Step-by-Step Malware Removal Instructions

DHL Shipping Document/Invoice Receipt Email Scam
Phishing/Scam

DHL Shipping Document/Invoice Receipt Email Scam

Our analysis of the "DHL Shipping Document/Invoice Receipt" email revealed that it is fake. This spam letter is presented as a notification from DHL - a legitimate logistics, courier, delivery, and express mail company. This mail attempts to trick recipients into disclosing their email account log

TONEINS Trojan
Trojan

TONEINS Trojan

TONEINS is the name of a backdoor malware. This software is designed to open a "backdoor" for additional malicious components or programs into compromised systems. TONEINS, alongside TONESHELL and PUBLOAD, have been observed being distributed in cyberespionage campaigns particularly active in Asi

Uyit Ransomware
Ransomware

Uyit Ransomware

Uyit is ransomware that encrypts files, appends the ".uyit" extension to filenames, and drops a ransom note (the "_readme.txt") file. Uyit is one of the Djvu ransomware variants. We discovered it while checking the VirusTotal page for recently submitted malware samples. It is common for Djvu ranso

Timespace.top Ads
Notification Spam

Timespace.top Ads

Timespace[.]top is a rogue page that our researchers found while inspecting dubious websites. This webpage promotes spam browser notifications and can redirect visitors to other (likely deceptive/malicious) sites. Most users access pages like timespace[.]top via redirects caused by sites using ro

Trigona Ransomware
Ransomware

Trigona Ransomware

Trigona is ransomware that encrypts files and appends the "._locked" extension to filenames. Also, it drops the "how_to_decrypt.hta" file that opens a ransom note. An example of how Trigona renames files: it renames "1.jpg" to "1.jpg._locked", "2.png" to "2.png._locked", and so forth. It embeds t

Bazek Ransomware
Ransomware

Bazek Ransomware

Bazek is ransomware that our team discovered while checking the VirusTotal site for recently submitted malware samples. We found that it encrypts files, appends the ".bazek" extension to filenames, and drops the "README.txt" file containing a ransom note. Our team also learned that there are two

IdentityStack Adware (Mac)
Mac Virus

IdentityStack Adware (Mac)

While analyzing the IdentityStack application, our team found that it shows annoying advertisements and can read sensitive information. Thus, we classified IdentityStack as adware. This application was discovered while inspecting deceptive websites offering to update supposedly outdated software

LilithBot Malware
Trojan

LilithBot Malware

LilithBot is a highly versatile piece of malicious software. There are several variants of this malware, and it primarily operates as a botnet, cryptominer, clipper, and stealer. Research by Zscaler suggests that the developers of LilithBot are the same ones behind the Eternity malware family. Bo

Uyro Ransomware
Ransomware

Uyro Ransomware

Uyro is one of the Djvu ransomware variants designed to encrypt files, drop a ransom note, and append its extension to filenames. Uyro drops the "_readme.txt" file and appends ".uyro" extension to filenames. We discovered Uyro ransomware while examining malware samples submitted to VirusTotal. An

Allactualspot.com Ads
Notification Spam

Allactualspot.com Ads

Our research team discovered the allactualspot[.]com rogue webpage while investigating untrustworthy websites. It pushes browser notification spam and redirects users to different (likely dubious/malicious) sites. Most users access pages like allactualspot[.]com via redirects caused by websites us