Virus and Spyware Removal Guides, uninstall instructions

What is kind of page store-notifications[.]online?

While analyzing store-notifications[.]online, our team learned that this is a deceptive page that shows a fake message to trick visitors into downloading a certain application. We discovered store-notifications[.]online while inspecting shady ads and other pages of this kind. Store-notifications[.]online and similar pages should be ignored/closed.

What kind of page is yourtopdefencebulwark[.]site?

Our research team discovered yourtopdefencebulwark[.]site during a routine investigation of untrustworthy websites. This rogue page is designed to promote scams and spam browser notifications. Additionally, it can redirect users to other (likely dubious/malicious) sites.

Users typically access webpages like yourtopdefencebulwark[.]site through redirects caused by websites using rogue advertising networks.

What is OperativeQueue?

While reviewing new submissions to VirusTotal, our research team discovered the OperativeQueue application. After installing this app on our testing system, we verified that it operates as advertising-supported software (adware). It is noteworthy that OperativeQueue is part of the AdLoad malware family.

What kind of email is "Fund For God's Work"?

After inspecting the "Fund For God's Work" email, we determined that it is spam. The fake sender introduces themselves as a gravely ill widow who will give the email recipient an exorbitant amount of money to do god's work. It must be emphasized that all the claims made by this scam letter are false and must be disregarded.

What is LummaC2?

LummaC2 is the name of a malicious program classified as a stealer. It operates by stealing sensitive information from infected devices and installed applications.

At the time of writing, this malware is sold on the Web; as such, it can be distributed by multiple cyber criminals. According to its promotional material, LummaC2 is lightweight (150-200 KB) and can infect operating systems Windows 7 through Windows 11.

What is Zendaya ransomware?

Zendaya is a malicious program belonging to the VoidCrypt ransomware family. Our researchers discovered this program while inspecting new submissions to VirusTotal.

After we executed a sample of Zendaya on our test machine, it encrypted files and changed their filenames. Original titles were appended with a unique ID, the cyber criminals' email address, and a ".Zendaya" extension. For example, a file named "1.jpg" appeared as "1.jpg.(MJ-VY3946857120)(Decryption.helper@aol.com).Zendaya".

Once the encryption process was concluded, this ransomware created identical ransom notes – "Decryption-Guide.HTA" and "Decryption-Guide.txt".

What kind of email is "People's Postcode Lottery"?

After inspecting this "People's Postcode Lottery" email, we determined that it is spam. This phishing scam targets personally identifiable information by claiming to be a notification regarding a win in the People's Postcode Lottery - a legitimate lottery in the United Kingdom. However, this letter is fake and not associated with the actual subscription lottery – hence, it cannot be trusted and must be reported as spam.

What kind of page is batus[.]click?

While examining batus[.]click, our team learned that it runs the "McAfee - Your Card Payment Has Failed!" scam and wants to show notifications. We discovered batus[.]click while inspecting other shady websites that use rogue advertising networks. It is recommended to ignore sites like batus[.]click and never agree to receive notifications from them.

What kind of application is Snetchball?

While analyzing the Snetchball application, we found that it functions as adware - it shows intrusive advertisements. It is common for adware to be promoted and distributed using shady methods. We discovered Snetchball after downloading a malicious installer from an untrustworthy web page.

What is Split Files?

While inspecting suspicious websites, our researchers found a deceptive page promoting a malicious download assistant. Following installation on our test machine, we learned that it was bundled with a variety of harmful software, including Split Files (alternatively titled Split Files Setup). This application operates as adware and may have additional dangerous functionalities.