Step-by-Step Malware Removal Instructions

BegoniaSemperflorens Malicious Extension
Adware

BegoniaSemperflorens Malicious Extension

During an investigation of a malicious installer, we stumbled upon BegoniaSemperflorens and its concerning behavior as a browser extension. These activities encompassed the introduction of the "Managed by your organization" feature in the Chrome browser, the collection of diverse data, and the man

NEW DOCUMENT(S) FOR REVIEW ON CLOUD Email Scam
Phishing/Scam

NEW DOCUMENT(S) FOR REVIEW ON CLOUD Email Scam

Our examination of the "NEW DOCUMENT(S) FOR REVIEW ON CLOUD" email revealed that it is spam. This phishing letter aims to deceive recipients into disclosing their email account log-in credentials by claiming that they were sent sensitive documents. The spam email with the subject "AUTOMATE

Apple Crypto Giveaway POP-UP Scam
Phishing/Scam

Apple Crypto Giveaway POP-UP Scam

After examining the website, our team concluded that it promotes a fraudulent giveaway. Typically, scammers employ websites displaying deceptive pop-up messages or similar content to entice visitors into disclosing sensitive information, sending money, or taking other actions. Consequently, it is

Retro Car Cover Browser Hijacker
Browser Hijacker

Retro Car Cover Browser Hijacker

After assessing the Retro Car Cover app, our team learned that its main objective is to operate as a browser hijacker, with the goal of promoting phereugo.com, a fake search engine. This extension modifies browser settings to establish control. To mitigate potential risks, users who have had their

Pcbasicessentials.com Ads
Notification Spam

Pcbasicessentials.com Ads

During our investigation of pcbasicessentials[.]com, we identified that the website's primary objective is to deceive visitors into thinking their computers are infected. Additionally, pcbasicessentials[.]com seeks permission to send notifications. It is worth mentioning that users frequently arri

Oopl Ransomware
Ransomware

Oopl Ransomware

During the analysis of malware samples uploaded to VirusTotal, we came across ransomware dubbed Oopl. This ransomware is designed to encrypt files and alter their filenames by appending the ".oopl" extension. Furthermore, Oopl generates a ransom note named "_readme.txt". As an illustration of how

Ooza Ransomware
Ransomware

Ooza Ransomware

While analyzing malware samples on the VirusTotal platform, we encountered the Ooza ransomware belonging to the Djvu family. Once this ransomware gains access to a computer, it encrypts data and adds the ".ooza" extension to file names. As an example, a file originally named "1.jpg" is transformed

Knaws.top Ads
Notification Spam

Knaws.top Ads

Our researchers discovered the knaws[.]top rogue page while investigating questionable websites. This webpage promotes online scams and browser notification spam. It can also redirect users to different (likely dubious/malicious) sites. Most visitors to knaws[.]top and similar pages access them t

DriveDataCache Adware (Mac)
Mac Virus

DriveDataCache Adware (Mac)

DriveDataCache is an adware-type app discovered by our researchers during a routine investigation of new file submissions to the VirusTotal site. This piece of software is part of the AdLoad malware family. It is designed to feed users with undesirable and potentially malicious advertisements.

How I Earned Bitcoins Email Scam
Phishing/Scam

How I Earned Bitcoins Email Scam

Our inspection of the "How I Earned Bitcoins" email revealed that it is spam. The letter aims to redirect recipients to a scam website by claiming that the sender has earned 12600 BTC (Bitcoin cryptocurrency). The promoted site aims to trick recipients into transferring their own Bitcoins to the l