Step-by-Step Malware Removal Instructions

InitialDevice Adware (Mac)
Mac Virus

InitialDevice Adware (Mac)

InitialDevice changes browser settings, generates advertisements, and might also gather certain information. In this way, InitialDevice functions both as adware and as a browser hijacker. Typically, users download and install apps such as InitialDevice inadvertently and, therefore, they are cla

Spin The Wheel POP-UP Scam
Phishing/Scam

Spin The Wheel POP-UP Scam

"Spin The Wheel" is a scam promoted on various deceptive websites. There are several variants of this scam. In general, the scheme claims users have the chance to win a prize. Note that "Spin The Wheel" is in no way associated with Home Depot, Amazon, Apple, or other companies it mentions. Additi

URSA Ransomware
Ransomware

URSA Ransomware

URSA ransomware encrypts files and creates two ransom messages in "RECOVER_YOUR_FILES.HTML" and "RECOVER_YOUR_FILES.TXT" files, which it places in folders that contain encrypted files. Note that, unlike most ransomware, URSA does not rename any of the encrypted files. Screenshot of files encr

SearchConverterInc Browser Hijacker
Browser Hijacker

SearchConverterInc Browser Hijacker

SearchConverterInc is rogue software classified as a browser hijacker. It operates by making changes to browser settings to promote searchconverterinc.com (a fake search engine). Additionally, SearchConverterInc monitors users' browsing habits. Due to the dubious methods used to proliferate brows

LIZARD Ransomware
Ransomware

LIZARD Ransomware

LIZARD is a ransomware-type program, which is identical to LANDSLIDE malware. Systems infected with LIZARD experience data encryption and users receive ransom demands for decryption. During the encryption process, all affected files are renamed following this pattern: "[DeathSpicy@yandex.ru][id=v

Reander.net POP-UP Scam (Mac)
Mac Virus

Reander.net POP-UP Scam (Mac)

reander[.]net is a scam website. Its main purpose is to scare visitors into downloading and installing a potentially unwanted application (PUA) by displaying a fake virus notification stating that the device is infected. Users do not often visit reander[.]net or similar web pages intentionally

Cobra Industrial Machines Email Virus
Phishing/Scam

Cobra Industrial Machines Email Virus

"Cobra Industrial Machines email virus" refers to a spam campaign designed to proliferate malware. The term "spam campaign" defines a mass-scale operation, during which thousands of deceptive/scam emails are sent. The messages distributed through this campaign ask recipients to provide a product q

Foo Ransomware
Ransomware

Foo Ransomware

Foo belongs to the VoidCrypt ransomware family. This ransomware encrypts files and appends the encryptfull@criptext.com email address, victim's ID, and the ".Foo" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.[encryptfull@criptext.com][ZRC71WE2QGBLYX5].Foo", "2.jpg" to "2.jpg.

ProductUpgrade Adware (Mac)
Mac Virus

ProductUpgrade Adware (Mac)

ProductUpgrade is a rogue application classified as adware with browser hijacker traits. Following successful infiltration, this app runs intrusive advertisement campaigns and modifies browsers to promote fake search engines. Due to the dubious methods employed to proliferate ProductUpgrade, it

OpticalPartition Adware (Mac)
Mac Virus

OpticalPartition Adware (Mac)

OpticalPartition displays advertisements and promotes a fake search engine. In this way, the app functions as adware and a browser hijacker. It is also likely that this app gathers browsing-related (and other) data. People commonly download and install apps such as OpticalPartition inadvertentl