Step-by-Step Malware Removal Instructions

Nativepclink.com Ads
Notification Spam

Nativepclink.com Ads

Nativepclink[.]com is a rogue site discovered by our researchers while inspecting suspicious websites. It is designed to run scams, promote spam browser notifications, and redirect visitors to different (likely untrustworthy or hazardous) pages. Users typically access websites like nativepclink[.

DRCRM Ransomware
Ransomware

DRCRM Ransomware

DRCRM is a ransomware that our researchers found while checking out new submissions to VirusTotal. It is yet another malicious program belonging to the VoidCrypt ransomware family. On our test machine, DRCRM encrypted files and altered their titles. The ransomware appended original filenames with

Protectionservicespc.site Ads
Notification Spam

Protectionservicespc.site Ads

During the examination of protectionservicespc[.]site, we found that it uses fraudulent marketing to promote antivirus software. This page shows deceptive (fake) messages to trick visitors into believing that their computers are infected and purchasing antivirus subscriptions. Also, protectionserv

Steadycaptcha.live Ads
Notification Spam

Steadycaptcha.live Ads

During a routine inspection of suspicious websites, our research team discovered the steadycaptcha[.]live rogue page. It promotes browser notification spam and redirects visitors elsewhere (likely untrustworthy/harmful) webpages. Users typically enter steadycaptcha[.]live and sites akin to it - v

CryptBIT 2.0 Ransomware
Ransomware

CryptBIT 2.0 Ransomware

CryptBIT 2.0 is a new variant of CryptBIT ransomware. We discovered it while examining samples submitted to VirusTotal. CryptBIT 2.0 encrypts files, appends ".cryptbit" extension to filenames, changes the desktop wallpaper, and drops the "CryptBIT2.0-restore-files.txt" file. The text file dropped

FIFA Crypto Giveaway Scam
Phishing/Scam

FIFA Crypto Giveaway Scam

While inspecting sites that use rogue advertising networks, our research team discovered the "FIFA Crypto Giveaway" scam. It is presented as a giveaway held by FIFA, in which users are to contribute a certain amount of either Bitcoin (BTC) or Ethereum (ETH) cryptocurrency to the "event" and immedi

Tcbu Ransomware
Ransomware

Tcbu Ransomware

Tcbu is the name of the Djvu ransomware variant that our team discovered while checking the VirusTotal page for recently submitted malware samples. We learned that Tcbu encrypts files, appends ".tcbu" extension to filenames, and drops the "_readme.txt" file (a ransom note). An example of how Tcbu

Tcvp Ransomware
Ransomware

Tcvp Ransomware

Tcvp is a Djvu ransomware variant that encrypts files, appends the ".tcvp" extension to filenames, and drops the "_readme.txt" file. Our malware researchers discovered Tcvp ransomware while examining samples submitted to VirusTotal. Djvu ransomware is often distributed with information-stealing ma

KEYSTEAL Trojan (Mac)
Mac Virus

KEYSTEAL Trojan (Mac)

KEYSTEAL is the name of a trojan targeting macOS Keychain data. This malware arrives onto systems as a trojanized app called ResignTool. Due to how sensitive the information stored on the Mac Keychain can be - this malware poses significant threats to user privacy. The variant of KEYSTEA