Step-by-Step Malware Removal Instructions

Hydra Banking Trojan (Android)
Trojan

Hydra Banking Trojan (Android)

Hydra is an Android banking Trojan targeting customers of Commerzbank, a major German bank. After downloading and opening the malicious app, it requests certain permissions. It starts its malicious activities after receiving those permissions. It is known that threat actors used Google Play Store

Keona Clipper Malware
Trojan

Keona Clipper Malware

Keona is the name of a clipper-type malware. Otherwise known as clipboard hijackers, these malicious programs are designed to replace the data copied into the clipboard (copy-paste buffer). Clippers are almost exclusively used to change copied cryptocurrency wallet addresses - in order to redirect

Solidbit Ransomware
Ransomware

Solidbit Ransomware

Solidbit is ransomware used for money extortion. It encrypts files to make them inaccessible/unusable. Also, Solidbit appends its extension (containing four random characters) to filenames and creates the "RESTORE-MY-FILES.txt" file, and displays a pop-up window (both contain ransom notes). Some S

Secure Color Search Adware
Adware

Secure Color Search Adware

Secure Color Search is a browser extension that our research team found while inspecting dubious download pages. This extension allows users to select a color on a website and learn its HEX, RGB, and HSV codes. However, our analysis revealed that Secure Color Search operates as adware. Adv

Drinker Adware
Adware

Drinker Adware

Drinker is the name of a rogue application that our researchers discovered while inspecting dubious download webpages. This app is endorsed as a tool allowing users to set notifications (reminders) of when to drink water. However, our analysis of Drinker revealed that it operates as advertising-su

BlissFresh Adware (Mac)
Mac Virus

BlissFresh Adware (Mac)

While inspecting new submissions to VirusTotal, our researchers discovered the BlissFresh application. After analyzing this piece of software, we learned that it is adware belonging to the AdLoad malware family. Advertising-supported software (adware) is designed to display advertisement

Themida Trojan
Trojan

Themida Trojan

Themida is a detection name used by some security software as a generic title for malicious software that has certain traits. To elaborate, this detection can be assigned to trojans that use the Themida packer as a protective measure against reverse engineering. In other words, "Themida" does not

Pop Out Player Adware
Adware

Pop Out Player Adware

Pop Out Player is described as an extension that provides simple ways to open any YouTube video or playlist in a configurable "popout" window that can be freely sized and positioned. Our team has tested this app and learned that it barely provides any value and generates annoying advertisements. T

Safetyremind.xyz Ads
Notification Spam

Safetyremind.xyz Ads

Safetyremind[.]xyz is a deceptive website claiming that a computer is infected. It shows fake security warning from McAfee. It also asks for permission to show untrustworthy notifications. Our team has discovered safetyremind[.]xyz while inspecting websites that use rogue advertising networks.

Dark Web Hacker Ransomware
Ransomware

Dark Web Hacker Ransomware

Dark Web Hacker is a malicious program based on the Chaos ransomware that our researchers discovered while inspecting new submissions to VirusTotal. Ransomware is designed to encrypt data and demand payment for the decryption. We analyzed two variants of Dark Web Hacker; both encrypted files and