Virus and Spyware Removal Guides, uninstall instructions

What is the "Secure Boot Violation" scam?

"Secure Boot Violation" is a deceptive message displayed by screen-locking malicious software. Screenlockers prevent using the infected device (by locking its screen) and often present users with false information regarding the loss of access.

"Secure Boot Violation" is no exception to this, and claims that the Windows Operating System (OS) has been blocked due to detected, unauthorized changes made to it. The "Secure Boot Violation" message shares characteristics with technical support scams, since it promotes fake tech support helplines.

This screenlocker has been observed being proliferated under the guise of a "Driver Update" (an application with a wide database of Windows drivers), which is capable of detecting outdated drivers and updating them.

What is ivpnconfig[.]com?

ivpnconfig[.]com is a deceptive website that often tricks visitors into downloading and installing a potentially unwanted application (PUA). For example, a fake anti-virus tool, adware, or browser hijacker. In most cases, these sites are opened through other dubious websites, untrusted advertisements, or by installed PUAs.

In any case, people do not often visit addresses such as ivpnconfig[.]com intentionally.

What is Total Antivirus 2020?

Total Antivirus 2020 is software endorsed as a powerful and effective anti-virus suite, however, it is unable to perform its advertised functionality and is therefore classified as a fake anti-virus program. The purpose of this nonoperational application is to trick users into purchasing it, thereby financially scamming them.

Due to the dubious methods used to spread Total Antivirus 2020, it is also classified as a Potentially Unwanted Application (PUA). Note that PUAs often have additional, possibly harmful capabilities.

What is ExtendedTool?

ExtendedTool is rogue software classified as adware with browser hijacker traits. This application operates by delivering intrusive advertisement campaigns, making alterations to browser settings and promoting fake search engines. ExtendedTool promotes akamaihd.net via Safe Finder in this manner.

This type of software generally has data tracking capabilities, and this is likely to be the case with ExtendedTool. Additionally, due to the dubious methods used to proliferate this app, it is also classified as a Potentially Unwanted Application (PUA).

What is DivisionFormat?

DivisionFormat is a rogue application, classified as adware. It also has browser hijacker traits. Following successful installation, it runs intrusive advertisement campaign, makes modifications to browser settings to promote fake search engines (for example, search.dominantmethod.com).

Additionally, most adware-type apps and browser hijackers record users' browsing activity. Due to the dubious methods used to proliferate DivisionFormat, it is classified as a Potentially Unwanted Application (PUA). One of the distribution techniques used for this app is via fake Adobe Flash Player updates.

Note that bogus software updaters/installers also proliferate malware (e.g. ransomware, Trojans, etc.).

What is AssistiveRecord?

AssistiveRecord is a potentially unwanted application (PUA), which is classified as adware and a browser hijacker. I.e., it is designed to serve advertisements and promote Safe Finder (by opening it via akamaihd.net). PUAs like AssistiveRecord are often designed to collect data relating to users' browsing habits.

These apps are categorized as PUAs, since most users download and install them unintentionally.

What is Taurus?

Taurus (also known as Taurus Project) is the name of a stealer created by a team of cyber criminals called Predator The Thief team. This information-stealing malware is sold on hacker forums for US$100.

It is capable of accessing and stealing sensitive information from certain browsers, cryptocurrency wallets, FTP, email clients, various apps and collecting details about the victim's computer. Therefore, it is quite powerful malware, which should be eliminated from infected computers immediately.

What is Zbw ransomware?

Zbw is a malicious program classified as ransomware. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. During the encryption process, all compromised files are renamed according to this pattern: original filename, unique ID, cyber criminals' email address and the ".zbw" extension.

For example, a file originally named "1.jpg" would appear as something similar to "1.jpg.[E38D7F03].[decryption@zimbabwe.su].zbw" following encryption. After this process is complete, ransom messages within "readme-warning.txt" files are dropped into affected folders.

What is StreamsSearch?

StreamsSearch is rogue software, which operates by making modifications to browser settings to promote streams-search.com (a fake search engine). Due to this, StreamsSearch is classified as a browser hijacker. Additionally, it has data tracking capabilities, which are employed to monitor users' browsing activity.

Since most users install StreamsSearch unintentionally, it is also classified as a Potentially Unwanted Application (PUA).

What is AllMoviesSearch?

AllMoviesSearch is dubious software categorized as a browser hijacker. It operates by making modifications to browser settings to promote allmoviessearch.com (a bogus search engine). Additionally, this browser hijacker has data tracking capabilities, which are used to monitor users' browsing activity.

Due to the dubious methods employed to proliferate AllMoviesSearch, it is also classified as a Potentially Unwanted Application (PUA).