Virus and Spyware Removal Guides, uninstall instructions

What is yyy0?

yyy0 is a ransomware-type virus discovered by malware security researcher, Michael Gillespie. Immediately after encryption, yyy0 encrypts most stored files and adds the ".davilarita@mail.com.yyy0" appendix to each filename. For instance, "sample.jpg" is renamed to "sample.jpg.davilarita@mail.com.yyy0".

Encrypted data immediately becomes unusable. As well as encryption, yyy0 generates a text file ("help.txt") and places a copy in every existing folder.

What is feed.incognitosearches.com?

feed.incognitosearches.com is a fake Internet search engine that is promoted via a deceptive application called Incognito Searches. This app claims to protect users' privacy and Internet browsing safety by allowing them to search the Internet without divulging any sensitive data.

Initially, this functionality may seem legitimate and useful, however, this potentially unwanted program (PUP) often infiltrates systems without permission.

Furthermore, it is categorized as a browser hijacker - a form of unwanted software that changes Internet browser settings without consent. In addition, rather than protecting users' information, Incognito Searches records private details.

What is "Payroll Timetable" email virus?

Similar to Companies House Email Virus, Royal Bank Of Scotland Email Virus, and many others, "Payroll Timetable Email Virus" is a spam email campaign used to proliferate a high-risk trojan called TrickBot. 

Developers send thousands of deceptive emails encouraging users to open attached files (Microsoft Office documents). Opening these files typically results in infiltration of the TrickBot virus.

What kind of malware is BandarChor?

Discovered by Jakub Kroustek, BandarChor is a new variant of high-risk ransomware called CryptFile2. Once infiltrated, BandarChor encrypts most stored data, making it impossible to use. During encryption, BandarChor appends filenames with the "id-[victim's_ID]-[shivamana@seznam.cz].pip" extension.

For example, "sample.jpg" might be renamed to a filename such as "sample.jpg.id-9415415956295813-[shivamana@seznam.cz].pip". Once data is encrypted, BandarChor opens a pop-up window that contains a ransom-demand message.

What is notify.support?

Like most rogue websites (including seodollars.com, trkur4.com, tityx.com, etc.), notify.support redirects visitors to other untrustworthy/potentially malicious sites.

Research shows that most users arrive at notify.support unintentionally - they are redirected to it by potentially unwanted applications (PUAs) that are often installed inadvertently. Most PUAs serve identical purposes: to deliver intrusive ads, collect information, and cause redirects to untrustworthy websites.

What is PQwick?

As with many other adware applications of this type, PQwick is promoted by offering "useful" tools/features. In fact, this app is categorized as a potentially unwanted application (PUA), since it is installed without users' permission or knowledge, delivers advertisements, and collects user-information.

What is chillcardiac.com?

chillcardiac.com is a rogue site identical to homeburu.xyz and many others. It redirects users to other dubious (potentially malicious) websites.

Most visitors arrive at chillcardiac.com inadvertently - they are redirected by potentially unwanted applications (PUAs) or intrusive ads displayed on other deceptive sites. In most cases, unwanted apps infiltrate systems without users' consent. In addition to causing redirects, they deliver intrusive ads and gather sensitive information.

What is Media Player 1004?

The Media Player 1004 application states that it allows users to play various media using their player. Like many deceptive applications of this type, it may seem legitimate and useful, however, Media Player 1004 is known as potentially unwanted application (PUA) and an adware-type application.

PUAs tend to collect browsing-related information and deliver intrusive advertisements. Media Player 1004 is often installed inadvertently.

What is favor1t.com?

favor1t.com is one of many rogue websites (virtually identical or very similar to seodollars.com, trkur4.com, tityx.com, etc.) designed to cause redirects to other potentially malicious or untrustworthy sites. Most users arrive at favor1t.com unintentionally - potentially unwanted applications (PUAs) force them to visit it.

PUAs are typically installed without users' knowledge and, in addition to unwanted redirects, gather data and deliver intrusive ads.

What is search.hmyemailcenter.co?

My Email Center is a rogue application that supposedly allows users to access and operate their email accounts. Initially, My Email Center may seem legitimate and useful, however, this app is categorized as a potentially unwanted application (PUA) and a browser hijacker.

There are three main reasons for these negative associations: 1) stealth installation without users' consent; 2) promotion of a fake search engine, and; 3) tracking of browsing activity.