Virus and Spyware Removal Guides, uninstall instructions

What is "1INCH Giveaway"?

"1INCH Giveaway" is a scam that our research team discovered while inspecting sites using rogue advertising networks. This fake giveaway promises that by transferring at least 10,000 1INCH to the listed digital wallet - users will receive triple the amount.

It must be emphasized that the "1INCH Giveaway" is a scam, and all the funds transferred to it - will be irrevocably lost.

What is "Ledger Live Update" scam?

We have analyzed this website and concluded that it is a scam website used to distribute malicious software. This site is likely promoted through compromised (hacked) websites. It is disguised as a download page for the Ledger Live application mandatory update.

What is Win/Exploit.CVE-2017-11882?

Win/Exploit.CVE-2017-11882 is an exploit designed to abuse a vulnerability (CVE-2017-11882) in Microsoft Equation Editor, a component of the Microsoft Office programs. While this weak link has been addressed in the latest MS versions, unpatched ones remain vulnerable.

This exploit is used as the initial point of entry for various malicious programs. When users open a malicious document tailored to use the CVE-2017-11882 vulnerability, the infection process is triggered, culminating in malware infiltration of the system. Our researchers have sampled a Win/Exploit.CVE-2017-11882 exploit using document from VirusTotal.

What is HTML/Phishing.Agent?

HTML/Phishing.Agent is a detection name for malicious HTML files. It is very common for such files to be used in phishing attacks because other files are usually blocked. Cybercriminals send them mainly via email to trick users into opening phishing pages and providing sensitive information on them.

What kind of malware is Vtym?

Vtym is ransomware that encrypts files and appends the ".vtym" extension to filenames. Our malware researchers have discovered this ransomware variant while analyzing the samples submitted to the VirusTotal page. It was found that Vtym is part of the Djvu ransomware family. It also creates the "_readme.txt" file containing contact and payment information.

An example of how Vtym modifies filenames of the encrypted files: it renames "1.jpg" to "1.jpg.vtym", "2.png" to "2.png.vtym", "3.exe" to "3.exe.vtym", and so forth.

What is "TROJAN Zeus2021 spyware adware detected"?

"TROJAN Zeus2021 spyware adware detected" is a scam our research team discovered while inspecting sites promoted by spam browser notifications. This scheme is presented as a virus alert from Microsoft. It must be emphasized that it is in no way associated with the Microsoft Corporation or its products.

Furthermore, it is noteworthy that no website can detect threats/issues present on a system - hence, any that claim such are scams.

What is UltraADSBlockSearch?

UltraADSBlockSearch is a browser extension our research team found while inspecting dubious download webpages. Following its analysis, we have determined that this piece of software operates as a browser hijacker. UltraADSBlockSearch modifies browser settings to promote the ultraadsblocksearch.com fake search engine. Additionally, this extension spies on users' browsing activity.

What kind of page is myhypestories[.]com?

Our researchers discovered the myhypestories[.]com page while inspecting rogue websites. This site is designed to promote browser notification spam and redirect visitors to other untrustworthy/malicious webpages. Most users enter myhypestories[.]com and similar sites through redirects caused by pages that use rogue advertising networks.

What kind of scam is "UN Ukraine Humanitarian Organization"?

Not so long ago, scammers were taking advantage of the COVID-19 pandemic by pretending to be legitimate organizations or other entities and asking to send money, provide sensitive information, etc. We have examined this email and found that scammers behind it are pretending to raise money for Ukraine.

What is the "UNHCR" scam email?

After inspecting this "UNHCR" email, our researchers determined that it is fake. The letter is presented as a donation campaign held by the UNHCR (United Nations High Commissioner for Refugees). It must be emphasized that this email is fake and in no way associated with the actual UNHCR. This scam uses the war in Ukraine as a backdrop to trick recipients into transferring funds to the cyber criminals.

We strongly advise using only official channels to make any donations. Since those endorsed via random emails, SMSes, or other messages - are likely to be fraudulent. Even if a source appears legitimate, we urge you not to use donation channels promoted through unsolicited mail.