Virus and Spyware Removal Guides, uninstall instructions

What kind of page is domfirewall[.]xyz?

While browsing suspicious websites, our researchers discovered the domfirewall[.]xyz rogue page. It operates by endorsing browser notification spam and redirecting users to other (likely unreliable/dangerous) sites.

Domfirewall[.]xyz and similar webpages are primarily accessed via redirects caused by websites utilizing rogue advertising networks.

What kind of page is volemist.co[.]in?

We have reviewed volemist.co[.]in and found that it displays deceptive content to lure visitors into accepting its notifications. If granted permission, volemist.co[.]in can deliver fake warnings and other notifications. Overall, it is an unreliable web page that should be avoided and closed if ever visited.

What kind of page is spareforads[.]top?

Spareforads[.]top is a rogue webpage discovered by our researchers during a routine inspection of suspicious sites. After examining it, we determine that this page promotes browser notifications spam and redirects users to different (likely dubious/malicious) websites.

Most visitors to spareforads[.]top and analogous webpages access them via redirects caused by sites that employ rogue advertising networks.

What kind of application is Cuiall Apps?

Our researchers discovered this application named "Cuiall Apps" while analyzing a rogue installation setup. Upon examination, we determined that this piece of software is a PUA (Potentially Unwanted Application). It is designed to infiltrate the Legion Loader malware into systems. Cuiall Apps was also installed alongside the fake "Save to Google Drive" browser extension.

What kind of page is hotbmefene[.]today?

Hotbmefene[.]today is a rogue webpage that promotes browser notification spam by using a fake CAPTCHA verification test (other lures are possible). Additionally, this page can redirect users elsewhere (likely unreliable/hazardous) websites.

Most visitors to hotbmefene[.]today and similar webpages access them through redirects produced by sites that utilize rogue advertising networks. In fact, our researchers discovered this webpage while investigating said advertising networks.

What kind of page is hotbyikale[.]cc?

Our analysis of hotbyikale[.]cc reveals that the site employs clickbait tactics to gain permission to deliver notifications. Websites that rely on deceptive strategies to obtain this permission are untrustworthy, as they misuse it to push scams and other dubious content. Thus, hotbyikale[.]cc and similar sites should be avoided.

What kind of malware is M142 HIMARS?

Our discovery of M142 HIMARS occurred during the analysis of malware samples submitted to VirusTotal and showed that this malware is ransomware belonging to the MedusaLocker family. M142 HIMARS is designed to encrypt files and append ".M142HIMARS" to them. Also, the ransomware changes the desktop wallpaper and drops a ransom note ("READ_NOTE.html").

An example of how M142 HIMARS renames files: it changes "1.jpg" to "1.jpg.M142HIMARS", "2.png" to "2.png.M142HIMARS", and so forth.

What kind of page is osdnetwork[.]xyz?

Our inspection of osdnetwork[.]xyz has shown that the page uses clickbait to obtain permission to show notifications. Sites that use deceptive methods to receive this permission cannot be trusted, as they often misuse it to promote scams and other unreliable pages. Thus, if osdnetwork[.]xyz is encountered, it should be closed.

What kind of page is hotbsopika[.]cc?

Our research team discovered hotbsopika[.]cc while browsing dubious websites. This rogue webpage is designed to promote browser notification spam and generate redirects to other (likely unreliable/hazardous) sites. At the time of research, hotbsopika[.]cc did so by utilizing a fake CAPTCHA verification test.

The majority of visitors to such pages enter them through redirects produced by websites that employ rogue advertising networks. Alternatively, these webpages can be accessed via intrusive ads, spam notifications, misspelled URLs, and adware.

What kind of page is hotbmejatu[.]today?

Hotbmejatu[.]today is a rogue webpage discovered by our researchers during a routine inspection of suspicious websites. It promotes spam browser notifications and redirects to other (likely dubious/malicious) sites.

The majority of visitors to hotbmejatu[.]today and similar pages access them via redirects caused by sites utilizing rogue advertising networks.