Virus and Spyware Removal Guides, uninstall instructions

What is "Mobile Survey Reward"?

"Mobile Survey Reward" is the name of a scam run on various untrustworthy webpages. This scheme states that for completing a short questionnaire - users will receive a prize.

It must be emphasized that all of the claims made by the scam are false, and users will not receive any rewards. The "Mobile Survey Reward" scheme aims to endorse various deceptive and malicious sites.

This scam has been noted being promoted via fake T-Mobile spam emails (letter subject/title "We Have Been Trying to Reach you [recipient's email address]"; may vary). In general, scam pages are accessed via mistyped URLs, redirects caused by intrusive ads, or they are force-opened by installed PUAs (Potentially Unwanted Applications).

What is OriginalUnitValue?

Research shows that the installer for the OriginalUnitValue application is disguised as the installer for Adobe Flash Player. In other words, this app is distributed through a fake installer.

It is uncommon for apps like OriginalUnitValue to be downloaded and installed by users on purpose. Therefore, they are called potentially unwanted applications (PUAs). The main purpose of OriginalUnitValue is to generate advertisements and change browser settings to promote a fake search engine (its address).

It is designed to function both as adware and a browser hijacker. In most cases, apps of this type are designed to display ads and open unwanted addresses and collect information related to web browsing activities and (or) other details as well.

What is FunctionLogInput?

FunctionLogInput is a piece of rogue software categorized as a browser hijacker. It operates by promoting (causing redirects to) the search.imah5hf.com fake search engine - through modifications to browser settings.

FunctionLogInput also adds the "Managed by your organization" feature to Google Chrome browsers. Software within this category typically has data tracking abilities, which are used to spy on users' browsing activity.

Due to the dubious techniques used to proliferate browser hijackers, they are classified as PUAs (Potentially Unwanted Applications) as well.

What is BoostConsole?

BoostConsole is designed to generate unwanted advertisements and change browser settings to promote a fake search engine. It operates as advertising-supported software and a browser hijacker.

It is likely that BoostConsole functions as a data collector as well. As a rule, users download and install programs of this type unintentionally.

Therefore, they are called potentially unwanted applications (PUAs). Typically, PUAs are distributed using some deceptive technique.

It is known that BoostConsole is distributed through a fake Adobe Flash Player installer.

What is the "iLotto" scam email?

"iLotto email scam" refers to a phishing spam campaign. The term "spam campaign" defines a large-scale operation during which deceptive emails are sent by the thousand.

The scam letters distributed through this operation - claim that recipients' email address has been randomly selected as a winner of a ludicrous amount of money. These emails mention multiple legitimate entities (e.g., companies, corporations, etc.), which are in no way associated with this scam.

The fake "iLotto" letters operate as phishing schemes, i.e., they attempt to trick recipients into providing sensitive personal information. Victims of these spam emails can experience a wide variety of severe issues, primarily ones related to privacy.

What is applydatinghere[.]com?

Applydatinghere[.]com is similar to bennyaflickgotit[.]ga, anymorenews[.]com, checkrobotics[.]com, and many other rogue websites. The purpose of this page is to display dubious content and promote other pages of this kind.

Usually, pages like applydatinghere[.]com get opened by installed potentially unwanted applications (PUAs), through shady advertisements and questionable pages. It is worthwhile to mention that users do not download and install PUAs knowingly, and apps of this kind often are designed to generate unwanted advertisements and (or) collect information about their users.

What is blackflightfind[.]tw?

Similar to ouropiniio.fun, bennyaflickgotit.ga, anymorenews.com, and thousands of others, blackflightfind[.]tw is an untrustworthy webpage. It operates by loading dubious content and/or redirecting visitors to rogue/malicious sites.

Websites of this type are seldom accessed intentionally; most users enter them via redirects caused by intrusive advertisements or installed PUAs (Potentially Unwanted Applications). This software does not require explicit user consent to be installed onto systems.

PUAs typically have heinous functionalities, e.g., causing redirects, delivering intrusive ad campaigns, and gathering browsing-related information.

What is ouropiniio[.]fun?

Ouropiniio[.]fun is a rogue website, which shares many similarities with bennyaflickgotit.ga, anymorenews.com, checkrobotics.com, and countless others. This page operates by presenting visitors with dubious content and/or redirecting them to untrustworthy/malicious sites.

Users tend to enter websites of this kind inadvertently. Most get redirected to them by intrusive adverts or PUAs (Potentially Unwanted Applications) installed onto their devices. These apps do not need explicit consent to infiltrate systems; therefore, users may be unaware of their presence.

PUAs are capable of causing redirects, running intrusive advertisement campaigns, and collecting browsing-related and private data.

What is Yqbdpevbz?

Rasomware is a type of malicious software that encrypts files so that they could not be accessed/used without having to decrypt them with the right decryption tool that only the attackers can provide. Yqbdpevbz encrypts files and appends the ".yqbdpevbz" extension to their filenames.

For example, it renames a file named "1.jpg" to "1.jpg.yqbdpevbz", "2.jpg" to "2.jpg.yqbdpevbz", and so on.

Also, Yqbdpevbz creates the "HOW TO RESTORE YOUR FILES.TXT" file (its ransom note) in each folder that contains affected (encrypted) files. This ransomware is part of the Snatch family.

What is Simple Word Count?

Simple Word Count is a browser hijacker promoting (through rogue redirects) the fxsmash.xyz fake search engine. Software within this classification promotes various web searchers by making modifications to browser settings.

Furthermore, Simple Word Count has data tracking abilities, which are used to spy on users' browsing activity. Since most users download/install browser hijackers unintentionally, they are also classified as PUAs (Potentially Unwanted Applications).