Virus and Spyware Removal Guides, uninstall instructions

What is Windows Support Alert?

"Windows Support Alert" is another fake error message similar to Microsoft Azure, Google Security Warning, Internet Security Alert, and many others. As with most fake errors, Windows Support Alert is also displayed by a malicious website that users often visit inadvertently - they are redirected by various potentially unwanted programs (PUPs).

Research shows that PUPs typically infiltrate systems without users' consent. In addition to causing redirects, PUPs gather sensitive information, deliver intrusive ads, and, in some cases, misuse system resources.

What is YeaDesktop?

YeaDesktop is a rogue application that typically infiltrates systems without users' consent. Furthermore, it generates intrusive advertisements and collects sensitive information. For these reasons, YeaDesktop is categorized as adware and a potentially unwanted application (PUA).

What is Kronos?

Kronos is high-risk trojan virus designed to gather various sensitive information. It is proliferated using spam email campaigns. Cyber criminals send thousands of email messages encouraging users to open malicious attachments that download and install Kronos into the system.

Many Kronos infections have been detected in Poland, Germany, and Japan, however, this does not mean that users from other countries are safe.

What is Chase Bank Important Account Documents?

Similar to JPMorgan Chase Email Virus, "Chase Bank Important Account Documents" is a spam email campaign used to proliferate the TrickBot trojan-type virus. 

As with many of these campaigns, criminals send thousands of deceptive email messages encouraging users to open attached Microsoft Office documents. This is a scam - the opened file infect systems with the TrickBot trojan.

What is search.hmyconverterhub.com?

My Converter Hub is a deceptive application that supposedly allows conversion of file formats. Initially, this app may seem legitimate and useful, however, My Converter Hub is categorized as a potentially unwanted application (PUA) and a browser hijacker.

There are three main reasons for these negative associations: 1) installation without consent; 2) promotion of a fake search engine [search.hmyconverterhub.com], and; 3) tracking of web browsing activity.

What is Win Boost Pro 2018?

Developers present Win Boost Pro 2018 as a high quality system optimization/malware removal tool. On initial inspection, Win Boost Pro 2018 may seem legitimate, however, it is distributed using the "bundling" method (and thus often infiltrates systems without consent). Therefore, Win Boost Pro 2018 is categorized as a potentially unwanted application (PUA).

What is "Purchase Order Email Virus"?

"Purchase Order Email Virus" is another spam email campaign that shares similarities with Client Requirements Email Virus, Order Confirmation Email Virus, and many others. As usual, this campaign is used to proliferate malware (to be specific, Pony trojan).

Developers send thousands of emails that contain deceptive messages encouraging users to open a malicious attachment. Once opened, the file immediately infects the system.

What is KVLLY?

KVLLY is another ransomware-type virus discovered by malware security researcher Michael Gillespie. After successfully infiltrating the system, KVLLY encrypts most stored files using AES-256 cryptography. Once encrypted, data immediately becomes unusable.

It is also worth noting that KVLLY appends filenames with the ".kvllyatprotonmaildotch" extension (e.g., "sample.jpg" is renamed to "sample.jpg.kvllyatprotonmaildotch"). Following successful encryption, KVLLY generates an HTML file ("READ_TO_DECRYPT.html"), placing a copy in every existing folder.

What is BadNews?

BadNews is a ransomware-type virus discovered by MalwareHunterTeam. It is an updated version of another ransomware infection called LockCrypt. After successfully infiltrating the system, BadNews encrypts most stored files, thereby making them unusable.

Furthermore, this ransomware adds the " ID [victim's_ID].BadNews]" appendix to the name of each compromised file. For example, "sample.jpg" might be renamed to a filename such as "sample.jpg ID iHupX3tzhxqX.BadNews". Immediately after encryption, BadNews creates an HTML application ("How To Decode Files.hta") and places a copy in every existing folder.

What is softwareupdate.app?

Similar or identical to click.new-posts.support, adxfactory.com, and click-now-on-this.online, softwareupdate.app is a rogue website designed to redirect users to other untrustworthy/potentially malicious websites.

As a rule, most users visit softwareupdate.app unintentionally - potentially unwanted apps (PUAs) trigger these redirects. They also deliver intrusive advertisements, gather and share data, and misuse computer resources.