Virus and Spyware Removal Guides, uninstall instructions

What is myhugewords[.]com?

Myhugewords[.]com is a deceptive website designed to trick visitors into agreeing to receive notifications. We have discovered myhugewords[.]com while examining various illegal movie streaming, torrent, and other sites that use shady advertising networks. Websites of this type rarely are visited on purpose.

What is Qnty ransomware?

Qnty is a piece of malicious software classified as ransomware; it is designed to encrypt data and demand payment for the decryption. After obtaining a sample from VirusTotal, our researchers determined that Qnty belongs to the Djvu ransomware family.

On our test machine, this malicious program encrypted files and appended their filenames with a ".qnty" extension. For example, a file initially titled "1.jpg" appeared as "1.jpg.qnty", "2.jpg" as "2.jpg.qnty", and so on. Once the encryption process was completed, a ransom-demanding message - "_readme.txt" - was created.

What kind of malware is Kl?

Our malware researchers have discovered the Kl ransomware on VirusTotal (while checking for recently submitted malware samples). They have learned that Kl is part of the Dharma ransomware family. It encrypts files and appends the victim's ID, filekiller@onionmail.org email address, and the ".kl" extension to filenames.

For example, Kl renames "1.jpg" to "1.jpg.id-9ECFA84E.[filekiller@onionmail.org].kl", "document.txt" to "document.txt.id-9ECFA84E.[filekiller@onionmail.org].kl". Also, it displays a pop-up window and creates a text file named "info.txt". Both of them contain a ransom note.

What kind of page is see-what-is-buzzing[.]com?

See-what-is-buzzing[.]com is a rogue website designed to load dubious content, promote browser notification spam, and redirect visitors to other untrustworthy/harmful pages.

Our research team discovered it while inspecting websites that use rogue advertising networks; redirects caused by such webpages are how most users access see-what-is-buzzing[.]com and similar sites.

What is Godox ransomware?

Godox is a ransomware-type program that our research team discovered while inspecting new submissions to VirusTotal. Additionally, we have determined that this piece of malicious software belongs to the VoidCrypt ransomware family.

After this ransomware was released onto our test system, it encrypted files and appended their filenames with a unique ID, the cyber criminals' email address, and a ".godox" extension. For example, a file originally titled "1.jpg" appeared as "1.jpg.(MJ-VR2865390471)(Folperdock@gmail.com).Godox".

Following the completion of the encryption process, Godox dropped ransom notes - "Decryption-Guide.HTA" and "Decryption-Guide.txt" - onto the desktop.

What is the "Notification Of DHL Shipment" email?

Our researchers determined that "Notification Of DHL Shipment" is a spam email. It is not associated with DHL - the logistics and delivery company; cyber criminals merely use the name to trick recipients into falling for the phishing scam. This fake notification targets email account log-in credentials through a phishing file attached to it.

What is Ccps ransomware?

During a routine inspection of new submissions to VirusTotal, our research team found another malicious program belonging to the Djvu ransomware family. It is called Ccps, and it is designed to encrypt data and demand payment for the decryption.

On our test machine, this ransomware encrypted files and appended their titles with a ".ccps" extension, e.g., a file initially named "1.jpg" appeared as "1.jpg.ccps", "2.jpg" as "2.jpg.ccps", etc. Once this process was completed, a ransom note - "_readme.txt" - was created.

What kind of page is pushnott[.]com?

We have found out about the pushnott[.]com website after visiting sites (illegal movie streaming, torrent sites) that use shady advertising networks. Our team has analyzed pushnott[.]com and learned that it attempts to get permission to show notifications and redirects to similar pages.

What is TikTok Finder?

TikTok Finder is a browser extension promising easy access to and search options on TikTok - the video-focused social media platform. Our researchers found this piece of software while inspecting dubious sites promoted by browser notification spam. After analyzing TikTok Finder, we determined it to be adware.

What kind of page is disturbmachine[.]xyz?

We have discovered disturbmachine[.]xyz while examining websites that use rogue advertising networks (such as torrent sites, illegal movie streaming pages). After analyzing disturbmachine[.]xyz, we have concluded that it displays deceptive content to promote legitimate software and asks for permission to show dubious notifications.