Remove NEREHEREWETEM.INFO virus (Removal Guide)


Investigation Target: NEREHEREWETEM.INFO

Case: 6486
Investigation Date: June 23, 2023


NEREHEREWETEM.INFO is classified as a Fake Captcha Site

Harmful actions:

Browser pop-up ads using the notification spam!

NEREHEREWETEM.INFO disguises itself as a service for checking visitor's humanity.

A well-known example is a Google Captcha service. The captcha helps to protect websites from denial of service attacks.

Here is an example of Google reCaptcha:

Google reCaptcha

Fake captcha websites ask you to press "Allow" in a small popup window at the top of the page, with the text "Show Notifications."

Allow Show Notifications

Never click the "Allow" button!

If you already clicked it, you are infected. Your browser will receive notifications from the website and display the intrusive popups.

The close button on a notification will help only in seconds. After that, you will see a new popup window from the same website but with a different sub-domain.

This issue is known as "notification spam."

How to get rid of notification pop-up ads?

Solutions to solve the problem:

  1. Block browser notifications.
  2. Install uBlock Origin extension for your browser to remove ads and block adware websites:
    uBlock Origin for Chrome, uBlock Origin for Firefox.
  3. Check your PC using Ultimate Malware Killer UnHackMe.
    (Sorry for shameless advertising, but I know that it is 100% safe and working because my company created it)

      Free Download

  4. Also, I recommend using AdwCleaner, Hitman Pro, Emsisoft Anti-Malware.

How to remove NEREHEREWETEM.INFO pop-up ads manually?

Simple Guide for Google Chrome/New Edge, Opera, Yandex:
  1. Click the menu button.
  2. Click the Settings.
  3. Scroll the Settings or type "Notifications."
  4. Under "Privacy and security," click Site settings.
    Click Notifications.
  5. Choose to block notifications:
    Block all: Turn off Sites can ask to send notifications.
    Block a site: scroll the list of Allowed websites, change Allow to Block. It is better to use the "Block" option instead of "Remove" because the Block will prevent repeating the infection.
  6. Allow quieter notification prompts: Allow sites to ask to send notifications, then click Use quieter messaging (blocks notification prompts from interrupting you).

How to remove NEREHEREWETEM.INFO virus manually? (Virus removal guide)

  1. Uninstall all applications that you did not install and that you are not sure about.
    Uninstall Apps
      Know More
  2. Disable the browser extensions.
    Disable extensions
      Know More

  3. Disable Web Push Notifications in your browser.
    How to Manage Notifications in Your Browsers

  4. Reset your web browser settings.
    Reset your web browser settings

      Know More

  5. Use the Task Manager to close suspicious applications.
    Close Apps using the Task Manager
    Open the Task Manager. Select the Details tab. Right-click on the columns header and choose "Select Columns."
    Select Columns

    Check the box near the "Command line." Right-click on the suspicious process and choose "End Task" in the popup menu.
    End Task

  6. Use the Task Manager to disable unwanted startup programs.
    Disable Startup Programs
    Open the Task Manager. Select the Startup tab. Right-click on the program and choose "Disable" in the popup menu.
  7. Check the browser's shortcuts Target property.
    Check Shortcut Property

    Delete the web link added by the virus to the browser's command line.
    Carefully inspect the command line. The virus can replace the path to the browser with the path to the virus browser.

  8. Use the Task Scheduler to delete the harmful scheduled tasks.
    Open Task Scheduler

    Search the task that contains the web link: NEREHEREWETEM.INFO. Malicious Scheduled Task

      Know More

  9. Disable suspicious services using the Service Manager.
    Open Service Manager

      Know More

  10. Remove the registry keys or values include the string: NEREHEREWETEM.INFO.
    Open Registry Editor

  11. Investigate the DNS properties of your network connection.
    DNS server settings

    Set the IP addresses of your provider or well known public DNS servers.

      Know More

How to remove NEREHEREWETEM.INFO using UnHackMe?

STEP 1: Install UnHackMe (1 minute).

  1. Download UnHackMe from the official website.

      Free Download

  2. Double-click on
    Unzip all files from the zip to a new folder.
  3. Double-click on the unhackme_setup.exe.

    Start installing UnHackMe

  4. You will see a confirmation screen with a verified publisher: Greatis.
    Choose Yes.
  5. Then, you have to accept the license agreement.

    UnHackMe license agreement

  6. After that, choose a destination folder.

    Choose destination directory for UnHackMe

  7. Complete UnHackMe installation.

STEP 2: Scan for NEREHEREWETEM.INFO malware using UnHackMe (1 minute).

  • The first scan will start automatically.

    Remove malware with UnHackMe

STEP 3: Remove NEREHEREWETEM.INFO malware (3 minutes).

  1. Carefully inspect found items.
    Malicious items are marked with a red shield.
    Suspicious items are yellow.

    UnHackMe automatically creates a System Restore point before fixing!
    It is required to have the Windows System Restore active in case of deleting the important files to be able to recover them.

    Next step: click the red button: Remove Checked!

    Remove a virus using UnHackMe

  2. UnHackMe may ask for your confirmation to close all browsers.

    Please do it!

  3. If you want to quarantine files before deleting, check the box "Use file safe deleting."

    Fixing options

  4. And after all, you will see the results of your scanning and fixing process:

    Finish of removal process!

STEP 4: (optional)

    • Clear your browser cache, cookies, browsing history.
      Chrome: Press CTRL+Shift+Del keyboard combination or open Settings, Privacy and security, Clear browsing data.
      Clear  cache, cookies, browsing history in Google Chrome
    • Delete temporary files.
      Open Start menu, type: disk cleanup, choose Disk Cleanup from the results.
      Another way: press Win+R, type: cleanmgr, hit Enter.
    • Clean the Recycle Bin.

Questions? Suggestions?

  Contact Support

  Free Download

Read More

Got Something To Say?

Your email address will not be published.