Virus and Spyware Removal Guides, uninstall instructions

What kind of page is news-relimo[.]cc?

Our researchers discovered the news-relimo[.]cc rogue webpage while inspecting untrustworthy sites. It is designed to push browser notification spam and cause redirects to different (likely unreliable/malicious) websites. Most users access pages like news-relimo[.]cc via others that use rogue advertising networks.

What kind of page is totalwownews[.]com?

During a routine inspection of untrustworthy websites, our research team found the totalwownews[.]com page. This rogue site promotes spam browser notifications and redirects users to other (likely untrustworthy or malicious) webpages.

Visitors to websites like totalwownews[.]com typically access them via redirects caused by pages using rogue advertising networks.

What is BestSportSearch?

After analyzing the BestSportSearch browser extension, our researchers determined that it is a browser hijacker. This piece of software makes alterations to browser settings in order to promote the bestsportsearch.com fake search engine.

What is GonnaCope?

Recently, a new ransomware called GonnaCope was discovered by Petrovic. It was found that GonnaCope not only encrypts files but also deletes files and replaces them with some random files (files with the ".cope" extension). Files encrypted by GonnaCope do not have a new extension.

Also, GonnaCope ransomware generates a ransom note (the "ReadMe.txt" file) and displays another one in a cmd (Command Prompt) window.

What kind of page is deviceunder-shield[.]com?

While inspecting untrustworthy sites, our researchers found the deviceunder-shield[.]com rogue webpage. It is designed to load scams, push browser notification spam, and redirect visitors to other (likely dubious/malicious) websites. Most users enter deviceunder-shield[.]com and sites akin to it via redirects caused by pages using rogue advertising networks.

What is goodcaptcha[.]top?

Goodcaptcha[.]top is a website designed to trick visitors into allowing it to show notifications. Another problem with this site is that it can open other untrustworthy pages. Our team has discovered goodcaptcha[.]top while inspecting sites that use shady advertising networks (websites that display deceptive ads and open shady websites).

What is fill darker?

Fill darker is a rogue browser extension that our research team discovered while inspecting scam download sites. Following our analysis, we determined that this extension operates as advertising-supported software (adware).

What kind of application is DigitalConverterz?

When we downloaded and examined the DigitalConverterz application, we learned that it is a browser hijacker that changes the settings of a web browser to digitalconverterz.com. The purpose of this app is to promote a fake search engine. Our team found this app while visiting/inspecting shady websites offering to install various software.

What kind of page is savingm[.]com?

While inspecting shady websites, we discovered the savingm[.]com page. This rogue webpage promotes deceptive material, pushes browser notification spam, and redirects visitors to other (likely untrustworthy/malicious) sites. Most users enter websites like savingm[.]com through redirects caused by pages using rogue advertising networks.

What kind of website is protectpc[.]xyz?

Protectpc[.]xyz is a shady website running a scam similar to "McAfee - Your PC is infected with 5 viruses!". Also, this page asks for permission to show notifications. Our team has discovered protectpc[.]xyz while inspecting illegal movie streaming pages, torrent sites, and other pages that use rogue advertising networks.