Step-by-Step Malware Removal Instructions

PrimaryProcesser Adware (Mac)
Mac Virus

PrimaryProcesser Adware (Mac)

PrimaryProcesser not only generates ads but also promotes a fake search engine by changing browser settings. It is also likely to collect browsing data and/or other information. Therefore, this app is classified as adware and a browser hijacker. In most cases, users download and install apps of

Coos Ransomware
Ransomware

Coos Ransomware

Coos is ransomware belonging to the Djvu family. It encrypts and renames victims' files, and creates the "_readme.txt" file (a ransom message) in all folders that contain encrypted files. Coos renames each encrypted file by appending the ".coos" extension to filenames. For example, "1.jpg" is ren

TypicalInput Adware (Mac)
Mac Virus

TypicalInput Adware (Mac)

TypicalInput is adware (generates ads), however, it can also be classified as a browser hijacker, since it promotes a fake search engine by changing browser settings without users' permission. Additionally, it is likely that this app collects browsing data and other information. TypicalInput an

Search Lovely Browser Hijacker
Browser Hijacker

Search Lovely Browser Hijacker

Search Lovely and similar apps are classified as browser hijackers because they change browser settings to force users to visit a specific address (and use a fake search engine). This particular app promotes tailsearch.com in this way. Browser hijackers also collect browsing-related (and other) i

Rubly Ransomware
Ransomware

Rubly Ransomware

Rubly encrypts files and displays a ransom message in a pop-up window. It also renames each encrypted file by appending the ".rubly" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.rubly", "2.jpg" to "2.jpg.rubly", and so on. Note that Rubly is a part of the Jigsaw ransomware fa

Aol Ransomware
Ransomware

Aol Ransomware

Aol ransomware belongs to the family of ransomware called Dharma. It encrypts files and renames them. It also creates the "FILES ENCRYPTED.txt" file and displays a pop-up window - these contain ransom messages. Aol renames files by adding the victim's ID, astra2eneca@aol.com email address, and ap

JSSLOADER RAT
Trojan

JSSLOADER RAT

JSSLOADER is a Remote Access Trojan (RAT) capable of exfiltrating data, executing commands, downloading other malware, auto-updating itself and preventing itself from being debugged (analyzed). JSSLOADER is mostly used by the group of cyber criminals called FIN7. At first, JSSLOADER collects

Hub Ransomware
Ransomware

Hub Ransomware

Hub encrypts files, renames each encrypted file by adding the victim's ID, crypthub@tuta.io email address, and appending ".hub" extension. For example, "1.jpg" is renamed to "1.jpg.id-C279F237.[crypthub@tuta.io].hub", "2.jpg" to "2.jpg.id-C279F237.[crypthub@tuta.io].hub", and so on. Hub also disp

SampleConsole Adware (Mac)
Mac Virus

SampleConsole Adware (Mac)

SampleConsole generates advertisements, modifies browser settings (promoting a fake search engine), and collects personal, sensitive information. In this way, it functions as adware, and as a browser hijacker and data collector. SampleConsole and similar apps are often downloaded and installed

Crazy Ransomware
Ransomware

Crazy Ransomware

Crazy ransomware belongs to the VoidCrypt ransomware family. It blocks access to files by encryption, renames each encrypted file, and creates the "!INFO.HTA" file, which is designed to open a pop-up window containing a ransom message. Crazy renames files by adding the crazykillerusakk@hotmail.co