Step-by-Step Malware Removal Instructions

Updatepcmc.xyz Ads
Notification Spam

Updatepcmc.xyz Ads

While inspecting websites that use rogue advertising networks, we came across updatepcmc[.]xyz - a deceptive page that runs the "McAfee - Your PC is infected with 5 viruses!" scam. We also found that this site wants to show notifications. All messages displayed by updatepcmc[.]xyz are fraudulent.

Device-undershield.com Ads
Notification Spam

Device-undershield.com Ads

While inspecting unreliable webpages, our researchers found the device-undershield[.]com site. It operates by running scams, pushing browser notification spam, and redirecting visitors to different (likely dubious/malicious) websites. Users typically enter pages like device-undershield[.]com throu

ELITEBOT Ransomware
Ransomware

ELITEBOT Ransomware

While checking the VirusTotal page for recently submitted malware samples, we discovered ransomware called ELITEBOT. This ransomware is part of the Makop family. It encrypts files, appends a string of random characters, elitebot@msgden.net email address, and the ".bot" extension to filenames, chan

Royroy Ransomware
Ransomware

Royroy Ransomware

During a routine inspection of new malware submissions to VirusTotal, our researchers discovered the Royroy ransomware. Additionally, it has to be mentioned that this malicious program is part of the ZEPPELIN ransomware family. On our test system, Royroy encrypted files and appended their filenam

Unusual Sign-in Activity Email Scam
Phishing/Scam

Unusual Sign-in Activity Email Scam

After examining this email, we learned that the scammers behind it attempt to trick recipients into providing their login credentials. They claim that the email account has been suspended due to unusual sign-in activity. They aim to trick recipients into opening the provided page and entering thei

RoundEmporium Adware (Mac)
Mac Virus

RoundEmporium Adware (Mac)

While performing a routine inspection of new submissions to VirusTotal, our research team discovered the RoundEmporium rogue application. Our analysis of this app revealed that it operates as advertising-supported software (adware). Additionally, we learned that RoundEmporium belongs to the AdLo

FIXED (Babuk) Ransomware
Ransomware

FIXED (Babuk) Ransomware

FIXED ransomware is part of the Babuk ransomware family. We have discovered this ransomware while examining the samples submitted to the VirusTotal page. FIXED prevents victims from accessing/using files by encrypting them, appends the ".FIXED" extension to filenames, and drops the "How To Restore

ActivateOptimization Adware (Mac)
Mac Virus

ActivateOptimization Adware (Mac)

ActivateOptimization is the name of an application discovered by our team during an examination of shady websites distributing fake Adobe Flash Player installers. We found that ActivateOptimization is designed to display annoying ads. Therefore, we classified this app as adware. Applicat

FIASKO Ransomware
Ransomware

FIASKO Ransomware

FIASKO is a malicious program categorized as ransomware, which our researchers discovered while inspecting new submissions to VirusTotal. We determined that this program belongs to the Phobos ransomware family. Once we executed a sample of FIASKO on our test system, it encrypted files and changed

Hhew Ransomware
Ransomware

Hhew Ransomware

Hhew is the name of ransomware belonging to the Djvu ransomware family. Our malware researchers discovered it while checking the VirusTotal page for recently submitted malware samples. Hhew is designed to encrypt files, append its extension (".hhew") to filenames, and create a text file ("_readme.