Step-by-Step Malware Removal Instructions

CyclinGuru Browser Hijacker
Browser Hijacker

CyclinGuru Browser Hijacker

Upon examination of the CyclinGuru browser extension, we found that it takes over a web browser by altering its settings with the aim of promoting a fake search engine called privatesearchqry.com. As a result, we have classified CyclinGuru as a browser hijacker. CyclinGuru browser extensio

Npdnnsgg.com Ads
Notification Spam

Npdnnsgg.com Ads

Npdnnsgg[.]com is a rogue webpage that we discovered while investigating suspicious sites. It operates by promoting spam browser notifications and redirecting visitors to different (likely untrustworthy/harmful) websites. Most users access pages like npdnnsgg[.]com via redirects generated by sites

Drinking Well Browser Hijacker
Browser Hijacker

Drinking Well Browser Hijacker

Our researchers found the Drinking Well browser extension while inspecting dubious sites. It is endorsed as a tool for tracking and improving users' hydration habits. However, our analysis of Drinking Well revealed that it is a browser hijacker, i.e., the extension modifies browser settings to pr

H3r Ransomware
Ransomware

H3r Ransomware

H3r is a ransomware discovered by our researchers during a routine inspection of new submissions to VirusTotal. This program is part of the Dharma ransomware family and operates by encrypting data in order to demand ransoms for its decryption. On our testing system, H3r renamed the encrypted file

MIMUS Ransomware
Ransomware

MIMUS Ransomware

MIMUS is ransomware that encrypts files, replaces their filenames with a string of random characters and appends the ".encrypted" extension, and drops the "READ_TO_DECRYPT.html" file that contains a ransom note. Our malware researchers discovered MIMUS during an examination of samples submitted to

BOOM (Phobos) Ransomware
Ransomware

BOOM (Phobos) Ransomware

While inspecting new submissions to VirusTotal, our researchers discovered BOOM – a malicious program belonging to the Phobos ransomware family. Malware within this classification is designed to encrypt data and demand ransoms for its decryption. After we executed a sample of BOOM (Phobos) ransom

Opencaptchahere.top Ads
Notification Spam

Opencaptchahere.top Ads

Upon our inspection of opencaptchahere[.]top, it was found to use a deceitful approach to convince visitors to permit it to send notifications. Also, opencaptchahere[.]top may redirect visitors to questionable websites. Opencaptchahere[.]top was encountered while examining pages that employ shady

LOBSHOT Malware
Trojan

LOBSHOT Malware

LOBSHOT is a type of malware with a feature called hVNC (Hidden Virtual Network Computing) that allows attackers to access a victim's computer without being noticed. The hVNC component is effective in evading fraud detection systems. Also,  LOBSHOT is being used to carry out financial crimes throu

Fofd Ransomware
Ransomware

Fofd Ransomware

Fofd is a type of ransomware that belongs to the Djvu family. It encrypts files on the victim's computer and demands a ransom payment for the decryption tools. Our team discovered Fofd while reviewing recently submitted malware samples on the VirusTotal site. It is important to note that Fofd may

Sato Ransomware
Ransomware

Sato Ransomware

During our analysis of malware samples submitted to VirusTotal, our team came across Sato ransomware, which belongs to the Djvu family. Once a computer is infected, Sato encrypts the files and adds the ".sato" extension to their filenames. Moreover, it generates a ransom note (creates a text file