Step-by-Step Malware Removal Instructions

DONKEYHOT Ransomware
Ransomware

DONKEYHOT Ransomware

DONKEYHOT is ransomware used to blackmail victims. It encrypts files and keeps them inaccessible until a ransom is paid. We discovered DONKEYHOT while checking VirusTotal for recently submitted malware samples. In addition to encrypting files, this ransomware modifies filenames and generates the "

Emyresumef.hair Ads
Notification Spam

Emyresumef.hair Ads

While examining emyresumef[.]hair, we found that it can show deceptive notifications (if allowed) and redirect visitors to other shady pages. It uses a clickbait technique to trick visitors into agreeing to receive notifications. Our team discovered emyresumef[.]hair while inspecting sites that us

Tpnwslnd.com Ads
Notification Spam

Tpnwslnd.com Ads

While inspecting dubious websites, our researchers discovered the tpnwslnd[.]com rogue page. It promotes spam browser notifications and redirects users to other (likely untrustworthy/harmful) webpages. Most visitors to tpnwslnd[.]com and similar sites enter them via redirects caused by pages that

ACHIVA Email Virus
Phishing/Scam

ACHIVA Email Virus

After analyzing this email, we learned that threat actors use it to trick people into believing that they have received an email from the sales department of a company located in Vietnam. Their goal is to trick recipients into opening a malicious attachment. That attachment is used to distribute G

Qqpp Ransomware
Ransomware

Qqpp Ransomware

While examining malware samples submitted to VirusTotal, our researchers discovered a new Djvu ransomware variant called Qqpp. This ransomware encrypts files and appends the ".qqpp" extension to filenames. It also drops a ransom note (a text file named "_readme.txt") on the desktop. An example of

Power Colors Adware
Adware

Power Colors Adware

Our research team discovered the Power Colors rogue browser extension while inspecting dubious download webpages. We analyzed this extension and determined that it operates as advertising-supported software (adware). Adware enables the placement of third-party graphic content (advertisemen

Webmail Center Email Scam
Phishing/Scam

Webmail Center Email Scam

After inspecting this "Webmail Center" spam email, we determined that it operates as a phishing scam. The letter claims that due to a system upgrade, messages failed to reach the inbox. Hence, the recipient must verify their email account to receive the letters and prevent it from being blocked.

EllipseChoice Adware (Mac)
Mac Virus

EllipseChoice Adware (Mac)

EllipseChoice is a rogue application that we discovered during a routine inspection of new submissions to VirusTotal. Our analysis of this app revealed that it operates as advertising-supported software (adware). Additionally, it is worth mentioning that EllipseChoice is part of the AdLoad malwa

BianLian Ransomware
Ransomware

BianLian Ransomware

BianLian is a malicious program classified as ransomware. It is written in the Go programming language. After we executed a sample of BianLian on our test machine, it encrypted files and appended their filenames with a ".bianlian" extension. To elaborate, a file initially titled "1.jpg" appeared

Totaldatadefencereport.com Ads
Notification Spam

Totaldatadefencereport.com Ads

While inspecting totaldatadefencereport[.]com, we found that it is running the "Norton Security - Your PC Might Be Infected With Viruses!" scam. Additionally, we learned that totaldatadefencereport[.]com wants to show notifications. Our team discovered this page while examining other pages that us