Virus and Spyware Removal Guides, uninstall instructions

What is SuperEasy Registry Cleaner?

SuperEasy Registry Cleaner allows users to scan systems for Registry errors, and to defragment the Registry and back it up. In fact, the developers employ dubious methods to distribute this software. Therefore, this program is categorized as a potentially unwanted application (PUA). Do not trust these apps.

What is Search Omiga?

Search Omiga is a browser hijacker. This piece of rogue software operates by making alterations to browser settings to promote keysearchs.com (a bogus search engine), however, it has been observed causing redirects to other search engines as well, bogus and legitimate sites.

Additionally, Search Omiga has data tracking capabilities, which are used to collect browsing-related information. Since most users install this browser hijacker unintentionally, it is also classified as a Potentially Unwanted Application (PUA).

What is SearchRadioStation?

SearchRadioStation assigns certain browser settings to searchradiostation.com. In this way, the app promotes a fake search engine. It might also track information. Users often download and install browser hijackers unintentionally and, for this reason, SearchRadioStation and other apps of this type are classified as potentially unwanted applications (PUAs).

What is .lr ransomware?

.lr ransomware is a malicious program belonging to the MedusaLocker ransomware family. It encrypts files, modifies their filenames and generates a ransom message. This ransomware renames files by appending ".lr" as the new extension. For example, "1.jpg" is renamed to "1.jpg.lr", "2.jpg" to "2.jpg.lr", and so on.

A ransom message (within the "Recovery_Instructions.html" HTML file) can be found in all folders that contain encrypted files.

What is Zenon clipper?

Zenon is malicious software classified as a 'clipper'. The primary functionality of this malware is stealing outgoing transfers from digital currency wallets. It does this by replacing the addresses of recipient cryptocurrency wallets and other e-wallets with those under possession of cyber criminals using Zenon.

Furthermore, this clipper has significant anti-detection and anti-analysis capabilities. The Zenon clipper is classified as a highly dangerous program. Therefore, its infections must be eliminated immediately upon detection.

What is EasyRansom?

Discovered by GrujaRS, EasyRansom is a malicious program categorized as ransomware. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. Once the malicious executable, which initiates the infection process of EasyRansom is opened, it displays a pop-up window.

During the encryption process, all affected files are appended with the ".easyransom" extension. For example, a file originally named something like "1.jpg" would appear as "1.jpg.easyransom", "2.jpg" as "2.jpg.easyransom", and so on.

After this process is complete, ransom messages in Korean within text files named "easyransom_readme.txt" are dropped into compromised folders.

What is Egregor?

Egregor belongs to the family of ransomware called Sekhmet. It appends a string or random characters as the new extension of each encrypted file. For example, "1.jpg" is renamed to "1.jpg.JhWeA", "2.jpg" to "2.jpg.JhWeA", and so on. Egregor also creates the "RECOVER-FILES.txt" text file/ransom message in all folders that contain encrypted files.

What is OperativeProgram?

OperativeProgram is an adware-type app with browser hijacker characteristics. Following successful installation, it delivers intrusive advertisement campaigns and makes changes to browser settings to promote fake search engines. Additionally, most adware-type apps and browser hijackers monitor users' browsing activity.

Due to the dubious tactics used to proliferate OperativeProgram, it is also classified as a Potentially Unwanted Application (PUA).

What is meetclick[.]biz?

meetclick[.]biz is a rogue website which promotes other untrusted pages or displays dubious content. Generally, users arrive at these pages through deceptive ads, other sites of this kind, or when potentially unwanted applications (PUAs) are installed on the browser and/or computer.

I.e., users do not often visit sites such as meetclick[.]biz intentionally. Other examples of similar sites are tiktok-news[.]com, shopgirlmtl[.]com and superduniya[.]com.

What is ProgressBuffer?

ProgressBuffer is an adware-type application with browser hijacker characteristics. Following successful installation, it runs intrusive advertisement campaigns and makes modifications to browser settings to promote fake search engines. Most adware-type apps and browser hijackers collect browsing-related information.

Due to the dubious methods used to proliferate ProgressBuffer, it is also classified as Potentially Unwanted Application (PUA).