Step-by-Step Malware Removal Instructions

KmsdBot Malware
Trojan

KmsdBot Malware

KmsdBot is a piece of malicious software written in the Go programming language. It is a cross-platform malware capable of infecting both Windows and Linux operating systems. KmsdBot operates by creating a botnet out of infected machines, which the malware can then use to launch DDoS (Distributed

ARCrypter Ransomware
Ransomware

ARCrypter Ransomware

ARCrypter is ransomware - malware that encrypts files to prevent victims from accessing them. Also, it deletes Shadow Volume Copies. ARCrypter appends the ".crypt" extension to filenames of the encrypted files. Unlike most ransomware variants, ARCrypter drops a ransom note ("readme_for_unlock.txt"

Securitysupportinfo.live Ads
Notification Spam

Securitysupportinfo.live Ads

Our researchers found the securitysupportinfo[.]live rogue website while checking out suspicious pages. Securitysupportinfo[.]live runs online scams, promotes browser notification spam, and redirects visitors to different (likely untrustworthy/malicious) sites. Most users enter such webpages via

Stabilitysupport.com Ads
Notification Spam

Stabilitysupport.com Ads

Stabilitysupport[.]com is a rogue page discovered by our research team during a routine investigation of questionable websites. This page is designed to promote online scams and spam browser notifications. Additionally, stabilitysupport[.]com can redirect users to other (likely unreliable/dangerou

Anthraxbulletproof Ransomware
Ransomware

Anthraxbulletproof Ransomware

Anthraxbulletproof is the name of a ransomware-type program that we discovered while investigating new malware submissions to VirusTotal. It is noteworthy that this program is based on the Chaos ransomware. On our test system, Anthraxbulletproof encrypted files and appended their filenames with a

ModuleUpgrade Adware (Mac)
Mac Virus

ModuleUpgrade Adware (Mac)

ModuleUpgrade is a rogue app that our researchers found during a routine inspection of new submissions to VirusTotal. Our analysis of ModuleUpgrade revealed that it operates as advertising-supported software (adware) and belongs to the AdLoad malware family. Adware is designed to run int

Onelock Ransomware
Ransomware

Onelock Ransomware

Onelock is one of the ransomware variants from the MedusaLocker ransomware family. It encrypts files, appends the ".onelock" extension to filenames, and creates an HTML file named "how_to_back_files.html" that contains a ransom note. An example of how Onelock renames files: it changes "1.jpg" to "

Moonshine Malware (Android)
Trojan

Moonshine Malware (Android)

Moonshine is a spyware-type malicious program targeting Android devices. It is capable of obtaining a variety of vulnerable data from infected systems. There are several versions of this malware; the later ones include improved surveillance functionalities. Moonshine has been actively proliferate

Fastnetworkprotocol.com Ads
Notification Spam

Fastnetworkprotocol.com Ads

Our team investigated fastnetworkprotocol[.]com and learned that it runs the "McAfee - Your PC is infected with 5 viruses!" scam. Its creators use fraudulent marketing to promote legitimate antivirus software. Additionally, fastnetworkprotocol[.]com wants to show notifications. Fastnetwork

BadBazaar Malware (Android)
Trojan

BadBazaar Malware (Android)

BadBazaar is the name of a spyware targeting Android OSes (Operating Systems). Spyware is a type of malware that can stealthily extract and record data on infected devices. Evidence found by researchers at Bleeping Computer suggests that BadBazaar is linked to attacks against ethnic and religious