Virus and Spyware Removal Guides, uninstall instructions

What kind of application is ClearArchive?

Our research team discovered the ClearArchive rogue app during a routine inspection of new submissions to VirusTotal. It operates as advertising-supported software (adware). Additionally, ClearArchive is part of the AdLoad malware family.

What kind of page is sweepstakessurveytoday[.]org?

While inspecting sweepstakessurveytoday[.]org, we found that it is an untrustworthy website designed to trick visitors into participating in a fake survey. Also, sweepstakessurveytoday[.]org wants to send notifications and can redirect visitors to other sites. Thus, it is recommended not to trust sweepstakessurveytoday[.]org.

What kind of page is bonalluterser[.]com?

Our research team discovered bonalluterser.com while investigating untrustworthy sites. This rogue page aims to trick visitors into allowing it to deliver browser notification spam. It can also redirect visitors to other (likely dubious/malicious) websites. Users typically enter webpages like bonalluterser[.]com through redirects caused by sites employing rogue advertising networks.

What kind of software is Pdf download manage?

Our researchers discovered the "Pdf download manage" browser extension while examining dubious websites. This piece of software is endorsed as a tool that allows users to easily open all downloaded files. However, after analyzing Pdf download manage, we determined that it is adware.

What kind of application is ElementBrowser?

Our research team discovered the ElementBrowser application while reviewing new submissions to the VirusTotal site. After inspecting this app, we determined that it is adware belonging to the AdLoad malware family.

What kind of malware is Agvv?

Our team has recently identified a new member of the Djvu ransomware family called Agvv. Agvv is ransomware, malicious software that encrypts files, making them inaccessible to victims. We came across Agvv during our analysis of samples on the VirusTotal website.

It is important to note that Agvv may be distributed alongside other types of malware, such as information stealers like RedLine or Vidar. When Agvv infects a system, it alters the filenames of encrypted files by adding the ".agvv" extension (for example, "1.jpg" becomes "1.jpg.agvv", "2.png" becomes "2.png.agvv", and so on). Furthermore, it creates a ransom note named "_readme.txt".

What kind of malware is Resq100?

Our researchers discovered the Resq100 malicious program during a routine inspection of new submissions to VirusTotal. This program is classified as ransomware – a type of malware that encrypts files to demand ransoms for their decryption.

On our test system, Resq100 encrypted files and added a ".resq100" extension to their filenames. For example, a file originally titled "1.jpg" appeared as "1.jpg.resq100", "2.png" as "2.png.resq100", etc. Afterward, a ransom note – "resq_Recovery.txt" – was created.

What kind of page is abdoser[.]xyz?

In the course of our investigation, we discovered that abdoser[.]xyz utilizes a deceptive strategy to gain permission to display notifications. Furthermore, this website may redirect its visitors to other pages of this kind. Our encounter with abdoser[.]xyz occurred while examining pages associated with untrustworthy advertising networks.

What kind of application is Video Download Assist?

The app's name, Video Download Assist, implies that it offers assistance in downloading videos. However, our testing revealed that the app displays intrusive advertisements, leading us to classify Video Download Assist as adware. In addition to showing ads, Video Download Assist can read and change certain data.

What kind of email is "Your Account Has Been Blacklisted Due To Phishing"?

Our inspection of the "Your Account Has Been Blacklisted Due To Phishing" email revealed that it is spam. It alerts the recipient that their mail account will be terminated due to phishing/spam-related activities.

However, this spam letter actually operates as a phishing scam and targets recipients' email account log-in credentials via a fake sign-in webpage.