Virus and Spyware Removal Guides, uninstall instructions

What is iminentsearch.com?

Iminentsearch.com is another fake Internet search engine identical to dozensearch.com, yessearches.com, and many others. By falsely claiming to generate the most relevant search results and improve users' web browsing activity, iminentsearch.com often tricks users into believing that it is a legitimate website.

In fact, developers promote this bogus website using dubious software 'installers' designed to hijack web browsers and stealthily modify their settings. In addition, iminentsearch.com continually gathers various information relating to users' web browsing activity.

What is nuesearch.com?

nuesearch.com is a dubious website that claims to be a legitimate Internet search engine. Judging on appearance alone, nuesearch.com may seem similar or identical to Google, Bing, Yahoo, and other legitimate sites.

Be aware, however, that developers promote nuesearch.com using dubious software 'installers' that modify browser settings without users' permission. Furthermore, nuesearch.com continually monitors users' web browsing activity.

What is Anonymous Pop-up?

Anonymous Pop-up is a ransomware-type virus that infiltrates the system and demands a ransom. It is currently unconfirmed how this ransomware is distributed, but developers are likely to use malicious email attachments. The distributed file is a Zip archive that contains a batch file that appears to be a PDF document.

Once executed, the batch file downloads the remaining malware files. Following successful infiltration, this ransomware overlays the desktop with an image containing a ransom-demand message.

What is Educational ransomware?

Educational ransomware is a ransomware-type virus that uses AES encryption with a static password (HDJ7D-HF54D-8DN7D) to encrypt files. During encryption, Educational appends the name of encrypted files with the .isis extension. For example, sample.jpg is renamed to sample.jpg.isis.

This makes it straightforward to determine which files are encrypted. Educational is often distributed via dubious Internet downloads. The executable of this ransomware has a Skype logo and is named skypetool.exe.

What is videos.qeqei.com?

videos.qeqei.com is a deceptive website claiming to be a legitimate Internet search engine. Be aware that after infiltration of the associated application on computer systems, this website generates various pop-up messages. Furthermore, it records various user/system information.

All of this is performed without users' consent. Therefore, it is classed as a potentially unwanted program (PUP) and adware.

What is Verify Windows Scam?

Verify Windows is a virus that opens a message stating that the computer Windows copy is not genuine and then demands entry of a valid activation key. If the victim does not have a key, they are encouraged to contact fake 'certified technicians' via a telephone number provided.

These demands may appear legitimate, however, this is a scam. Even if a valid activation key is entered, it is treated as invalid and a prompt requests another. After contacting 'certified technicians', victims are asked to pay a certain fee for Windows activation.

This virus is distributed using various adware-type applications (such as, 'Drive Backup') also-called potentially unwanted programs (PUPs).

What is Ad4Pop?

Ad4Pop is a potentially unwanted program that supposedly allows users to play various arcade games. Initially, this PUP may seem legitimate and useful, however, Ad4Pop is classed as adware and a potentially unwanted program (PUP). One of the main reasons for these negative associations is stealth installation - A4Popo often infiltrates systems without users’ permission.

Furthermore, this PUP continually delivers various intrusive online advertisements and records various information relating to users' web browsing activity.

What is Facebook Notifications?

Facebook Notifications is a rogue browser plug-in that supposedly notifies users of various activity on Facebook.

On initial inspection, this bogus program may seem legitimate and useful, however, due to rogue behavior, Facebook Notifications is classed as adware and a potentially unwanted program (PUP), since it infiltrates computers without users' permission, continually monitors browsing activity, and delivers various intrusive online adverts.

What is Classic For Facebook?

Developed by Yontoo, Classic For Facebook is a dubious browser extension that claims to change Facebook's web layout. On initial inspection, this application may seem legitimate and useful, however, it is classed as a potentially unwanted program (PUP) and adware.

There are three main reasons for these negative associations - stealth installation without users' permission, tracking of web browsing activity, and display of various intrusive online advertisements.

What is SATANA ransomware?

!SATANA! is a combination of Petya and MISCHA ransomware-type viruses. It is designed to silently infiltrate computers and then encrypt various files.

This program targets the following file formats: .bak, .doc, .jpg, .jpe, .txt, .tex, .dbf, .db, .xls, .cry, .xml, .vsd, .pdf, .csv, .bmp, .tif, .1cd, .tax, .gif, .gbr, .png, .mdb, .mdf, .sdf, .dwg, .dxf, .dgn, .stl, .gho, .v2i, .3ds, .ma, .ppt, .acc, .vpd, .odt, .ods, .rar, .zip, .7z, .cpp, .pas, and .asm.

During encryption, !SATANA! changes the name of each encrypted file to the following format: Gricakova@techemail.com_[original file name]. For instance, "sample.jpg" is renamed to "Gricakova@techemail.com_sample.jpg". New variants of this ransomware append files with a ".SATANA" extension (more information below).

Following successful encryption, !SATANA! opens a pop-up message stating that the victim's files have been encrypted. The same message is also presented in "!satana!.txt", which this ransomware creates and places in each folder containing encrypted files.