Virus and Spyware Removal Guides, uninstall instructions

What kind of application is PlatanusHispanica?

Upon conducting a comprehensive analysis of the PlatanusHispanica application, it has been determined that this app cannot be trusted, as it possesses the capability to access a broad spectrum of data and control browser components. Furthermore, it is disseminated through a malicious installer. Therefore, it is highly recommended for users to avoid using PlatanusHispanica.

What kind of software is TRES?

The TRES extension is promoted as a tool that displays tree-themed browser wallpapers. Our researchers found this piece of software during a routine investigation of suspicious websites. After examining TRES, we determined that it is a browser hijacker. This extension makes modifications to browser settings in order to promote the srchinwetr.com fake search engine.

What kind of malware is TrapStealer?

TrapStealer is a piece of versatile information-stealing malware. This malicious program targets a wide variety of data, particularly information related to the Discord messaging platform.

What kind of application is Goals Tracker?

During our evaluation of the Goals Tracker browser extension, we noticed its intent to promote a counterfeit search engine by tampering with web browser settings, a practice commonly referred to as browser hijacking. It is important to emphasize that browser hijackers, such as Goals Tracker, are usually promoted through questionable means.

What kind of malware is Poverty?

Poverty is a typical information stealer, lacking unique features distinguishing it from more proactive types of stealers. Cybercriminals employ malware like Poverty to compromise the privacy and security of individuals and organizations. These malicious tools infiltrate systems, collect sensitive data such as passwords and financial information, and then transmit the stolen data to the attackers.

What kind of malware is GoTiS?

Our research team discovered the GoTiS ransomware during a routine investigation of new submissions to the VirusTotal website. This malicious program is part of the Xorist ransomware. This malware encrypts data and demands ransoms for its decryption.

On our testing system, GoTiS encrypted files and appended their filenames with a ".GoTiS" extension. For example, a file initially titled "1.jpg" appeared as "1.jpg.GoTiS", "2.png" as "2.png.GoTiS", etc.

After the encryption process was completed, GoTiS created identical ransom notes on the desktop wallpaper, in the pop-up window, and a text file named "HOW TO DECRYPT FILES.txt".

What kind of malware is ObjCShellz?

ObjCShellz is a newly discovered macOS malware associated with the BlueNorOff hacking group. This malware is specifically designed to target macOS devices. What sets ObjCShellz apart is its capability to open remote shells on compromised macOS systems, enabling unauthorized access and control over infected devices.

What kind of malware is GootBot?

GootBot is a new variant of the GootLoader malware. It is used as a lateral movement tool. This malicious program is exceedingly lightweight and has an emphasis on stealth. Essentially, GootBot is implemented in the later stages of extensive attacks, wherein this software moves laterally through a network in order to facilitate further infections.

Based on the business-oriented themes used in the search engine poisoning techniques utilized in GootBot's proliferation, it is evident that this malware targets large entities.

What kind of malware is Jzeq?

Jzeq is ransomware belonging to the Djvu family, and it has been discovered while inspecting samples submitted to the VirusTotal page. Jzeq blocks access to files by encrypting them, appends the ".jzeq" extension to filenames, and provides a ransom note ("_readme.txt"). For instance, it renames "1.pg" to "1.jpg.jzeq", "2.png" to "2.png.jzeq", etc.

Since Jzeq is associated with Djvu ransomware, it may be distributed alongside Vidar, RedLine, or similar information stealers.

What kind of malware is Jzie?

While analyzing malware samples submitted to VirusTotal, we encountered a ransomware variant known as Jzie. Jzie has been crafted to encrypt files and alter their names by adding the ".jzie" extension. Additionally, Jzie generates a ransom note, which can be found in a file named "_readme.txt".

Jzie alters file names using this pattern: it changes a file named "1.jpg" to "1.jpg.jzie", "2.png" to "2.png.jzie", and so on. It is essential to highlight that Jzie is a member of the Djvu ransomware family. Frequently, cybercriminals distribute Djvu ransomware in tandem with data-stealing malware, such as RedLine or Vidar.