Virus and Spyware Removal Guides, uninstall instructions

What is PlusMethod?

PlusMethod is a piece of rogue software. It has adware and browser hijacker qualities. Since most users unintentionally download/install apps like PlusMethod, they are also categorized as PUAs (Potentially Unwanted Applications).

What is Prynt Remote ransomware?

Prynt is a ransomware-type program that encrypts data (locks files) and demands payment for the decryption. There is reason to believe that Prynt Remote is still in development, as its ransom note is missing crucial information.

Compromised files are appended with a ".prynt" extension. For example, a file titled "1.jpg" would appear as "1.jpg.prynt", "2.jpg" as "2.jpg.prynt", etc. Afterwards, ransom-demanding messages are created/displayed in a pop-up window and "___RECOVER__FILES__.prynt.txt" text file.

What is Delta Team ransomware?

Delta Team is a ransomware-type program. It is designed to encrypt data (render files inaccessible) and demand ransoms for the decryption.

Affected files are appended with the ".deltapaymentbitcoin@gmail.com" extension. For example, a file originally named "1.jpg" would appear as "1.jpg.deltapaymentbitcoin@gmail.com", "2.jpg" as "2.jpg.deltapaymentbitcoin@gmail.com", etc.

Once this process is completed, a ransom-demanding message titled "FILES ENCRYPTED.txt" is dropped onto the desktop.

It is noteworthy that during research, Delta Team's decryption password - "doydoo21" (sans the quotation marks) - was found hardcoded into it (i.e., applicable throughout this ransomware's infections). Despite this flaw, no decryption software was developed at the time of writing.

What kind of malware is Blastoise?

Blastoise is ransomware - a form of malware that encrypts files. Additionally, Blastoise appends the ".blastoise" extension to filenames and creates a ransom note (the "How To Restore Your Files.txt" file). For instance, it renames "1.jpg" to "1.jpg.blastoise", "sample.png" to "sample.png.blastoise".

What is ExploreService?

ExploreService is an adware-type application with browser hijacker abilities. Due to the questionable methods used to distribute ExploreService, it is also classified as a PUA (Potentially Unwanted Application).

What is kind of scam is UFO giveaway scam?

It is a scam used to trick people into believing that they can triple their UFO cryptocurrency funds. People who fall for giveaway scams receive nothing in return and lose the crypto they have sent.

What is Iavpt ransomware?

Iavpt is a piece of malicious software categorized as ransomware. It encrypts data (i.e., locks files) and demands ransoms for the decryption.

Compromised files are appended with a random character string and the ".iavpt" extension. For example, a file initially titled "1.jpg" would appear similar to "1.jpg.RIhVLwouupycHIW7QAlkJRVcsFBc9Iyc_znqvLb5Ycf_vgDSjaTlFYU0.iavpt", and so on.

After the encryption process is completed, a ransom note - "JZRG_HOW_TO_DECRYPT.txt" - is dropped onto the desktop.

What kind of malware is Ubrhnqznw?

Ubrhnqznw encrypts files, appends the ".ubrhnqznw" extension to filenames, and creates the "HOW TO RESTORE YOUR FILES.TXT" text file containing a ransom note. An example of how encrypted files get renamed: "1.jpg" to "1.jpg.ubrhnqznw", "sample.png" to "sample.png.ubrhnqznw", and so on.

What is "ING" email scam?

"ING Email Scam" refers to a spam campaign. These phishing emails attempt to obtain recipients' log-in credentials by claiming they have a message from ING - a Dutch multinational banking and financial services corporation. It must be emphasized that the genuine ING Group is in no way associated with these letters.

What kind of app is ProductionElements?

ProductionElements delivers annoying advertisements and changes the settings of a web browser (hijacks a web browser to promote a fake search engine). A big part of adware-type/browser-hijacking apps are promoted and (or) distributed using questionable methods. Thus, users download and (or) install them unintentionally.