Virus and Spyware Removal Guides, uninstall instructions

What is "Novo Banco email scam"?

"Novo Banco email scam" is the name of a spam campaign - a large-scale operation during which deceptive emails are sent by the thousand. These letters are disguised notifications from Novo Banco - a legitimate Portuguese bank.

The fake emails request recipients to reactivate and reregister their banking app. This spam campaign aims to promote a phishing website disguised as Novo Banco's sign-in page. Data entered into this site is sent to the scammers, potentially allowing them to take possession of the accounts.

Extended Clipper virus removal guide

What is Extended Clipper?

Extended Clipper is a piece of malicious software designed to replace clipboard (copy/paste buffer) data. Typically, clipper-type malware is used to replace digital wallet addresses with those belonging to cyber criminals - in order to divert digital currency transactions.

However, Extended Clipper can replace other content as well. Furthermore, at the time of research, the developers of this malicious program offered to substitute or add functionalities for an additional fee; hence, Extended Clipper infections can pose even more threats.

What is asoursuls[.]com?

There is a great number of websites like asoursuls[.]com on the Internet. Some examples are junesmile[.]xyz, notify[.]tk, and videoplayernow[.]com. Asoursuls[.]com checks the IP address and then loads its content or opens a couple of other websites. It is common for pages like asoursuls[.]com to be promoted through potentially unwanted apps (PUAs).

What is Wwka?

Wwka encrypts files and appends its extension (".wwka") to their filenames. For instance, it renames "1.jpg" to "1.jpg.wwka", "2.jpg" to "2.jpg.wwka", and so forth. Like most ransomware variants, Wwka generates a ransom note too. It creates a text file named "readme.txt". This ransomware is part of the Djvu family.

What is the junesmile[.]xyz website?

Junesmile[.]xyz is a rogue webpage, sharing many common traits with vigilated.space, notify.tk, zpreland.com, and thousands of others. This site operates by presenting visitors with dubious content and/or redirecting them to various websites (likely untrustworthy or malicious ones).

Users rarely enter such pages intentionally; most get redirected to them by intrusive ads or installed PUAs (Potentially Unwanted Applications). This software can infiltrate systems without explicit user consent. PUAs are designed to cause redirects, deliver intrusive advertisement campaigns, and collect browsing-related data.

What is SportSearchStream browser hijacker?

Most browser hijackers are designed to promote fake search engines. Usually, they promote their addresses by changing web browser settings. SportSearchStream is designed to encourage users to search the web using sportsearchstream.com. If this app is installed on a browser, then it should be removed.

What is "UN Covid-19 stimulus package Email Scam"?

"UN Covid-19 stimulus package Email Scam" refers to a spam campaign - a mass-scale operation during which thousands of deceptive emails are sent. The letters distributed through this campaign - claim that recipients have been selected to receive a COVID-19 stimulus package worth 1,5 million USD from the United Nations (UN).

It must be emphasized that all of the information provided by these letters is false. The "UN Covid-19 stimulus package" spam campaign operates as a phishing scam, which targets personally identifiable data.

What is CMA CGM email scam?

Typically, scammers use phishing emails to extract personal information from recipients. In most cases, they attempt to trick recipients into providing credit card details, social security numbers, login credentials, and other sensitive information. Most scammers disguise phishing emails as letters from legitimate companies.

What is Vn_os ransomware?

Vn_os is a type of malware that encrypts files and displays a pop-up window, and creates the "___RECOVER__FILES__.vn_os.txt" file (ransom notes). It renames encrypted files as well. Vn_os ransomware appends the ".vn_os" extension to their filenames. For example, it renames "1.jpg" to "1.jpg.vn_os", "2.jpg" to "2.jpg.vn_os".

What is PotPlayer?

PotPlayer is a rogue application endorsed as a multimedia player compatible with Windows Vista, XP, 7 and 8 operating systems. It is classified as adware. Following successful infiltration, PotPlayer begins running intrusive advertisement campaigns, delivering various unwanted and even harmful ads.

Due to the dubious methods used to promote this app, it is also classified as a Potentially Unwanted Application (PUA). Additionally, most PUAs have data tracking capabilities, which are employed to monitor users' browsing activity, and this is likely to be the case with PotPlayer.