Virus and Spyware Removal Guides, uninstall instructions

What is fwrdy.com?

fwrdy.com is a deceptive website stating that the users' computers are not protected and encourages them to download an anti-virus tool.

Research shows that many visitors arrive at fwrdy.com inadvertently - they are redirected by potentially unwanted programs (PUPs) or intrusive ads delivered by other rogue sites. Most PUPs infiltrate systems without permission and, as well as causing redirects, deliver intrusive advertisements and gather sensitive information.

What is finddirections.co?

Directions Finder is a deceptive application that supposedly provides users with GPS functionality. On initial inspection, finddirections.co may seem legitimate and useful, however, this app is categorized as a potentially unwanted program (PUP) and a browser hijacker.

There are three main reasons for these negative associations: 1) stealth installation without users' consent; 2) promotion of a fake search engine, and; 3) tracking of browsing activity.

What is Unpollute My Mac?

Identical to Mac Tonic, Advanced Mac Cleaner, and many others, Unpollute My Mac is a deceptive application that offers system optimization and malware removal functionality.

Initially, Unpollute My Mac may seem legitimate and useful, however, this app is likely to infiltrate systems without permission. Furthermore, it gives no real value for regular users. Therefore, Unpollute My Mac is categorized as a potentially unwanted application (PUA).

What is PayPal Email Virus?

"PayPal Email Virus" is a spam email campaign similar to FedEx Shipment, Barclays Secured Message, Electronic Intuit, and many others.

This campaign is used to proliferate a high-risk trojan called TrickBot. The message essentially states that a number of PayPal accounts have been hacked and, therefore, users must confirm their personal information by opening an attached MS Word document (which is malicious).

What is Smart Mac Care?

Smart Mac Care is a rogue application identical to Mac Tonic, Advanced My Cleaner, Mac Mechanic, and many others.

By offering system optimization/cleaning functionality, Smart Mac Care attempts to give the impression of legitimacy, however, this application is categorized as a potentially unwanted application (PUA). Smart Mac Care is likely to infiltrate systems without users’ permission and gives no real value for regular users.

What kind of malware is Matrix?

Matrix is a ransomware-type virus that encrypts various data stored on victims' computers. Despite this threat, Matrix has some flaws - it does not encrypt all files. Therefore, we assume that Matrix ransomware is still in development.

This malware appends: ".FDFK", ".TGMN", ".ABAT", ".DECP", ".YDHM", ".MDRL", ".[Kromber@tutanota.com]", ".QH24", ".NGSC", ".SDEN", ".MDEN", ".SCR", ".SBLOCK", ".GBLOCK", ".PEDANT", ".PLANT", ".CHRB", ".GMBN", ".SPCT", ".GRHAN", ".PRCP", ".FASTA", ".GMPF", ".THDA", ".NOBAD", ".GMAN", ".EMAN", ".CHE08", ".ITLOCK", ".KOK08", ".FASTBOB", ".NEWRAR", ".KOK8", ".CORE", ".ANN", ".[RestorFile@tutanota.com]", "_[LINERSMIK@NAVER.COM][JINNYG@TUTANOTA", ".matrix", ".b10cked", ".AG88G", ".TMS5", ".[MarkEvans333@criptext.com].[random-string].MKES", ".EG83", ".AL8P". ".BNFD", ".AL8G", ".DECC", ".MH24", ".TG33" or ".[RestoreFile@qq.com].MTXLOCK" extensions to the name of every encrypted file.

For instance, "sample.jpg" is renamed to "sample.jpg.matrix". Following successful encryption, Matrix creates a text file "matrix-readme.rtf" (newer variants create "#What_Wrong_With_Files#.rtf", "!ReadMe_To_Decrypt_Files!.rtf", "#_#WhatWrongWithMyFiles#_#.rtf", "Readme-Matrix.rtf", "WhatHappenedWithMyFiles.rtf", or "WhatHappenedWithFiles.rtf") and places it in every folder. The file contains a ransom demand message.

What is CryptoConsole?

Discovered by security researcher xXToffeeXx, CryptoConsole is a ransomware-type virus that impersonates Purge (Globe) malware.

Be aware, however, that CryptoConsole only mimics file encryption - the virus simply renames files using the "unCrypte/decipher_ne@outlook.com_[NAME_OF_FILE]" pattern. An HTA file ("How decrypt files.hta") is then created containing a ransom demand message.

What is datsadstrack.com?

datsadstrack.com is a rogue website virtually identical to ecoencomputer.com, comproliverton.pro, rakbler.ru, and many others of this type.

Most users visit datsadstrack.com inadvertently - they are redirected to it by potentially unwanted programs (PUPs) that are usually installed without users' knowledge/inadvertently. PUPs such as this cause redirects to various other untrustworthy websites, collect data, deploy intrusive advertisements, and affect computer performance.

What is eazydevlin.xyz?

Identical to fastcanary.com, beteim.com, ecoencomputer.com, and many others, eazydevlin.xyz is a rogue website that redirects visitors to other untrustworthy sites. As a rule, these redirects are caused by potentially unwanted programs (PUPs) that are installed without users' consent. PUPs deliver intrusive ads, record information, and misuse computer resources.

What is trkerrr.net?

trkerrr.net is identical to other rogue websites on the Internet (such as thepopularlinks.com, ecoencomputer.com, comproliverton.pro, and many more) that redirect users to further untrustworthy sites. Most users are redirected to trkerrr.net by potentially unwanted programs (PUPs) that cause these redirects.

PUPs are generally installed without users' consent, deliver various intrusive ads, collect information, and affect computer performance.