Virus and Spyware Removal Guides, uninstall instructions

What kind of application is Goals Tracker?

During our evaluation of the Goals Tracker browser extension, we noticed its intent to promote a counterfeit search engine by tampering with web browser settings, a practice commonly referred to as browser hijacking. It is important to emphasize that browser hijackers, such as Goals Tracker, are usually promoted through questionable means.

What kind of malware is Poverty?

Poverty is a typical information stealer, lacking unique features distinguishing it from more proactive types of stealers. Cybercriminals employ malware like Poverty to compromise the privacy and security of individuals and organizations. These malicious tools infiltrate systems, collect sensitive data such as passwords and financial information, and then transmit the stolen data to the attackers.

What kind of malware is GoTiS?

Our research team discovered the GoTiS ransomware during a routine investigation of new submissions to the VirusTotal website. This malicious program is part of the Xorist ransomware. This malware encrypts data and demands ransoms for its decryption.

On our testing system, GoTiS encrypted files and appended their filenames with a ".GoTiS" extension. For example, a file initially titled "1.jpg" appeared as "1.jpg.GoTiS", "2.png" as "2.png.GoTiS", etc.

After the encryption process was completed, GoTiS created identical ransom notes on the desktop wallpaper, in the pop-up window, and a text file named "HOW TO DECRYPT FILES.txt".

What kind of malware is ObjCShellz?

ObjCShellz is a newly discovered macOS malware associated with the BlueNorOff hacking group. This malware is specifically designed to target macOS devices. What sets ObjCShellz apart is its capability to open remote shells on compromised macOS systems, enabling unauthorized access and control over infected devices.

What kind of malware is GootBot?

GootBot is a new variant of the GootLoader malware. It is used as a lateral movement tool. This malicious program is exceedingly lightweight and has an emphasis on stealth. Essentially, GootBot is implemented in the later stages of extensive attacks, wherein this software moves laterally through a network in order to facilitate further infections.

Based on the business-oriented themes used in the search engine poisoning techniques utilized in GootBot's proliferation, it is evident that this malware targets large entities.

What kind of malware is Jzeq?

Jzeq is ransomware belonging to the Djvu family, and it has been discovered while inspecting samples submitted to the VirusTotal page. Jzeq blocks access to files by encrypting them, appends the ".jzeq" extension to filenames, and provides a ransom note ("_readme.txt"). For instance, it renames "1.pg" to "1.jpg.jzeq", "2.png" to "2.png.jzeq", etc.

Since Jzeq is associated with Djvu ransomware, it may be distributed alongside Vidar, RedLine, or similar information stealers.

What kind of malware is Jzie?

While analyzing malware samples submitted to VirusTotal, we encountered a ransomware variant known as Jzie. Jzie has been crafted to encrypt files and alter their names by adding the ".jzie" extension. Additionally, Jzie generates a ransom note, which can be found in a file named "_readme.txt".

Jzie alters file names using this pattern: it changes a file named "1.jpg" to "1.jpg.jzie", "2.png" to "2.png.jzie", and so on. It is essential to highlight that Jzie is a member of the Djvu ransomware family. Frequently, cybercriminals distribute Djvu ransomware in tandem with data-stealing malware, such as RedLine or Vidar.

What kind of application is Photon Search?

While assessing the Photon Search browser extension, we observed its intention to promote a fake search engine by manipulating web browser settings, a behavior often known as browser hijacking. It is essential to note that browser hijackers like Photon Search are typically advertised through dubious methods.

What kind of software is Qwik Ant?

While inspecting dubious sites, our research team discovered the Qwik Ant browser extension. It is endorsed as a productivity tool for easy access to various popular platforms and services. Qwik Ant makes changes to browser settings to promote (via redirects) the search.qwikant.com illegitimate search engine. Due to this, this extension is classed as a browser hijacker.

What kind of software is I AM Daily?

I AM Daily is a rogue extension that promises to provide "positive affirmation" to users whenever they open a new browser tab. This piece of software makes modifications to browser settings in order to generate redirects. Due to this behavior, I AM Daily is categorized as a browser hijacker.