Step-by-Step Malware Removal Instructions

Meeting Reminder Email Scam
Phishing/Scam

Meeting Reminder Email Scam

Our inspection of the "Meeting Reminder" email revealed that it is spam. This letter operates as a phishing scam targeting email account log-in credentials. By making fake claims about an important document having been shared with the recipients - this scam attempts to trick them into disclosing t

DUCKTAIL Malware
Trojan

DUCKTAIL Malware

DUCKTAIL is the name of a malicious program designed to steal Facebook Business accounts. The observed attacks have been highly targeted. Research by WithSecure Intelligence suggests that this malware has been around since 2021 and is associated with Vietnamese cyber criminals. At the time of wri

Saarmlife.ru Ads
Notification Spam

Saarmlife.ru Ads

Saarmlife[.]ru is an untrustworthy website designed to trick visitors into clicking the "Allow" button. The purpose of this site is to obtain permission to show notifications and redirect visitors to other shady pages. We discovered saarmlife[.]ru while inspecting pages that use rogue advertising

ModuleView Adware (Mac)
Mac Virus

ModuleView Adware (Mac)

Our research team discovered the ModuleView rogue app while inspecting new submissions to VirusTotal. Our analysis of this piece of software revealed that it is adware. Additionally, ModuleView belongs to the AdLoad malware family. Advertising-supported software (adware) displays adverti

IndexerClient Adware (Mac)
Mac Virus

IndexerClient Adware (Mac)

After downloading and installing the IndexerClient application, we found that it has specifications of adware - it displays annoying advertisements. We discovered IndexerClient on a deceptive website claiming that Adobe Flash Player needs to be updated. It is worth mentioning that most users ins

Protectwatch.xyz Ads
Notification Spam

Protectwatch.xyz Ads

While examining untrustworthy websites, our research team discovered the protectwatch[.]xyz page. It operates by promoting scams, pushing browser notification spam, and redirecting users to different (likely dubious or malicious) sites. Most visitors to protectwatch[.]xyz and webpages akin to it

Dark Screen Adware
Adware

Dark Screen Adware

Dark Screen is a browser extension our researchers discovered while inspecting questionable download webpages. It is promoted as a dark mode tool for browsers. However, our analysis of this piece of software revealed that it operates as adware. Hence, Dark Screen displays ads and spies on users' b

Fsmevh.com Ads
Notification Spam

Fsmevh.com Ads

Fsmevh[.]com uses a clickbait technique to trick visitors into agreeing to receive notifications. Also, this page can redirect visitors to a similar website. We discovered fsmevh[.]com while examining other sites that use rogue advertising networks. It is uncommon for pages like fsmevh[.]com to be

Redeemer 2.0 Ransomware
Ransomware

Redeemer 2.0 Ransomware

Redeemer 2.0 is an updated variant of the Redeemer ransomware-type program. Ransomware is designed to encrypt data and demand payment for the decryption. Redeemer 2.0 ransomware differs from its older variants in a number of ways, such as it is capable of infecting Windows 11 Operating Systems (O

1more Ransomware
Ransomware

1more Ransomware

Our malware researchers discovered ransomware from the VoidCrypt family called 1more while analyzing samples submitted to the VirusTotal website. 1more encrypts files, appends the victim's ID, 1moredec@gmail.com email address, and the ".1more" extension to filenames, and drops a ransom note (the "