Step-by-Step Malware Removal Instructions

Phone Update Recommended POP-UP Scam (Android)
Phishing/Scam

Phone Update Recommended POP-UP Scam (Android)

While inspecting rogue webpages, our researchers discovered the "Phone Update Recommended" scam, which targets Android device users. This scheme attempts to trick visitors into downloading/installing and/or purchasing recommended software - by claiming that it will improve the device's poor perfor

Nitrokod Malware
Trojan

Nitrokod Malware

Nitrokod is a malicious program that operates as a backdoor for cryptocurrency mining malware. At the time of writing, Nitrokod was designed to infect systems with the XMRIG cryptominer. It is noteworthy that Nitrokod has been actively spread via malicious applications disguised as legitimate sof

Annual Open Vacation Plan Email Scam
Phishing/Scam

Annual Open Vacation Plan Email Scam

After inspecting the "Annual Open Vacation Plan" email, we learned that it is spam operating as a phishing scam. This letter is presented as a notification regarding vacation approval from an HR (Human Resources) department. To view the document supposedly containing the list of employees approve

Adforyounews.com Ads
Notification Spam

Adforyounews.com Ads

While looking through untrustworthy websites, our researchers discovered the adforyounews[.]com rogue page. It is designed to deceptively promote browser notification spam. Additionally, adforyounews[.]com can redirect visitors to other (likely unreliable/malicious) websites. Most users enter sit

Norton LifeLock Email Scam
Phishing/Scam

Norton LifeLock Email Scam

After inspecting this "Norton LifeLock" email, we determined that it is fake. It must be emphasized that this spam mail is in no way associated with either NortonLifeLock Inc. or PayPal Holdings, Inc. This scam letter is presented as a purchase invoice, which states that the payment has already b

Xbtl Ransomware
Ransomware

Xbtl Ransomware

Xbtl is a ransomware-type program that our research team discovered while looking through new malware submissions to VirusTotal. Ransomware is designed to encrypt data and demand payment for decryption. Once we launched a sample of Xbtl on our test machine, it encrypted files and appended their f

View-Dark Adware
Adware

View-Dark Adware

View-Dark is a rogue browser extension that our research team discovered while inspecting deceptive software-endorsing sites. While View-Dark is promoted as a dark-mode tool for simple design websites, it operates as advertising-supported software (adware) instead. It is pertinent to menti

K1ng Ransomware
Ransomware

K1ng Ransomware

During a routine inspection of new malware submissions, our researchers found a ransomware-type program named K1ng. It belongs to the Dharma ransomware family. After we executed a sample of K1ng on our test system, it encrypted files and appended their filenames with a unique ID assigned to the v

Playless Videos Adware
Adware

Playless Videos Adware

Our research team discovered the "Playless videos" browser extension while inspecting dubious software-promoting webpages. It is presented as a tool capable of disabling/auto-skipping ads on YouTube. However, our analysis revealed that Playless videos works as adware. Hence, instead of removing ad

Fopra Ransomware
Ransomware

Fopra Ransomware

While investigating new malware submissions to VirusTotal, our research team discovered another malicious program belonging to the Phobos ransomware family - called Fopra. We executed a sample of Fopra on our test machine, and it encrypted files and altered their titles. Original filenames were a