Step-by-Step Malware Removal Instructions

Word Counter Adware
Adware

Word Counter Adware

During a routine inspection of deceptive sites, our research team found the Word Counter browser extension. It is supposedly capable of providing the word count of any current webpage. However, our inspection of this extension revealed that it is adware, i.e., Word Counter runs intrusive ad campai

Resiastawsix.xyz Ads
Notification Spam

Resiastawsix.xyz Ads

Our researchers discovered the resiastawsix[.]xyz rogue page while inspecting dubious websites. We learned that this webpage promotes scams and browser notification spam. Additionally, it can redirect users to different (likely untrustworthy/malicious) sites. Most visitors to resiastawsix[.]xyz a

Tzw Ransomware
Ransomware

Tzw Ransomware

Tzw is the name of a ransomware-type program we discovered while inspecting new submissions to VirusTotal. We executed a sample of Tzw on our test machine, and this ransomware encrypted the files and changed their titles. The filenames were appended with a ".tzw" extension, e.g., a file initially

NeedleDropper Malware
Trojan

NeedleDropper Malware

NeedleDropper is a malware variant designed to drop malicious payloads (inject malware). It is advertised and sold on hacking forums. NeedleDropper is a self-extracting archive that contains files used for malware execution. Threat actors have been observed distributing this malware via email.

Real Estate Investment Email Scam
Phishing/Scam

Real Estate Investment Email Scam

After inspecting the "Real Estate Investment" email – we determined that it is fake. The spam letter claims to be sent by an ex-government official from the opposition party in Syria. The fabricated sender expresses wishes to make the recipient a foreign partner in their business ventures. This im

Nyx Ransomware
Ransomware

Nyx Ransomware

Nyx is ransomware that encrypts files, appends the victim's ID, datasupp@onionmail.com email address, and the ".NYX" extension to filenames, and drops the "READ_ME.txt" file (its ransom note). Our team discovered Nyx ransomware while inspecting malware samples submitted to VirusTotal page. An exa

Xollam Ransomware
Ransomware

Xollam Ransomware

While examining malware samples submitted to VirusTotal, our team discovered ransomware dubbed Xollam. We found that Xollam is a new variant of Mallox ransomware with a reversed name. It encrypts files, appends the ".xollam" extension to filenames, and creates the "FILE RECOVERY.txt" text file con

Data Backup Email Scam
Phishing/Scam

Data Backup Email Scam

Our inspection revealed that this "Data Backup" email is spam. It operates as a phishing scam targeting email account log-in credentials. The fake letter claims that the mail service will be shut down, but if the recipient uses the linked backup guide – they will be able to continue using their ac

Youractualjournal.com Ads
Notification Spam

Youractualjournal.com Ads

Youractualjournal[.]com is the address of a rogue webpage that our researchers discovered while inspecting untrustworthy sites. This page promotes browser notification spam and redirects visitors to other (likely unreliable/malicious) websites. Users typically enter such pages through redirects c

Pegasus Malware (Android)
Trojan

Pegasus Malware (Android)

Pegasus is the name of a malicious program within the spyware classification. It targets Android operating systems and can perform various commands and extract a broad range of information. Pegasus is a highly sophisticated program developed by the Israeli cyber-arms company called NSO Group. Thi