Step-by-Step Malware Removal Instructions

Triada Trojan (Android)
Trojan

Triada Trojan (Android)

Triada is the name of a Trojan targeting Android users. Cybercriminals distribute this Trojan via a modified version of WhatsApp called FMWhatsapp (and possibly other apps). Once the app with Triada hidden in it is launched, the Trojan gathers various device information to set up a communication c

Wizard Ransomware
Ransomware

Wizard Ransomware

Our research team discovered the Wizard malicious program during a routine inspection of new submissions to VirusTotal. It is classified as ransomware - a type of malware that encrypts data and makes ransom demands for the decryption tools. After we executed a sample of Wizard ransomware on our t

TeamDarkAnon Ransomware
Ransomware

TeamDarkAnon Ransomware

TeamDarkAnon is ransomware designed to encrypt files, change the desktop wallpaper, drop a ransom note (the "read_it.txt") file, and append the ".anon" extension to filenames. Files encrypted by ransomware cannot be opened until they are decrypted. We discovered TeamDarkAnon while examining malwar

Pending Messages On Our Remote Server Email Scam
Phishing/Scam

Pending Messages On Our Remote Server Email Scam

Our inspection of the "Pending Messages On Our Remote Server" email revealed that it operates as a phishing scam. This letter seeks to obtain the recipient's email account log-in credentials by making false claims about messages failing to reach their inbox. The spam email with the subject

ModemMaterial Adware (Mac)
Mac Virus

ModemMaterial Adware (Mac)

ModemMaterial is the name of an application our team discovered after downloading and using a fake installer for the Adobe Flash Player. While testing ModemMaterial, we learned that it generates intrusive advertisements. Software that shows unwanted advertisements is called adware. Adwar

Unique Ransomware
Ransomware

Unique Ransomware

Unique is ransomware that makes files inaccessible by encrypting them, modifies their filenames, and generates two ransom notes ("info.txt" and "info.hta" files). Unique is part of the Phobos ransomware family. We discovered it on VirusTotal (while checking this page for recently submitted malware

Wnprt.club Ads
Notification Spam

Wnprt.club Ads

While inspecting wnprt[.]club, our team learned that it has two purposes: to trick visitors into believing that their computers are infected (and purchasing antivirus software) and allowing it to show notifications. It runs the "McAfee - Your PC is infected with 5 viruses!" scam. We discovered wn

Analysissoftwarecentr.com Ads
Notification Spam

Analysissoftwarecentr.com Ads

Our researchers discovered the analysissoftwarecentr[.]com rogue webpage during a routine inspection of questionable websites. This page is designed to promote scams, push spam browser notifications, and redirects visitors to other (likely untrustworthy/malicious) sites. Users typically access an

RankBet Adware (Mac)
Mac Virus

RankBet Adware (Mac)

Our research team discovered the RankBet rogue app while inspecting new submissions to VirusTotal. After installing this piece of software onto our test system, we learned that it operates as adware. It is noteworthy that RankBet belongs to the AdLoad malware family. Adware stands for ad

S.O.V.A. Banking Trojan (Android)
Trojan

S.O.V.A. Banking Trojan (Android)

S.O.V.A. is the name of a banking trojan targeting Android devices. As its classification implies, this malware seeks to obtain baking and finance-related data. However, this trojan has a wide variety of functionalities and can be used to cause varied problems. S.O.V.A. is proliferated und