Step-by-Step Malware Removal Instructions

Phmqdw Ransomware
Ransomware

Phmqdw Ransomware

Our researchers found the Phmqdw malicious program while inspecting new submissions to VirusTotal. We learned that it belongs to the Makop ransomware family. Once launched onto our test machine, this ransomware began encrypting files and appending their filenames with a unique ID assigned to the

ColdStealer Malware
Trojan

ColdStealer Malware

ASEC Analysis Team has discovered a new information stealer called ColdStealer. It was found that this malware steals various user information and sends it to Command and Control (C2) server. Cybercriminals distribute ColdStealer using a dropper and downloader malware that downloads ColdStealer fr

Thispcprotected.com Ads
Notification Spam

Thispcprotected.com Ads

During a routine inspection of dubious websites, our researchers discovered thispcprotected[.]com. This rogue webpage is designed to host deceptive content (scams), push browser notification spam, and redirect visitors to other (likely untrustworthy/malicious) sites. Most users enter such pages vi

Fakecalls Trojan (Android)
Trojan

Fakecalls Trojan (Android)

Fakecalls is the name of a Trojan targeting Android users. This malware imitates calls with bank employees (customer support). Fakecalls is disguised as a banking application (at least two banking apps called Kookbik Bank and KakaoBank). Cybercriminals can use Fakecalls Trojan to extract sensitive

Democracy Whisperers Ransomware
Ransomware

Democracy Whisperers Ransomware

Democracy Whisperers is the name of a malicious program classified as ransomware. Our research team discovered it while inspecting new malware submissions on VirusTotal. We determined that it belongs to the Babuk ransomware family. After being launched onto our test machine, Democracy Whisperers

Session Ransomware
Ransomware

Session Ransomware

Session is the name of ransomware belonging to a ransomware family called Makop. We discovered it while analyzing malware samples submitted to VirusTotal. Session ransomware encrypts and renames files and creates a ransom note (the "+README-WARNING+.txt" file). It appends a string of random charac

Notcomp.com Ads
Notification Spam

Notcomp.com Ads

Our research team discovered the notcomp[.]com rogue webpage while inspecting shady sites. It is designed to push browser notification spam and redirect visitors to other (likely unreliable/malicious) websites. Notcomp[.]com and sites akin to it are rarely accessed intentionally. Most users enter

Yourdesktopdefence.com Ads
Notification Spam

Yourdesktopdefence.com Ads

During a routine inspection of untrustworthy websites, our researchers discovered the yourdesktopdefence[.]com webpage. It promotes scam content, pushes spam browser notifications, and redirects visitors to other (likely unreliable/malicious) sites. Most users enter yourdesktopdefence[.]com and s

Flow Dark Browser Hijacker
Browser Hijacker

Flow Dark Browser Hijacker

While researching dubious download pages, we discovered the flow dark browser extension, which promises to enable dark mode for simple design websites. After analyzing this extension, we determined that this piece of software operates as a browser hijacker that promotes the getsins.com fake search

3N7gh7mg4hyxnwGTFUpjHfpZh154Eu7rYD Malware
Trojan

3N7gh7mg4hyxnwGTFUpjHfpZh154Eu7rYD Malware

While inspecting "cracked" software download websites, our research team discovered the "3N7gh7mg4hyxnwGTFUpjHfpZh154Eu7rYD" malware. Malicious programs within this classification are also known as clipboard hijackers, as they are designed to change the data copied into the infected system's clipb