Virus and Spyware Removal Guides, uninstall instructions

What kind of page is soksicme[.]com?

While inspecting untrustworthy websites, our research team found the soksicme[.]com rogue page. It operates by promoting browser notification spam and redirecting visitors to other (likely dubious/malicious) sites. Users typically enter soksicme[.]com and similar websites via redirects caused by pages using rogue advertising networks.

What kind of page is spotofdating[.]top?

While inspecting questionable sites, our research team discovered spotofdating[.]top, and through it - they also found spot-ofdating[.]top. These rogue webpages are designed to host dubious content, promote browser notification spam, and redirect visitors to other (likely untrustworthy/malicious) websites.

Most users enter such pages via redirects caused by sites that employ rogue advertising networks.

What kind of application is HotComplete?

We have discovered the HotComplete application while examining untrustworthy websites. After downloading and installing the app, we found that it generates annoying/intrusive advertisements. For this reason, we have classified HotComplete as an advertising-supported application.

What kind of page is prizepagoda[.]com?

Prizepagoda[.]com is a rogue webpage we discovered while inspecting untrustworthy websites. It operates by hosting deceptive content, pushing browser notification spam, and redirecting visitors to other (likely unreliable/malicious) sites. Most users enter pages like prizepagoda[.]com through redirects caused by websites using rogue advertising networks.

What kind of page is sandgerl[.]com?

Sandgerl[.]com is a deceptive website running a pop-up scam. It displays a fake system notification to trick visitors into believing that their devices are compromised (hacked). Our team has discovered sandgerl[.]com while inspecting other pages that use rogue advertising networks (sites that display shady ads and redirect to dubious pages).

What is Kekware ransomware?

Kekware is a piece of malicious software classified as ransomware. It is designed to encrypt data and make ransom demands for the decryption.

We obtained a sample of Kekware from VirusTotal and launched it onto our test machine. This ransomware encrypted files and renamed them following this pattern - "[random_string].[original_extension][random_string].cyn". For example, a file initially titled "1.jpg" appeared as "7462.jpg7088.cyn". Afterward, a ransom note - "YcynNote.txt" was dropped onto the desktop.

What kind of page is onlinenothome[.]com?

We have examined the onlinenothome[.]com page and learned that it uses a clickbait technique to trick visitors into allowing it to show notifications. It also redirects visitors to a potentially malicious page. Our team has discovered onlinenothome[.]com while inspecting various pages that use rogue advertising networks.

What kind of malware is Errz?

Our malware researchers have discovered a new Djvu ransomware variant called Errz. It was found while examining malware samples submitted to the VirusTotal site. Errz is ransomware that encrypts files and appends the ".errz" extension to filenames. It provides a ransom note by creating a text file named "_readme.txt".

An example of how Errz renames files: it changes "1.jpg" to "1.jpg.errz", "2.png" to "2.png.errz", and so forth.

What is kind of scam is "CANADIAN LOTTERY" scam?

Our team has examined this email and concluded that it is a typical lottery scam. Scammers behind it attempt to trick recipients into sending them money (and possibly personal information) by claiming that they have won a lottery. This email is disguised as a Canadian lottery winning notice.

What kind of page is bluestringline[.]com?

Our researchers found the bluestringline[.]com rogue webpage while inspecting dubious sites. This page is designed to push browser notification spam and redirect visitors to different (likely deceptive/malicious) websites. Most users access sites like bluestringline[.]com via redirects caused by pages that use rogue advertising networks.