Home » Blog » Cybersecurity » How to remove Los Pollos Hermanos (Virus Removal Guide)
Los Pollos Hermanos virus

How to remove Los Pollos Hermanos (Virus Removal Guide)

The Los Pollos Hermanos virus (also known as the Breaking Bad virus) is a dangerous ransomware infection and cryptovirus. Strangely, Los Pollos Hermanos is styled around the television show Breaking Bad. In the television series, Los Pollos Hermanos is a restaurant-chain that specializes in fried chicken throughout Southern-western United States. An email address connected to Los Pollos Hermanos ransomware  is “Iamtheonewhoknocks” and is quoted from main character Walter White in the television series. Maybe the malware authors are fans of the hit show Breaking Bad?

Los Pollos Hermanos virus

What is Los Pollos Hermanos ransomware?

Los Pollos Hermanos is a dangerous ransomware infection that encrypts personal files on a computer system and holds them for ransom. The Los Pollos Hermanos virus encrypts personal files including images, videos, documents, and more. It has spread mostly throughout Australia and demands up to a AU$1,000 (USD$791) fine to decrpyt the files it encrypts.

The Los Pollos Hermanos virus arrives to a computer system through a malicious .zip archive, which uses the name of a major courier firm in the file name, such s PENALTY.VBS. When the file is executed it will download Los Pollos Hermanos ransomware onto the computer system and open a .PDF file with a message in order to trick computer users into paying the fine.

“Your important files have been encrypted: photos, documents, videos, etc.
If you want to decrypt your files you must pay the fee of $450 AUD
Failure to pay within the specified time will mean you must pay $1000 AUD
For support related inquiries contact: [email address]”

Los Pollos Hermanos malware uses PowerShell modules on a Microsoft Windows computer system to operate the ransomware. It encrypts personal files including .ai, .crt, .csv, .db, .doc, .docm, .docx, .dotx, .gif, .jpeg, .jpg, .lnk, .mp3, .msi, .ods,, .one, .ost, .p12, .pdf, .pem, .pps, .ppsx, .ppt, .pptx, .psd, .pst, .pub, .rar, .raw, .rtf, .tif, .txt, .vsdx, .wma, .xls, .xlsm, .xlsx, .xml, and .zip extensions. It encrypts these types of files using a random Advanced Encryption Standard (AES) key, which is then encrypted with a RSA public key that can be used to decrypt the files.

Los Pollos Hermanos ransomware demands that users pay a fine to retrieve their encrypted files by using Bitcoins and other online currencies.

How to remove Los Pollos Hermanos (Removal)

We recommend that you write down the toll free number below in case you run into any issues or problems while removing this infection. Our techs will kindly assist you with any problems.

if you need help give us a call

1. Download and install the free or full version of Malwarebytes Anti-Malware software. The full version enables real-time protection to block malware and unwanted programs from infecting your computer, while the free version is just a free scan and removal tool.

[button link=”https://store.malwarebytes.org/342/cookie?affiliate=23046&redirectto=http%3a%2f%2fdownloads.malwarebytes.org%2ffile%2fmbam%2f&redirecthash=79CD12ECAB939D32967B5D05C6C86E32″ align=”center” bgcolor=”#ff0000″ hoverbgcolor=”#0015ff” hovertextcolor=”#ffffff” textcolor=”#ffffff” size=”large” style=”flat” fullwidth=”true”]Download Malwarebytes Free[/button][button link=”https://store.malwarebytes.org/342/?affiliate=23046&scope=checkout&cart=139724″ align=”center” bgcolor=”#ff0000″ hoverbgcolor=”#0015ff” hovertextcolor=”#ffffff” textcolor=”#ffffff” size=”large” style=”flat” fullwidth=”true”]Buy Premium Now[/button]

2. Open the Malwarebytes Anti-Malware program.


3. Click the large Scan Now button or visit the “Scan” tab to manually run a scan.

Malwarebytes 2

4. Once the malware scan is complete, click the Remove Selected button and reboot your computer.

If you are still having issues with malware it is recommended to download and install a second opinion scanner such as HitmanPro by Surfright to eradicate existing malicious files and automatically repair corrupted settings.

User accounts

Ransomware usually infects 1 user account on Windows systems at a time. Here are some tips to remove ransomware by using different user accounts.

  1. Log into an account not affected by malware (with administrative rights) and perform a scan with reputable software to detect and remove malware.
  2. You can also delete the infected account.
  3. Other options include creating a new user account to remove malware if only 1 Window’s user account is present on the computer system.

Internet/network issues

Safe Mode With Networking can be used to access the Internet for updates, drivers, removal software, or other files if internet and network connectivity is compromised.

Lead Editor

Jared Harrison is an accomplished tech author and entrepreneur, bringing forth over 20 years of extensive expertise in cybersecurity, privacy, malware, Google Analytics, online marketing, and various other tech domains. He has made significant contributions to the industry and has been featured in multiple esteemed publications. Jared is widely recognized for his keen intellect and innovative insights, earning him a reputation as a respected figure in the tech community.

More Reading

Post navigation

Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

How to remove MoonCrypter virus (Ransomware)

How to remove cry ransomware

How to Remove CIA Virus (Removal Guide)