Virus and Spyware Removal Guides, uninstall instructions

What page is premium-news-for[.]me?

Premium-news-for[.]me is one of the many websites that can display unwanted notifications and open untrustworthy websites. More examples of similar pages are captcha-smart[.]top, uboungera[.]com, and ositieonthat[.]space. Users open websites of this type unintentionally.

What is Sparkasse email scam?

The purpose of this phishing email is to trick recipients into opening a fake website and providing their login credentials. It is disguised as a letter from Sparkasse's (German savings bank's) finance department. This email must be ignored.

What is the verifyrobots[.]online website?

Verifyrobots[.]online is a rogue site similar to captcha-smart.top, ositieonthat.space, hdvideosnet.com, and countless others. Websites of this kind are designed to load dubious content, push their browser notifications, and/or redirect visitors to various (likely untrustworthy or malicious) pages.

Users typically enter rogue sites via redirects caused by suspect webpages, intrusive adverts, or installed PUAs (Potentially Unwanted Applications).

What is NaS ransomware?

NaS is a malicious program belonging to the Dharma ransomware family. It is designed to encrypt data and demand ransoms for the decryption.

Affected files are renamed following this pattern: original filename, unique ID assigned to the victim, cyber criminals' email address, and a ".NaS" extension. For example, a file like "1.jpg" would appear as something similar to "1.jpg.id-9ECFA84E.[fastnas@fea.st].NaS". Afterwards, ransom notes are created/displayed in a pop-up window and "FILES ENCRYPTED.txt" text file.

What is EveRed ransomware?

EveRed is designed to encrypt files and append the ".evered" extension to their filenames. Its main purpose is to keep files inaccessible until victims pay a ransom/purchase a decryption tool. EveRed creates a text file ("readme.txt") to provide contact and payment information. It also changes the desktop wallpaper.

What is Karma ransomware?

Karma ransomware blocks access to files by encrypting them. Also, it renames all affected files by appending the ".KARMA" extension to their filenames and creates a ransom note (the "KARMA-ENCRYPTED.txt" text file). For example, Karma renames a file named "1.jpg" to "1.jpg.KARMA", "2.jpg" to "2.jpg.KARMA", and so on.

What is AboutExtended adware?

AboutExtended displays advertisements and changes web browser's settings to promote a fake search engine. It has the qualities of adware and a browser hijacker. Users download and install apps of this kind inadvertently. Therefore, AboutExtended and similar apps fall into the category of potentially unwanted applications (PUAs).

What is Speed Check adware?

Speed Check is supposed to check the speed of websites. Although, it is known that this program functions as adware (it displays advertisements) and can read, and change data on visited websites. Speed Check is promoted on a dubious website. Therefore, it is categorized as a potentially unwanted application (PUA).

What is Poison ransomware?

Poison is the name of malware designed to encrypt files, append the ".poison" extension to their filenames, and display a pop-up window and the "___RECOVER__FILES__.poison.txt" file containing a ransom note. For instance, it renames a file named "1.jpg" to "1.jpg.poison", "2.jpg" to "2.jpg.poison", and so forth.

What is landingpagesecure[.]com?

Landingpagesecure[.]com is a website promoting various scams. At the time of research, this page ran a scam claiming that visitors' Apple mobile devices had been infected.

Most schemes of this type aim to endorse untrustworthy software, e.g., fake anti-viruses, adware, browser hijackers, and other PUAs (Potentially Unwanted Applications). In rare cases, such scams distribute malware (e.g., trojans, ransomware, cryptominers, etc.).

Deceptive sites are typically accessed via mistyped URLs, or redirects caused by rogue webpages, intrusive ads, or already installed PUAs.