Virus and Spyware Removal Guides, uninstall instructions

What is search.searchreveal.com?

Search Reveal is a potentially unwanted program (PUP) developed by SuperWeb LLC that falsely claims to enhance the web browsing experience by generating the most relevant search results.

This PUP often tricks users into believing that it is a legitimate application, however, Search Reveal continually causes unwanted browser redirects, records various user/system data, and delivers intrusive online advertisements. For these reasons, Search Reveal is classed as a browser hijacker.

What is Call Box?

Call Box (by Media Hub) is a dubious application that claims to enable a number of 'valuable functions', however, these are simply attempts to trick users to install.

Research shows that Call Box often infiltrates systems without users’ permission. Furthermore, this deceptive application continually gathers various user/system information and displays intrusive online advertisements. Therefore, Call Box is classed as a potentially unwanted program (PUP) and adware.

What is Herbst?

Herbst is a ransomware-type virus that encrypts files using an AES encryption algorithm. During encryption, this ransomware appends the name of each encrypted file with the .herbst extension. This makes it straightforward to determine which files are encrypted. Herbst then opens a window containing a ransom demand message.

What is search.searchtnl.com?

Developed by SaferBrowser, Todays News Live is a dubious application that supposedly provides access to CNN, Fox, MSNBC, and other similar news portals. This functionality may seem legitimate, however, Todays News Live is classed as a potentially unwanted program (PUP) and a browser hijacker.

There are four main reasons for these negative associations - stealth installation, tracking of users' web browsing activity, display of intrusive online advertisements, and modification of web browser settings.

What is search.searchpat.com?

Package Tracker is a dubious application that supposedly allows tracking of package deliveries. These false claims often trick users into believing that Package Tracker is a legitimate application, however, Package Tracker is classed as a browser hijacker and a potentially unwanted program (PUP).

This application infiltrates systems without users’ permission, modifies web browser settings, displays intrusive online advertisements, and collects various user/system information.

What is search.searchlen.com?

Login Email Now is a deceptive application claiming to allow email access from any new browser tab. These claims often trick users to install, however, Login Email Now is classed as a potentially unwanted program (PUP) and a browser hijacker.

One of the main reasons for these negative associations is stealth installation - Login Email Now often infiltrates systems without users’ permission. Following successful infiltration, this app hijacks web browsers, tracks users' web browsing activity, and generates intrusive online advertisements.

What is Payms?

Payms is a ransomware-type virus based on the source code of another ransomware infection called Jigsaw. Developers of Jigsaw sell the source code in dark web and, thus, new variants of this ransomware are common. Once infiltrated, Payms employs an asymmetric algorithm to encrypt files stored in victims' computers.

The name of each encrypted file is appended with the .paymrss, .paym, .payrms, .payms, .paymst, or .pays extension. A "Payment_Instructions.txt" file is then created, which is placed on the desktop.

What is Yakes?

Yakes (Mobef) is ransomware-type malware similar to Salam!. After infiltrating the system, Yakes encrypts various types of files (for example, .doc, .ppt, .pdf, etc.) stored on victims' computers. Some variants of this ransomware extend the names of encrypted files with the Lokmann.Key993, .KEYH0LES or .KEYZ extension, however, others make no changes.

Therefore, it is often difficult to determine which files are encrypted. Following encryption, a message is displayed making a ransom demand.

What is Vault ransomware?

Vault is ransomware-type malware designed to encrypt various files stored on infected computers. During encryption, this ransomware adds a ".vault" or ".xort" extension to each encrypted file and, therefore, it is easy to determine which files are affected.

All files are encrypted using the RSA algorithm and, thus, a private key is required to decrypt them. In exchange for the key, developers of Vault encourage victims to pay a ransom. Note that this malware targets users located in Russia.

What kind of malware is 7ev3n

7ev3n ransomware stealthily infiltrates systems via malicious e-mail attachments, P2P networks, and fake software updates. After system infiltration, 7ev3n encrypts files stored on computers and adds the .r5a (or .r4a) extension to compromised files. Once files are successfully encrypted, a pop-up message is displayed providing information regarding the encryption.

Payment of a ransom is demanded in exchange for a private key, which is used to decrypt the files. If the ransom is not paid within the given time frame, the private key will be destroyed and all files will remain encrypted forever.