rogue page is designed to push browser notification spam and redirect visitors to different (likely unreliable/malicious) sites. Most visitors to webpages like news-waxawo[.]com access them through redirects caused by websites using rogue advertising networks.

   
Defenceprogramm.com Ads

What kind of page is defenceprogramm[.]com?

Defenceprogramm[.]com is a rogue site that our research team found while inspecting deceptive webpages. This page operates by promoting scams, pushing browser notification spam, and redirecting visitors to other (likely untrustworthy/malicious) websites.

Users typically enter webpages like defenceprogramm[.]com via redirects caused by sites using rogue advertising networks.

   

Page 10 of 1556

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
About PCrisk

PCrisk logo

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal