Virus and Spyware Removal Guides, uninstall instructions

What kind of application is IndexInterface?

IndexInterface is the name of an application that our team has discovered on a shady website offering to download fake updates for the Adobe Flash Player. After downloading and installing the app, we found that it generates unwanted advertisements. Therefore, we classified IndexInterface as adware (advertising-supported software).

What is AspectSkip?

AspectSkip is a rogue app that our researchers discovered while inspecting new submissions to VirusTotal. After we analyzed this piece of software, we learned that it operates as adware and belongs to the AdLoad malware family.

What kind of malware is Bbii?

Bbii is the name of ransomware belonging to the Djvu ransomware family. Our team has discovered this ransomware on VirusTotal (while analyzing malware samples submitted to the page). Bbii encrypts files and appends the ".bbii" extension to their filenames. Also, it drops the "_readme.txt" file. This text file contains a ransom note.

An example of how Bbii renames files: it changes "1.jpg" to "1.jpg.bbii", "2.png" to "2.png.bbii", "3.exe" to "3.exe.bbii", and so forth.

What is Pandora (TeslaRVNG) ransomware?

While inspecting new submissions to VirusTotal, our researchers found the Pandora ransomware. We determined that this malicious program belongs to the TeslaRVNG ransomware family.

After launching a sample of Pandora (TeslaRVNG) ransomware on our test system, it encrypted files and altered their filenames. The affected files were renamed following this pattern - "id[victim's_ID].[developers'_email].original_filename.Pandora", e.g., a file originally named "4.xlsx" appeared as "id[8R3RXzdz].[Harold.Winter1900@mailfence.com].4.xlsx.Pandora".

Once the encryption process was completed, this ransomware dropped a ransom-demanding message titled "Pandora.txt" onto the desktop.

What kind of email is "Impex Delivery Services"?

Our inspection of the "Impex Delivery Services" email revealed that it is spam. These letters claim that recipients have received a large inheritance, which can be claimed by making a single payment.

It must be emphasized that the information provided by these emails is false, and the companies/entities mentioned in them are not associated with this spam mail.

What kind of page is pprettierums[.]com?

While checking out untrustworthy sites, our research team discovered the pprettierums[.]com rogue webpage. It loads scams, promotes browser notification spam, and redirects visitors to other (likely unreliable/malicious) websites. Users typically enter these pages through redirects caused by sites using rogue advertising networks.

What kind of malware is Bbzz?

Bbzz is ransomware belonging to the Djvu family. Our team discovered it while examining malware samples submitted to VirusTotal. Bbzz encrypts and renames files (by appending the ".bbzz" extension to filenames). It also creates a ransom note, a text file named "_readme.txt".

An example of how Bbzz renames files: it renames "1.jpg" to "1.jpg.bbzz", "2.png" to "2.png.bbzz", "3.exe" to "3.exe.bbzz", and so forth.

What is SMSFactory?

SMSFactory is the name of a malicious program that targets Android operating systems. This malware is designed to hide within infected devices and send SMSes or call premium-rate numbers.

Significant activity of SMSFactory has been observed in Argentina, Brazil, France, Ukraine, USA, Russia, Turkey, and Spain. However, it is likely that the cyber criminals behind this malware do not target specific regions and are willing to operate worldwide.

What kind of page is advnotpro[.]com?

Advnotpro[.]com is designed to trick visitors into believing that they must confirm that they are not robots. It uses a clickbait technique to get permission to display notifications. Also, advnotpro[.]com redirects to another similar page. We have discovered advnotpro[.]com while inspecting pages that use rogue advertising networks.

What kind of malware is Bbyy?

Bbyy is the name of ransomware belonging to a ransomware family called Djvu. We discovered it while analyzing malware samples submitted to the VirusTotal website. Bbyy ransomware encrypts and renames files and creates a ransom note (the "_readme.txt" file). It appends the ".bbyy" extension to filenames.

An example of how Bbyy renames files: it changes "1.jpg" to "1.jpg.bbyy", "2.png" to "2.png.bbyy", "3.exe" to "3.exe.bbyy", and so on.