Virus and Spyware Removal Guides, uninstall instructions

What kind of application is Caveqn App?

After examining Caveqn App (CaveqnApp), we found that it serves no legitimate purpose and has been flagged as malicious by multiple security vendors. Additionally, its certain components distribute malware loader called Legion Loader. Therefore, if Caveqn App is installed, it should be uninstalled immediately.

What kind of page is mjieiq[.]click?

Our research team found the mjieiq[.]click rogue webpage during a routine inspection of suspicious sites. After examining this page, we learned that it promotes browser notification spam and causes redirects to other (likely dubious/dangerous) websites.

Most visitors enter mjieiq[.]click and analogous webpages via redirects produced by sites utilizing rogue advertising networks.

What kind of page is adsdoleads[.]top?

Adsdoleads[.]top is a rogue page discovered by our researchers during a routine investigation of untrustworthy websites. Upon inspection, we determined that this webpage endorses browser notification spam and produces redirects to different (likely dubious/harmful) sites.

The majority of visitors to adsdoleads[.]top and similar pages access them via redirects caused by websites utilizing rogue advertising networks.

What kind of application is NetGuard?

NetGuard is promoted as a website reputation checker that allows users to check the safety of web pages and detect potentially malicious ones. However, NetGuard may be distributed through unreliable installers, so we have classified it as a potentially unwanted application.

What kind of scam is "New Webmail 2.0"?

We have inspected the email and found that it is a fake email regarding pending emails and email account re-authentication. It is a phishing email designed to trick recipients into opening a deceptive web page and disclosing personal information. Emails of this type should be ignored to avoid data theft and other potential issues.

What kind of page is shafirewall[.]xyz?

After reviewing shafirewall[.]xyz, we found that it displays misleading content designed to trick visitors into allowing it to show notifications. The site can send fake warnings and other deceptive notifications if permission is granted. In general, it is an untrustworthy page that should be avoided and closed if encountered

What kind of malware is Boramae?

Boramae is a ransomware-type program. It is designed to encrypt data and demand ransoms for the decryption. Boramae appends filenames of encrypted files with a unique ID assigned to the victim and a ".boramae" extension, e.g., a file titled "1.jpg" becomes "1.jpg.{62C6A0A1-CB99-6138-914B-5F2CBAAA094E).boramae", etc.

After this process is finished, the Boramae ransomware creates a ransom-demanding message in a text file named "README.TXT".

What kind of application is Roxaq Apps?

While investigating an installation setup promoted by a rogue webpage, we discovered the "Roxaq Apps" PUA (Potentially Unwanted Application). This program acts as a dropper for the Legion Loader malware. On our test machine, Roxaq Apps was installed together with the fake "Save to Google Drive" browser extension.

What kind of page is feedshareeasyfile[.]com?

Feedshareeasyfile[.]com is the address of a rogue page that endorses unwanted software and browser notification spam. Additionally, it can redirect users to different (likely dubious/dangerous) sites.

Most visitors to feedshareeasyfile[.]com and analogous webpages access them through redirects caused by websites using rogue advertising networks. Our researchers discovered this page during a routine investigation of said ad networks.

What is PrivacyShield?

As its name suggests, PrivacyShield is a web browser that focuses on protecting user privacy by offering features designed to block potential privacy invasions. However, it is possible that this browser is promoted using malicious installers. Thus, we classified PrivacyShield as an unwanted application.