Virus and Spyware Removal Guides, uninstall instructions

What kind of application is Infinity V+ New Tab?

Upon analyzing the Infinity V+ New Tab browser extension, we discovered that it takes control of a web browser by altering its settings. The intended function of Infinity V+ New Tab is to promote trovi.com, which is a fake search engine. It is important to note that users rarely purposefully download or add browser hijackers.

What kind of malware is Coza?

Our team identified the Coza ransomware, which belongs to the Djvu family, while examining samples on VirusTotal. This malware encrypts data and modifies the names of affected files by adding the ".coza" extension. Once the encryption process is finished, a ransom note is left behind in the form of a "_readme.txt" file.

Coza changes the names of files in the following manner: "1.jpg" becomes "1.jpg.coza", "2.png" becomes "2.png.coza", and so on. As the Djvu family is known to be associated with other malicious software like RedLine, Vidar, and information stealers, it is possible that Coza might also be distributed alongside these threats.

What kind of application is NanoAccess?

After examining the NanoAccess application, we discovered that it displays intrusive advertisements. Consequently, we have categorized NanoAccess as adware, which is often distributed through dubious and misleading methods. As a result, unsuspecting users can unintentionally download and install it.

What kind of application is Unitab World Clock?

Our discovery revealed that the Unitab World Clock is a browser extension that takes control of web browsers (hijacks them) to promote search.unitab.me. This website is a fake search engine that does not produce its own search results. Browser hijackers are commonly downloaded and installed by users unknowingly.

What kind of email is "United Nations Reimbursement Program"?

After examining this email, our team concluded that it is a fraudulent email that masquerades as a letter from the assistant secretary general of the United Nations. Scammers behind it attempt to lure recipients into providing sensitive information or transferring money. Thus, recipients should ignore this letter.

What kind of application is MetroToken?

During our assessment of the MetroToken application, our team observed that it exhibits intrusive ads. As a result, we classified it as adware or software that supports advertising. Adware is typically installed unintentionally by users. Our detection of MetroToken occurred while examining deceptive web pages.

What kind of application is Sports Madness?

Upon testing the Sports Madness browser extension, we learned it is a browser hijacker promoting sportmadness.info, a fake search engine. Sports Madness hijacks web browsers by changing their settings. Usually, users download and add browser-hijacking apps inadvertently.

What kind of malware is Pwpdvl?

Pwpdvl is ransomware that our team discovered while checking the VirusTotal site for recently submitted samples. Upon investigating Pwpdvl, we found that it encrypts files, appends the victim's ID and ".pwpdvl" extension to filenames, and creates a ransom note ("RESTORE_FILES_INFO.txt" file).

An example of how Pwpdvl changes filenames: it renames "1.jpg" to "1.jpg.[ID-9ECFA84E].pwpdvl", "2.png" to "2.png.[ID-9ECFA84E].pwpdvl", and so forth.

What kind of application is RichExts?

Upon analyzing the RichExts application, we have determined that it is a browser extension that is designed to take over web browsers (hijack them). The application alters the browser settings to forcefully push a fake search engine (sweetrnd.net). Furthermore, RichExts possesses the capacity to access certain data.

What kind of application is FractionCommand?

Whilst evaluating the FractionCommand application, our team observed that it displays intrusive ads. As a result, we classified FractionCommand as adware. Adware is typically distributed via questionable methods, which can result in inadvertent downloads and installations by users.