Step-by-Step Malware Removal Instructions

Nuhtab Browser Hijacker
Browser Hijacker

Nuhtab Browser Hijacker

Nuhtab is a rogue browser extension that promises to allow desktop customization. When our researchers tested this software, it operated as a browser hijacker. In other words, Nuhtab altered browser settings to promote the nuhtab.com fake search engine and spied on users' browsing activity.

Securestuff.xyz Ads
Notification Spam

Securestuff.xyz Ads

Detected by our research team when inspecting untrustworthy websites, securestuff[.]xyz is a rogue page. It is designed to load dubious content (e.g., "McAfee - Your PC is infected with 5 viruses!" scam), promote browser notification spam, and/or redirect visitors to other unreliable and malicious

OpenSea POP-UP Scam
Phishing/Scam

OpenSea POP-UP Scam

The "OpenSea" scam refers to phishing sites disguised as the OpenSea online NFT (Non-Fungible Token) marketplace. The goal of this scheme is to extract users' cryptowallet log-in credentials and subsequently gain access/control over the wallets. The address of the scam website our researchers hav

Coinbase POP-UP Scam
Phishing/Scam

Coinbase POP-UP Scam

The "Coinbase" scam is classified as phishing. It is presented as the sign-in page of Coinbase - the cryptocurrency exchange platform offering various crypto-related services. Attempts to log in through these phishing sites can result in Coinbase account theft and other serious issues. Whe

Bl Ransomware
Ransomware

Bl Ransomware

When looking into new submissions on VirusTotal, our researchers found another malicious program belonging to the Dharma ransomware family - called Bl. Once executed on our test system, this ransomware encrypted files and changed their names. Affected files were retitled according to this pattern

Shortcuts Adware
Adware

Shortcuts Adware

Shortcuts is a rogue app, promoted as an easy-access (shortcut) tool to various applications like Netflix, Amazon, CNN, Facebook, calculator, etc. After downloading and launching a sample on our testing machine, we observed this piece of software operating as adware. Our researchers noted

Easy Search Browser Hijacker
Browser Hijacker

Easy Search Browser Hijacker

Easy Search is the name of a rogue browser extension, which we have recently discovered. Our researchers have determined this dubious piece of software to be a browser hijacker, promoting the blpsearch.com fake search engine. After being installed onto our test system, the Easy Search brow

Yourdadgone Ransomware
Ransomware

Yourdadgone Ransomware

Yourdadgone is the name of a ransomware-type program we found when reviewing the newest malware submissions on VirusTotal. On our test machine, this ransomware encrypted files and appended their filenames with a ".yourdadgone" extension. For example, a file like "1.jpg" appeared as "1.jpg.yourdad

NASA ETH and BTC Giveaway Scam
Phishing/Scam

NASA ETH and BTC Giveaway Scam

When inspecting rogue and deceptive websites, our researchers discovered yet another cryptocurrency giveaway scam. "NASA ETH and BTC Giveaway" is presented as a cryptocurrency mass-adoption scheme. Users are urged to transfer a certain amount of either Ethereum (ETH) or Bitcoin (BTC) cryptocurrenc

Listentoyoutube.cc Ads
Adware

Listentoyoutube.cc Ads

Our team has examined the listentoyoutube[.]cc page and concluded that this page offers to convert YouTube videos to MP3 files (while downloading videos from YouTube is a breach of YouTube's Terms of Service), uses rogue advertising networks, and promotes a questionable application. At the