Step-by-Step Malware Removal Instructions

NUKESPED Trojan (Mac)
Mac Virus

NUKESPED Trojan (Mac)

NUKESPED is a backdoor Trojan, which targets Mac users in Korea. The group of cyber criminals who designed and spread this malware is called Lazarus.  They distributed this malicious software through an Excel document using a Mac App bundle, which contains legitimate and malicious versions of A

Bitcore Ransomware
Ransomware

Bitcore Ransomware

Discovered by dnwls0719, Bitcore belongs to the Paradise ransomware family. This malware is designed to encrypt data and demand payment for decryption tools/software. When Bitcore encrypts, all files are renamed with a random string of characters, the developer's email address, and the ".bitcore"

TurkStatik Ransomware
Ransomware

TurkStatik Ransomware

Discovered by cyber security researcher, Jack, TurkStatik is rogue software classified as ransomware. This malicious program is designed to encrypt data and demand ransom payments for decryption. During the encryption process, all affected files are appended with the ".ciphered" extension. For ex

Cr447.xyz Redirect
Browser Hijacker

Cr447.xyz Redirect

cr447.xyz is the address of a fake search engine, which is promoted through various potentially unwanted applications (PUAs) that are also categorized as browser hijackers. One of these apps (called APP) targets Google Chrome users. Research shows that cr447.xyz is related to QIP, another fake sea

Call Microsoft Helpline POP-UP Scam
Phishing/Scam

Call Microsoft Helpline POP-UP Scam

"Call Microsoft Helpline" is a scam run by deceptive websites. It operates by tricking users into believing that their device is infected and that they need to contact the (fake) technical support provided to resolve the issues. Note that no website can detect threats present on users' systems and

UPS Email Virus
Phishing/Scam

UPS Email Virus

"UPS Email Virus" is a spam email campaign used to proliferate a high-risk virus called Hancitor. Cyber criminals send thousands of emails encouraging users to open attached documents. In this case, the email is presented as a notification from the UPS company, however, opening the attached file l

F*CKaNDrUN Ransomware
Ransomware

F*CKaNDrUN Ransomware

Discovered by MalwareHunterTeam, F*CKaNDrUN is malicious software classified as ransomware and based on an open-source project called Hidden Tear. Victims who have computers infected with F*CKaNDrUN cannot access or use encrypted files unless they decode them with a key that can only be purchased

International promotion of postal services POP-UP Scam
Phishing/Scam

International promotion of postal services POP-UP Scam

"International promotion of postal services" is a scam proliferated by deceptive/scam sites. It operates by congratulating visitors that they have been chosen by Company Control Service and "the international share of postal services" as one of several hundred annual "Happy e-mail" winners. Users

Rote Ransomware
Ransomware

Rote Ransomware

Rote belongs to the Djvu ransomware family. It encrypts victim's data, changes the filename of each encrypted file, and creates a text file that contains instructions about how to contact cyber criminals and other details. It renames encrypted files by appending the ".rote" extension to filenames

Zobm Ransomware
Ransomware

Zobm Ransomware

Discovered by Amigo-A, Zobm ransomware is a part of the Djvu family of ransomware-type malware. Like most programs of this type, it encrypts (locks) data, creates a ransom message, and adds its extension to each encrypted file. Zobm creates the "_readme.txt" file and appends the ".zobm" extension.