Step-by-Step Malware Removal Instructions

METZA Email Virus
Phishing/Scam

METZA Email Virus

Malspam emails such as this one usually contain a download link or malicious attachment. The emails can be used to deliver ransomware, Trojans, crypto miners, spyware and keyloggers, and other malware. This particular malspam message is used to deliver Agent Tesla, a Remote Administration Tool (RA

ProcesserLog Adware (Mac)
Mac Virus

ProcesserLog Adware (Mac)

ProcesserLog is a dubious application classified as adware. It also has browser hijacker traits. This app operates by running intrusive advertisement campaigns and making alterations to browser settings to promote fake search engines. Since most users download/install ProcesserLog inadvertently

Milleni5000 Ransomware
Ransomware

Milleni5000 Ransomware

Milleni5000 ransomware is designed to encrypt files and rename them by appending ".secure[milleni5000@qq.com]" as the file extension. For example, "1.jpg" is renamed to "1.jpg.secure[milleni5000@qq.com]", "2.jpg" to "2.jpg.secure[milleni5000@qq.com]", and so on. Milleni5000 also creates the "REST

Divsouth Ransomware
Ransomware

Divsouth Ransomware

Divsouth is a malicious program that is part of the MedusaLocker ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. During the encryption process, all compromised files are appended with the ".divsouth" extension. For

Motion Ransomware
Ransomware

Motion Ransomware

Motion belongs to the Xorist ransomware family. It encrypts files and appends the ".motion" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.motion", "2.jpg" to "2.jpg.motion", and so on. Motion also creates the "HOW TO DECRYPT FILES.txt" file in all folders and displays a pop-up

Video Search Adware
Adware

Video Search Adware

Video Search is rogue software endorsed as a tool for quick searching of multiple video-hosting platforms (e.g., YouTube, Vimeo, Facebook, Google Video, and Bing Videos) straight from the browser. In fact, Video Search is classified as adware, since it runs intrusive advertisement campaigns. I.e.

Screenshot Tool And Editor Adware
Adware

Screenshot Tool And Editor Adware

Screenshot Tool and Editor is advertised as a tool for taking screenshots of entire websites, capturing web page elements, and editing the screenshots (e.g., adding text). What is not advertised is that Screenshot Tool and Editor functions as adware, and thus generates unwanted advertisements. Ad

CryptoLocker-v3 Ransomware
Ransomware

CryptoLocker-v3 Ransomware

CryptoLocker-v3 is a malicious program belonging to the CryptoLocker ransomware family. It is designed to encrypt data and demand ransoms for decryption tools. During the encryption process, files are appended with the ".ecc" extension. For example, a file originally named something like "1.jpg" w

Clickmp3.com Suspicious Website
Adware

Clickmp3.com Suspicious Website

clickmp3[.]com offers download of videos from YouTube. Note that using websites such as clickmp3[.]com or third-party apps to download videos is against YouTube's Terms of Service. clickmp3[.]com also uses rogue advertising networks: the site contains dubious ads and opens other untrusted pages.

Resgateseup Ransomware
Ransomware

Resgateseup Ransomware

Discovered by 0x4143, Resgateseup is malicious software classified as ransomware. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools. Typically, ransomware renames affected files, however, the filenames of files encrypted by Resgatese