Step-by-Step Malware Removal Instructions

Blushingfashionista Browser Hijacker
Browser Hijacker

Blushingfashionista Browser Hijacker

Blushingfashionista is a rogue browser extension discovered by our research team during a routine investigation of questionable websites. After examining this software, we determined that it is a browser hijacker. Blushingfashionista makes alterations to browser settings in order to promote the bl

SimpleGrid Adware (Mac)
Mac Virus

SimpleGrid Adware (Mac)

Our research team discovered the SimpleGrid during a routine investigation of new submissions to the VirusTotal site. After examining this piece of software, we determined that it is adware. SimpleGrid belongs to the AdLoad malware family. This app is designed to generate revenue for its develop

Ledger Firmware Update Scam
Phishing/Scam

Ledger Firmware Update Scam

After inspecting this "Ledger Firmware Update", we determined that it is a scam. It states that the user's Ledger wallet requires a firmware update. However, once a wallet is exposed to the scam – it begins operating as a cryptocurrency drainer. The Ledger Company is a legitimate business

Dxen Ransomware
Ransomware

Dxen Ransomware

Dxen is a ransomware-type program discovered by our researchers during a routine investigation of new submissions to VirusTotal. Dxen is part of the Phobos ransomware family. Malware within this category encrypts files and demands payment for the decryption. On our test machine, Dxen encrypted fi

GoodMorning (GlobeImposter) Ransomware
Ransomware

GoodMorning (GlobeImposter) Ransomware

While analyzing malware samples submitted to VirusTotal, we discovered a ransomware variant belonging to the GlobeImposter family, dubbed GoodMorning. Upon infecting a system, GoodMorning initiates file encryption and adds the ".goodmorning" extension to filenames. Additionally, it generates a ran

Viewndown Unwanted Application
Potentially unwanted application

Viewndown Unwanted Application

Our research team discovered the Viewndown application during a routine investigation of questionable sites. The app's promotional material presents it as a tool that allows users to pin a selected window and keep it on top of others. Upon inspection, we determined that Viewndown operates as prox

Brain Gym Pro Browser Hijacker
Browser Hijacker

Brain Gym Pro Browser Hijacker

During our examination of the Brain Gym Pro application, we discovered that it forces users to visit braingympro.com by changing the settings of a web browser. This behavior is known as browser hijacking. In addition to taking control over a browser, Brain Gym Pro may gather various data.

Rocklee Ransomware
Ransomware

Rocklee Ransomware

While assessing malware samples uploaded to VirusTotal, we discovered a ransomware variant from the Makop family dubbed Rocklee. This ransomware encrypts data, changes filenames of all encrypted files, and drops a ransom note ("+README-WARNING+.txt"). Rocklee appends the victim's ID, the attacker

Searchsit Browser Hijacker
Browser Hijacker

Searchsit Browser Hijacker

Upon our examination, it came to our attention that Searchsit has been crafted to promote searchsit.com. This browser extension achieves its objective by modifying the configurations of a web browser, coercing users to visit searchsit.com. Thus, we have classified Searchsit as a browser hijacker.

SWIFT Ransomware
Ransomware

SWIFT Ransomware

When examining malware samples of VirusTotal, we discovered a ransomware variant belonging to the Proton family dubbed SWIFT. Once SWIFT infiltrates a computer, the ransomware encrypts and renames files, changes the desktop wallpaper, and creates a ransom note ("#SWIFT-Help.txt"). SWIFT renames f