Virus and Spyware Removal Guides, uninstall instructions

What kind of application is FontResultsMultitask?

While reviewing new file submissions to the VirusTotal platform, we found the FontResultsMultitask application. Our analysis revealed that FontResultsMultitask is adware belonging to the AdLoad malware family.

What kind of application is Cervidae?

In the course of examining a malicious installer, we encountered Cervidae and its troubling actions as a browser extension. These actions included enabling the "Managed by your organization" feature in the Chrome browser, gathering various types of data, and overseeing specific aspects of the browser.

What kind of application is ExplorerMainFrame?

ExplorerMainFrame is an adware-type application that our research team found while inspecting new submissions to the VirusTotal site. This piece of advertising-supported software is part of the AdLoad malware family. ExplorerMainFrame is designed to run intrusive ad campaigns.

What is RanunculusAcris?

During an investigation into a malicious installer, we came across RanunculusAcris and its concerning behavior as a browser extension. These activities encompassed the enabling of the "Managed by your organization" feature in the Chrome browser, the collection of diverse data, and the management of specific components of the browser.

What kind of email is "Password Marked For Deletion"?

Our examination of the "Password Marked For Deletion" email revealed that it is spam promoting a phishing scam. The letter targets recipients' email account log-in credentials by claiming that the password has expired.

What kind of malware is Wwty?

While examining malware samples submitted to the VirusTotal platform, we encountered a ransomware variant called Wwty. Wwty operates by encrypting files and modifying their file names by appending the ".wwty" extension. Moreover, Wwty is designed to create a text file named "_readme.txt" containing a message outlining the ransom requirements.

It is important to highlight that Wwty belongs to the Djvu ransomware family. Djvu ransomware is often distributed alongside data-stealing malware such as RedLine or Vidar by malicious individuals. As an illustration of Wwty's file renaming process, it transforms "1.jpg" into "1.jpg.wwty", "2.png" into "2.png.wwty", and so on.

What kind of malware is Wwpl?

During our analysis of malware samples on the VirusTotal platform, we came across the Wwpl ransomware, a member of the Djvu family. After infiltrating a computer, this ransomware encrypts data and appends the ".wwpl" extension to filenames. For instance, a file originally labeled "1.jpg" is changed to "1.jpg.wwpl" and "2.png" is renamed to "2.png.wwpl".

In addition to encrypting files, Wwpl generates a ransom note in the form of a text document named "_readme.txt". The distribution of Wwpl may also involve other types of malware designed for stealing information, such as Vidar and RedLine.

What kind of malware is Wwza?

While analyzing malware samples using the VirusTotal platform, we encountered the Wwza ransomware, which belongs to the Djvu family. Once it infiltrates a computer, this ransomware encrypts data and adds the ".wwza" extension to file names. For example, a file originally named "1.jpg" is altered to "1.jpg.wwza", and "2.png" is renamed to "2.png.wwza", etc.

Apart from encrypting files, Wwza also produces a ransom note in the form of a text document named "_readme.txt". The dissemination of Wwza may also encompass various other malware types engineered to pilfer information, including Vidar and RedLine.

What kind of application is TriceratopsProrsus?

While conducting a probe into a malevolent installer, we unexpectedly encountered TriceratopsProrsus and its alarming actions as a browser extension. These actions included implementing the "Managed by your organization" function in the Chrome browser, gathering various types of data, and controlling specific browser components.

What kind of application is EssentialEntry?

Our researchers discovered the EssentialEntry adware while inspecting new submissions to the VirusTotal site. This application is part of the AdLoad malware family. EssentialEntry operates by running intrusive advert campaigns.