Virus and Spyware Removal Guides, uninstall instructions

What is SearchWebMesh?

SearchWebMesh is an adware-type application that has three purposes: to generate advertisements, promote a fake search engine and collect various data. It has characteristics of both advertising-supported software and a browser hijacker (it promotes a fake search engine by changing the browser's settings).

It is known that SearchWebMesh's installer is designed to look like the installer for Adobe Flash Player - this app is distributed using a fake installer.

Apps that are distributed using deceptive techniques are called potentially unwanted applications (PUAs). Most PUAs get downloaded and installed unintentionally.

What is Ehiz?

Ransomware is malicious software that encrypts files to make them inaccessible for victims until they decrypt them with a tool that the attackers offer to purchase from them. There is a great number of different ransomware variants and various ransomware families.

Ehiz belongs to the ransomware family called Djvu. It encrypts files and appends the ".ehiz" extension to their filenames.

For example, it renames a file named "1.jpg" to "1.jpg.ehiz", "2.jpg" to "2.jpg.ehiz", and so on. Most ransomware variants create or display a ransom note, Ehiz creates the "_readme.txt" file as its ransom note.

What is FatalRAT?

FatalRAT is the name of a Remote Access Trojan (RAT). A RAT is a type of malware that allows the attacker to remotely control the infected computer and use it for various purposes.

Typically, RATs are used to access files and other data, watch computing activities on the screen and capture screenshots, steal sensitive information (e.g., login credentials, credit card details).

There are many legitimate remote administration/access tools on the Internet. It is common that cybercriminals use those tools with malicious intent too.

What is the "Debit Card" scam email?

"Debit Card email scam" refers to a large-scale operation during which deceptive emails are sent by the thousand. The letters distributed through this campaign claim that recipients have a debit card programmed on their name.

This fake card supposedly contains a ludicrous sum. It must be emphasized that all of the claims made by these scam emails - are false, and they are in no way associated with Mastercard or VISA Incorporated.

The aim of this spam campaign is to gain and abuse recipients' trust for financial gain.

What is bing.com?

Bing.com is a legitimate Internet search engine. This site is developed by a legitimate company and is not related to any virus or malware. Be aware, however, that this site is often promoted by various browser-hijacking unwanted apps. These applications infiltrate systems without users’ consent and stealthily modify web browser settings.

What is the bigclik[.]club website?

Sharing many similarities with akemewelsu.biz, aloha-news.net, gate15.xyz, and thousands of others, bigclik[.]club is a rogue webpage. Visitors to it are presented with dubious content and/or redirected to untrustworthy or possibly malicious sites.

Bigclik[.]club and websites akin to it - are typically accessed inadvertently. Most users enter them via redirects caused by intrusive ads or installed PUAs (Potentially Unwanted Applications).

This software can infiltrate systems and cause redirects, deliver intrusive advertisement campaigns, and gather browsing-related information.

What is Findnotefile?

Ransomware is a type of malicious software that cybercriminals use with the purpose to block victims from accessing their files and persuade them into paying a ransom. Typically, malware of this type encrypts files using strong encryption, and the attackers are the only ones who can provide the right decryption tool (or tools).

Findnotefile encrypts and renames files - this ransomware appends the ".findnotefile" extension to the filenames. For instance, it renames a file named "1.jpg" to "1.jpg.findnotefile", "2.jpg" to "2.jpg.findnotefile", and so on.

It also creates the "HOW_TO_RECOVER_MY_FILES.txt" file in all folders that contain affected (encrypted) files. This text file is Findnotefile's ransom note.

What is Movies Hunt?

Movies Hunt is a rogue browser extension promoted as a tool for easy movie content search options. Supposedly, this piece of software is capable of displaying search results for movies on New on Netflix, HBO, IMDB, and Rotten Tomatoes via the context menu (drop-down right-click menu).

Movies Hunt is categorized as adware due to running intrusive advertisement campaigns (i.e., delivering misleading and malicious ads). Additionally, it has data tracking abilities that are used to spy on users' browsing activity.

Due to the questionable techniques employed to distribute adware products, they are also classified as PUAs (Potentially Unwanted Applications).

What is akemewelsu[.]biz?

Akemewelsu[.]biz is an untrustworthy page that promotes other websites of this kind or loads its deceptive content (it depends on visitor's geolocation).

It is similar to awesomenewspush[.]com, get-your[.]cash, rtenmy[.]com, and many other pages. Usually, users open them by clicking unreliable advertisements, or they get opened via untrustworthy websites, installed potentially unwanted applications (PUAs).

In other words, it is uncommon for pages like akemewelsu[.]biz to be visited on purpose. It is worthwhile to mention that users often download and install PUAs unknowingly.

What is aloha-news[.]net?

There are thousands of untrustworthy websites on the Internet, aloha-news[.]net is but one of them. Gate15.xyz, awesomenewspush.com, and topnewsfeeds.net are some examples of rogue sites.

These pages operate by delivering questionable content and/or redirecting visitors to other unreliable/malicious websites. Users seldom access aloha-news[.]net and similar webpages intentionally.

Most get redirected to them by intrusive adverts or PUAs (Potentially Unwanted Applications) already installed onto their devices. This software can infiltrate systems without user permission.

PUAs are designed to cause redirects, deliver intrusive advertisement campaigns, and gather browsing-related information.