Step-by-Step Malware Removal Instructions

Crypto Currency Converter Browser Hijacker
Browser Hijacker

Crypto Currency Converter Browser Hijacker

While inspecting dubious websites, our research team discovered a page endorsing the Crypto Currency Converter browser extension. It is presented as a tool that converts cryptocurrencies, thus allowing users to compare conversion rates easily. Our inspection of this piece of software revealed tha

UniversalSource Adware (Mac)
Mac Virus

UniversalSource Adware (Mac)

While testing the UniversalSource application, our team noticed that it displays intrusive advertisements. Therefore, we categorized UniversalSource as adware (advertising-supported software). In most cases, users install adware unintentionally. We discovered UniversalSource while inspecting dec

Crustom Ransomware
Ransomware

Crustom Ransomware

Crustom is a ransomware-type program. It operates by encrypting victims' files to demand ransoms for the data decryption. After we executed a sample of Crustom on our test machine, it encrypted files and changed their filenames. The affected files were renamed with a random character string, e.g.

Bpto Ransomware
Ransomware

Bpto Ransomware

Bpto is a ransomware variant belonging to the Djvu family. We discovered Bpto while examining malware samples submitted to the VirusTotal page. Bpto encrypts data, appends its extension (".bpto") to filenames, and drops its ransom note (the "_readme.txt" file). An example of how Bpto modifies fil

Bpws Ransomware
Ransomware

Bpws Ransomware

While inspecting malware samples submitted to VirusTotal, we discovered a Djvu ransomware variant dubbed Bpws. This variant encrypts files and appends the ".bpws" extension to filenames. Also, Bpws drops its ransom note (the "_readme.txt") file. Since Bpws is part of the Djvu ransomware, it may b

Dozefive.xyz Ads
Notification Spam

Dozefive.xyz Ads

While investigating suspicious webpages, our researchers found dozefive[.]xyz. This rogue page is designed to promote scams and browser notification spam. Furthermore, it can redirect users to different (likely unreliable/hazardous) websites. Most visitors to dozefive[.]xyz and webpages akin to i

Sticky Notes Browser Hijacker
Browser Hijacker

Sticky Notes Browser Hijacker

While testing the Sticky Notes application, we found that it is an extension that functions as a browser hijacker. It hijacks a web browser by changing its settings to promote finddbest.com - a fake search engine. It is uncommon for apps of this type to be added to browsers intentionally. Our team

United Nations - Abandoned Shipment Email Scam
Phishing/Scam

United Nations - Abandoned Shipment Email Scam

After inspecting the "United Nations - Abandoned Shipment" email, we determined that it is spam. The letter is supposedly from a "Head Officer in Charge" and claims that a consignment intended for the recipient failed to reach them due to improper documentation and unpaid fees. The shipment consis

Next Of Kin Email Scam
Phishing/Scam

Next Of Kin Email Scam

We have examined this email and determined that it is used to trick unsuspecting recipients into parting with their money in an inheritance scam. It offers to share the unclaimed funds of a supposedly deceased person. We also found that there are at least two versions of this scam email. T

CatB Ransomware
Ransomware

CatB Ransomware

CatB is a ransomware-type program. It encrypts data and demands payment for the decryption. While testing this ransomware, we learned that it does not alter the filenames of encrypted files - an uncommon occurrence in these types of infections. CatB inserts ransom notes at the beginning of each e