Virus and Spyware Removal Guides, uninstall instructions

What is NAME LOCKER ransomware?

NAME LOCKER is a malicious program belonging to the Babuk Locker ransomware family. It is designed to encrypt data (render files unusable) and demand ransoms for the decryption.

Compromised files are appended with the ".crypt" extension. For example, a file like "1.jpg" would appear as "1.jpg.crypt", "2.jpg" as "2.jpg.crypt", and so forth. Once this process is completed, a ransom note - "How To Restore Your Files.txt" - is created.

What kind of malware is Wixawm?

Wixawm is ransomware that encrypts files (makes them inaccessible), modifies filenames of all encrypted files, and generates two ransom notes: "Decryption-Guide.txt" and "Decryption-Guide.HTA". It renames files by appending a string of random characters, the wixawm@gmail.com email address, and ".wixawm" extension.

For example, Wixawm renames "1.jpg" to "1.jpg,(MJ-PN3856790412)(wixawm@gmail.com).wixawm", "image.jpg" to "image.jpg,(MJ-PN3856790412)(wixawm@gmail.com).wixawm", and so on. This ransomware is part of the VoidCrypt ransomware family.

What is J2xnp ransomware?

J2xnp is a ransomware-type program. It operates by encrypting data (locking files) and demanding payment for the decryption.

Affected files are appended with a random character string and the ".j2xnp" extension. For example, a file originally titled "1.jpg" would appear similar to "1.jpg.x4S3X7TzkAe_k1h3S9qbV5T13taV9DeCzy20D27XNFv_JlNQnyGjB3k0.j2xnp", etc.

After this process is completed, a ransom-demanding message named "iotb_HOW_TO_DECRYPT.txt" - is dropped onto the desktop.

What kind of page is melomovie[.]com?

Melomovie[.]com is an illegal TV show, movie, and anime streaming and download website. Also, it uses rogue advertising networks. Melomovie[.]com infringes copyright and redirects visitors to questionable/potentially malicious websites.

What is PlusMethod?

PlusMethod is a piece of rogue software. It has adware and browser hijacker qualities. Since most users unintentionally download/install apps like PlusMethod, they are also categorized as PUAs (Potentially Unwanted Applications).

What is Prynt Remote ransomware?

Prynt is a ransomware-type program that encrypts data (locks files) and demands payment for the decryption. There is reason to believe that Prynt Remote is still in development, as its ransom note is missing crucial information.

Compromised files are appended with a ".prynt" extension. For example, a file titled "1.jpg" would appear as "1.jpg.prynt", "2.jpg" as "2.jpg.prynt", etc. Afterwards, ransom-demanding messages are created/displayed in a pop-up window and "___RECOVER__FILES__.prynt.txt" text file.

What is Delta Team ransomware?

Delta Team is a ransomware-type program. It is designed to encrypt data (render files inaccessible) and demand ransoms for the decryption.

Affected files are appended with the ".deltapaymentbitcoin@gmail.com" extension. For example, a file originally named "1.jpg" would appear as "1.jpg.deltapaymentbitcoin@gmail.com", "2.jpg" as "2.jpg.deltapaymentbitcoin@gmail.com", etc.

Once this process is completed, a ransom-demanding message titled "FILES ENCRYPTED.txt" is dropped onto the desktop.

It is noteworthy that during research, Delta Team's decryption password - "doydoo21" (sans the quotation marks) - was found hardcoded into it (i.e., applicable throughout this ransomware's infections). Despite this flaw, no decryption software was developed at the time of writing.

What kind of malware is Blastoise?

Blastoise is ransomware - a form of malware that encrypts files. Additionally, Blastoise appends the ".blastoise" extension to filenames and creates a ransom note (the "How To Restore Your Files.txt" file). For instance, it renames "1.jpg" to "1.jpg.blastoise", "sample.png" to "sample.png.blastoise".

What is ExploreService?

ExploreService is an adware-type application with browser hijacker abilities. Due to the questionable methods used to distribute ExploreService, it is also classified as a PUA (Potentially Unwanted Application).

What is kind of scam is UFO giveaway scam?

It is a scam used to trick people into believing that they can triple their UFO cryptocurrency funds. People who fall for giveaway scams receive nothing in return and lose the crypto they have sent.