Virus and Spyware Removal Guides, uninstall instructions

What is Auto Mac Booster?

Identical to Auto Mac Speedup, Speedup Mac Pro, Advanced Mac Booster, and many others, Auto Mac Booster is a deceptive application that, according to the developers, allows users to enhance computer performance by removing rogue applications, cleaning the cache, and so on.

Initially, Auto Mac Booster may seem legitimate and useful, however, developers promote this app using the "bundling" method. Therefore, Auto Mac Booster often infiltrates systems without permission and is categorized as a potentially unwanted application (PUA).

What is Boost My Mac?

Boost My Mac is one of many computer (Mac) optimization applications promoted as supposedly making Mac computers run smoothly and without errors. In fact, developers promote this app using the "bundling" method, and thus many people download and install it inadvertently.

Therefore, Boost My Mac is categorized as potentially unwanted application (PUA). Do not trust any PUAs.

What is Korea?

Discovered by Jakub Kroustek, Korea is a ransomware-type program and part of the Dharma ransomware family. Like most computer infections of this type, cyber criminals use Korea to encrypt files stored on the computer and make ransom demands. Therefore, people with computers infected with this ransomware are unable to access their data unless a ransom is paid.

Korea renames each encrypted file by adding the ".korea" extension (that includes the victim's ID and email address of Korea developers). For example, "1.jpg" becomes "1.jpg.id-1E857D00.[omfg@420blaze.it].korea". It also generates the "FILES ENCRYPTED.txt" file and displays a pop-up window, both of which contain information about how to restore encrypted files.

What is search.hhighdefinitionradioplayer.com?

search.hhighdefinitionradioplayer.com is a fake search engine that is presented as useful and legitimate. Developers promote it using a potentially unwanted application (PUA) called High Definition Radio Player, which is categorized as browser hijacker.

According to the developers, this app provides quick access to popular online streaming services, however, most users install these PUAs unintentionally. When installed, High Definition Radio Player modifies browser settings and records information relating to users' browsing activity.

What is JCry?

JCry is high-risk ransomware that stealthily infiltrates computers and encrypts stored data. Research shows that developers tried to proliferate JCry by exploiting a certain web plug-in implemented on various Israeli websites.

Due to faulty source code, however, they failed. JCry encrypts data and appends filenames with the ".jcry" extension (e.g., "sample.jpg" is renamed to "sample.jpg.jcry"). Once data is encrypted, JCry opens a pop-up window and generates an HTML file ("JCRY_Note.HTML"), placing a copy in each existing folder.

What is search.hyourfreeonlineformsnow.com?

search.hyourfreeonlineformsnow.com is yet another fake search engine that, according to the developers, enhances the browsing experience by delivering the most accurate results and providing quick access to various popular websites.

Judging on appearance alone, search.hyourfreeonlineformsnow.com may seem legitimate and useful, however, this site is promoted via a browser-hijacking potentially unwanted application (PUA), which usually infiltrates computers without users' consent.

Furthermore, this browser hijacker with search.hyourfreeonlineformsnow.com continually tracks browsing activity by gathering user-system information.

What is "DSKD Email Virus"?

"DSKD Email Virus" is a spam email campaign that cannot be trusted. Scammers send it to many people hoping that a percentage of them will open the attachment, which is presented as an "urgent inquiry". If opened, it causes download and installation of a high-risk computer infection called FormBook. 

This is a malicious program designed to steal personal information. Therefore, we strongly recommend that you do not open the attachment presented in this email.

What is Auto Mac Speedup?

Auto Mac Speedup is another deceptive application that supposedly allows users to enhance computer performance by cleaning caches, unwanted files, rogue applications, and providing other similar features.

On initial appearance, Auto Mac Speedup may seem legitimate and useful, however, developers proliferate this app using the "bundling" method, and thus Auto Mac Speedup is categorized as a potentially unwanted application (PUA).

What is "hadmatontrin.com"?

hadmatontrin.com is another rogue website that is virtually identical to pugu5l.com, getmacsoft.com, chillcardiac.com, and many others. This website redirects users to other websites and delivers dubious content.

Research shows that users typically end up visiting this site inadvertently, since they are redirected by potentially unwanted applications (PUAs) and intrusive advertisements. PUAs are notorious for infiltrating systems without users' consent. As well as causing redirects, they deliver intrusive advertisements and gather information.

What is Promok?

Promok is another variant of a high-risk ransomware infection called Djvu. As with other infections from this malware family, Promok stealthily infiltrates computers and encrypts most stored files, rendering them useless. Furthermore, Promok adds the ".promok" extension to the name of each encrypted file.

For instance, "sample.jpg" is renamed to "sample.jpg.promok". Once encryption is complete, Promok generates a text file ("_readme.txt") and places a copy in each folder that contains encrypted files.