Virus and Spyware Removal Guides, uninstall instructions

What kind of page is toftheca[.]buzz?

While inspecting toftheca[.]buzz, we found that it wants to show notifications and displays deceptive content to trick visitors into allowing it to show those notifications. Also, toftheca[.]buzz redirects to other deceptive web pages. We discovered toftheca[.]buzz while examining pages that use shady advertising networks.

What kind of page is nedilarepron[.]com?

We have examined nedilarepron[.]com and found that it uses a clickbait technique to trick visitors into allowing it to send notifications. Our team discovered nedilarepron[.]com while inspecting websites that use rogue advertising networks. Nedilarepron[.]com is an untrustworthy page that should be ignored/closed.

What kind of email is "You Have Blocked Emails Created"?

Our team has analyzed this email and found that it is a scam email regarding blocked emails. Scammers behind it aim to trick recipients into opening a phishing website and providing personal information on it. Emails of this type should be marked as spam and deleted.

What kind of malware is DarkTortilla?

DarkTortilla is a crypter that obfuscates, encrypts and manipulates malware to make it difficult for security software to detect it. Cybercriminals have been observed using DarkTortilla to deliver information stealers and remote access trojans (RATs), and targeted payloads such as Cobalt Strike and Metasploit.

What kind of page is therecode247[.]com?

While checking out suspicious websites, our research team found therecode247[.]com rogue page. It pushes browser notification spam and redirects users to different (likely unreliable/malicious) sites. Most visitors to webpages like therecode247[.]com access them through redirects caused by websites that use rogue advertising networks.

What kind of page is foundedscan[.]com?

Our researchers discovered the foundedscan[.]com rogue webpage while inspecting suspicious websites. It operates by promoting scams and spam browser notifications. Additionally, this page can redirect visitors to other (likely untrustworthy/malicious) sites.

Users typically enter pages like foundedscan[.]com via redirects caused by websites that use rogue advertising networks.

What kind of page is authenticinspect[.]com?

Authenticinspect[.]com is a rogue webpage that our researchers discovered during a routine investigation of untrustworthy sites. This page runs scams, promotes spam browser notifications, and redirects visitors to other (likely unreliable/malicious) websites.

Most users enter webpages like authenticinspect[.]com through redirects caused by sites using rogue advertising networks.

What is BrasDex?

BraDex is a banking malware targeting Android operating systems. This malicious program aims to gain access to victims' bank accounts and make fraudulent transactions.

At the time of writing, BrasDex targets Brazilian banking applications exclusively. In previous BrasDex campaigns, it infiltrated devices under the guise of Android system related apps. Lately, this malware has been installed by a fake Brazilian Banco Santander banking application.

Research done by ThreatFabric uncovered evidence that the cyber criminals behind BrasDex campaigns are also using the Casbaneiro trojan to infect Windows operating systems.

What kind of page is foundedcontrol[.]com?

While examining foundedcontrol[.]com, we found that it uses deceptive marketing to promote legitimate antivirus software. Foundedcontrol[.]com runs the "McAfee - Your PC is infected with 5 viruses!" scam. It also asks for permission to send notifications. It is recommended to ignore this page.

What kind of page is pcworksscanner[.]com?

Pcworksscanner[.]com is a shady website that displays fake/deceptive messages to trick visitors into believing that their computers are infected. It runs the "McAfee - Your PC is infected with 5 viruses!" scam. Also, pcworksscanner[.]com asks for permission to show notifications. Our team discovered pcworksscanner[.]com while examining other dubious pages.