Virus and Spyware Removal Guides, uninstall instructions

What is OdysseusLookup?

OdysseusLookup is a rogue application classified as adware and possessing browser hijacker traits. Following successful installation, OdysseusLookup delivers intrusive ad campaigns, makes alterations to browser settings and promotes fake search engines.

Most adware type apps and browser hijackers collect browsing-relating information, and this is likely to include OdysseusLookup. Due to the dubious techniques used to proliferate this app, it is classified as a Potentially Unwanted Application (PUA).

One of the methods used to distribute OdysseusLookup is via fake Adobe Flash Player updates. Note that bogus software updaters/installers are also used to spread Trojans, ransomware and other malware.

What is SearchRange?

The SearchRange app is often installed unintentionally through a deceptive Adobe Flash Player installer. Therefore, this app is categorized as a potentially unwanted application (PUA). After installation, it hijacks browsers, changes certain browser settings, and starts to display various ads.

I.e., SearchRange is both an adware-type app and a browser hijacker. Apps of this type are often designed to gather browsing-related and other information.

What is BasicDesktop?

BasicDesktop is a rogue application categorized as adware. Additionally, this app also has browser hijacker traits. BasicDesktop operates by delivering intrusive advertisement campaigns, modifying browser settings and promoting fake search engines (Safe Finder via akamaihd.net).

Due to the dubious methods used to proliferate BasicDesktop, it is also classified as a Potentially Unwanted Application (PUA). Most PUAs have data tracking capabilities, which are employed to monitor users' browsing activity, and it is highly likely that this is the case with BasicDesktop.

What is HideMeFast?

HideMeFast is rogue software, which operates as a browser hijacker. Typically, software within this classification operates by making certain modifications to browsers to promote fake search engines, however, HideMeFast behaves in a different manner. It promotes a legitimate search engine called Bing (bing.com), without first redirecting to a bogus search engine.

Additionally, HideMeFast uses the "Managed by your organization" feature in the Google Chrome browser to ensure persistence (removing becomes rather complicated).

Due to the dubious methods used to spread this software, HideMeFast is also classified as a Potentially Unwanted Application (PUA). Most PUAs monitor users' browsing activity, and this is the case with HideMeFast.

What is the Incredible Tab browser hijacker?

Inprobable Tab is rogue software categorized as a browser hijacker. Following successful infiltration, it modifies browser settings to promote inprobabletab.com (a fake search engine). Additionally, most browser hijackers monitor users' browsing activity and it is likely that Inprobable Tab does so as well.

Due to the dubious techniques used to promote Inprobable Tab, it is classified as a Potentially Unwanted Application (PUA).

What is "Instagram password hacking tool"?

Cyber criminals attempt to trick users into installing malware on their computers in various ways. In most cases, they disguise a malicious file or program as legitimate and hope that users open/launch it. In this particular case, cyber criminals claim that there is a tool available, which is capable of hacking Instagram accounts.

Their main goal is to trick people into launching/executing an installer designed to install this tool. In fact, the installer is malicious and designed to infect operating systems with malware.

What is zmusic-online[.]com?

Sharing many similarities with routemob.com, rministencew.club, news-back.best and thousands of others, zmusic-online[.]com is a rogue website that redirects visitors to other untrusted/malicious sites and/or contains dubious content.

Most users access zmusic-online[.]com (and similar pages) when they are redirected to it by intrusive ad campaigns or Potentially Unwanted Applications (PUAs) already installed on the system. These apps do not need express user permission to infiltrate devices.

PUAs operate by causing redirects, running intrusive ad campaigns and collecting browsing-related information.

What is routemob[.]com?

routemob[.]com opens dubious websites or loads unwanted content. There are are many websites similar to routemob[.]com on the internet. Some examples are rministencew[.]club, news-back[.]best and sombes[.]com. Note that users do not often visit these sites intentionally - they are opened by installed potentially unwanted applications (PUAs).

Similarly, people do not often download or install PUAs intentionally.

What is "SD BIOSENSOR Email Virus"?

"SD BIOSENSOR" is yet another Coronavirus/COVID-19-themed spam campaign. The term "spam campaign" is used to define a large scale operation, during which thousands of deceptive/scam emails are sent. The messages are disguised as mail from a legitimate global bio-diagnostic company (SD BIOSENSOR).

These emails are presented as important orders concerning the pandemic, however, rather than containing this information, upon opening, the attached Excel file initiates download/installation of MassLogger malware.

What is Fob?

Discovered by Michael Gillespie, Fob is variant of WannaScream ransomware. Fob encrypts victims' files, modifies their filenames, creates and displays a ransom message. It renames encrypted files by adding the victim's ID and decrypt25@protonmail.com email address, and appending the ".Fob" extension to filenames.

For example, it renames a file called "1.jpg" to "1.jpg.[1E857D00[decrypt25@protonmail.com].Fob", "2.jpg" to "2.jpg.[1E857D00[decrypt25@protonmail.com].Fob", etc. It launches one a ransom message from the created "info.hta" file and creates another in a text file named "ReadMe.txt".