Step-by-Step Malware Removal Instructions

I KNOW YOU OPENED MY LAST MAIL Email Scam
Phishing/Scam

I KNOW YOU OPENED MY LAST MAIL Email Scam

Like many other sextortion emails, this one is used by scammers who try to trick recipients into paying to prevent distribution of humiliating videos (and personal information) that the criminals have supposedly recorded. Emails of this kind should never be trusted or taken seriously: all statemen

Startmostoriginalprogram.icu POP-UP Scam (Mac)
Mac Virus

Startmostoriginalprogram.icu POP-UP Scam (Mac)

startmostoriginalprogram[.]icu encourages visitors to download and install an update for Adobe Flash Player, however, note that this website cannot be trusted - it actually downloads the FPlayer.zip file, which contains FPSetup.dmg, a file that installs a potentially unwanted application (PUA) o

Yourultimatesafevideoplayer.info POP-UP Scam (Mac)
Mac Virus

Yourultimatesafevideoplayer.info POP-UP Scam (Mac)

yourultimatesafevideoplayer[.]info is one of many websites used to trick visitors into installing potentially unwanted applications (PUAs) such as adware, browser hijackers, or even malicious software, through a fake Adobe Flash Player updater. Neither yourultimatesafevideoplayer[.]info nor any

Lampion Trojan
Trojan

Lampion Trojan

Lampion is a malicious program, a banking Trojan which cyber criminals proliferate by sending emails. The messages contain a link that downloads an archive file (ZIP) containing malicious files. Since Lampion is a banking Trojan, cyber criminals have designed it to steal information that can be us

Forms Guru Browser Hijacker
Browser Hijacker

Forms Guru Browser Hijacker

Forms Guru is a rogue application, advertised as a tool for easy access to various forms. This Potentially Unwanted Application (PUA) operates as a browser hijacker. It changes certain browser settings to promote a fake search engine (search.formsgurutab.com). Additionally, most browser hijackers

Akamaihd.net Redirect (Mac)
Mac Virus

Akamaihd.net Redirect (Mac)

The akamaihd.net web address is promoted through a potentially unwanted application (PUA), an app categorized as a browser hijacker. The name of this browser hijacker is unknown, however, research shows that it relates to another app of this type called Search Pulse. This is because akamaihd.ne

Happy New Year Ransomware
Ransomware

Happy New Year Ransomware

Discovered by Alex Svirid, Happy New Year is an updated variant of WannaCash ransomware. This malicious program operates by encrypting data and demanding ransom payments for decryption. During the encryption process, all files are renamed with the following pattern: assigned file number; "file enc

BDDY Ransomware
Ransomware

BDDY Ransomware

BDDY is a part of the Matrix ransomware family. It encrypts files and renames them using this pattern: "[Buddy@criptext.com].[random_string]-[random_string].BDDY". For example, "1.jpg" might become "[Buddy@criptext.com].xQ4uk8Vz-KAFJcwKX.BDDY", and so on. BDDY stores the "#BDDY_README#.rtf" ranso

Nvux.xyz Redirect
Browser Hijacker

Nvux.xyz Redirect

nvux.xyz is the address of a fake search engine. Typically, these bogus sites are promoted by browser hijackers - Potentially Unwanted Applications (PUAs) that change certain browser settings. This fake search engine is promoted by a PUA called CERX, which is related to the QIP rogue app. Note th

Theultimatesafevideoplayer.info POP-UP Scam (Mac)
Mac Virus

Theultimatesafevideoplayer.info POP-UP Scam (Mac)

theultimatesafevideoplayer[.]info is one of many deceptive websites that attempts to trick visitors into installing adware or other potentially unwanted applications (PUAs). This is achieved via an installer, which supposedly installs updates for Adobe Flash Player. These sites are usually open