Step-by-Step Malware Removal Instructions

Video Player Pro Adware
Adware

Video Player Pro Adware

Our team tested the Video Player Pro browser extension and learned that it shows annoying advertisements. Also, it can manage downloads and read and change data on all websites. Apps that generate ads are called adware (advertising-supported software). Users rarely install adware on purpose.

Gqlmcwnhh Ransomware
Ransomware

Gqlmcwnhh Ransomware

Gqlmcwnhh is ransomware (a ransomware variant from the Snatch family). It encrypts data, appends ".gqlmcwnhh" extension to filenames, and drops the "HOW TO RESTORE YOUR FILES.TXT" file (a ransom note). Our malware researchers discovered Gqlmcwnhh while examining samples submitted to VirusTotal. A

Titan Stealer
Trojan

Titan Stealer

While investigating malware samples submitted to VirusTotal, our team discovered an information stealer called Titan. Malware of this type gathers sensitive data from the infected system and sends it to the attacker. Typically, cybercriminals behind information stealers are financially motivated.

Tab Session Adware
Adware

Tab Session Adware

While checking out deceptive websites, our researchers discovered the Tab Session browser extension. It is presented as a productivity improvement tool that promises easy access and navigation on browsers. However, Tab Session operates as adware. This browser extension runs intrusive ad campaigns

XStealer Malware
Trojan

XStealer Malware

XStealer is a piece of malicious software designed to steal data. This stealer malware can exfiltrate browsing and user information. Therefore, XStealer infections endanger victims' privacy and safety. XStealer, like many stealers, begins its operation by gathering relevant device data (e.

Cipher Ransomware
Ransomware

Cipher Ransomware

While reviewing new submissions to VirusTotal, our research team found the Cipher ransomware. This malicious program is part of the MedusaLocker ransomware family. After a sample of Cipher was executed on our testing system, it began encrypting files and appended their names with a ".cipher" exte

Reportyouridentity.site Ads
Notification Spam

Reportyouridentity.site Ads

While investigating reportyouridentity[.]site, we found that it is a deceptive page designed to trick visitors into believing that their computers are infected. Also, reportyouridentity[.]site asks for permission to show notifications. Our team discovered reportyouridentity[.]site while inspecting

DHL Shipping Document/Invoice Receipt Email Scam
Phishing/Scam

DHL Shipping Document/Invoice Receipt Email Scam

Our analysis of the "DHL Shipping Document/Invoice Receipt" email revealed that it is fake. This spam letter is presented as a notification from DHL - a legitimate logistics, courier, delivery, and express mail company. This mail attempts to trick recipients into disclosing their email account log

TONEINS Trojan
Trojan

TONEINS Trojan

TONEINS is the name of a backdoor malware. This software is designed to open a "backdoor" for additional malicious components or programs into compromised systems. TONEINS, alongside TONESHELL and PUBLOAD, have been observed being distributed in cyberespionage campaigns particularly active in Asi

Uyit Ransomware
Ransomware

Uyit Ransomware

Uyit is ransomware that encrypts files, appends the ".uyit" extension to filenames, and drops a ransom note (the "_readme.txt") file. Uyit is one of the Djvu ransomware variants. We discovered it while checking the VirusTotal page for recently submitted malware samples. It is common for Djvu ranso