Step-by-Step Malware Removal Instructions

ModernLoader Malware
Trojan

ModernLoader Malware

ModernLoader, also known as Avatar Bot and AvatarLoader, is a malicious program that has minimalistic loader and RAT (Remote Access Trojan) functionalities. Loader-type malware is designed to infect devices with additional malicious programs, while RATs enable remote access/control over infected

Refresh Color Adware
Adware

Refresh Color Adware

refresh color is the name of a browser extension we discovered on a deceptive website. After downloading and adding it, we learned that it shows annoying advertisements. Apps of this type are classified as advertising-supported apps (adware). refresh color is described as an application th

Norton Order Confirmation Email Scam
Phishing/Scam

Norton Order Confirmation Email Scam

After examining this email, we found that it is sent by scammers who aim to trick recipients into contacting (calling) them. The email is disguised as a letter from NortonLifeLock (a legitimate software company) regarding order confirmation. This letter must be ignored. The email claims th

NominatusCrypt Ransomware
Ransomware

NominatusCrypt Ransomware

NominatusCrypt is the name of ransomware (a variant of the EvilNominatus ransomware). We discovered this ransomware while inspecting malware samples submitted to the VirusTotal website. Unlike most ransomware, NominatusCrypt does not rename files. It provides a ransom note by displaying instructio

Nonadvertised.com Ads
Notification Spam

Nonadvertised.com Ads

Our researchers found the nonadvertised[.]com rogue page during a routine inspection of suspicious websites. It is designed to push scams, promote browser notification spam, and redirects visitors to other (likely unreliable/malicious) sites. Users typically access such webpages via redirects caus

OnlineProgram Adware (Mac)
Mac Virus

OnlineProgram Adware (Mac)

Our team discovered an untrustworthy application called OnlineProgram while examining various deceptive pages (e.g., web pages offering to download updates for supposedly outdated software). After installing OnlineProgram, we noticed that it shows unwanted advertisements. Thus, we categorized th

DoyUk 7.1 Ransomware
Ransomware

DoyUk 7.1 Ransomware

While inspecting new submissions to VirusTotal, our researchers discovered the DoyUk 7.1 ransomware. This is not our first encounter with this malware, as we have previously analyzed the DoyUk 2.0 and DoyUk 5.0 variants. After we executed this latest version on our test machine, it encrypted file

YouTube Copyright Infringement Warning Email Virus
Phishing/Scam

YouTube Copyright Infringement Warning Email Virus

After examining the email, we found that this is a fake email from YouTube regarding copyright infringement. It contains a website link designed to download an archive file that contains a malicious file. Cybercriminals behind this email aim to trick recipients into downloading and executing malwa

Error From Your Mail Server Email Scam
Phishing/Scam

Error From Your Mail Server Email Scam

After inspecting the "Error From Your Mail Server" email, we determined that it is spam that operates as a phishing scam. This letter makes false claims about emails failing to reach the recipient's inbox, which can be rectified by verifying the account again. The goal of this spam mail is to lur

Eemv Ransomware
Ransomware

Eemv Ransomware

Eemv is the name of ransomware belonging to the Djvu family. The purpose of eemv is to encrypt files. Additionally, this ransomware renames files (it appends the ".eemv" extension to filenames) and creates a text file ("_readme.txt") to provide contact and payment information. Our team discovered