Step-by-Step Malware Removal Instructions

EngineFlow Adware (Mac)
Mac Virus

EngineFlow Adware (Mac)

While looking through new submissions to VirusTotal, our researchers discovered the EngineFlow application. After analyzing this app, we learned that it is adware. Additionally, we determined that EngineFlow belongs to the AdLoad malware family. Adware stands for advertising-supported so

SEX3 Ransomware
Ransomware

SEX3 Ransomware

While inspecting malware samples submitted to VirusTotal, we found a new SATANA ransomware variant called SEX3. It encrypts files and appends the ".SEX3" extension to filenames. Also, it changes the desktop wallpaper and drops the "!satana!.txt" file containing contact and payment information. An

Yguekcbe Ransomware
Ransomware

Yguekcbe Ransomware

Yguekcbe is a ransomware that we found while inspecting new submissions to VirusTotal. Additionally, it is worth mentioning that this program is part of the Snatch ransomware family. On our testing system, Yguekcbe encrypted files and appended their names with a ".yguekcbe" extension. For example

AcridRain Stealer
Trojan

AcridRain Stealer

AcridRain is the name of a stealer, a type of malware designed to extract sensitive information from victims' devices. Like many programs of this type, AcridRain can obtain data from browsers and various other applications. However, this stealer is also heavily focused on cryptocurrency-related co

MainSignSearch Adware (Mac)
Mac Virus

MainSignSearch Adware (Mac)

MainSignSearch is an untrustworthy application distributed via a deceptive page. Our team discovered MainSignSearch after using a fake installer. While examining this app, we found that it displays unwanted advertisements. Therefore, we classified MainSignSearch as adware. MainSignSearch

Typhon Stealer
Trojan

Typhon Stealer

Typhon is a stealer-type malware written in the C# programming language. Newer versions of this program are called Typhon Reborn (TyphonReborn). Malware within this classification is designed to extract data from infected systems. The older variants of Typhon have a broader range of functionalitie

Qhelp.cc Scam
Phishing/Scam

Qhelp.cc Scam

While investigating scam emails (e.g., "Geek Squad Email Scam"), we discovered qhelp[.]cc - a scam website used to obtain remote access to computers. Scammers use qhelp[.]cc to trick visitors into installing remote access software via the downloaded "SupportClient.exe" file. Typically, scammers us

Homecarelesspower.click Ads
Notification Spam

Homecarelesspower.click Ads

Homecarelesspower[.]click is a rogue webpage that our researchers discovered while inspecting unreliable sites. This page runs scams, promotes spam browser notifications, and redirects visitors to other (unreliable/harmful) websites. Most users access webpages like homecarelesspower[.]click via r

Yt2conv.com Ads
Notification Spam

Yt2conv.com Ads

Yt2conv[.]com is a website that offers to convert YouTube links to downloadable MP3 audio files. In addition to this service breaking copyright laws, this site uses rogue advertising networks which are known to promote deceptive and malicious content. Websites using rogue advertising netwo

Search-Zone Browser Hijacker
Browser Hijacker

Search-Zone Browser Hijacker

While inspecting deceptive sites, our research team discovered one endorsing the Search-Zone browser extension. After analyzing this piece of software, we learned that it operates as a browser hijacker. Search-Zone modifies browsers in order to cause to the searchzone.xyz fake search engine.