Step-by-Step Malware Removal Instructions

MixedFin Browser Hijacker
Browser Hijacker

MixedFin Browser Hijacker

MixedFin is a typical browser hijacker, which promotes a fake search engine and forces users to visit this address under certain conditions. It also collects browsing-related information. Most users download and install MixedFin and other browser hijackers inadvertently and, therefore, the program

ELDAOSLA Ransomware
Ransomware

ELDAOSLA Ransomware

ELDAOSLA is a part of the Phobos ransomware family. It encrypts files, modifies their filenames, creates the "info.txt" text file (a ransom message) and displays a pop-up window (another ransom message). ELDAOSLA renames files by adding victims' IDs, ICQ username owned by its developers, and appen

PowerSuite Unwanted Application (Mac)
Mac Virus

PowerSuite Unwanted Application (Mac)

PowerSuite is advertised as a tool that frees up disk space, and removes junk and duplicate files and unwanted applications, however, it is likely that developers use dubious methods to distribute this program (e.g., a marketing method called "bundling"). Therefore, PowerSuite is categorized as

Hard2decrypt Ransomware
Ransomware

Hard2decrypt Ransomware

Hard2decrypt is ransomware that encrypts and renames files, and creates a ransom message for each encrypted file. It renames encrypted files by appending the ".hard2decrypt" extension. More precisely, "1.jpg" is renamed to "1.jg.hard2decrypt", "2.jpg" to "2.jg.hard2decrypt", and so on. Ransom mes

IMovieSearch Browser Hijacker
Browser Hijacker

IMovieSearch Browser Hijacker

IMovieSearch promotes imoviesearch.com, the address of a fake search engine. Like most apps of this type, it achieves this by changing certain browser settings. IMovieSearch also collects browsing data. Note that browser hijackers are classified as potentially unwanted applications (PUAs), since m

CURATOR Ransomware
Ransomware

CURATOR Ransomware

CURATOR ransomware encrypts victims' files, modifies the name of each encrypted file by appending its extension, and creates a ransom message (text file) in all folders that contain encrypted files. It renames files by appending ".CURATOR" to filenames. For example, "1.jpg" is renamed to "1.jpg.C

Search.basicgeneration.com Redirect (Mac)
Mac Virus

Search.basicgeneration.com Redirect (Mac)

search.basicgeneration.com appears in browser settings after installation of adware/browser hijackers (for example, ExecutiveOperation). This is a fake search engine that does not generate any unique results. Apps that promote fake search engines serve ads and collect various user-system informa

ExecutiveOperation Adware (Mac)
Mac Virus

ExecutiveOperation Adware (Mac)

The ExecutiveOperation application functions as adware, a browser hijacker, and as a data collector. It serves advertisements, promotes two fake search engines by changing browser settings, and gathers private, sensitive information. Generally, users download and install ExecutiveOperation and

Windows Error Code: WIN.DLL0151930 POP-UP Scam
Phishing/Scam

Windows Error Code: WIN.DLL0151930 POP-UP Scam

Technical support scam websites such as this one often trick unsuspecting visitors into believing that their computers are infected with a virus or multiple viruses (or that some other problem exists) and into calling the provided number. Once contacted, scammers behind such web pages attempt to

Vpsh Ransomware
Ransomware

Vpsh Ransomware

Vpsh is a malicious program and part of the Djvu ransomware family. Typically, ransomware is designed to encrypt data, rename each encrypted file by appending its extension, and create and/or display a ransom message. Vpsh appends the ".vpsh" extension to filenames. For example, after encryption,