Step-by-Step Malware Removal Instructions

Win32/Zpevdo Trojan
Trojan

Win32/Zpevdo Trojan

Win32/Zpevdo is high-risk trojan designed to modify Windows Firewall settings. This malware typically infiltrates systems when another trojan is installed (a result of "chain infections") or when users visit malicious websites. The presence of Win32/Zpevdo trojan makes the system more vulnerable t

Xerox Color Workstation Email Virus
Phishing/Scam

Xerox Color Workstation Email Virus

"Xerox Color Workstation Email Virus" is the name of a spam campaign, designed by cyber criminals to proliferate a malicious program, a keystroke logger called Hawkeye.  The main purpose of the email issued by this campaign is to trick people into opening the attached file, which infects computer

Renropsitto.info POP-UP Ads
Notification Spam

Renropsitto.info POP-UP Ads

The internet is flooded with websites similar to renropsitto[.]info including, for example, Pushnews[.]online, txtnews[.]online, and watch-this[.]live. These are just some examples from many. Most of these sites are virtually identical. Once visited, they display untrustworthy content or open othe

Ticeroftertal.info POP-UP Ads
Notification Spam

Ticeroftertal.info POP-UP Ads

ticeroftertal[.]info is a rogue website that has the same purpose as pushnews[.]online, txtnews[.]online, watch-this[.]live, and many other websites of this type. Once visited, it redirects users to websites that cannot be trusted or displays dubious content. Typically, people are forced to visit

PayPal Account Is On Hold POP-UP Scam
Phishing/Scam

PayPal Account Is On Hold POP-UP Scam

The "PayPal account is on hold" scam is presented on a deceptive website that should not be trusted. Scammers use it to steal PayPal accounts. Typically, people end up visiting websites of this type due to potentially unwanted applications (PUAs) installed on their browsers or operating systems.

wal Ransomware
Ransomware

wal Ransomware

wal is high-risk ransomware that belongs to the Dharma ransomware family. This malware stealthily infiltrates the system and encrypts most stored files, thereby rendering them impossible to use. It is also appends filenames with the victim's unique ID, developer's email address, and ".wal" extensi

1 Click PDF Adware (Mac)
Mac Virus

1 Click PDF Adware (Mac)

1 Click PDF (also known as 1ClickPDF) is promoted as a file conversion app capable of converting virtually any file format to PDF. It is promoted as a useful and legitimate tool, however, 1 Click PDF is categorized as a potentially unwanted (adware-type) application (PUA) and adware. It changes

Forasom Ransomware
Ransomware

Forasom Ransomware

Belonging to the Djvu ransomware family, Forasom is a high-risk infection designed to encrypt victims' data and make ransom demands. During encryption, Forasom appends filenames with the ".forasom" extension (e.g., "sample.jpg" is renamed to "sample.jpg.forasom"). As with other Djvu variants, For

.bat Ransomware
Ransomware

.bat Ransomware

Discovered by Jakub Kroustek, .bat is a malicious program classified as ransomware. Generally, malware of this type blocks victims from accessing their files by encryption. To decrypt them, victims are forced to buy a decryption tool/key from cyber criminals who developed the program, in this case

qbix Ransomware
Ransomware

qbix Ransomware

The number of new ransomware-type programs is growing daily, including qbix, which was discovered by Jakub Kroustek and belongs to the Dharma ransomware family. Like most programs of this type, qbix is used by cyber criminals who aim to extort money from their victims. Ransomware-type programs en