Virus and Spyware Removal Guides, uninstall instructions

What is siviewer.com?

SIViewer is a deceptive application that supposedly allows users view various images (for example, .jpg, .gif, etc.). Initially, this app may seem legitimate, however, it is classed as a potentially unwanted program (PUP) and a browser hijacker. SIViewer infiltrates systems without users’ permission, gathers various information regarding users' web browsing activity, hijacks Internet browsers, and stealthily modifies browser settings.

What is Wajam?

Wajam is a social search engine, a browser add-on, which enhances Internet users' search experience by displaying additional search results related to information their friends share on FaceBook, Twitter, or Google+. This is a useful and popular browser plug-in, however, some computer users report that they observe ads by Wajam, and that they did not willingly install this plug-in.

Note that Wajam is not related to malware or virus infections and is a legitimate browser add-on. This plug-in may inadvertently be installed without consent on users' systems when 'bundled' with free software downloaded from the Internet. Nevertheless, Wajam plug-in installation is not caused by malicious software.

What is ThinkPoint?

This unwanted program will try to fool you into buying it and the software employs various methods in which to do so. It uses a fake virus scan and displays fake alerts indicating that your computer is infected. After the fake security scan, the rogue program will notify you that C:\Program Files\Messenger\msmsgs.exe is infected. You will then be asked to reboot your computer.

This program is capable of blocking execution of legitimate Windows programs, thus making its removal more complicated. It is important to understand that ThinkPoint is a rogue program that should not be trusted. When installed on your computer, this bogus program will imitate a computer security scan and will attempt to trick you into believing that your PC is infected with critical risk security threats.

What is ENCRYPTED?

ENCRYPTED is ransomware-type malware proliferated using email spam. Following infiltration, this ransomware encrypts various data stored on victims' computers. The list of data types targeted by ENCRYPTED includes .pdf, .doc, .ppt, and many other file formats.

During encryption, this ransomware modifies the desktop wallpaper and appends a .encrypted extension to the file names of each encrypted file. This makes it straightforward to determine which files have been compromised. A text file is then created, which contains a message informing users of the encryption.

What is FiziPop?

According to the developers, FiziPop allows users to play various addictive Flash games. This functionality may seem legitimate, however, FiziPop often infiltrates systems without users’ consent, gathers information relating to users' web browsing activity, and generates intrusive online advertisements. For these reasons, it is classed as adware and a potentially unwanted program (PUP).

What is KeyBTC?

KeyBTC is ransomware-type malware distributed via malicious email attachments. These emails may appear to be either shipment or postal notifications. Each contains a ZIP file with a file compressed within. Although this compressed file may appear to be a Word document, it is actually Javascript file (.js).

Once opened, a number of malicious files are downloaded, which encrypt data stored on the victim's computer. When encrypting, KeyBTC appends the name of each compromised file with .keybtc@inbox_com. After encrypting the files, KeyBTC displays a message stating that the files have been encrypted and that the victim can only restore them by paying a ransom.

What is TrueCrypt?

TrueCrypt is another ransomware infection that infiltrates systems and then encrypts stored files. Types of targeted files include .rar, .7zip, .php, .doc., .pdf, and many others. During encryption, TrueCrypt adds the .enc extension to compromised files.

This ransomware uses AES-256 encryption and, thus, public (encryption) and a private (decryption) keys are generated during the encryption process. Therefore, files can supposedly only be restored using the private key, which is stored on C&C (Command & Control) servers managed by cyber criminals. To receive this key, victims must pay a ransom.

What is WeatherWidget?

WeatherWidget is a dubious application that supposedly provides weather forecasts. Initially, this functionality may seem legitimate, however, claims to provide 'valuable functionality' are merely attempts to trick users to install. In fact, WeatherWidget is classed as a potentially unwanted program (PUP) and adware.

There are three main reasons for these negative associations: stealth infiltration without users' permission, tracking of users' web browsing activity and display of intrusive online ads.

What is Win Tune Pro?

Win Tune Pro is a deceptive application that claims to improve computer performance - "Win Tune Pro is a suite of high-power utilities that monitors and adjusts your PC for maximum security and performance." These false claims may seem legitimate, however, the developers of Win Tune Pro distribute this program as a 'bundle' with other software.

Furthermore, Win Tune Pro continually gathers various data relating to users' web browsing activity. For these reasons, this app is classed as a potentially unwanted program (PUP).

What is search.ratplee.com?

Search.ratplee.com is another fake Internet search engine identical to search.cucumberhead.com, search.lunaticake.com, and many other bogus sites. All falsely claim to enhance the web searching experience by generating the most relevant search results, however, these fake promises are merely attempts to give the impression of legitimate software.

Developers promote search.ratplee.com using rogue application 'installers' that stealthily modify browser settings. In addition, search.ratplee.com gathers various information regarding users' web browsing habits.