Step-by-Step Malware Removal Instructions

TESCO Loyalty Program POP-UP Scam
Phishing/Scam

TESCO Loyalty Program POP-UP Scam

We have examined this scam and determined that it is a survey scam used to trick visitors into providing personal information and (or) transferring money. The page running this scam is disguised as a survey held by Tesco - a groceries and merchandise retailer. People who fall for such scams never

Streaming Downloader Adware
Adware

Streaming Downloader Adware

After testing the Streaming Downloader application, our team found that it operates as an advertising-supported application - it shows annoying (intrusive) advertisements. We discovered Streaming Downloader while inspecting numerous deceptive web pages. Apps that display ads and are promoted via d

1978 Act Of Protection Of Children POP-UP Scam
Phishing/Scam

1978 Act Of Protection Of Children POP-UP Scam

It is a fake message displayed by a deceptive website designed to trick visitors into calling a fake technical support number. The website running this scam is disguised as a legitimate Microsoft site. Scammers behind it may try to extract personal information or money or use it for other maliciou

Hvzgbo Ransomware
Ransomware

Hvzgbo Ransomware

Hvzgbo is ransomware belonging to the Snatch family. It encrypts files, appends the ".hvzgbo" extension to filenames of all encrypted files, and drops the "HOW TO RESTORE YOUR FILES.TXT" file (a ransom note). Our malware researchers discovered Hvzgbo ransomware while examining samples submitted to

Genuinescansupport.com Ads
Notification Spam

Genuinescansupport.com Ads

While analyzing genuinescansupport[.]com, we learned that it uses deceptive marketing (displays fake messages) to promote legitimate software. Also, genuinescansupport[.]com wants to show notifications. Shady pages should never be allowed to show notifications. We discovered genuinescansupport[.]c

FateGrab Stealer
Trojan

FateGrab Stealer

FateGrab is the name of an information-stealing malware distributed along with another stealer called StealDeal. Threat actors deliver these malicious programs via email (they use a compromised email address for malware distribution) and messengers. Both FateGrab and StealDeal should be removed fr

HARDBIT 2.0 Ransomware
Ransomware

HARDBIT 2.0 Ransomware

HARDBIT 2.0 is a new version of the HARDBIT ransomware. We discovered this version while inspecting malware samples submitted to VirusTotal. HARDBIT 2.0 encrypts data, appends a string of random characters, the victim's ID, email address, and the ".hardbit2" extension to filenames. Also, HARDBIT

Mudflised.com Ads
Notification Spam

Mudflised.com Ads

We have inspected mudflised[.]com and found that the purpose of this site is to lure visitors into allowing it to display/send notifications. Mudflised[.]com displays deceptive content to get that permission. Our team discovered mudflised[.]com while examining pages that use shay advertising netwo

StealDeal Stealer
Trojan

StealDeal Stealer

StealDeal is the name of an information stealer targeting Internet browser data and possibly other information. It is known that StealDeal is delivered via a compromised email address. The file used for malware distribution injects StealDeal and another malware called FateGrab - an information ste

ScreenConnect (ConnectWise) Client Scam
Phishing/Scam

ScreenConnect (ConnectWise) Client Scam

Fraudsters use all kinds of ways to extract information or money from people and distribute malicious programs via emails. This article describes cases where fraudsters use emails to trick recipients into installing ConnectWise (formerly known as ScreenConnect). This software allows threat actors