Y2mate.com is media download and converting service for YouTube, which promotes their Y2mate Muvi Downloader app for Android. Like many other websites of similar nature, Y2mate.com provides the functionality of downloading video and audio from YouTube, in exchange for ads display. However, owners went on and try to force users to subscribe to the website's notifications and offer doubtful Google Chrome extension, called MeddleMonkey. This extension supposedly adds the "Download" button under YouTube player, but along with that, it gains access to personal data and browsers settings, which allows it to generate ads and redirects during browsing activity of the users. You should remember, that there are many much safer alternatives to Y2mate.com, and downloading videos is, actually, the violation of YouTube guidelines.
Phobos Ransomware is a virus, that encrypts user files using AES encryption algorithm and demands ~$3000 for decryption. Ransomware adds .phobos, .mamba, .phoenix, .actin, .actor, .blend, .adage .acton, .com, .adame, .acute, .karlos or .Frendi extensions to encoded files and makes them inaccessible. In order to confuse users and researchers Phobos Ransomware uses file-modification patterns and ransom notes similar to very wide-spread Dharma Ransomware. Especially after design change in January 2019, when they started to look like identically. However, there are certain differences in file-markers and appearance. After contacting the developers via one of the provided e-mails, they demand $3000 in BitCoins for decryption to be paid in 6 hours. Otherwise, the cost of decryption will increase up to $5000. At the moment automated decryptors for Phobos Ransomware do not exist. There is no proof, that malefactors send decryptors to the victims, that is why we do not recommend paying the ransom. Instead, try using instructions on this page to recover encrypted files. File-recovery software can restore some files from your hard-drive.
STOP Ransomware is a sophisticated encryption virus, that uses the Salsa20 algorithm to encode sensitive personal data, such as photos, videos, and documents. The latest appeared versions in November add .mosk, .lokf, .meka or .toec extensions to files and make them unreadable. To date, the family includes about 180 representatives, and the total number of affected users is approaching a million. Most of the attacks are in Europe and South America, India and Southeast Asia. The threat also affected the United States, Australia, and South Africa. Although the STOP virus is less known than GandCrab, Dharma, and other ransomware trojans, it is this year that accounts for more than half of the detected attacks. Moreover, the next rating participant, the aforementioned Dharma, lags behind him by this indicator by more than four times.
Paradise Ransomware is file-encryption virus, that encrypts user's files using RSA-1024 encryption algorithm. Latest versions of this threat append .VACv2, .CORP or .xyz extensions. Previously, Paradise Ransomware used .paradise, .sell, .ransom, .logger, .prt and .b29. Among all variations, only last one can be decrypted. Ransomware has many similarities with Dharma Ransomware, as it has very look-a-like design and uses similar patterns for file modifications. Authors of the virus offer e-mail to contact them for decryption negotiation: firstname.lastname@example.org. They demand several thousand dollars for decryption, that have to be paid in BitCoins. It is also stated, that 1-3 useless files can be decrypted for free as a prove, that decryption is possible. However, malefactors cannot be trusted. Instead, we recommend you to try instructions below to restore files encrypted by Paradise Ransomware.
Notification-list.com is scammy website, that uses so-called "social engineering" to subscribe users to push-notifications. This is a browser feature, that allows websites to display their content updates directly on the desktop of the computers (usually in the bottom-right corner). This is widely used on blogs, news portals, Youtube and social networks to inform users about new posts, videos, news articles, friends updates. Notification-list.com exploits this possibility to show advertising. Notification-list.com is, in most cases, just an online browser-based advertising scam. It uses the combination of cunning wording and simple browser feature to deliver unwanted ads. However, sometimes, it can be related to actual virus infection.