Step-by-Step Malware Removal Instructions

Microsoft Services Agreement Update Email Scam
Phishing/Scam

Microsoft Services Agreement Update Email Scam

While studying this email, we learned that it is written by scammers who aim to trick unsuspecting recipients into providing sensitive information. It is disguised as a letter from an email service provider and contains a link to a phishing website. This email should be marked as spam and deleted

Injector Trojan
Trojan

Injector Trojan

Injector trojan refers to a type of malware designed to inject malicious code into programs and processes. The application of these trojans varies; they may be capable of changing the operation of legitimate software or causing chain infections (i.e., downloading/installing additional malware). Du

Captchafine.live Ads
Notification Spam

Captchafine.live Ads

While examining captchafine[.]live, we discovered that it uses a clickbait technique (displays a deceptive message) to lure visitors into allowing it to show notifications. Also, captchafine[.]live redirects to scam websites. This page has at least two variants. We discovered captchafine[.]live wh

NATURALISTS Email Scam
Phishing/Scam

NATURALISTS Email Scam

After inspecting the "NATURALISTS" email - we determined that it is spam operating as a phishing scam. This letter targets recipients' email account log-in credentials (passwords) by claiming that they must sign in to access the shared file. This spam email is presented as a notification r

Landscape Scroller Browser Hijacker
Browser Hijacker

Landscape Scroller Browser Hijacker

While investigating the Landscape Scroller browser extension, we found that it changed the web browser's settings. It hijacked a web browser to promote search.landscapescroller.net - a fake search engine. Our team discovered Landscape Scroller on a deceptive web page. Landscape Scroller is

Kcvp Ransomware
Ransomware

Kcvp Ransomware

Kcvp is ransomware belonging to the Djvu family. We discovered this Djvu variant while examining malware samples submitted to the VirusTotal page. Kcvp encrypts files, appends the ".kcvp" extension to filenames, and drops the "_readme.txt" file (a ransom note). It is known that Djvu ransomware is

Kcbu Ransomware
Ransomware

Kcbu Ransomware

Kcbu is ransomware that prevents victims from opening their files by encrypting them. It is one of the Djvu ransomware variants. We discovered Kcbu while checking the VirusTotal page for recently submitted malware samples. This variant appends the ".kcbu" extension to filenames and drops the "_rea

Scoreboard Tab Browser Hijacker
Browser Hijacker

Scoreboard Tab Browser Hijacker

Scoreboard Tab is a rogue browser extension that we discovered while checking out deceptive software-promoting websites. Our analysis of this Scoreboard Tab revealed that it operates as a browser hijacker - modifies browsers to cause redirects. Scoreboard Tab reassigns the URLs of browsers

Emoji Copy Paste Browser Hijacker
Browser Hijacker

Emoji Copy Paste Browser Hijacker

During a routine investigation of suspicious websites, our researchers discovered the Emoji Copy Paste browser extension. It is endorsed as a tool that enables users to copy and paste any emoji. However, our inspection of this extension revealed that it operates as a browser hijacker promoting th

Large File Send Email Scam
Phishing/Scam

Large File Send Email Scam

"Large File Send" is an email that our research revealed to be spam. This fake letter operates as a phishing scam targeting email account log-in credentials. It does so by claiming that a file sent to the recipient can only be accessed by following the provided link. The spam email with th