Step-by-Step Malware Removal Instructions

SKY LOTTO Email Scam
Phishing/Scam

SKY LOTTO Email Scam

After reading the "SKY LOTTO" email, we determined that it is spam promoting a lottery-type scam. This mail falsely claims that the recipient has been randomly selected as a winner of a lottery. The purpose of this phishing email is to collect personally identifiable information by tricking users

AllaSenha RAT
Trojan

AllaSenha RAT

AllaSenha is a malicious program classed as a RAT (Remote Access Trojan). These trojans enable attackers to gain remote access/control over infected machines. AllaSenha, in particular, is designed to obtain extensive data associated with Brazilian banks. This malware is a variant of the AllaKore R

Searchersgood.com Redirect
Browser Hijacker

Searchersgood.com Redirect

We have examined searchersgood.com and found that it is a fake search engine. Typically, search engines like searchersgood.com are promoted via extensions that operate as browser hijackers. Extensions of this type modify the settings of web browsers to direct users to unreliable pages. Thus, users

Cologne.app Adware (Mac)
Mac Virus

Cologne.app Adware (Mac)

Our researchers discovered Cologne.app adware-type application while browsing new file submissions to the VirusTotal site. This app is part of the Pirrit adware family. Advertising-supported software is designed to run intrusive advertisement campaigns and may possess other harmful functionaliti

Becousined.app Adware (Mac)
Mac Virus

Becousined.app Adware (Mac)

We have inspected Becousined.app and determined that it operates as adware—it displays annoying ads to users. Our other finding is that Becousined.app is part of the Pirrit family. Pretty often, users are tricked into installing such apps. In other words, they rarely install apps like Becousined

Search-quickly.com Redirect
Browser Hijacker

Search-quickly.com Redirect

Search-quickly.com is the address of a fraudulent search engine, which we found while analyzing the Search-Quickly browser hijacker. We discovered this hijacker extension while browsing deceptive websites. Search-Quickly modifies browser settings to promote (via redirects) the search-quickly.com

QRYPT Ransomware
Ransomware

QRYPT Ransomware

QRYPT is a ransomware variant that we have discovered while examining malware samples uploaded to the VirusTotal page. This ransomware is designed to encrypt files, append its extension ".qrypt" to filenames, and create a ransom note ("Readme How to Recover.txt"). An example of how QRYPT renames f

WonderFind Browser Hjacker
Browser Hijacker

WonderFind Browser Hjacker

We have tested the WonderFind browser extension and found that it hijacks a browser to promote findflarex.com. This process involves changing the settings of a web browser. It is worth noting that WonderFind is promoted as a tool that provides better results and a better browsing experience.

TruoApp Unwanted Application
Potentially unwanted application

TruoApp Unwanted Application

Our researchers discovered an installer containing TruoApp while investigating untrustworthy websites. This piece of software is classed as a PUA (Potentially Unwanted Application), and as such – it may possess harmful capabilities. It is noteworthy that the installation setup promoting TruoApp t

Findflarex.com Redirect
Browser Hijacker

Findflarex.com Redirect

We have inspected findflarex.com and learned that this is a fake search engine promoted via multiple browser extensions such as ONFIND and many others. This extension operates as a browser hijacker: it changes the settings of a browser to promote findflarex.com. Overall, neither findflarex.com nor