Step-by-Step Malware Removal Instructions

HYPERSCRAPE Malware
Trojan

HYPERSCRAPE Malware

HYPERSCRAPE is a malicious program designed to steal sensitive information. This malware aims explicitly to steal user data from email and personal information management accounts. There is evidence linking HYPERSCRAPE with Charming Kitten - an Iranian government-backed espionage group. HY

Loplup Ransomware
Ransomware

Loplup Ransomware

While inspecting new submissions to VirusTotal, our researchers discovered the Loplup ransomware-type program, which is part of the ZEPPELIN ransomware family. Once we executed a sample of Loplup on our test machine, it encrypted files and appended their filenames with a ".loplup.[victim's_ID]" e

Ylcufr.com Ads
Notification Spam

Ylcufr.com Ads

During a routine investigation of untrustworthy sites, our researchers discovered the ylcufr[.]com rogue webpage. This page promotes browser notification spam with the use of deception. Furthermore, it can redirect visitors to other sites, which are likely dubious or malicious. Most users enter y

News-xebipi.com Ads
Notification Spam

News-xebipi.com Ads

News-xebipi[.]com is the address of a rogue webpage that our researcher team discovered while inspecting suspicious websites. It is designed to push spam browser notifications and redirect visitors to other (likely untrustworthy or malicious) sites. Users typically access pages like news-xebipi[.

Escanor (Esca) RAT
Trojan

Escanor (Esca) RAT

Escanor, also known as Esca, is a Remote Access Trojan (RAT). Malware of this kind operates by enabling remote access and control over infected devices. RATs tend to be highly multifunctional and pose a wide range of threats. Escanor (Esca) is a cross-platform malware that targets both Windows and

RecordBreaker Malware
Trojan

RecordBreaker Malware

RecordBreaker is a piece of malicious software classified as a stealer. Malware of this kind is designed to extract and exfiltrate vulnerable data and content. RecordBreaker has been actively spread through various websites offering "cracked" software. Following successful infiltration, ai

Internet Download Manager Browser Hijacker
Browser Hijacker

Internet Download Manager Browser Hijacker

Not to be confused with any legitimate software under the name of "Internet Download Manager", this extension is a browser hijacker. While this fake extension is presented as a tool for advanced download management, it modifies browser settings to promote the smartwebfinder.com illegitimate searc

OpenSubtitles Uploader Adware
Adware

OpenSubtitles Uploader Adware

OpenSubtitles Uploader is a rogue application. After analyzing this app, we determined that it operates as advertising-supported software (adware). In other words, it enables the placement of third-party graphical content on various interfaces. OpenSubtitles Uploader may have additional undesirabl

Extension Settings Browser Hijacker
Browser Hijacker

Extension Settings Browser Hijacker

While inspecting scam sites, our research team discovered a rogue installer containing the Extension Settings browser extension. After analyzing this piece of software, we determined that it is a browser hijacker that promotes the ardslediana.com fake search engine. Typically, browser hija

ZZZZZ (Scarab) Ransomware
Ransomware

ZZZZZ (Scarab) Ransomware

Our research team found yet another program belonging to the Scarab ransomware family named ZZZZZ. Malware within the ransomware classification is designed to encrypt files and demand ransoms for the decryption. After we launched a sample of ZZZZZ (Scarab) ransomware on our test system, it encryp