Virus and Spyware Removal Guides, uninstall instructions

What kind of page is unpleute[.]com?

We discovered the unpleute[.]com rogue page while investigating suspect websites. Our examination revealed that it endorses browser notification spam and generates redirects to other (likely unreliable/dangerous) sites.

Most visitors to unpleute[.]com and analogous webpages access them through redirects caused by websites employing rogue advertising networks.

What kind of malware is Revive?

Revive is a ransomware-type program belonging to the Makop family. It is designed to encrypt data and demand ransoms for the decryption.

Revive appends the names of the files it encrypts with a unique ID assigned to the victim, the cyber criminals' email address, and the ".revive" extension. To elaborate, a file initially titled "1.jpg" appeared as "1.jpg.[C3117D11].[crypted365@outlook.com].revive" on our testing system.

After the encryption process is completed, Revive ransomware drops a ransom note in a text file named "+README-WARNING+.txt".

What kind of page is smartads-feed[.]com?

Smartads-feed[.]com is a rogue page discovered by our research team during a routine investigation of suspicious websites. After inspecting this webpage, we learned that it promotes browser notification spam and redirects users to different (likely dubious/dangerous) sites.

The majority of visitors to smartads-feed[.]com and similar pages enter them through redirects caused by websites utilizing rogue advertising networks.

What kind of page is deviceflowconnection.co[.]in?

We have inspected deviceflowconnection.co[.]in and discovered that it is a deceptive website that aims to trick users into agreeing to receive its notifications. Granting this permission allows the site to push false alerts and other messages. It is best to deny notification requests from sites like deviceflowconnection.co[.]in and close them.

What kind of page is sequencenetworkflow.co[.]in?

We have analyzed sequencenetworkflow.co[.]in and found that it is an unreliable website designed to lure visitors into granting it permission to send notifications. If allowed, sequencenetworkflow.co[.]in can send fake warnings and other notifications. This site should be avoided and never allowed to show notifications.

What kind of page is linkbtrads[.]top?

Our researchers discovered the linkbtrads[.]top rogue page while inspecting suspect websites. After we examined this webpage, we learned that it endorses browser notification spam and causes redirects to different (likely untrustworthy/malicious) sites. Most users enter pages like linkbtrads[.]top via redirects generated by websites that utilize rogue advertising networks.

What kind of page is lottadsmedia[.]top?

Our analysis of lottadsmedia[.]top reveals that it is an untrustworthy site designed to trick visitors into consenting to receive notifications. Typically, sites like lottadsmedia[.]top show deceptive notifications that can put users at risk of various threats. Therefore, lottadsmedia[.]top should be avoided.

What kind of page is initiatehighlyrenewedthe-file[.]top?

Our researchers found initiatehighlyrenewedthe-file[.]top while browsing dubious websites. This rogue webpage endorses browser notification spam and generates redirects to different (likely untrustworthy/hazardous) sites.

Users primarily access initiatehighlyrenewedthe-file[.]top and similar pages through redirects generated by websites utilizing rogue advertising networks.

What kind of page is picklottads[.]top?

Our inspection of picklottads[.]top has shown that this is an unreliable website designed to lure visitors into agreeing to receive its notifications. Usually, sites like picklottads[.]top display misleading notifications that can expose users to various threats. Thus, picklottads[.]top should not be trusted.

What kind of malware is ViT?

ViT is ransomware from the Xorist family. Our team discovered it during analysis of malware samples submitted to VirusTotal. Once a computer is infected with ViT, the ransomware encrypts files, appends its extension (".ViT") to filenames, and provides two ransom notes (creates the "HOW TO DECRYPT FILES.txt" file and shows a pop-up window).

Here is an example of how files encrypted by ViT are renamed: "1.jpg" is changed to "1.jpg.ViT", "2.png" to "2.png.ViT", and so forth.