Step-by-Step Malware Removal Instructions

Avaad Ransomware
Ransomware

Avaad Ransomware

Discovered by Jakub Kroustek, Avaad is a malicious program belonging to the Dharma ransomware group. It is designed to encrypt data and demand payment for decryption. During the encryption process, affected files are renamed following this pattern: original filename, unique ID, cyber criminals' em

X2convert.com Suspicious Website
Adware

X2convert.com Suspicious Website

X2convert[.]com is an untrusted website, offering YouTube video and audio download services. This page allows users to convert YouTube URLs (links) into downloadable MP3/MP4 files. Note that x2convert[.]com infringes copyright laws and uses rogue advertising networks. Sites that use these network

d8yI+Hf7rX Adware
Adware

d8yI+Hf7rX Adware

d8yI+Hf7rX is a potentially unwanted application (PUA), a browser extension that comes bundled with other apps of this type (e.g., Gdiview). Bundled apps are classified as PUAs because users often download and install them inadvertently. Note that d8yI+Hf7rX adds the "Managed by your organization"

Go Surfing Browser Hijacker
Browser Hijacker

Go Surfing Browser Hijacker

Go surfing is a browser hijacker, which promotes the keysearchs.com fake search engine. Software within this category typically promotes search engines by making modifications to browser settings, however, Go surfing does not always modify browsers in this way (see below). Go surfing is also a se

ReSearchConverter Browser Hijacker
Browser Hijacker

ReSearchConverter Browser Hijacker

ReSearchConverter is dubious software that is categorized as a browser hijacker. Following successful installation, it makes alterations to browser settings to promote researchconverter.com (a bogus search engine). ReSearchConverter also has data tracking capabilities, which are employed to monit

Cosd Ransomware
Ransomware

Cosd Ransomware

Cosd belongs to the Djvu ransomware family. Its main purpose is to encrypt files and keep them inaccessible (unusable) unless a ransom is paid. Typically malware of this type uses strong encryption algorithms to encrypt files so that victims cannot recover files unless they pay. Cosd ransomware a

Generate Bitcoin Scam
Phishing/Scam

Generate Bitcoin Scam

"Generate Bitcoin" refers to a scam run on various deceptive websites. This scheme invites users to generate up to 0,2 BTC (Bitcoin cryptocurrency) each week for a relatively small fee. In fact, this scam cannot generate the promised cryptocurrency - its sole purpose is to trick users into transf

Orcus RAT
Trojan

Orcus RAT

Orcus is a Remote Access Trojan (RAT). Programs of this type are used to remotely access or control computers. Generally, these tools can be used by anyone legitimately, however, in many cases, cyber criminals use them for malicious purposes. They often trick people into installing these programs

Betarasite (CryptoLocker) Ransomware
Ransomware

Betarasite (CryptoLocker) Ransomware

Betarasite is a form of malware that encrypts files and displays a ransom message. In this way, it prevents victims from accessing and using their files unless a ransom is paid. This ransomware also renames all encrypted files by appending the ".betarasite" extension to filenames. For example, "1

22btc Ransomware
Ransomware

22btc Ransomware

22btc is a malicious program, which belongs to the Dharma ransomware family. It is designed to encrypt data and demand payment for decryption. I.e., systems infected with this malware have files stored on them rendered inaccessible and useless. When 22btc encrypts, files are renamed following thi