Virus and Spyware Removal Guides, uninstall instructions

What is Sun?

Discovered by Michael Gillespie, Sun is malicious software categorized as ransomware. This infection performs data encryption and makes ransom demands (i.e., payment for decryption tools/software). When Sun encrypts data, all files are appended with the ".sun" extension.

For example, "1.jpg" becomes "1.jpg.sun", and so on for all affected files. After this process is complete, an HTML file ("DECRYPT_INFORMATION.html") is stored in each affected folder.

What is Kr?

Discovered by Jakub Kroustek, Kr ransomware is part of Dharma, a family of ransomware-type programs. Ransomware is a type of malicious software that makes files inaccessible by encrypting them. To use regain access to their files, victims of ransomware attacks are encouraged to pay ransoms.

Kr renames all encrypted files by adding the victim's ID, email address, and ".kr" extension to filenames.

For example, "sample.jpg" might be renamed to a filename such as "sample.jpg.id-1E857D00.[blablacar@airmail.cc].kr", and so on. Instructions about how to pay the ransom and contact cyber criminals are provided in a pop-up window and the "FILES ENCRYPTED.txt" file.

What is "yourfine4updatesset[.]best"?

yourfine4updatesset[.]best is a scam website, which operates by alerting users that the Adobe Flash Player is outdated and requires updating. The updater offered by yourfine4updatesset[.]best is bogus. At the time of research, it installed the Mac Cleanup Pro Potentially Unwanted Application (PUA), rather than the promised updates.

Content endorsed and/or proliferated by these deceptive sites is often rogue and nonoperational. Therefore, do not trust yourfine4updatesset[.]best or similar sites. These web pages are rarely opened intentionally, since most visitors are redirected to them by intrusive ads or PUAs already present on the system.

What is notube[.]net?

notube[.]net is presented as the best free and fast YouTube downloader and converter. Note, however, that it is illegal to download videos from YouTube. Another reason not to use the notube[.]net video downloading service is that this web page uses rogue advertising networks. Therefore, people who use it are redirected to other untrustworthy websites.

What is "Ministry of Justice Email Virus"?

"Ministry of Justice Email Virus" is a spam campaign employed to trick users into downloading/installing Predator The Thief malware. The scare tactics employed by this scam urge users into investigating the web link detailed within the email, thereby leading them through certain actions resulting in a system infection.

The term "spam campaign" refers to mass sending of deceptive/scam emails, typically containing infectious attachments or links redirecting to them. This mail is usually disguised as "important", "urgent", "official" or similar. You are strongly advised against opening suspicious or irrelevant emails.

Furthermore, do not open any attached files or web-links found in these messages. Read our article about phishing campaigns that summoner recipients to court, which is also related to "Ministry of Justice Email Virus".

What is NeedWebSearch?

The NeedWebSearch application is classified as adware. It is endorsed as a tool for improving the browsing experience and is allegedly capable of providing fast searches, accurate search results, etc. Despite this, it runs intrusive advertisement campaigns (i.e., delivers unwanted and potentially harmful ads).

Most adware-types possess data tracking capabilities, which they employ to monitor users' browsing habits. Due to dubious methods used to distribute NeedWebSearch, it is classed as a Potentially Unwanted Application (PUA).

What is Nonamebnm?

Nonamebnm is a family of deceptive, scam websites that are designed to advertise various rogue applications. At the time of research, Nonamebnm promoted the Smart Mac Booster app. These sites display fake notifications stating that visitors' computers are infected with a virus and encouraging them to remove it using one of the advertised apps.

We advise against downloading or installing software that is distributed through Nonamebnm or other deceptive web pages.

What is get-search[.]info?

get-search[.]info is one of many rogue websites online. It shares similarities with lurunews.biz, readmenewz.com, shireamentsp.info and others. These sites present visitors with dubious content and generate redirects to other untrustworthy, even malicious web pages.

Access to get-search[.]info is mostly through unwanted redirects caused by intrusive ads or Potentially Unwanted Applications (PUAs). Note that these apps do not need explicit permission to infiltrate devices. After successful installation, they generate redirects, deliver ad campaigns, hijack browsers, and track private data.

What is ProductTask?

ProductTask is disguised as an app that supposedly helps users to search (provide accurate search results and other similar features).

In fact, it is a potentially unwanted application (PUA) classified as adware. Typically, people do not download or install adware intentionally. When installed, PUAs display unwanted, intrusive advertisements and record data relating to users' browsing habits.

What is fetchtube[.]com?

The fetchtube[.]com website offers a YouTube video download service. There are two issues with this web page: 1) it is illegal to download videos from YouTube, and; 2) it uses rogue advertising networks. People who use fetchtube[.]com are redirected to various untrustworthy websites. For these reasons, fetchtube[.]com should be avoided.