Step-by-Step Malware Removal Instructions

Lottolore Email Scam
Phishing/Scam

Lottolore Email Scam

After inspecting this "Lottolore" email, we determined that it is spam. It is presented as a notification regarding a lottery prize that the recipient has won. It must be emphasized that this email is fake and it is not associated with any legitimate lotteries. The spam letter with the sub

DHL Express - AWB & Shipping Doc Email Virus
Phishing/Scam

DHL Express - AWB & Shipping Doc Email Virus

After inspecting this "DHL Express - AWB & Shipping Doc" email – we determined that it is malspam (malicious spam). The scam letter is presented as a message regarding shipping documentation from DHL Express. It must be emphasized that this email is fake, and it is in no way associated with th

Images Switcher Adware
Adware

Images Switcher Adware

Our team found that the Images Switcher browser extension is an advertising-supported app after conducting a thorough examination. This extension displays intrusive advertisements. Our team discovered Images Switcher on a questionable website. Users often unknowingly download and install (or add)

NEVADA Ransomware
Ransomware

NEVADA Ransomware

NEVADA is the name of ransomware targeting Windows and Linux operating systems. It is written in the Rust programming language. NEVADA encrypts files, appends the ".NEVADA" extension to filenames, and drops its ransom note (the "readme.txt" file) in folders containing encrypted files. An example

Please Find Attached My CV Email Virus
Phishing/Scam

Please Find Attached My CV Email Virus

After inspecting this "Please Find Attached My CV" email, we determined that it is malspam. This spam letter is presented as a CV submission from a party interested in working for the recipient's company. The file attached to this email is designed to infect devices with the Agent Tesla malware.

Noutzing.com Ads
Notification Spam

Noutzing.com Ads

While examining noutzing[.]com, our team discovered that this page displays a deceptive message. The purpose of noutzing[.]com is to trick visitors into permitting it to show notifications. Also, it may redirect to other shady websites. Users open sites like noutzing[.]com inadvertently. N

Sunjn Ransomware
Ransomware

Sunjn Ransomware

Sunjn is the name of a ransomware-type program that we discovered while inspecting new submissions to VirusTotal. This program is part of the VoidCrypt ransomware family. After we executed a sample of Sunjn on our test machine, it encrypted files and altered their filenames. Original titles were

Anonymous (Chaos) Ransomware
Ransomware

Anonymous (Chaos) Ransomware

While inspecting malware samples submitted to the VirusTotal page, we discovered a ransomware variant based on Chaos ransomware dubbed Anonymous. This variant encrypts data, appends its extension (four random characters) to filenames, changes the desktop wallpaper, and the "for dencrypt" file that

Liffswithabr.com Ads
Notification Spam

Liffswithabr.com Ads

While researching suspicious websites, we discovered the liffswithabr[.]com rogue page. It operates by pushing browser notification spam and redirecting visitors to different (likely unreliable/harmful) sites. Most users access liffswithabr[.]com and similar pages through redirects caused by websi

Dgnlwjw Ransomware
Ransomware

Dgnlwjw Ransomware

While inspecting new submissions to VirusTotal, our research team discovered yet another ransomware-type program from the Snatch family – called Dgnlwjw. Malware within this classification is designed to encrypt data for the purpose of making ransom demands for the decryption tools. When we execu