Step-by-Step Malware Removal Instructions

Shaxon.shop POP-UP Scam (Mac)
Mac Virus

Shaxon.shop POP-UP Scam (Mac)

While inspecting rogue websites, our research team found the shaxon[.]shop deceptive webpage. It is designed to promote scams, and at the time of research, it ran "Hackers are watching you!". By making false claims about the visitor's device being hacked, infected, or at risk - scams of this kin

Updates-center.com Ads
Notification Spam

Updates-center.com Ads

During a routine inspection of untrustworthy websites, our researchers discovered the updates-center[.]com rogue page. It promotes browser notification spam and redirects visitors to other (likely unreliable/malicious) sites. Most users enter updates-center[.]com and similar webpages via redirects

DevilsTongue Malware
Trojan

DevilsTongue Malware

First researched by Microsoft Threat Intelligence Center (MSTIC) in collaboration with Citizen Lab, DevilsTongue is a piece of multifunctional malicious software written in C and C++ programming languages. MSTIC's findings suggest that DevilsTongue is associated with cyber criminals developing/se

Unicaja Banco Email Scam
Phishing/Scam

Unicaja Banco Email Scam

After examining this email, we learned that it is sent by scammers who pretend to be Unicaja - a Spanish savings bank. The whole letter is written in the Spanish language. It contains a website link. Scammers behind this email attempt to trick recipients into opening that link and providing person

Luca Stealer
Trojan

Luca Stealer

Luca (also known as RSStealer) is a piece of malicious software categorized as a stealer. Malware of this kind operates by extracting a wide range of vulnerable data from infected devices. The Luca stealer is written in the Rust programming language. This program's source code was leaked by its d

StepWarrior Adware (Mac)
Mac Virus

StepWarrior Adware (Mac)

Our team discovered the StepWarrior application after downloading and testing a fake Adobe Flash Player installer (that installer was downloaded from an unofficial site). We found that the purpose of StepWarrior is to display intrusive advertisements. Thus, we concluded that StepWarrior operates

Nitro22 Ransomware
Ransomware

Nitro22 Ransomware

While examining malware samples submitted to the VirusTotal website, we discovered Nitro22 ransomware - malware that encrypts files to blackmail victims. Also, Nitro22 changes the desktop wallpaper and creates a ransom note (the "#Decryption#.txt" file), and appends the ".nitro" extension to filen

Vvwq Ransomware
Ransomware

Vvwq Ransomware

Our research team discovered the Vvwq ransomware-type program during a routine inspection of new submissions to VirusTotal. This malicious program belongs to the Djvu ransomware family. We executed a sample of Vvwq ransomware on our testing system, and it began encrypting files. The filenames of

CacheOptimization Adware (Mac)
Mac Virus

CacheOptimization Adware (Mac)

CacheOptimization is an advertising-supported application that displays annoying advertisements. It has no useful features or provides other value. Our team discovered CacheOptimization after examining a fake installer downloaded from a shady page. Like most apps of this kind, CacheOptimization

Vveo Ransomware
Ransomware

Vveo Ransomware

Vveo is ransomware designed to encrypt files, append the ".vveo" extension to filenames, and drop the "_readme.txt" file (a ransom note). We found that Vveo is part of the Djvu ransomware family. Our team discovered this ransomware while analyzing malware samples submitted to the VirusTotal websit