Step-by-Step Malware Removal Instructions

Pymafka Malware
Trojan

Pymafka Malware

Pymafka is the name of malware targeting Windows, macOS, and Linux users. A Trojan version downloaded and executed by Pymafka depends on the operating system. Pymafka's name is similar to a legitimate Python package called pykafka. Cybercriminals behind Pymafka are hoping that users looking for t

Gachimuchi Ransomware
Ransomware

Gachimuchi Ransomware

Gachimuchi is ransomware designed to encrypt the victim's files, rename all encrypted files, and create the "#HOW_TO_DECRYPT#.txt" file containing a ransom note. It appends "LaunchID" and "BillyHerrington" strings, and the "Gachimuchi" extension to filenames. For example, it renames "1.jpg" to 1.

Best Files Downloader Adware
Adware

Best Files Downloader Adware

Best Files Downloader is a rogue browser extension that our research team found while looking through dubious software-promoting sites. This extension is endorsed as a download management tool. However, our analysis revealed that Best Files Downloader operates as advertising-supported software (ad

YoSearch Weather Tab Browser Hijacker
Browser Hijacker

YoSearch Weather Tab Browser Hijacker

YoSearch Weather Tab is a rogue browser extension. Our analysis of this piece of software revealed that it operates as a browser hijacker. YoSearch Weather Tab modifies browser settings to promote the yosearch.co fake search engine. Furthermore, this extension spies on users' browsing activity.

Find iPhone Scam (Mac)
Mac Virus

Find iPhone Scam (Mac)

After inspecting "Find iPhone", we determined that it is a phishing scam. It is promoted via SMSes (text messages), which claim that users' mobile devices are online and their location can be checked via the provided link. This URL belongs to a phishing website targeting Apple ID log-in credenti

NavigateNetwork Adware (Mac)
Mac Virus

NavigateNetwork Adware (Mac)

NavigateNetwork is a rogue application that our research team discovered while checking out new submissions to VirusTotal. Our analysis of this app revealed that it operates as advertising-supported software (adware) and belongs to the AdLoad malware family. Adware may need specific cond

Ritzer Ransomware
Ransomware

Ritzer Ransomware

Ritzer is ransomware that encrypts data and appends the ".ritzer" extension to filenames. Also, it creates the "read_it.txt" file that contains a ransom note. We have found that Ritzer is based on Chaos ransomware. Our team discovered the Ritzer ransomware while inspecting malware samples submitte

Shoksips.com Ads
Notification Spam

Shoksips.com Ads

Shoksips[.]com is a page designed to trick visitors into allowing it to show notifications. Also, it redirects visitors to other websites. Like most pages of this type, shoksips[.]com uses a clickbait technique to trick visitors into agreeing to receive notifications. We have discovered shoksips[.

Your OneDrive Is Inactive And Will Soon Be Deleted Email Scam
Phishing/Scam

Your OneDrive Is Inactive And Will Soon Be Deleted Email Scam

Our inspection of the "Your OneDrive Is Inactive And Will Soon Be Deleted" email revealed that it operates as a phishing scam. This spam letter is presented as a notification regarding the deletion of the recipient's Microsoft OneDrive account. With these false claims, the email aims to trick use

APT32 Malware (Android)
Trojan

APT32 Malware (Android)

It is the name of a malicious application that provides access to Android devices and spies on victims. APT32 establishes the "MainService" service, connects to a command-and-control (C2) server, and starts its malicious activities (it receives commands via a C2 server). It is known that this mali