Step-by-Step Malware Removal Instructions

InfinityHardware Adware (Mac)
Mac Virus

InfinityHardware Adware (Mac)

When searching the newest submissions to VirusTotal, our researchers discovered InfinityHardware - another adware-type application from the AdLoad malware family. When installed onto our testing system, it operated by running intrusive advertisement campaigns. However, from our extensive resear

Fhkf Ransomware
Ransomware

Fhkf Ransomware

We have analyzed ransomware samples on VirusTotal and discovered a new Djvu ransomware variant called Fhkf. While testing this variant, we found out that it encrypts files (and modifies filenames) and creates the "_readme.txt" file containing a ransom note. It also appends the ".fhkf" extension to

2wfv1 Ransomware
Ransomware

2wfv1 Ransomware

During a routine search into the newest malware samples uploaded to VirusTotal, we discovered and afterwards analyzed the 2wfv1 ransomware. This malicious program is designed to encrypt data (lock files) and demand payment for the decryption. Following successful installation on our test machine,

PremiumSearch Browser Hijacker
Browser Hijacker

PremiumSearch Browser Hijacker

Once we installed the PremiumSearch application, we saw that it changed specific web browser's settings to premiumsearch.xyz - a search engine that shows results generated by Bing (bing.com). For this reason, we can state that it is a browser hijacker promoting a fake search engine. We hav

Put Darker Browser Hijacker
Browser Hijacker

Put Darker Browser Hijacker

Put Darker is a rogue browser extension endorsed as a tool that can enable dark mode on simple websites. Instead, our researchers found that this piece of software operates as a browser hijacker. Put Darker extension modifies browsers to promote the kmmx49.com fake search engine. Following

KMA47 Ransomware
Ransomware

KMA47 Ransomware

During a routine investigation into new malware samples submitted into VirusTotal, our researchers detected and subsequently analyzed the KMA47 ransomware. It encrypts data (renders files inaccessible) and demands a ransom for the decryption (access recovery). The researched sample renamed files

ExpressDefault Adware (Mac)
Mac Virus

ExpressDefault Adware (Mac)

After downloading and launching ExpressDefault's sample, our researchers found it to be an adware-type app. In other words, it runs intrusive advertisement campaigns (displays various ads). We also determined that ExpressDefault belongs to the AdLoad malware family. Furthermore, it may exhibit

Easy-Search Browser Hijacker
Browser Hijacker

Easy-Search Browser Hijacker

After installing the Easy-Search application, we have noticed that it has changed the web browser's settings (and did not allow to modify them) to easysearch.club - a search engine that shows results generated by Bing (bing.com). Thus, it can be stated with certainty that Easy-Search is a browser

PDFConverterSearchNow Browser Hijacker
Browser Hijacker

PDFConverterSearchNow Browser Hijacker

PDFConverterSearchNow is a rogue browser extension. After analyzing it, our researchers have concluded that this piece of software operates as a browser hijacker. PDFConverterSearchNow changes browser settings and promotes the pdfconvertersearchnow.com fake search engine. On our test syste

AMC Ransomware
Ransomware

AMC Ransomware

We discovered AMC ransomware while inspecting ransomware samples submitted to VirusTotal. While analyzing the AMC ransomware sample, we saw that it encrypts files and appends a different extension (containing four random characters) to filenames. For example, AMC has renamed "1.jpg" file to "1.jp