Virus and Spyware Removal Guides, uninstall instructions

What kind of application is Block Access Site?

While testing the Block Access Site browser extension, our team noticed that it operates as adware - it displays annoying advertisements. Adware is often promoted and distributed using questionable methods. We discovered Block Access Site on a shady website. Thus, using this app is not recommended.

What is ExpandedList?

ExpandedList is a rogue app that our research team discovered while checking out new submissions to VirusTotal. After inspecting this piece of software, we determined that it operates as adware and belongs to the AdLoad malware family.

What kind of page is realadvaservices[.]com?

Realadvaservices[.]com is a rogue page that we found during a routine investigation of suspicious sites. This website pushes browser notification spam and can redirect users to other (likely untrustworthy/harmful) pages.

Most users access webpages like realadvaservices[.]com via redirects caused by websites using rogue advertising networks, spam notifications, intrusive ads, mistyped URLs, or installed adware.

What is AdvancedProduct?

While checking out new submissions to VirusTotal, our researchers discovered the AdvancedProduct rogue application. It operates as advertising-supported software (adware). This app displays advertisements and may have additional undesirable functionalities. Additionally, it is noteworthy that AdvancedProduct belongs to the AdLoad malware family.

What kind of email is "Order Information"?

After inspecting the "Order Information" email, we determined that it is spam. This fake letter is presented as a notification concerning an order that will soon be shipped. This spam mail operates as a phishing scam and targets email account log-in credentials.

What is Winner ransomware?

Winner is the name of a ransomware-type program. It is part of the VoidCrypt ransomware family. This malware operates by encrypting data and demanding payment for the decryption.

After we executed a sample of Winner on our test machine, it encrypted files and modified their filenames. Original titles were appended with a unique ID, the cyber criminals' email address, and a ".Winner" extension. For example, a file titled "1.jpg" appeared as "1.jpg.[CW-IB5967382104](Loapser@gmail.com).Winner". Afterwards, this ransomware dropped a ransom note – "Read.txt" – onto the desktop.

What kind of scam "Microsoft - Flagged Mail"?

We have inspected this email and determined that it is a phishing scam. It is disguised as a letter from Microsoft regarding a server scan. Scammers behind this email attempt to trick recipients into providing personal information. It should be ignored (marked as spam and deleted).

What kind of website is validitysupport[.]com?

We have analyzed validitysupport[.]com and found that this page is running the "McAfee - Your PC is infected with 5 viruses!" scam. Also, it wants to show shady notifications. None of the messages displayed by validitysupport[.]com are real. Validitysupport[.]com is a deceptive page that should be ignored.

What kind of malware is Hook?

Hook is a banking malware targeting Android users. Hook allows cybercriminals to remotely interact with the infected device's screen, exfiltrate files, steal seed phrases from cryptocurrency wallets, perform overlay attacks, and more. Hook malware should be removed from infected devices immediately.

What kind of email is "Mail Delivery Failed"?

Our inspection of the "Mail Delivery Failed" email revealed that it is spam operating as a phishing scam. This letter aims to extract recipients' email account log-in credentials through false claims regarding messages that have failed to reach the inbox.