Virus and Spyware Removal Guides, uninstall instructions

What is "Hydrotech Email Virus"?

Discovered by My Online Security, "Hydrotech Email Virus" is a scam that is presented as an official message (invoice) from HYDROTECH. The main purpose of this scam is to trick people into opening the included attachments, which are designed to download and install the Remcos RAT (remote access tool).

Cyber criminals use these tools to generate revenue by stealing personal details, downloading and installing malicious programs, and so on. We strongly recommend that you leave files attached to "Hydrotech Email Virus" message and other similar spam campaigns (scams) unopened.

What is Truke?

Belonging to the Djvu ransomware family, Truke is yet another ransomware infection discovered by Michael Gillespie. Once infiltrated, Truke encrypts most stored data and appends filenames with the ".truke" extension (e.g., "sample.jpg" becomes "sample.jpg.truke"). Encrypted data immediately becomes unusable.

Following successful encryption, Truke generates a text file ("_readme.txt") and stores a copy in every existing folder.

What is Litra?

Litra ransomware was discovered by S!Ri and, like many other programs of this type, is designed by cyber criminals to blackmail people.

Litra encrypts files/data and displays a pop-up window that contains instructions about how to pay a ransom. Additionally, this ransomware renames all encrypted files by adding the ".litra" extension. For example, "1.jpg" becomes "1.jpg.litra".

What is LoudMiner?

LoudMiner is a cryptocurrency miner based on XMRig (another miner) and designed to mine Monero cryptocurrency. LoudMiner is cross-platform software, and thus can run on different operating systems such as MacOS, Linux, and Windows. It is distributed by bundling it with set-ups of pirated (cracked) copies of VST (Virtual Studio Technology) software.

Cyber criminals who proliferate LoudMiner attempt to trick people into installing this rogue software so they can misuse their computers (computer resources) to mine cryptocurrency. If LoudMiner miner is installed on your operating system, remove it immediately.

What is Dalle?

First discovered by malware researcher, Michael Gillespie, Dalle is a high-risk ransomware infection that belongs to the Djvu ransomware family.

Dalle is designed to stealthily infiltrate computers and encrypt most stored files. During encryption, Dalle appends filenames with the ".dalle" extension (hence its name). Encrypted data immediately becomes unusable. Additionally, Dalle creates a text file called "_readme.txt" and stores a copy in every existing folder.

What is flvto[.]biz?

The flvto[.]biz website that allows conversion of videos downloaded from YouTube into MP3, MP4, and AVI format files free of charge. To achieve this, users must paste a video URL into the flvto[.]biz website and choose the file format.

Downloading and converting videos from YouTube using this website is not dangerous (it cannot harm computers), however, these actions are illegal. Furthermore, this website uses advertising networks, and thus users can be redirected to other dubious or malicious websites. Therefore, we recommend that you avoid using flvto[.]biz.

What is Predator The Thief?

Predator The Thief is high-risk trojan-type infection designed to collect various user-system information. These infections typically infiltrate computers without users' consent. Their presence might lead to serious privacy issues and significant financial loss.

What is MacAppExtensions?

MacAppExtensions is a potentially unwanted application (PUA), a browser app installed by adware-type apps that are already present on the Mac system or browser. Once installed, MacAppExtensions hijacks browsers (changes settings) and gathers information relating to users' browsing activity.

What is likeherlife[.]info?

The likeherlife[.]info website displays dubious content or redirects visitors to other untrustworthy web pages. It is virtually identical to many other sites of this type such as bikereddint[.]info, suaningrebtersed[.]info, and newschanel[.]biz.

Generally, people do not arrive at these websites intentionally - they are opened by potentially unwanted applications (PUAs) installed on browsers or operating systems. Most PUAs gather information relating to users' browsing habits and deliver unwanted, deceptive ads.

What is nextyourcontent[.]com?

nextyourcontent[.]com is one of many rogue sites that cause redirects to other untrustworthy, potentially malicious websites or display dubious content. People do not generally arrive at nextyourcontent[.]com intentionally. These web pages are opened by potentially unwanted applications (PUAs) that are installed on browsers and computers.

PUAs commonly gather data and deliver intrusive ads. Note that nextyourcontent[.]com is virtually identical to other sites of this type such as tinhoranding[.]info, usecytonsmehers[.]info, and geting[.]pro.