Virus and Spyware Removal Guides, uninstall instructions

What kind of page is onlymp3[.]to?

While inspecting onlymp3[.]to, we found that it is one of the websites offering to download videos from YouTube. Also, it wants to show notifications and uses rogue advertising networks. Thus, users should not trust this page. It is important to note that downloading videos from YouTube may violate YouTube's terms of service and copyright laws.

What kind of application is Qwik Bee?

While analyzing the Qwik Bee browser extension, our team learned that it operates as a browser hijacker. The purpose of this app is to promote qwikbee.com - a fake search engine. Qwik Bee hijacks a web browser by manipulating the web browser's settings. Users often download and install/add browser hijackers unknowingly.

What kind of page is bilsteringdates[.]com?

While examining bilsteringdates[.]com, we found that this site displays adult content, redirects to other shady pages, and asks for permission to show notifications. We discovered bilsteringdates[.]com while analyzing websites that use rogue advertising networks. Pages of this kind should not be allowed to display notifications.

What kind of email is "Ziraat Bankasi"?

After inspecting this "Ziraat Bankasi" email, we determined that it is spam. The letter supposedly relates to credit transactions, which require the recipient's approval.

It must be emphasized that this email is fake, and it is in no way associated with the real Ziraat Bankasi – a state-owned bank in Turkey. The goal of this spam mail is to infect recipients' devices with malware via a virulent attachment.

What is kind of scam "Societe Generale (SG)" email scam?

Upon inspection of this email, it has been determined that it is a scam email. Scammers wrote it with the intention of obtaining sensitive information from the recipients. The email is written in French and includes a link to a phishing site. It is recommended that recipients disregard this email and others like it.

What kind of scam is "We Are Closing All Old Versions Of Email"?

Upon inspection of this email, we have determined that it has been authored by scammers impersonating an email service provider. The intention of these scammers is to deceive recipients into divulging sensitive information on a phishing site, which is a counterfeit login page. Therefore, we advise recipients of this email to disregard it.

What kind of malware is Doebnank?

During our analysis of malware samples submitted to VirusTotal, we discovered a ransomware dubbed Doebnank. This ransomware encrypts data, appends ".crypted_doebnank@outhyred_com" to filenames, and drops the "how_to_back_files.html" file (its ransom note).

An example of how Doebnank modifies filenames: it renames "1.jpg" to "1.jpg.crypted_doebnank@outhyred_com", "2.png" to "2.png.crypted_doebnank@outhyred_com", and so forth.

What is Fast Downloader?

Our research team discovered the Fast Downloader browser extension during a routine investigation of suspicious websites. This extension is promoted as a tool capable of aiding with content downloading from the Web. However, our analysis revealed that Fast Downloader is advertising-supported software (adware).

What is Ads Buster?

While investigating deceptive websites, we discovered the Ads Buster browser extension. This piece of software is promoted as an adblocker – a tool capable of blocking online advertisements. However, our inspection of Ads Buster revealed that it operates as adware instead. In other words, this extension displays ads rather than removes them.

What kind of email is "Automatically Generated Invoice"?

After analyzing the "Automatically Generated Invoice" email, we determined that it is spam. This fake letter claims to contain an invoice attached to it. After inspecting this attachment, we learned that it operates as a phishing file targeting email account log-in credentials.