Virus and Spyware Removal Guides, uninstall instructions

Lloo Ransomware

What is Lloo ransomware?

Lloo is the name of a malicious program within the ransomware classification, which our researchers discovered while inspecting new malware submissions to VirusTotal. Lloo is yet another program belonging to the Djvu ransomware family.

After executing a sample of Lloo on our test machine, we learned that it encrypts files and modifies their filenames. The encrypted files were appended with a ".lloo" extension, e.g., a file named "1.jpg" appeared as "1.jpg.lloo", "2.png" as "2.png.lloo", etc. Once this process was finished, a ransom note - "_readme.txt" - was created.

   
Message Failure Receiving Notice Email Scam

What kind of scam is "Message Failure Receiving Notice"?

After inspecting this email we found that it is a phishing email containing a link that opens a deceptive website asking to provide login credentials. This email is disguised as a letter from an email service provider. It states that incoming messages have been suspended.

   
Llee Ransomware

What is Llee ransomware?

During a routine inspection of new submissions to VirusTotal, our research team discovered the Llee ransomware-type program. We determined that Llee is part of the Djvu ransomware family.

Once we launched a sample of Llee on our test machine, it encrypted files and appended their filenames with a ".llee" extension. For example, a file originally titled "1.jpg" appeared as "1.jpg.llee", "2.png" as "2.png.llee", etc. Afterward, a ransom-demanding message named - "_readme.txt" - was created.

   
Lltt Ransomware

What kind of malware is Lltt?

Lltt is ransomware that belongs to the Djvu ransomware family. We discovered it while analyzing malware samples submitted to the VirusTotal site. Lltt encrypts files and appends the ".lltt" extension to their filenames. It also creates a ransom note (the "_readme.txt" file).

An example of how Lltt modifies filenames: it renames "1.jpg" to "1.jpg.lltt", "2.png" to "2.png.lltt", "3.exe" to "3.exe.lltt", and so forth.

   
Edw Ransomware

What kind of malware is Edw?

Edw is ransomware that encrypts files, appends the victim's ID, edward22w@aol.com email address, and the ".edw" extension to filenames, and generates two ransom notes (displays a pop-up window and creates a text file named "FILES ENCRYPTED.txt"). We found that Edw belongs to a ransomware family called Dharma.

Our malware researchers discovered Edw ransomware while examining malware samples submitted to VirusTotal. An example of how Edw renames files: it renames "1.jpg" to "1.jpg.id-9ECFA84E.[edward22w@aol.com].edw", "2.png" to "2.png.id-9ECFA84E.[edward22w@aol.com].edw", and so forth.

   
FARGO Ransomware

What is FARGO ransomware?

FARGO is a new variant of the TargetCompany ransomware. Malware of this type is designed to encrypt data and demand ransoms for the decryption.

After we launched a sample on our test system, we learned that this ransomware encrypts files and appends their filenames with a ".FARGO" extension. For example, a file originally titled "1.jpg" appeared as "1.jpg.FARGO", "2.png" as "2.png.FARGO", and so forth. Extensions of updated FARGO ransomware's variants also include a digit (e.g., ".FARGO2", ".FARGO3", ".FARGO4").

Following the completion of the encryption process, FARGO dropped a ransom note named "FILE RECOVERY.txt" onto the desktop.

   
CladRumble Adware (Mac)

What is CladRumble?

While inspecting new submissions to VirusTotal, our researchers discovered the CladRumble application. After analyzing this piece of software, we determined that CladRumble operates as adware and belongs to the AdLoad malware family.

   
Booking Offer Email Virus

What is "Booking Offer" email virus?

Our inspection of the "Booking Offer" email revealed that it is spam designed to spread malware. This letter claims to contain the specifications for a room booking. When the attached file is opened, it triggers FormBook malware's infection chain.

   
Newware Ransomware

What is Newware ransomware?

Newware is yet another malicious program belonging to the MedusaLocker ransomware family, which our researchers discovered while inspecting new submissions to VirusTotal.

Once we launched a sample of Newware ransomware on our test machine, it encrypted files and appended their filenames with the ".newware" extension. For example, a file initially named "1.jpg" appeared as "1.jpg.newware", "2.png" as "2.png.newware", etc.

Afterwards, a ransom-demanding message titled "HOW_TO_RECOVER_DATA.html" was dropped onto the desktop.

   
SkyWard Adware (Mac)

What is SkyWard?

SkyWard is a rogue app that our researchers discovered while inspecting new submissions to VirusTotal. After analyzing this piece of software, we learned that it operates as adware and belongs to the AdLoad malware family.

   

Page 522 of 2107

<< Start < Prev 521 522 523 524 525 526 527 528 529 530 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal