Step-by-Step Malware Removal Instructions

Black Basta Ransomware
Ransomware

Black Basta Ransomware

While inspecting new malware submissions to VirusTotal, our researchers found the Black Basta ransomware. After launching a sample on our test system, we learned that this malicious program encrypts files and appends their filenames with a ".basta" extension. For example, a file initially titled

AID Malware
Trojan

AID Malware

AID is malware that functions as a loader and a clipper. It is written in C++ programming language. AID is promoted on a hacker forum. It is sold for $75 (at the moment, its developer uses a sales promotion and sells AID for $50). AID can execute EXE (executable) files downloaded via a spe

Jhbg Ransomware
Ransomware

Jhbg Ransomware

While inspecting new submissions to VirusTotal, our research team found the Jhbg ransomware-type program. We determined that this program belongs to the Djvu ransomware family. After being launched onto our test machine, Jhbg encrypted files and appended their filenames with a ".jhbg" extension.

Locked (Phobos) Ransomware
Ransomware

Locked (Phobos) Ransomware

Locked is ransomware belonging to the Phobos family. We have discovered this variant on VirusTotal (while checking the page for recently submitted malware samples). Locked ransomware encrypts files and appends the victim's ID, robertopaulick@mail.ee email address, and ".locked" extension to filena

Dewd Ransomware
Ransomware

Dewd Ransomware

We have discovered a new Djvu ransomware variant called Dewd. It was discovered while analyzing the samples submitted to VirusTotal. After testing this ransomware, we found that it encrypts files and appends the ".dewd" extension to filenames. Also, it creates a text file named "_readme.txt". This

Thefreeadv.com Ads
Notification Spam

Thefreeadv.com Ads

Thefreeadv[.]com is a rogue site that our researchers discovered while inspecting shady websites. It operates by promoting spam browser notifications through deception, and this page can also redirect visitors to others (likely harmful/malicious ones). Users typically access webpages like thefree

Keep Your PC Updated With Norton! POP-UP Scam
Phishing/Scam

Keep Your PC Updated With Norton! POP-UP Scam

While inspecting rogue webpages, we discovered the "Keep Your PC Updated With Norton!" scam. This scheme implies that the user's system may be infected and is at risk, and urges them to keep their Norton anti-virus subscription up-to-date. At the time of research, this scam redirected to the offi

LokiLok Ransomware
Ransomware

LokiLok Ransomware

LokiLok is a piece of malicious software classified as ransomware, which our researchers discovered while inspecting new submissions to VirusTotal. After analyzing LokiLok, we determined that it is based on a ransomware-type program called Chaos. Once launched onto our test machine, LokiLok encry

Star-search.xyz Redirect
Browser Hijacker

Star-search.xyz Redirect

Star-search.xyz is a fake search engine that shows results generated by Bing. It does not generate any unique search results. Typically, fake search engines are promoted through browser hijackers. Most apps of this type are promoted/distributed using questionable methods. We have discovered star-s

Posttrendingblog.com Ads
Adware

Posttrendingblog.com Ads

Posttrendingblog[.]com is one of the many websites designed to trick visitors into allowing them to show notifications. Like most pages of this type, posttrendingblog[.]com displays deceptive contents. It also can redirect visitors to other websites of this kind. We have discovered posttrendingblo