Virus and Spyware Removal Guides, uninstall instructions

What kind of malware is Vlff?

Our team has discovered the Vlff ransomware while examining malware samples submitted to VirusTotal. It was found that Vlff is one of the variants belonging to the Djvu ransomware family. It encrypts data, renames files by appending the ".vlff" extension to their filenames, and generates a ransom note (creates the "_readme.txt" file).

An example of how Vlff changes filenames: it renames "1.jpg" to "1.jpg.vlff", "2.png" to "2.png.vlff", "3.exe" to "3.exe.vlff", and so forth.

What is "Tesla Giveaway" scam?

Scammers often use fake giveaways to trick people into transferring cryptocurrency to them. They impersonate famous personalities (or companies) and offer to match or sometimes even double any crypto sent to their account. Our article is about scammers who use fake Twitter accounts supposedly belonging to Elon Musk to extract cryptocurrency.

What is Tail DS?

Tail DS is the name of a browser extension. After analyzing this piece of software, our researchers found that it exhibits the behavior of a browser hijacker. Tail DS modifies browser settings to cause redirects to the tailsearch.com illegitimate search engine. Additionally, this extension spies on users' browsing activity.

What is ComputingInteractive?

ComputingInteractive is a rogue app our researchers discovered while looking through new submissions to VirusTotal. After analyzing it, we determined that this application operates as adware and is part of the AdLoad malware family.

What kind of page is poopholiredgeng[.]com?

Our research team discovered the poopholiredgeng[.]com webpage during a routine inspection of rogue websites. This page is designed to push browser notification spam and redirect visitors to other (likely untrustworthy or malicious) sites.

Webpages like poopholiredgeng[.]com are usually accessed inadvertently. Most users enter such websites via mistyped URLs or redirects caused by pages that use rogue advertising networks, spam notifications, intrusive ads, or installed adware.

What kind of email scam is "Your transfer expires in two days!"?

Our team has become aware of this email after receiving it to our inbox. After analyzing it, we learned that it is a phishing email purporting to be from WeTransfer. Scammers behind it attempt to trick recipients into clicking the provided link and entering their login credentials on a fake WeTransfer website.

What is CaddyWiper?

Discovered on the 14th of March, 2022 - CaddyWiper is a piece of malicious software designed to wipe the data stored on infected devices. The observed geopolitically-motivated attacks targeted specific Ukrainian organizations; these infections are evidently a cyber element of the war in Ukraine.

Wiper-type malware infections are created to render machines inoperable, thus deleting vital information and potentially disrupting essential services. These heinous attacks can have especially devastating consequences.

What kind of website is safepcsoftwares[.]com?

Safepcsoftwares[.]com is a page that displays fake virus alerts (messages claiming that a computer is infected) and asks for permission to show deceptive notifications. Our team has discovered safepcsoftwares[.]com while examining other pages that use rogue advertising networks (redirect to shady pages and display untrustworthy ads).

What kind of page is datadefenceservice[.]com?

Datadefenceservice[.]com is a rogue website our research team found while inspecting untrustworthy pages. It operates by loading deceptive material, promoting spam browser notifications, and redirecting visitors to other (likely unreliable/hazardous) sites.

Most users enter such webpages via redirects caused by sites using rogue advertising networks. However, these pages can also be accessed through mistyped URLs or redirects from intrusive ads, spam notifications, or installed adware.

What is kind of page is protectconnection[.]icu?

During a routine inspection of rogue websites, our researchers discovered the protectconnection[.]icu site. When we accessed this webpage, we noted that it ran a variant of the "(3) Viruses have been detected on your iPhone" scam.

Deceptive content of this type usually lures users into downloading/installing untrustworthy software - through claims that their devices are infected. In this case, the scam claims that the visitor's iPhone is infected with three viruses. It must be emphasized that all these claims are fake.