Removal instructions for the FortyFy unwanted browser extension

What kind of software is FortyFy?

Our research team discovered FortyFy through a deceptive webpage, which was reached via redirect caused by a Torrenting website that uses rogue advertising networks. This browser extension supposedly prevents access to potentially harmful sites.

The installer promoting FortyFy contained a variety of suspicious software, including the FindQuest browser hijacker that targets Microsoft Edge browsers.

FortyFy overview

FortyFy has data-tracking functionalities. Typically, unwanted browser extensions target browsing and search engine histories, Internet cookies, account log-in credentials (usernames/passwords), personally identifiable details, finance-related information, and so on. This sensitive data can be monetized via sale to third-parties (potentially, cyber criminals).

The browser extension also uses the "Managed by your organization" Google Chrome feature, which can be implemented for persistence-ensuring purposes and to gain additional control over a compromised browser.

As mentioned in the introduction, the installation setup containing FortyFy that we analyzed included other suspect software, such as the FindQuest browser hijacker.

Browser-hijacking software modifies browsers to promote (via redirects) fake search engines. Websites of this kind usually cannot provide search results, so they redirect to genuine Internet search sites (e.g., Google, Yahoo, Bing, etc.). In the rare instances where the webpages can generate search results – they are inaccurate and may include sponsored, unreliable, deceptive, and possibly malicious content.

However, the FortyFy browser extension could infiltrate systems alongside other harmful software, such as adware or PUAs.

In summary, the presence of unwanted browser extensions or applications on a device can result in system infections, serious privacy issues, financial losses, and even identity theft.

Threat Summary:

Name	FortyFy malicious extension
Threat Type	Malicious Extension, Unwanted Extension
Browser Extension(s)	FortyFy
Detection Names (installer)	N/A (VirusTotal)
Symptoms	The "Managed by your organization" feature is activated in Chrome browser, decreased Internet browsing speed, your computer becomes slower than usual.
Distribution Methods	Dubious websites, malicious installers, deceptive pop-up ads, free software installers (bundling), torrent file downloads.
Damage	Decreased computer performance, browser tracking - privacy issues, possible additional malware infections.
Malware Removal (Windows)	To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner. ▼ Download Combo Cleaner To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Unwanted browser extension examples

We have investigated countless unwanted browser extensions. They usually appear legitimate and innocuous. Users may be enticed into downloading/installing the software by promises of various "useful" and "advantageous" functionalities. However, these functions seldom work as advertised, and in most cases – they do not work at all. Keep in mind that operational features alone do not prove a software's legitimacy or safety.

Rogue extensions typically have harmful capabilities; data-tracking is incredibly prevalent. Other common abilities include displaying ads (adware) or modifying browser settings (browser hijackers).

MegaGuard, Three Seconds AdBlock Lite, profilingTime – are just a few of our latest articles on advertising-supported extension, and Max Ask, FoodIsGood Default Search, Web Bear Search – on browser-hijacking extensions.

How did FortyFy install on my computer?

We downloaded an installer containing FortyFy (bundled with other unwanted software) from a deceptive webpage endorsing the setup as an HD movie file (Titanic 1997). Sites of this kind are primarily accessed through redirects generated by pages employing rogue advertising networks, intrusive ads, spam browser notifications, or installed adware.

Bundled installation setups can be downloaded from freeware and free file-hosting websites, Peer-to-Peer sharing networks (e.g., Torrent clients, eMule, etc.), and other dubious channels. The risk of inadvertently allowing such content into devices is increased by treating installations with negligence (e.g., ignoring terms, skipping steps and sections, using "Easy/Quick" settings, etc.).

Additionally, unwanted software is proliferated by intrusive adverts. Some of these advertisements can be triggered (i.e., by being clicked) to execute scripts that perform downloads/installations without user consent.

How to avoid installation of unwanted software?

We strongly advise researching software and downloading it only from official/verified sources. When installing, it is important to read terms, inspect available options, use the "Custom/Advanced" settings, and opt out of all supplementary apps, extensions, tools, etc.

Another recommendation is to be vigilant while browsing since fake and malicious online content usually appears legitimate and innocuous. For example, while intrusive ads may look harmless – they redirect users to unreliable and questionable sites (e.g., gambling, scam-promoting, pornography, etc.).

In case of continuous encounters with such adverts/redirects, check the device and immediately remove all suspect applications and browser extensions/plug-ins. If your computer is already infected with FortyFy, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate this rogue software.

Screenshot of a deceptive website used to promote FortyFy:

Screenshot of FortyFy extension's detailed information:

Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

• What is FortyFy?
• STEP 1. Uninstall unwanted applications using Control Panel.
• STEP 2. Remove rogue extensions from Google Chrome.
• STEP 3. Remove rogue extensions from Mozilla Firefox.
• STEP 4. Remove rogue extensions from Safari.
• STEP 5. Remove rogue plug-ins from Microsoft Edge.

Unwanted software removal:

Windows 11 users:

Right-click on the Start icon, select Apps and Features. In the opened window search for the application you want to uninstall, after locating it, click on the three vertical dots and select Uninstall.

Windows 10 users:

Right-click in the lower left corner of the screen, in the Quick Access Menu select Control Panel. In the opened window choose Programs and Features.

Windows 7 users:

Click Start (Windows Logo at the bottom left corner of your desktop), choose Control Panel. Locate Programs and click Uninstall a program.

macOS (OSX) users:

Click Finder, in the opened screen select Applications. Drag the app from the Applications folder to the Trash (located in your Dock), then right click the Trash icon and select Empty Trash.

In the uninstall programs window, look for any unwanted applications, select these entries and click "Uninstall" or "Remove".

After uninstalling the unwanted applications, scan your computer for any remaining unwanted components or possible malware infections. To scan your computer, use recommended malware removal software.

Remove rogue extensions from Internet browsers:

Video showing how to remove potentially unwanted browser add-ons:

Remove malicious extensions from Google Chrome:

Click the Chrome menu icon (at the top right corner of Google Chrome), select "Extensions" and click "Manage Extensions". Locate "FortyFy" and all other recently-installed suspicious extensions, select these entries and click "Remove".

Optional method:

If you continue to have problems with removal of the fortyfy malicious extension, reset your Google Chrome browser settings. Click the Chrome menu icon  (at the top right corner of Google Chrome) and select Settings. Scroll down to the bottom of the screen. Click the Advanced… link.

After scrolling to the bottom of the screen, click the Reset (Restore settings to their original defaults) button.

In the opened window, confirm that you wish to reset Google Chrome settings to default by clicking the Reset button.

Remove malicious plugins from Mozilla Firefox:

Click the Firefox menu (at the top right corner of the main window), select "Add-ons and themes". Click "Extensions", in the opened window locate recently-installed suspicious extensions, click on the three dots and then click "Remove".

Optional method:

Computer users who have problems with fortyfy malicious extension removal can reset their Mozilla Firefox settings.

Open Mozilla Firefox, at the top right corner of the main window, click the Firefox menu, in the opened menu, click Help.

Select Troubleshooting Information.

In the opened window, click the Refresh Firefox button.

In the opened window, confirm that you wish to reset Mozilla Firefox settings to default by clicking the Refresh Firefox button.

Remove malicious extensions from Safari:

Make sure your Safari browser is active, click Safari menu, and select Preferences....

In the opened window click Extensions, locate any recently installed suspicious extension, select it and click Uninstall.

Optional method:

Make sure your Safari browser is active and click on Safari menu. From the drop down menu select Clear History and Website Data...

In the opened window select all history and click the Clear History button.

Remove malicious extensions from Microsoft Edge:

Click the Edge menu icon  (at the upper-right corner of Microsoft Edge), select "Extensions". Locate all recently-installed suspicious browser add-ons and click "Remove" below their names.

Optional method:

If you continue to have problems with removal of the fortyfy malicious extension, reset your Microsoft Edge browser settings. Click the Edge menu icon  (at the top right corner of Microsoft Edge) and select Settings.

In the opened settings menu select Reset settings.

Select Restore settings to their default values. In the opened window, confirm that you wish to reset Microsoft Edge settings to default by clicking the Reset button.

• If this did not help, follow these alternative instructions explaining how to reset the Microsoft Edge browser.

Summary:

Commonly, adware or potentially unwanted applications infiltrate Internet browsers through free software downloads. Note that the safest source for downloading free software is via developers' websites only. To avoid installation of adware, be very attentive when downloading and installing free software. When installing previously-downloaded free programs, choose the custom or advanced installation options – this step will reveal any potentially unwanted applications listed for installation together with your chosen free program.

Post a comment:
If you have additional information on fortyfy malicious extension or it's removal please share your knowledge in the comments section below.

Frequently Asked Questions (FAQ)

What harm can FortyFy cause?

FortyFy is an unwanted browser extension that has data-tracking abilities. Hence, it is considered a threat to user privacy. This extension may also exhibit other harmful functionalities, which could pose dangers such as system infections, financial losses, and other severe issues.

What does FortyFy do?

FortyFy collects vulnerable user information that could include personally identifiable details or finance-related data. This information could be sold to third-parties or otherwise abused for profit. It is pertinent to mention that this browser extension could have additional capabilities, and it may infiltrate devices alongside other unwanted software.

How do FortyFy developers generate revenue?

FortyFy's developers could generate revenue by selling collected information or otherwise abusing it for financial gain. Aside from data tracking, unwanted browser extensions often profit through content promotion (via ads, redirects, etc.).

Will Combo Cleaner remove unwanted software?

Yes, Combo Cleaner can scan devices and eliminate detected unwanted/malicious applications. It is noteworthy that manual removal (performed without security programs) might not be an ideal solution. In some instances, after the software has been manually removed – various remnants (files) stay hidden within the system. What is more, the remaining components might continue to run and cause problems. Therefore, thorough removal is paramount.

▼ Show Discussion