Step-by-Step Malware Removal Instructions

One Click Pic Adware
Adware

One Click Pic Adware

During a routine investigation of unreliable websites, our research team discovered the One Click Pic browser extension. It is promoted as a tool that allows users to easily download images from sites (i.e., one-click download of all images depicted on a webpage). However, after inspecting this p

Pclifebasics.com Ads
Notification Spam

Pclifebasics.com Ads

Pclifebasics[.]com is the address of a rogue site promoting scams and browser notification spam. This webpage can also redirect visitors to other (likely unreliable/harmful) sites. Most users access pclifebasics[.]com and pages akin to it via redirects generated by websites utilizing rogue advert

Overdue Invoice Email Scam
Phishing/Scam

Overdue Invoice Email Scam

After analyzing the "Overdue Invoice" email, we determined that it is spam. The letter urges the recipient to pay an overdue invoice and continue the positive working relationship with the sender. Details of the supposed invoice can be found in the attachment, which is a phishing file targeting em

EdgeCommand Adware (Mac)
Mac Virus

EdgeCommand Adware (Mac)

While investigating new submissions to the VirusTotal platform, we found the EdgeCommand application. Our examination revealed that it is adware belonging to the AdLoad malware family. EdgeCommand operates by running intrusive advertisement campaigns. Adware stands for advertising-suppor

AIRAVAT RAT (Android)
Trojan

AIRAVAT RAT (Android)

AIRAVAT is a Remote Access Trojan (RAT) targeting Android devices. Malware classed as such operates by enabling remote access and control over victims' machines. AIRAVAT has a wide variety of harmful functionalities, ranging from spying to data theft. As mentioned in the introduction, AIRA

3AM Ransomware
Ransomware

3AM Ransomware

3AM (also known as ThreeAM) is ransomware written in Rust programming language. The purpose of 3AM is to encrypt files. After finishing the encryption process, it makes an effort to delete Volume Shadow (VSS) copies. Additionally, 3AM appends the ".threeamtime" extension to the filenames of encryp

ElasticPortable Adware (Mac)
Mac Virus

ElasticPortable Adware (Mac)

Our research team discovered the ElasticPortable app during a routine inspection of new submissions to VirusTotal. After analyzing this application, we learned that it is adware belonging to the AdLoad malware family. This advertising-supported software is designed to generate revenue for its de

StratusNebulosus Malicious Extension
Adware

StratusNebulosus Malicious Extension

Our team discovered the StratusNebulosus browser extension during the analysis of a malicious installer obtained from an unreliable website. We found that StratusNebulosus can perform various actions once added. For instance, it can enable the "Managed by your organization" feature in Chrome brows

NeriumOleander Malicious Extension
Adware

NeriumOleander Malicious Extension

While examining a malicious installer, we uncovered NeriumOleander and troubling activities conducted by this browser extension. These actions involved adding the "Managed by your organization" feature to the Chrome browser and accumulating various data. Consequently, individuals who have added Ne

Tremendous Banking Botnet (Android)
Trojan

Tremendous Banking Botnet (Android)

Tremendous Banking Botnet is an Android-specific malware. This malware is highly versatile and has a multitude of capabilities. Some of them include automatic command execution, malicious code injection into apps/processes, keylogging, SMS and call management, etc. High-risk malware like Tremendo