Step-by-Step Malware Removal Instructions

Driversgalaxy.co Redirect
Browser Hijacker

Driversgalaxy.co Redirect

While inspecting dubious installation setups, we found a piece of software promoting the driversgalaxy.co fake search engine. Websites of this kind are promoted by browser hijackers, which achieve this by making alterations to browser settings. While driversgalaxy.co can provide search results, t

PlatformFormat Adware (Mac)
Mac Virus

PlatformFormat Adware (Mac)

While inspecting deceptive websites offering to download "useful" applications, fake installers, etc., we discovered an application called PlatformFormat. While testing this app, we found that it functions as adware - it displays annoying/unwanted and untrustworthy advertisements. Thus, Platform

Qqlo Ransomware
Ransomware

Qqlo Ransomware

Qqlo is ransomware that encrypts files and appends the ".qqlo" extension to filenames. It also drops a text file ("_readme.txt") that contains a ransom note. We discovered Qqlo while analyzing malware samples submitted to the VirusTotal web page. Qqlo belongs to a ransomware family called Djvu. A

Qqlc Ransomware
Ransomware

Qqlc Ransomware

Our research team discovered the Qqlc ransomware-type program during a routine investigation of new submissions to VirusTotal. It is yet another program belonging to the Djvu ransomware family. After we executed a sample of this malware on our test machine, it encrypted files and appended their f

Qqmt Ransomware
Ransomware

Qqmt Ransomware

While checking the VirusTotal page for recently submitted malware samples, we discovered a new Djvu ransomware called Qqmt. Malware of this type encrypts files to force victims to pay for a decryption tool. Usually, ransomware also provides a ransom note and modifies filenames. Qqmt drops the "_re

AssistSample Adware (Mac)
Mac Virus

AssistSample Adware (Mac)

While testing the AssistSample application, we found that it shows annoying advertisements. Apps of this type are classified as adware (advertising-supported software). Our team discovered the AssistSample app while examining a deceptive website designed to download a fake Adobe Flash Player ins

Content-lib.biz Ads
Notification Spam

Content-lib.biz Ads

Content-lib[.]biz is a rogue webpage that promotes spam browser notifications and redirects visitors to other (likely untrustworthy/malicious) sites. Users typically access content-lib[.]biz and websites akin to it - via redirects caused by pages using rogue advertising networks. The conte

OpenCandy Adware
Adware

OpenCandy Adware

OpenCandy is the name of an advertising-supported application. We discovered this application while analyzing the samples submitted to the VirusTotal page. OpenCandy generates unwanted advertisements, manipulates the settings of a web browser, and adds extensions/plug-ins to it. Moreover, it gathe

UltraCouponSearch Browser Hijacker
Browser Hijacker

UltraCouponSearch Browser Hijacker

UltraCouponSearch is a rogue browser extension that operates as a browser hijacker. This piece of software makes modifications to browser settings in order to promote the ultracouponsearch.com fake search engine. UltraCouponSearch likely spies on users' browsing activity as well. Browser-h

VileRAT Malware
Trojan

VileRAT Malware

VileRAT is the name of a Remote Access Trojan (RAT) - malware that gives the attacker administrative control over a target computer. It is known that cybercriminals behind VileRAT are targeting foreign and cryptocurrency exchanges. This RAT is capable of executing remote commands, keylogging, and