Virus and Spyware Removal Guides, uninstall instructions

What is Boop ransomware?

Boop is a piece of malicious software, belonging to the Djvu ransomware family. Systems infected with this malware experience data encryption and receive ransom demands for the decryption tools. During the encryption process, all of the affected files are appended with the ".boop" extension.

For example, a file originally named something like "1.jpg" would appear as "1.jpg.boop", "2.jpg" as "2.jpg.boop", and so forth. After this process is complete, ransom notes - "_readme.txt" - are dropped into compromised folders.

What is CONTI?

CONTI is malicious software classified as ransomware. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools/software. During the encryption process, all affected files are appended with the ".CONTI" extension.

For example, a file originally called "1.jpg" would appear as "1.jpg.CONTI" following encryption. After the encryption process is complete, a text file ("CONTI_README.txt") is created on the victim's desktop.

What is gdanstum[.]net?

gdanstum[.]net is a bogus website designed to present visitors with dubious content and/or redirect them to other untrusted or possibly malicious web pages. The gdanstum[.]net site shares many similarities with vviewpoint.biz, pushwinning.com, admnsrv.com and thousands of others.

Few users access gdanstum[.]net intentionally - most are redirected to it by intrusive ads or Potentially Unwanted Applications (PUAs) already infiltrated into the system. These apps do not need express permission to be installed onto devices. PUAs cause redirects, run intrusive advertisement campaigns and track browsing-related information.

What is the "Cash-App-Transfer is pending your confirmation" scam?

"Cash-App-Transfer is pending your confirmation" (also known as a "CashAppTransfer pending your confirmation") is a phishing scam. This scheme is promoted via SMS. These deceptive text messages claim that a money transfer needs to be confirmed. The messages contain phishing website URLs.

Phishing sites promoted through such scams typically target banking details and personal information.

What is the SendGrid email Scam?

Scammers behind this spam campaign attempt to trick recipients into believing that this email is sent from SendGrid (a legitimate email marketing company) and entering their login credentials into a fake SendGrid login page. The SendGrid company has nothing to do with this scam and, therefore, you should ignore this email.

What is Web Companion?

Developed by Adaware (previously known as Lavasoft), the Web Companion application is antivirus-type software designed to protect computers from malware infections and privacy breaches. In fact, it is categorized as a potentially unwanted application (PUA) due to the way developers distribute it.

Apps of this type are often installed by users inadvertently, thus allowing the software to make changes to browser settings.

What is Congratulations! Netflix User!?

This deceptive website may seem to be a legitimate website offering participation in a lottery to win a prize. In most cases, websites of this type are used to trick visitors into providing personal information or even transferring a certain sum of money.

Commonly, lottery scams and other deceptive websites are opened through deceptive advertisements, other untrusted web pages or by installed potentially unwanted applications (PUAs).

What is the vviewpoint[.]biz site?

vviewpoint[.]biz is a highly untrustworthy website. It shares many similarities with promosrewards.club,  unfurlable.com, hopsigna.com and countless others. Visitors to this page are presented with dubious content and/or are redirected to other dubious or possibly malicious sites.

Few users enter these websites intentionally - most are redirected to them by intrusive advertisements or Potentially Unwanted Applications (PUAs). These apps do not need express user permission to infiltrate devices. Following successful installation, PUAs cause redirects, run intrusive ad campaigns and collect browsing-related information.

What is pushwinning[.]com?

pushwinning[.]com is a rogue website designed to present visitors with dubious material and/or redirect them to other malicious sites. Most users access pushwinning[.]com and similar pages unintentionally - they are redirected to them by intrusive ads or Potentially Unwanted Applications (PUAs) already installed on the system.

Some examples of websites similar to pushwinning[.]com include Promosrewards.club, unfurlable.com, and the-best-casino-bonus.com.

What is admnsrv[.]com?

When visited, admnsrv[.]com opens other untrusted websites or loads dubious content. There are many similar websites - some examples are promosrewards[.]club, 7mono[.]biz and hopsigna[.]com. 

Typically, users do not visit websites of this type intentionally - they are opened by installed potentially unwanted applications (PUAs), deceptive advertisements, or other dubious web pages.