Step-by-Step Malware Removal Instructions

New Project Proposal Email Scam
Phishing/Scam

New Project Proposal Email Scam

After reviewing this letter, we concluded that it is a scam email (a phishing letter) designed to lure recipients into providing sensitive information. It contains an attachment that opens a phishing website. This letter is disguised as an email regarding a new project proposal from a travel compa

RefreshMate Adware
Adware

RefreshMate Adware

After downloading and testing RefreshMate, we found that it is a browser extension that shows annoying advertisements. Therefore, we classified RefreshMate as adware. Typically, users download apps of this kind from unreliable sources and (or) unintentionally. RefreshMate is advertised as

Theaddinshop.com Ads
Notification Spam

Theaddinshop.com Ads

Theaddinshop[.]com is a rogue page we discovered while reviewing suspicious websites. It is designed to push browser notification spam and redirect visitors to other (likely untrustworthy/harmful) sites. Users primarily enter webpages akin to theaddinshop[.]com through redirects caused by sites u

Ruffcensaop.xyz Ads
Notification Spam

Ruffcensaop.xyz Ads

While investigating questionable websites, our research team found the ruffcensaop[.]xyz rogue page. It operates by promoting spam browser notifications and redirecting visitors to other (likely unreliable/harmful) sites. Users typically enter webpages like ruffcensaop[.]xyz via redirects caused

Sport Engine Browser Hijacker
Browser Hijacker

Sport Engine Browser Hijacker

Our researchers discovered the Sport Engine browser extension while investigating scam sites. This piece of software supposedly allows users to customize their new browser tabs with sports-related backgrounds. However, our analysis revealed that it operates as a browser hijacker. Sport Engine mod

Apple iPhone 14 Winner POP-UP Scam
Phishing/Scam

Apple iPhone 14 Winner POP-UP Scam

"Apple iPhone 14 Winner" is a scam promoted on deceptive websites. There are multiple variants of this scheme. The common theme is that the user has won an iPhone 14 or they are offered a chance to win the smartphone. It must be stressed that these claims are fake and they are not associated with

ExilenceTG Ransomware
Ransomware

ExilenceTG Ransomware

During an examination of malware samples submitted to VirusTotal, we discovered a new Key Group ransomware variant dubbed ExilenceTG. We found that ExilenceTG encrypts files, appends the ".exilenceTG" extension to filenames, and creates a text file ("cyber.txt"). An example of how ExilenceTG rena

Player Adware
Adware

Player Adware

During a routine inspection of deceptive websites, our researchers discovered an installer containing the "Player" app. Our investigation revealed that this piece of software operates as adware. In other words, Player runs intrusive advertisement campaigns and may have other harmful functionalitie

Rankcaptcha.top Ads
Notification Spam

Rankcaptcha.top Ads

Rankcaptcha[.]top is a site crafted to deceive visitors into accepting its notifications and potentially divert them to other comparable pages. It is uncommon for such pages to be opened intentionally by users. Our team came across rankcaptcha[.]top during an examination of pages utilizing fraudul

DeathRansom (Chaos) Ransomware
Ransomware

DeathRansom (Chaos) Ransomware

Our research team discovered the DeathRansom ransomware-type program during a routine inspection of new submissions to VirusTotal. This malicious program is part of the Chaos ransomware family. Once we executed a sample of DeathRansom (Chaos) ransomware on our test machine, it encrypted files and