Virus and Spyware Removal Guides, uninstall instructions

Nakw Ransomware

Nakw ransomware removal instructions

What is Nakw?

Nakw is one of the many ransomware-type programs that belong to the Djvu ransomware family. Its victims cannot access/use their files because it encrypts them with a strong encryption algorithm. Typically, people who have their computers by ransomware can decrypt their files with decryption software and/or key, however, in order to get it/them they have to pay cyber criminals a ransom. Nakw creates the "_readme.txt" file, it contains instructions on how to recover encrypted data. Also, this ransomware renames files by changing their extension to ".nakw". For example, it renames a file named "1.jpg" to "1.jpg.nakw", and so on.

Website Sextortion Scam

Avoid being scammed through a website sextortion scam

What is a website sextortion scam?

Typically, scammers spread sextortion scams via email. However, in this case they use hacked WordPress and Blogger accounts to post these scam messages in front pages of various websites. Once visited, those websites show posts stating that visitor's computer is hacked and its camera was used to record a video where a visitor can be seen watching a video on some adult website. Scammers behind these scams try to trick people into paying them money by stating that they will spread a recorded video if they will not be paid a certain amount of money. We strongly recommend not to trust such scams even if they are posted on legitimate blogging websites (like hacked WebPress and Blogger pages) or anywhere else.

Worm Ransomware

Worm ransomware removal instructions

What is Worm?

Discovered by Michael Gillespie, Worm is a new variant of the Paradise ransomware. It is designed to encrypt data and demand a ransom for its decryption. During the encryption process all affected files are appended with a unique ID number, developers' email address and ".worm" extension ("[id-[victim's_ID]].[].worm"). To elaborate, a file tilted "1.jpg" would appear as something like "1.jpg[id-SSJXbLaK].[].worm" and so on. After the encryption is complete, Worm creates an html file - "$%~-#_ABOUT_YOUR_FILES_#$=$$.html" and drops it onto the desktop.

Badmonday POP-UP Scam (Mac)

How to remove "Badmonday" from Mac?

What is "Badmonday"?

Badmonday is a family of deceptive/scam websites, which operate by using scare-tactics to trick users into installing untrustworthy applications. This variation promotes Smart Mac Booster, classified as a PUA (Potentially Unwanted Application). Badmonday warns visitors of viruses it has detected on their MacOS (Mac Operating System) and offers Smart Mac Booster for their removal. It must be emphasized, that no webpage can detect threats/issues on devices. Therefore, any problem alerts displayed by such sites are fake. Websites showing messages of this sort are not to be trusted and software advertised on them must never be downloaded/installed. It is highly likely that any applications endorsed by deceptive pages are fraudulent and nonfunctional. Most visitors to Badmonday, access it inadvertently; they get redirected by PUAs already present on the system.

Lm Ransomware

Lm ransomware removal instructions

What is lm?

Lm is the name of ransomware that belongs to the Paradise ransomware family. The person who discovered lm is dnwls0719. It is designed to encrypt files and keep them inaccessible unless victims decrypt them with a decryption tool. In order to get it victims have to pay cyber criminals (lm developers) a ransom. This ransomware changes filenames of all encrypted files, their names contain of "_Kim Chin lm_", victim's ID and ".lm" extension. For example, it renames "1.jpg" to "1.jpg_Kim Chin Im_{5zkVf2}.lm", and so on. Also, lm generates a ransom note, the "---==%$$$OPEN_ME_UP$$$==---.txt" text file.

IdeaShared Adware (Mac)

How to remove IdeaShared from Mac?

What is IdeaShared?

IdeaShared is an untrustworthy application that supposed to enhance web browsing experience. However, it's actually an adware-type app that is designed to feed users with advertisements. Besides, it is also used as tool to gather various information about its users. Typically, people download and install adware unintentionally, for this reason IdeaShared is categorized as a potentially unwanted application (PUA).

Xda Ransomware

Xda ransomware removal instructions

What is Xda?

Belonging to the Dharma/Crysis malware family, Xda is a ransomware. It was discovered by Jakub Kroustek. This malicious program operates by encrypting victims' data and demanding a ransom for its decryption. During the encryption, all files are renamed with a unique ID number (generated individually for each victim), developers' email address and the ".xda" extension. For example, a file titled "1.jpg" would look something like "[].xda", and so on for all compromised files. After this process is complete, Xda creates a text file - "FILES ENCRYPTED.txt" and drops it onto the desktop; it also displays a pop-up window.

NEMTY REVENGE 2.0 Ransomware

NEMTY REVENGE 2.0 ransomware removal instructions

What is NEMTY REVENGE 2.0?

NEMTY REVENGE 2.0 ransomware is a malicious software which was discovered by Michael Gillespie. People who have their files encrypted by it cannot access them without decrypting them with a decryption key first. To get that key victims are forced to pay cyber criminals who designed NEMTY REVENGE 2.0 a ransom. This ransomware renames all encrypted files by adding the ".NEMTY_[victim's ID]" extension. For example, it renames a file named "1.jpg" to "1.jpg.NEMTY_AZW1EKL", and so on. It also creates a ransom note, the "NEMTY_AZW1EKL-DECRYPT.txt" (its filename includes victim's ID too) file that contains instructions on how to get a decryption key. As its name suggests, NEMTY REVENGE 2.0 is not the first version of this ransomware, it is very likely that the previous version had some flaws and this version does not have them.

Sundayfunny POP-UP Scam (Mac)

How to remove "Sundayfunny" from Mac?

What is "Sundayfunny"?

Sundayfunny is a family of scam sites, which are designed to promote untrustworthy applications. This variant advertises Smart Mac Booster, which is classified as a PUA (Potentially Unwanted Application). Webpages of this type usually operate by using various scare-tactics to trick visitors into downloading/installing software that they endorse. Sundayfunny alerts users of viruses it has detected and offers Smart Mac Booster, as an app for their elimination. Users should note that no website is capable of finding issues/threats on devices, hence all the alarms they display are fake. Furthermore, applications promoted on these pages tend to be fraudulent and nonoperational. Few visitors access such sites intentionally, most bet redirected by PUAs already present on the system.

ABAT Ransomware

ABAT ransomware removal instructions

What is ABAT?

ABAT is the name of a new variant of Matrix ransomware, it was discovered by dnwls0719. Malware of this type encrypts data so that victims could not use/access their files without having to decrypt them first. Typically, they are forced to purchase decryption tools from cyber criminals who designed ransomware. ABAT renames each file by changing its filename to an email address, a string of random characters and adding the ".ABAT" extension to it. For example, it renames "1.jpg" to "[].0j8tGWZ9-WqnQhsgZ.ABAT". Like most programs of this type, ABAT creates a ransom note that contains instructions on how to recover files. It creates the "!ABAT_INFO!.rtf" file and puts it in folders that contain encrypted files.


Page 10 of 838

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
Malware activity

Global virus and spyware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal