Virus and Spyware Removal Guides, uninstall instructions

What is Dun & Bradstreet Email Virus?

Similar to HSBC, Barclays Secured Message, Electronic Intuit, and many others, "Dun & Bradstreet Email Virus" is another spam email campaign used to distribute the TrickBot trojan. Distributed email messages essentially state that a customer is not satisfied by services provided.

To resolve the issue, users are encouraged to open the attached MS Word document and read the information within. This is a scam - the opened document downloads and installs malware.

What is browsersecurely.com?

browsersecurely.com is a rogue website identical to syndication.dynsrvtbg.com, identifies.com, redirectoptimizer.com, and many others.

Users often visit browsersecurely.com inadvertently - they are redirected to it by potentially unwanted programs (PUPs) that are usually installed without users' consent, cause redirects to rogue sites, deploy various unwanted/intrusive ads, and collect user-system information.

What is mobile-feednews.com?

Similar or identical to beteim.com, oclasrv.com, trackingclick.com, and many others, mobile-feednews.com is a rogue website that redirects users to various other untrustworthy/unwanted websites. Many users visit mobile-feednews.com inadvertently due to potentially unwanted programs (PUPs) responsible for these redirects.

PUPs usually infiltrate systems without users' permission and redirect to mobile-feednews.com They also collect user-system information, cause unwanted/intrusive advertisements, and run various background processes.

What is gen.mactechright.com?

gen.mactechright.com is a deceptive website that displays a fake error message stating that the system is infected. Most users arrive at gen.mactechright.com inadvertently - they are redirected by potentially unwanted programs (PUPs) or intrusive advertisements delivered by other deceptive websites.

In addition, potentially unwanted programs typically infiltrate systems without permission and, as well as causing redirects, deliver intrusive ads and continually gather information relating to web browsing habits.

What is Super VPN?

Super VPN (also known as super-vpn) is a deceptive app that falsely claims to provide VPN functionality. Initially, this app may seem legitimate and useful, however, Super VPN is categorized as a potentially unwanted program (PUP) and adware.

There are three main reasons for these negative associations: 1) stealth installation without users' consent; 2) tracking of web browsing activity, and; 3) display of intrusive advertisements.

What is EverydayLookup?

According to the developers (Mindspark Interactive Network), EverydayLookup is a legitimate browser extension that allows users to find area/zip codes, phone numbers, addresses, and other similar information - "Quickly search addresses, landline phone numbers, area codes, zip codes and more. Find relatives, friends, acquaintances with access to online White Pages."

These fake promises are delivered to give the impression of legitimate and useful software, however, EverydayLookup is categorized as a browser hijacker and a potentially unwanted program (PUP). After stealthily installing on Internet Explorer, Google Chrome, and Mozilla Firefox, this extension modifies browser settings and monitors Internet browsing activity.

What is Samsam?

Samsam is high-risk ransomware designed to infect unpatched servers and encrypt files stored on computers networked to the infected server.

This ransomware is distributed manually. Samsam appends the name of each encrypted file with one of the following extensions: .weapologize, .areyoulovemyrans, .loveransisgood, .myransext2017, .disposed2017, .prosperous666, .supported2017, .country82000, .moments2900, .breeding123, .mention9823, .suppose666, .skjdthghh, .cifgksaffsfyghd, .iaufkakfhsaraf, .filegofprencrp, .weencedufiles, .encryptedyourfiles, .letmetrydecfiles, .otherinformation, .weareyourfriends, .noproblemwedecfiles, .powerfulldecrypt, .wowreadfordecryp, .wowwhereismyfiles, .helpmeencedfiles, .theworldisyours, .vekanhelpu, .howcanihelpusir, .VforVendetta, .checkdiskenced, .encmywork, .notfoundrans, .goforhelp, .iloveworld, .canihelpyou, .only-we_can-help_you, .encryptedAES, .encryptedRSA, .encedRSA, .justbtcwillhelpyou, .btcbtcbtc, or .btc-help-you - this depends on the version of ransomware.

Samsam employs the RSA-2048 asymmetric encryption algorithm and, therefore, two keys (public and private) are generated during encryption -  public to encrypt, private to decrypt. Cyber criminals demand a ransom payment in exchange for the private key. Restoring files without this key is impossible. After encrypting the files, Samsam automatically uninstalls from the victim's PC.

What is n0rm.site?

n0rm.site is a rogue website (identical to syndication.dynsrvtbg.com, fastcanary.com, click-it-now.online, and many more) that redirects visitors to other dubious sites.

Few users visit n0rm.site willingly - most are redirected to it by potentially unwanted programs (PUPs) that infiltrate systems without permission. Furthermore, PUPs cause unwanted redirects, record information, and deploy intrusive advertisements.

What is TQV?

TQV is another ransomware-type virus discovered by malware security researcher, Leo. Once infiltrated, TQV encrypts most stored data (thereby making it unusable) and appends filenames with ".TQV" extension.

For instance, "sample.jpg" is renamed to "sample.jpg.TQV". Following successful encryption, TQV generates a text file ("@@README.TXT"), placing a copy in every existing folder. As usual, the new text file contains a ransom-demand message.

What is Lyrics?

Lyrics adware is a general term used to describe all potentially unwanted browser applications that display song lyrics on YouTube and are distributed using free software downloads.

Although these browser plug-ins are not technically viruses or malware, they install on Internet browsers (Internet Explorer, Google Chrome, and Mozilla Firefox) without users' consent, cause various unwanted ads, and may lead to serious privacy issues.

Free software websites are a common source of Lyrics-related adware, which uses 'download clients' to manage the process of offering freeware for download.