Step-by-Step Malware Removal Instructions

Bande.app Adware (Mac)
Mac Virus

Bande.app Adware (Mac)

While inspecting new submissions to the VirusTotal platform, our researchers found Bande.app. Our analysis of this application revealed that it is adware from the Pirrit malware family. Bande.app is designed to deliver intrusive advertisement campaigns. Adware stands for advertising-supp

Activate Your McAfee Antivirus License POP-UP Scam
Phishing/Scam

Activate Your McAfee Antivirus License POP-UP Scam

After analyzing this scam, we have found that it involves deceptive websites and a file crafted to generate misleading pop-ups (masquerading as warnings from legitimate software) on Windows. Users should exercise caution to avoid falling victim to these tactics, as they can lead to potential secur

Proboscidea Malicious Extension
Adware

Proboscidea Malicious Extension

After reviewing the Proboscidea application, we have concluded that it is a malicious extension distributed through unreliable pages. This extension has the capability to activate the "Managed by your organization" feature, access and manipulate various data, and control other extensions and theme

Dzen Ransomware
Ransomware

Dzen Ransomware

Dzen is a ransomware variant belonging to the Phobos family that we discovered while examining malware samples submitted to the VirusTotal page. We learned that Dzen encrypts files (and modifies their filenames) and provides two ransom notes ("info.txt" and "info.hta"). Dzen appends the victim's I

Breliu.shop Ads
Notification Spam

Breliu.shop Ads

While investigating the website, we found that breliu[.]shop is among the numerous deceitful pages employing clickbait tactics to gain visitors' permission to send notifications. Rarely do users intentionally navigate to sites such as breliu[.]shop, and they should promptly close them upon arrival

Rujba.co.in Ads
Notification Spam

Rujba.co.in Ads

Our researchers discovered the rujba.co[.]in website while investigating suspicious pages. After inspecting it, we determined that rujba-co[.]in endorses browser notification spam and generates redirects to other (likely suspicious/malicious) webpages. Visitors to rujba-co[.]in and similar pages

ActiveQuest Adware (Mac)
Mac Virus

ActiveQuest Adware (Mac)

While reviewing new file submissions to VirusTotal, our research team found yet another adware from the AdLoad malware family called ActiveQuest. This rogue application operates by running intrusive ad campaigns, and it may have other harmful abilities as well. Adware stands for advertis

Up - Ad Blocker Adware
Adware

Up - Ad Blocker Adware

Our researchers discovered the "Up - Ad Blocker" browser extension while investigating untrustworthy sites. This software is endorsed as an ad-blocking tool specifically for YouTube and Google. However, after examining Up - Ad Blocker, we determined that it is advertising-supported software (adwa

DocuSign - Completed Document Email Scam
Phishing/Scam

DocuSign - Completed Document Email Scam

Upon inspection, we determined that the "DocuSign - Completed Document" email is spam. It notifies recipients of the completion of a document signing. The goal of this mail is to lure users into visiting a phishing website that targets email account log-in credentials. The spam email with

Narnia RAT
Trojan

Narnia RAT

Narnia is a remote administration Trojan (RAT) equipped with various harmful capabilities, including exfiltration of sensitive data, capturing screenshots, logging keystrokes, and stealing banking information. It poses a significant threat to users' privacy and security by enabling unauthorized ac