Step-by-Step Malware Removal Instructions

AweCleaner Unwanted Application (Mac)
Mac Virus

AweCleaner Unwanted Application (Mac)

AweCleaner is advertised as an all-in-one cleaner that cleans, optimizes, and improves Mac computer performance. Due to dubious methods used to proliferate this app, AweCleaner it is categorized as potentially unwanted application (PUA). Typically, users do not download or install PUAs intentio

Flubo Ransomware
Ransomware

Flubo Ransomware

This ransomware belongs to the Xorist family. Flubo encrypts files (and modifies their filenames), changes the desktop wallpaper, displays a pop-up window, and creates the "HOW TO DECRYPT FILES.txt" text file in folders that contain encrypted files. It renames files by appending the ".flubo" exte

FPVideo Adware (Mac)
Mac Virus

FPVideo Adware (Mac)

The FPVideo app can be classified as a potentially unwanted application (PUA) because it is promoted via a deceptive website and distributed via a fake Adobe Flash Player installer (users typically do not download or install these apps intentionally). Like many other installers, the installer f

PDFSearchApps Browser Hijacker
Browser Hijacker

PDFSearchApps Browser Hijacker

PDFSearchApps is classified a browser hijacker because it changes certain browser settings without permission (in this case, settings are changed to pdfsearchapps.com). It is likely that PDFSearchApps also gathers browsing data and other details. Typically, users download and install apps such as

Mijnal Ransomware
Ransomware

Mijnal Ransomware

Mijnal is designed to encrypt and rename victims' files by appending the ".mijnal" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.mijnal", "2.jpg" to "2.jpg.mijnal", and so on. It is also designed to create a text file named "README_LOCK.TXT" (ransom message) and an HTML file n

RansomeToad Ransomware
Ransomware

RansomeToad Ransomware

This ransomware was discovered by xiaopao. RansomeToad encrypts files and appends its extension to the filename of each encrypted file. It also displays a ransom message in a pop-up window with instructions about how to access a payment website. RansomeToad renames files by appending the ".rtcryp

Moloch Ransomware
Ransomware

Moloch Ransomware

Moloch belongs to the Makop ransomware family. This ransomware is designed to encrypt and rename files, and create the "readme-warning.txt" file (ransom message) in each folder that contains encrypted files. Moloch modifies filenames of encrypted files by adding the victim's ID, moloch_helpdesk@tu

Stream Tube Browser Hijacker
Browser Hijacker

Stream Tube Browser Hijacker

Apps such as Stream Tube hijack browsers by modifying the settings. Users are then forced to open a specific address on certain occasions. Stream Tube promotes tailsearch.com (a fake search engine) in this way. It also collects browsing history. In most cases, users download and install browser h

Ufo Ransomware
Ransomware

Ufo Ransomware

Ufo blocks access to files by encryption, renames each encrypted file, displays a pop-up window ("info.hta") and generates a text file ("@READ_ME@.txt"). Ufo renames files by adding ".encrypted11", the happynewyear2021@tutanota.com email address, and appending ".ufo" as the file extension. For ex

Department.limited POP-UP Scam (Mac)
Mac Virus

Department.limited POP-UP Scam (Mac)

department[.]limited cannot be trusted because it attempts to trick users into believing that their devices are infected, and into downloading a potentially unwanted application (PUA), which will supposedly remove detected threats. Typically, users do not visit websites such as department[.]lim