Virus and Spyware Removal Guides, uninstall instructions

Gotoyahoo.com Redirect

What is gotoyahoo.com?

While analyzing gotoyahoo.com, we found that it is a fake search engine promoted via browser hijackers (extensions like Image Size Info). Fake search engines and extensions promoting them should be avoided. If they are present within browser settings and (or) added to browsers, they should be removed.

   
Videov-click.com Ads

What kind of page is videov-click[.]com?

Our researchers found videov-click[.]com while browsing dubious websites. This rogue page endorses browser notification spam and redirects users to different (likely untrustworthy/hazardous) sites. Most visitors enter webpages like videov-click[.]com via redirects generated by websites utilizing rogue advertising networks.

   
King Ransomware

What kind of malware is King?

King is a ransomware variant from the Proton family. Our team discovered King while inspecting malware samples submitted to VirusTotal. This ransomware encrypts files, appends an email address and the ".king" extension to filenames, and creates a file named "#Read-for-recovery.txt" (a ransom note). Also, King changes the desktop wallpaper.

An example of how King ransomware changes filenames: it renames "1.jpg" to "1.jpg.[king_ransom1@mailfence.com].king", "2.png" to "2.png.[king_ransom1@mailfence.com].king", and so forth.

   
Topimg.click Ads

What kind of page is topimg[.]click?

During our analysis of topimg[.]click, we found that the page aims to deceive visitors into permitting it to send notifications. Topimg[.]click displays misleading content to receive this permission. Sites like topimg[.]click should be avoided/not visited.

   
Ajuce.com Ads

What kind of page is ajuce[.]com?

While inspecting ajuce[.]com, our team found that this website is created to lure visitors into granting it permission to show notifications. Once on ajuce[.]com, visitors are presented with a misleading message. If allowed, sites like ajuce[.]com send deceptive notifications promoting various scams and similar content.

   
Email Password Expiration Scam

What kind of email is "Email Password Expiration"?

After inspecting the "Email Password Expiration" message, we determined that it is spam. It is presented as a password expiration notification. Victims of this phishing mail risk having their email accounts stolen.

   
DHL - Customs Clearance Email Virus

What kind of email is "DHL - Customs Clearance"?

Upon examination, we determined that the "DHL - Customs Clearance" email is fake. This spam email is malspam. It lures recipients by claiming that the attached file contains documents concerning a shipment's customs clearance. The attachment is intended to infect victims' computers with malware.

It must be emphasized that this fraudulent message is not associated with the actual DHL logistics company.

   
404 Mail Delivery Failed Email Scam

What is "404 Mail Delivery Failed"?

During our analysis of the email we found that it is a phishing attempt (a phishing email). Scammers who crafter this email aim to trick recipients into believing they have received a notification from an email service provider. Therir ultimate goal is to steal personal information from recipients.

   
Defi Ransomware

What kind of malware is Defi?

Our researchers discovered a ransomware-type program from the Makop family called Defi while inspecting new submissions to the VirusTotal website. Ransomware functions by encrypting victims' data to demand that they pay a ransom for the decryption.

On our testing system, Defi encrypted files and modified their titles. Original filenames were appended with a unique ID assigned to the victim, the cyber criminals' email address, and a ".defi1328" extension (note that the number in the extension may vary based on the ransomware's variant). To elaborate, a file initially named "1.jpg" appeared as "1.jpg.[2AF20FA3].[wewillrestoreyou@cyberfear.com].defi1328" on our test machine.

Once the encryption process was finished, Defi ransomware changed the desktop wallpaper and dropped a ransom note in a text file titled "+README-WARNING+.txt".

   
Totalalltimebestdefender.info Ads

What kind of page is totalalltimebestdefender[.]info?

Our research team found totalalltimebestdefender[.]info during a routine investigation of suspicious websites. Upon examination, we determined that this rogue page promotes browser notification spam and redirects users to other (likely unreliable/harmful) sites.

The majority of visitors enter webpages like totalalltimebestdefender[.]info through redirects generated by websites that utilize rogue advertising networks.

   

Page 10 of 2274

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal