Step-by-Step Malware Removal Instructions

$TRUMP Token Distribution Scam
Phishing/Scam

$TRUMP Token Distribution Scam

Our researchers discovered this "$TRUMP Token Distribution" scam while investigating suspicious websites. The fake page claims to be distributing Trump tokens. The goal of this scam is to trick users into exposing their digital wallets to a cryptocurrency drainer. IMPORTANT NOTE: We do not r

Searchonsite.com Redirect
Browser Hijacker

Searchonsite.com Redirect

Our analysis of searchonsite.com has revealed that it is a fake search engine promoted through an unwanted browser extension (a browser hijacker) known as SearchOnSite. The site itself does not generate search results, and the extension associated with it appears to offer no real value to users. T

Numec Ransomware
Ransomware

Numec Ransomware

Numec is ransomware that our team has discovered while examining malware samples uploaded to the VirusTotal platform. This ransomware encrypts files and puts them in the "EncryptedFiles" folder on the victim's desktop. Also, Numec drops its ransom note ("GetFilesBack.txt") and appends the ".numec"

Aceadepreltitip.co.in Ads
Notification Spam

Aceadepreltitip.co.in Ads

We have analyzed aceadepreltitip.co[.]in and found that it is an untrustworthy web page created to trick visitors into permitting it to deliver notifications to their devices. If aceadepreltitip.co[.]in is allowed to show notifications, it sends fake warnings and other deceptive messages.

Naceling.com Ads
Notification Spam

Naceling.com Ads

During our analysis of naceling[.]com, we noticed that the site employs a misleading tactic to obtain permission to show notifications. If users agree to receive these notifications, naceling[.]com bombards them with fake alerts and other deceptive content. Thus, naceling[.]com should be avoided a

Mesodefender.co.in Ads
Notification Spam

Mesodefender.co.in Ads

Our researchers discovered mesodefender.co[.]in while investigating dubious websites. Upon examination, we determined that this rogue page endorses browser notification spam and redirects users to other (likely deceptive/malicious) sites. Most visitors access mesodefender.co[.]in and analogous web

Mailbox Capacity Reduced Email Scam
Phishing/Scam

Mailbox Capacity Reduced Email Scam

After investigating "Mailbox Capacity Reduced", we determined that it is a phishing email. This message claims that the recipient's mailbox capacity has been reduced. When an attempt to restore the account is made, the recipient is deceived into disclosing their email log-in credentials. T

Crone Ransomware
Ransomware

Crone Ransomware

While inspecting new malware submissions to VirusTotal, our research team discovered Crone ransomware. This malicious program is designed to encrypt data and demand payment for the decryption. On our testing system, Crone encrypted files and added a ".crone" extension to their filenames. To elabo

Warning Ransomware
Ransomware

Warning Ransomware

Warning is ransomware belonging to the GlobeImposter family. We discovered it during our routine inspection of malware samples uploaded to VirusTotal. Our analysis shows that Warning encrypts files and appends ".warning!_16" (its extension) to them. The ransomware also creates a ransom note ("HOW_