Step-by-Step Malware Removal Instructions

Keep Secure Search Browser Hijacker
Browser Hijacker

Keep Secure Search Browser Hijacker

Our researchers found the Keep Secure Search browser extension while inspecting deceptive download webpages. After analyzing this piece of software, we determined that it is a browser hijacker promoting the keepsecuresearch.com fake search engine. With Keep Secure Search installed onto our

Tap togo Browser Hijacker
Browser Hijacker

Tap togo Browser Hijacker

We have discovered the Tap togo application while inspecting various deceptive websites. After downloading the app, we found that it functions as a browser hijacker: it changes certain settings to promote togosearching.com - a fake search engine. Tap togo hijacks a web browser replacing th

ERMAC 2.0 Trojan (Android)
Trojan

ERMAC 2.0 Trojan (Android)

ERMAC 2.0 is the name of an Android banking Trojan targeting Polish users. We have discovered it on a hacker forum. Its developer sells it for $5000 per month. ERMAC 2.0 masquerades as a legitimate Bolt Food application. This malware steals credentials for financial and cryptocurrency applications

Pay Ransomware
Ransomware

Pay Ransomware

Pay is the name of a ransomware-type program that our research team discovered while inspecting new submissions to VirusTotal. We determined that this program is part of the Xorist ransomware family. After we executed a sample of Pay ransomware on our test system, it encrypted files and appended

Shieldproblocker.xyz POP-UP Scam (Mac)
Mac Virus

Shieldproblocker.xyz POP-UP Scam (Mac)

Shieldproblocker[.]xyz is a deceptive website that uses a scare tactic to trick visitors into downloading an application. It displays a fake system notification claiming that a device has been compromised. Our team has discovered shieldproblocker[.]xyz while inspecting other sites that use rogue

Hacker Crypt2020 Ransomware
Ransomware

Hacker Crypt2020 Ransomware

During a routine inspection of new malware submissions, our researchers found a new ransomware-type program from the Xorist family - called Hacker Crypt2020. After a sample of this ransomware was launched on our test machine, it encrypted files and appended their filenames with a ".hacker crypt20

Coca Cola Lottery Email Scam
Phishing/Scam

Coca Cola Lottery Email Scam

The "Coca Cola Lottery" email is spam. Our inspection revealed that this letter operates as a phishing scam. It attempts to trick recipients into disclosing private information by claiming that they have won a large sum of money - hence, providing personal details is necessary to claim the prize.

Greenspecialmyline.com Ads
Notification Spam

Greenspecialmyline.com Ads

Our researchers discovered the greenspecialmyline[.]com rogue webpage while inspecting untrustworthy websites. It is designed to promote browser notification spam and redirect visitors to other (likely unreliable/malicious) sites. Most users enter pages of this type via redirects caused by website

Ontario UK Lottery Email Scam
Phishing/Scam

Ontario UK Lottery Email Scam

After inspecting the "Ontario UK Lottery" email, we determined that it is spam. The scam letter claims that the recipient has been chosen as a lottery winner. This fake email mentions several legitimate entities, and it must be emphasized that none of them are associated with this scam. Th

IntegerLocator Adware (Mac)
Mac Virus

IntegerLocator Adware (Mac)

IntegerLocator is a rogue app that our researchers discovered while inspecting new submissions to VirusTotal. After analyzing this piece of software, we determined that IntegerLocator operates as advertising-supported software (adware) and belongs to the AdLoad malware family. It is note