What is Checkup?
It is known that websites with the "checkup" and a number in their domain name (for example, checkup006[.]biz, checkup06[.]biz, checkup07[.]biz, checkup08[.]biz, checkup09[.]biz) are untrustworthy pages that promote other pages of this kind and use deceptive methods to trick visitors into allowing them to show notifications. Usually, users open them by clicking shady advertisements, visiting unreliable pages. It is also common that browsers open websites of this kind when they have a potentially unwanted application (PUA) installed on them.
Checkup websites in detail
Usually, websites like checkup006[.]biz and other checkup sites use clickbait techniques to trick their visitors into allowing them to show notifications (into clicking the "Allow" button). It is common that they display fake CAPTCHA tests suggesting that visitors need to click the "Allow" button to prove that they are not robots. Research shows that one of the checkup pages displays a message encouraging visitors to click the "Allow" button to watch the video.
It is strongly recommended not to allow unreliable pages to show notifications. Usually, their notifications contain links to untrustworthy pages, questionable advertisements, etc. The same applies to notifications coming from checkup websites.
Another reason to avoid visiting checkup pages is that they could be designed to open various scam websites, download pages for browser hijackers, adware-type applications, or other unwanted applications, and so on. A couple of examples of pages that checkup sites could be designed to open are "SPIN FOR REWARD", "Your Chrome Is Severely Damaged By 13 Malware!", and "McAfee Tollfree". It is worth mentioning that whether checkup pages will display deceptive content or open other unreliable pages depends on the geolocation of their visitors.
More about potentially unwanted applications
It is worth mentioning that PUAs designed to promote untrustworthy pages can be designed to collect browsing-related information such as entered search queries, IP addresses, geolocations, visited addresses, or even sensitive data like passwords, credit card details. Moreover, that information may be used for marketing purposes, sold to third parties (potentially cybercriminals), used to steal accounts, identities, and so on.
Also, PUAs can be designed to generate banners, coupons, surveys, pop-up ads, and other advertisements. It is common for ads generated by PUAs to be used to promote questionable websites or designed to cause unwanted downloads, installations. Therefore, it is recommended not to trust ads that appear because of installed PUAs.
|Name||Ads by checkup websites|
|Threat Type||Push notifications ads, Unwanted ads, Pop-up ads|
|Serving IP Address||220.127.116.11|
|Observed Domains||checkup006[.]biz, checkup06[.]biz, checkup07[.]biz, checkup08[.]biz, checkup09[.]biz|
|Symptoms||Seeing advertisements not originating from the sites you are browsing. Intrusive pop-up ads. Decreased Internet browsing speed.|
|Distribution Methods||Deceptive pop-up ads, potentially unwanted applications (adware)|
|Damage||Decreased computer performance, browser tracking - privacy issues, possible additional malware infections.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
Checkup websites and PUAs in general
In conclusion, websites (checkup006[.]biz, checkup06[.]biz, checkup07[.]biz and other similar pages like news-rewuje[.]cc, nomore-spam[.]com) promoted through PUAs, shady ads or other questionable pages cannot be trusted. It is worthwhile to mention that PUAs tend to be advertised as useful applications that are supposed to improve browsing experience (e.g., generate accurate search results). However, most of them are useless and can be the culprit of various problems.
How did adware install on my computer?
In most cases, users accidentally download or install PUAs by clicking deceptive advertisements or when those apps are distributed by using a deceptive marketing method called "bundling". In the first case, unexpected downloads or installations occur when users click ads designed to run certain scripts. Typically, ads of this type appear on unreliable websites.
In the second case, users download or install unwanted apps together with other programs. It is common for PUAs to be included in downloaders, installers as extra offers. Users give bundled apps permission to be downloaded, installed when they finish downloads, installations without changing "Custom", "Manual", "Advanced" or other settings, or leave certain checkboxes ticked.
How to avoid installation of potentially unwanted applications?
Applications and files should be downloaded from official websites and through direct links. It is not safe to use third-party downloaders (and installers), unofficial web pages, Peer-to-Peer networks (e.g., torrent clients, eMule) to download or install any files, programs. It is common for them to be used to distribute unwanted software.
Downloaders and installers that with settings like "Custom", "Advanced", "Manual" or ticked checkboxes often are used to distribute PUAs. Therefore, those downloaders, installers should be checked for bundled applications before finishing downloads, installations. Typically, PUAs are bundled with free programs.
It is also advisable not to click ads that appear on questionable pages. Quite often, those ads are designed to promote shady pages or cause unwanted downloads, installations. If there are any unwanted, unknown, or suspicious extensions, add-ons, or plug-ins on a browser or programs of this kind on the operating system already installed, then they should be removed. If your computer is already infected with rogue applications, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate them.
Appearance of one of the checkup websites (GIF):
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is Ads by checkup websites?
- STEP 1. Remove spam notifications from Google Chrome
- STEP 2. Remove spam notifications from Google Chrome (Android)
- STEP 3. Remove spam notifications from Mozilla Firefox
- STEP 4. Remove spam notifications from Microsoft Edge
- STEP 5. Remove spam notifications from Safari (macOS)
Disable unwanted browser notifications:
Video showing how to disable web browser notifications:
Remove spam notifications from Google Chrome:
Click the Menu button (three dots) on the right upper corner of the screen and select "Settings". In the opened window select "Privacy and security", then click on "Site Settings" and choose "Notifications".
In the "Allowed to send notifications" list search for websites that you want to stop receiving notifications from. Click on the three dots icon near the website URL and click "Block" or "Remove" (if you click "Remove" and visit the malicious site once more, it will ask to enable notifications again).
Remove spam notifications from Google Chrome (Android):
Tap the Menu button (three dots) on the right upper corner of the screen and select "Settings". Scroll down, tap on "Site settings" and then "Notifications".
In the opened window, locate all suspicious URLs and tap on them one-by-one. Once the pop-up shows up, select either "Block" or "Remove" (if you tap "Remove" and visit the malicious site once more, it will ask to enable notifications again).
Remove spam notifications from Mozilla Firefox:
Click the Menu button (three bars) on the right upper corner of the screen. Select "Settings" and click on "Privacy & Security" in the toolbar on the left hand side of the screen. Scroll down to the "Permissions" section and click the "Settings" button next to "Notifications".
In the opened window, locate all suspicious URLs and block them using the drop-down menu or either remove them by clicking "Remove Website" at the bottom of the window (if you click "Remove Website" and visit the malicious site once more, it will ask to enable notifications again).
Remove spam notifications from Microsoft Edge:
Click the menu button (three dots) on the right upper corner of the Edge window and select "Settings". Click on "Cookies and site permissions" in the toolbar on the left hand side of the screen and select "Notifications".
Click three dots on the right hand side of each suspicious URL under "Allow" section and click "Block" or "Remove" (if you click "Remove" and visit the malicious site once more, it will ask to enable notifications again).
Remove spam notifications from Safari (macOS):
Click "Safari" button on the left upper corner of the screen and select "Preferences...". Select the "Websites" tab and then select "Notifications" section on the left pane.
Check for suspicious URLs and apply the "Deny" option using the drop-down menu or either remove them by clicking "Remove" at the bottom of the window (if you click "Remove" and visit the malicious site once more, it will ask to enable notifications again)
How to avoid browser notification spam?
Internet users should be very skeptical when being asked to allow notifications. While this is a useful feature that allows you to receive timely news from websites you like, deceptive marketers frequently abuse it.
Only allow notifications from websites that you fully trust. For added security - use an anti-malware application with a real-time web browsing monitor to block shady websites that tries to trick you into allowing spam notifications. We recommend using Combo Cleaner Antivirus for Windows.