Step-by-Step Malware Removal Instructions

Bittrex Crypto Giveaway POP-UP Scam
Phishing/Scam

Bittrex Crypto Giveaway POP-UP Scam

Our researchers discovered the "Bittrex Crypto Giveaway" scam while inspecting rogue websites. It is presented as a giveaway from Bittrex – a cryptocurrency exchange and trading platform. The scheme promises to double the amount of cryptocurrency that users transfer to it. However, victims of this

Goacecelsurvey.space Ads
Notification Spam

Goacecelsurvey.space Ads

Upon investigation of goacecelsurvey[.]space, our team uncovered that it runs a deceptive survey and requests permission to display notifications. Additionally, goacecelsurvey[.]space may redirect visitors to other unreliable websites. Our team stumbled upon goacecelsurvey[.]space while examining

ZStealer Malware
Trojan

ZStealer Malware

ZStealer is an information-stealing malware coded in C# programming language. It is sold by cybercriminals who provide three payment options: a lifetime subscription priced at $40, a one-year subscription at $20, and a one-time file crypt service for $5. ZStealer enables its users to steal various

RustBucket Malware (Mac)
Mac Virus

RustBucket Malware (Mac)

RustBucket is a type of macOS malware that has the ability to retrieve further payloads from a Command-and-Control (C&C) server. The malware has the capability to collect system data and whether it is operating in a virtual environment. RustBucket allows the attacker to carry out malicious a

UNIZA Ransomware
Ransomware

UNIZA Ransomware

UNIZA is the name of a ransomware-type program. Malware within this class operates by encrypting data and demanding ransoms for its decryption. In most cases, ransomware renames the encrypted files; however, after executing UNIZA on our test machine – we learned that it does not modify filenames.

Gruffermail.com Ads
Notification Spam

Gruffermail.com Ads

After analyzing gruffermail[.]com, we discovered that this website intends to deceive users into subscribing to push notifications. Gruffermail[.]com displays deceptive content to achieve it. Also, this site redirects its visitors to other untrustworthy websites. Typically, sites such as grufferma

Foza Ransomware
Ransomware

Foza Ransomware

In the course of our analysis of malware samples submitted to the VirusTotal website, we discovered Foza ransomware that encrypts files and adds the ".foza" extension to the filenames of encrypted files. Additionally, Foza generates a ransom note (the "_readme.txt" file). An example of how Foza c

Buyrondureonline.com Ads
Notification Spam

Buyrondureonline.com Ads

Our research team discovered the buyrondureonline[.]com rogue page while investigating suspicious websites. It operates by promoting browser notifications spam; at the time of research, it did so by using fake CAPTCHA verification. Additionally, this webpage can redirect visitors elsewhere (likely

SystemConfig Adware (Mac)
Mac Virus

SystemConfig Adware (Mac)

While inspecting new submissions to VirusTotal, our research team discovered the SystemConfig application. Our analysis of this app revealed that it operates as adware and belongs to the AdLoad malware family. SystemConfig is designed to display advertisements and may have additional harmful fun

Aluationiamcur.com Ads
Notification Spam

Aluationiamcur.com Ads

Aluationiamcur[.]com is a rogue webpage that we discovered while investigating suspicious sites. It is designed to promote browser notification spam and redirect users to different (likely dubious/dangerous) websites. Users typically access pages like aluationiamcur[.]com via redirects caused by w