Step-by-Step Malware Removal Instructions

L3MON RAT (Android)
Trojan

L3MON RAT (Android)

L3MON is an Android malware with a remote administration Trojan (RAT) functionality. It misuses the Accessibility services to steal sensitive information and perform other actions. We have discovered L3MON RAT while inspecting a trojanized Sathi Chat app that impersonates tje Crazy Talk messaging

000 Stealer Malware
Trojan

000 Stealer Malware

While inspecting malware selling hotspots, our researchers discovered a malicious program named 000. It is a stealer-type malware designed to exfiltrate and extract a wide variety of sensitive data from infected machines. The 000 Stealer can download files, obtain system and user data, and

AstraLocker 2.0 Ransomware
Ransomware

AstraLocker 2.0 Ransomware

AstraLocker 2.0 is a ransomware variant belonging to the Babuk family. We have found it while checking the VirusTotal page for recently submitted malware samples. AstraLocker 2.0 encrypts files and appends ".AstraLocker" or ".Astra" (depending on the variant) extension to filenames. Also, it creat

Jhdd Ransomware
Ransomware

Jhdd Ransomware

Jhdd is a piece of malicious software classified as ransomware that our researchers discovered while looking through new malware submissions on VirusTotal. We determined that Jhdd belongs to the Djvu ransomware family. After a sample was executed on our test machine, it encrypted files and append

AnalyticDeal Adware (Mac)
Mac Virus

AnalyticDeal Adware (Mac)

AnalyticDeal is the name of an untrustworthy application designed to feed users with unwanted advertisement. It operates as adware. Our team has discovered AnalyticDeal on a shady website suggesting that some installed software is outdated. It is very common for adware-type apps to be promoted/d

Dmay Ransomware
Ransomware

Dmay Ransomware

Dmay is ransomware - a type of malware that encrypts files. We have discovered it while examining samples submitted to VirusTotal. It was found that Dmay is part of the Djvu ransomware family. In addition to encrypting files, it renames them (appends the ".dmay" extension to filenames), and create

Protectorofpower.xyz Ads
Notification Spam

Protectorofpower.xyz Ads

Protectorofpower[.]xyz is a website that runs the "Your Windows 10 Is Infected With Viruses" scam and asks for permission to show notifications. Our team has discovered this deceptive site while inspecting various pages that use rogue advertising networks (e.g., torrent sites, illegal movie stream

Ourhotfeed.com Ads
Notification Spam

Ourhotfeed.com Ads

During a routine inspection of untrustworthy sites, we discovered the ourhotfeed[.]com rogue webpage. It is designed to push browser notification spam and redirect visitors to other (likely unreliable or malicious) websites. Pages like ourhotfeed[.]com are usually entered inadvertently. Most users

LoginCheck Adware (Mac)
Mac Virus

LoginCheck Adware (Mac)

LoginCheck is a piece of rogue software our research team discovered while inspecting new submissions to VirusTotal. After inspecting this app, we determined that LoginCheck works as advertising-supported software (adware) and belongs to the AdLoad malware family. LoginCheck might not di

Msjd Ransomware
Ransomware

Msjd Ransomware

Msjd is a ransomware-type program belonging to the Djvu malware family. Our researchers found Msjd while inspecting new submissions to VirusTotal. On our test machine, this ransomware encrypted files and added the ".msjd" extension to their filenames. To elaborate, a file initially titled "1.jpg"