Virus and Spyware Removal Guides, uninstall instructions

What is fewergkit[.]com?

Fewergkit[.]com is a rogue website similar to loloclicks.biz, leefmylife.info, hisurnhuh.com, substandid.space, and countless others. This page is designed to load dubious material and/or redirect visitors to various sites (likely unreliable and malicious ones).

These webpages are rarely accessed inadvertently; most get redirected to them by untrustworthy websites, intrusive ads, or installed PUAs (Potentially Unwanted Applications). This software can infiltrate systems without explicit consent; hence, users may be unaware of its presence.

What is SuperVideoSearch?

SuperVideoSearch is a rogue browser extension classified as a browser hijacker. It operates by modifying browser settings to promote the supervideosearch.com fake search engine. Additionally, SuperVideoSearch spies on users' browsing habits. Due to the questionable methods used to distribute browser hijackers, they are also categorized as PUAs (Potentially Unwanted Applications).

What is Movie Bar browser hijacker?

Movie Bar hijacks a web browser by changing some of its settings. The main purpose of this application is to promote the quicknewtab.com address (a fake search engine). Most of the times, users download and install browser hijackers unknowingly, for this reason they are called potentially unwanted applications (PUAs).

What is "Zoom Conference Invitation email virus"?

"Zoom Conference Invitation email virus" refers to a malware-proliferating spam campaign. The term "spam campaign" defines a large-scale operation during which deceptive/scam emails are sent by the thousand.

The letters distributed through this campaign are presented as invitations to join a conference on Zoom - videotelephony and online chat service platform. The aim of this spam mail is to trick recipients into opening an attachment that initiates TrickBot malware's download/installation.

What is Ufwj ransomware?

Ufwj is part of the Djvu ransomware family. This ransomware variant encrypts files and appends the ".ufwj" extension to their filenames (for example, it renames "1.jpg" to "1.jpg.ufwj", "2.jpg" to "2.jpg.ufwj"). Also, Ufwj creates the "_readme.txt" file - a ransom note containing contact and payment information.

What is "The BMW Lottery email scam"?

"The BMW Lottery email scam" refers to a spam campaign - a large-scale operation during which thousands of deceptive emails are sent. These letters claim that recipients have won a new BMW 7 automobile and 1,5 million in US dollars.

It must be emphasized that these emails are fake, and users will not receive any of the promised prizes. These emails operate as phishing scams targeting personally identifiable information. Trusting them can lead to serious privacy issues, significant financial losses, and identity theft.

What is loloclicks[.]biz?

Loloclicks[.]biz is quite similar to leefmylife[.]info, hisurnhuh[.]com, substandid[.]space and other pages designed to display deceptive content and open questionasble websites (it depends on the IP address of their visitors). It is unlikely for pages of this type to be visited by users intentionally.

What is OriginalSearchTech?

OriginalSearchTech is a potentially unwanted application (PUA) that has the functionality of an adware-type application and a browser hijacker. OriginalSearchTech is designed to generate advertisements and promote the address of a certain fake search engine by making certain changes in a web browser's settings.

It is possible that OriginalSearchTech collects various information as well. In most cases, users download and install PUAs inadvertently. It is known that the OriginalSearchTech app is distributed via a deceptive installer that is disguised as the installer for the Adobe Flash Player.

What is ConfigAccess?

ConfigAccess is a rogue application categorized as adware. It also has browser hijacker traits. This app delivers intrusive advertisement campaigns and modifies browser settings to promote fake search engines. Furthermore, such software typically has data tracking abilities.

Due to the dubious methods used to distribute adware and browser hijackers, they are also classified as PUAs (Potentially Unwanted Applications). One of the most common distribution techniques is proliferation via fake Adobe Flash Player updates.

What is PcS ransomware?

PcS is a malicious program belonging to the Dharma ransomware family. Systems infected with this malware have their data encrypted and receive ransom demands for the decryption. In other words, the files are rendered inaccessible, and victims are asked to pay - to recover access to them.

During the encryption process, affected files are renamed following this pattern: original filename, unique ID assigned to the victim, cyber criminals' email address, and ".PcS" extension. For example, a file initially titled "1.jpg" would appear as something similar to "1.jpg.id-C279F237.[pcstuntman@onionmail.org].PcS" - after encryption. Once the encryption process is complete, ransom notes are created/displayed in a pop-up window and "info.txt" text file.