Step-by-Step Malware Removal Instructions

Communique Adware
Adware

Communique Adware

Communique is a rogue application that we discovered while investigating suspicious sites. After inspecting this app, we determined that it is advertising-supported software (adware). It is designed to run intrusive ad campaigns and may have additional harmful abilities. Adware operates by

Flashcleaner.xyz Redirect
Browser Hijacker

Flashcleaner.xyz Redirect

Our team inspected flashcleaner.xyz and found that it is a fake search engine that shows results generated by another search engine. A big part of fake search engines is promoted through browser hijackers. Usually, these apps promote fake (or unreliable) search engines by changing browser settings

Vipcaptchanow.top Ads
Notification Spam

Vipcaptchanow.top Ads

Vipcaptchanow[.]top is a rogue page that our researchers discovered while checking out untrustworthy websites. It is designed to promote browser notification spam and redirect visitors to other (likely unreliable/harmful) webpages. Most users access websites like vipcaptchanow[.]top through redir

Code Ransomware
Ransomware

Code Ransomware

While checking the VirusTotal page for recently submitted malware samples, our team came across ransomware dubbed Code. This ransomware encrypts data, appends its extension (".code") to filenames, and creates a ransom note (a file named "!!!HOW_TO_DECRYPT!!!.txt" file). An example of how Code mod

Cyber (Chaos) Ransomware
Ransomware

Cyber (Chaos) Ransomware

Cyber is the name of a malicious program based on the Chaos ransomware. Our researchers discovered this malware while inspecting new submissions to VirusTotal. Once we executed a sample of Cyber (Chaos) ransomware on our test system, it began encrypting files and appended their filenames with a "

Coolcaptchahere.top Ads
Notification Spam

Coolcaptchahere.top Ads

Our team found that coolcaptchahere[.]top displays a misleading message with the intention of tricking visitors into allowing it to display notifications. Additionally, this website may redirect users to other suspicious sites. It is important to note that users access sites like coolcaptchahere[.

Craa Ransomware
Ransomware

Craa Ransomware

Our team discovered Craa ransomware, a Djvu family member, while analyzing malware samples submitted to VirusTotal. When infecting a computer, Craa encrypts files and appends the ".craa" extension to their filenames. Additionally, it creates a ransom note in the form of a text file named "_readme.

Like (Dharma) Ransomware
Ransomware

Like (Dharma) Ransomware

While investigating new submissions to VirusTotal, our research team discovered a ransomware named Like that belongs to the Dharma family. Once we executed a sample of Like (Dharma) ransomware on our test machine, it encrypted files and changed their filenames. The titles of affected files were a

Jerd Ransomware
Ransomware

Jerd Ransomware

Jerd is ransomware designed to encrypt data, append the victim's ID, jerd@420blaze.it email address, and the ".j3rd" extension to filenames, and provide two ransom notes (display a pop-up window and create a text file named "info.txt"). Jerd belongs to the Dharma ransomware family. We discovered i

Nexus Banking Trojan (Android)
Trojan

Nexus Banking Trojan (Android)

Nexus is the name of a banking trojan targeting Android Operating Systems (OSes). According to the research done by Cyble analysts, Nexus is the rebranded version of the S.O.V.A. banking trojan. As the classification implies, this malware primarily targets banking and finance related information.