Step-by-Step Malware Removal Instructions

Breaking-news.me Ads
Notification Spam

Breaking-news.me Ads

Similar to hdvideosnet.com, hisqueost.xyz, more*.biz, antom.xyz, and many others, breaking-news[.]me is a rogue website. It operates by presenting visitors with questionable material and/or redirecting them to various (likely suspect or malicious) webpages. Most users enter these sites via redire

Rushpushy.com Ads
Notification Spam

Rushpushy.com Ads

Rushpushy[.]com asks for permission to show notifications and promotes shady web pages. There are dozens of pages like rushpushy[.]com, for example, press-news-for[.]me, theresults[.]net, and robo-checker[.]top. Most of them are promoted via dubious ads, other pages of this kind, or potentially un

Setonna.com Ads
Notification Spam

Setonna.com Ads

Setonna[.]com uses a clickbait technique (loads a fake CAPTCHA) to trick visitors into allowing it to display notifications and opens shady pages. More examples of similar pages are tthematt[.]xyz, hisqueost[.]xyz, and cobwebcircle[.]site. Users open these sites unintentionally. Setonna[.]

Shasha Ransomware
Ransomware

Shasha Ransomware

Shasha encrypts files and appends the ".shasha" extension to their filenames. For instance, it renames "1.jpg" file to "1.jpg.shasha", "2.jpg" file to "2.jpg.shasha", and so on. Also, Shasha creates a ransom note, the "READ_ME.txt" file, and changes the desktop wallpaper. Screenshot of a messa

SAFEMOON Giveaway Scam
Phishing/Scam

SAFEMOON Giveaway Scam

"SAFEMOON Giveaway" refers to a scam promoted on various deceptive sites. This scheme promises five times the return on the SafeMoon cryptocurrency users transfer to it. To elaborate, the scam requests users to invest at least 500,000,000 in SafeMoon by transferring it to the listed cryptowallet

Tthematt.xyz Ads
Notification Spam

Tthematt.xyz Ads

Tthematt[.]xyz displays a fake CAPTCHA to trick visitors into clicking the "Allow" button and can open two, three questionable websites. There is a very low chance that users would open tthematt[.]xyz intentionally. This page shares similarities with cobwebcircle[.]site, press-news-for[.]me, and m

Hisqueost.xyz Ads
Notification Spam

Hisqueost.xyz Ads

Akin to theresults.net, more*.biz, liffsandupa.xyz, goodsurvey.site, and countless others, hisqueost[.]xyz is a rogue site. This page is designed to load questionable material and/or redirect visitors to different (likely unreliable or malicious) websites. Most users enter such webpages through r

MegaUnit Adware (Mac)
Mac Virus

MegaUnit Adware (Mac)

MegaUnit is an adware-type app with browser hijacker traits. Furthermore, due to the dubious methods used to distribute software products within these categories, they are also classified as PUAs (Potentially Unwanted Applications). MegaUnit has been noted being proliferated via fake Adobe Flash

Cobwebcircle.site Ads
Notification Spam

Cobwebcircle.site Ads

Cobwebcircle[.]site is an untrustworthy website designed to open other sites of this kind and trick visitors into agreeing to receive its notifications. Cobwebcircle[.]site has the same purpose as theresults[.]net, robo-checker[.]top, aidraiphejpb[.]com, and a great number of other pages.

CRYPT (MedusaLocker) Ransomware
Ransomware

CRYPT (MedusaLocker) Ransomware

CRYPT is a malicious program belonging to the MedusaLocker ransomware family. It is designed to encrypt data and demand payment for the decryption. The locked files are appended with a ".CRYPT" extension. For example, a file initially titled "1.jpg" would appear as "1.jpg.CRYPT", "2.jpg" as "2.jp