Author Archives: Lisa Blanc

LookBack

A few utility companies in the US received phishing emails back in July. It is now known that the attacks were set up to spread LookBack, a malicious remote access Trojan (RAT) capable of deleting files, executing commands, and stealing information. It is possible that the threat could target companies in different sectors next, and that is why it is important to look at it closer. Without a doubt, systems that are infected with this malware need to be cleaned as soon as possible. Here at Anti-Spyware-101.com, we focus on the removal of malware, and while we can show how to remove LookBack, it is just as important to discuss the activity of malware and the overall security of the operating system. If you are interested in this, please continue reading, and do not forget that you can always share your questions in the comments area below. Read more »

Syrk Ransomware

Syrk Ransomware

No one wants to go through the “joys” of a ransomware infection. Syrk Ransomware is one of those malicious programs you wouldn’t want to encounter. However, if you are reading this description, the chances are that you need to remove Syrk Ransomware from your system immediately. It might take some time to restore your files, but you should never consider paying the ransom that these criminals here expect you to transfer them. Instead, invest in a legitimate antispyware tool that will help you protect your system against similar intruders in the future. For more guidance, do not hesitate to address a professional. Read more »

MongoLock Ransomware

MongoLock Ransomware

As you may suspect from its title, MongoLock Ransomware can cause trouble for users who have MongoDB databases. Especially for those who do not back up their important files. The malware uploads copies of files available on a database and sends them to its developer’s server. Afterward, the deletion command should be initiated, which ought to permanently remove videos, documents, pictures, and other precious files. Since the threat is created for money extortion, the malicious application should show a ransom note soon after erasing a victim’s data. As you can imagine, the message asks users to pay for copies of their files, and the sum is not exactly small. If you fear you could lose your money in vain, we advise against paying a ransom. Instead, you could erase MongoLock Ransomware with the deletion steps provided below or a legitimate antimalware tool. To get to know the malware better, we invite you to read the rest of this article. Read more »

Search Genie

Search Genie

It probably took you a while to notice that Search Genie is there on your Chrome browser. Or maybe you opened this page right after the extension was added. Whichever it is, welcome to our website. We are here to tell you more about this potentially unwanted program, and what you should do about it.

First, we would like to emphasize that Search Genie is not a malicious computer infection. It is just an extension that works on one browser. But it has certain features that can be deemed undesirable, and thus, it is recommended that you remove it from your browser. Read more »

CobInt Trojan

CobInt Trojan is a dangerous infection that will not manifest itself at first. This Trojan is there to work silently. Our research shows that this program is a malware downloader, and so, the longer it remains on your system, the more damage it can cause. Therefore, you have to remove CobInt Trojan today.

How can we deal with Trojans when we can’t even tell they’re there? Well, regular system scans with reliable security applications should be one of your top priorities. What’s more, if your security tool detects this infection early on, it can remove it immediately no questions asked. Read more »

CryptoShuffler Cryptojacking

CryptoShuffler Cryptojacking is a malicious infection that works behind the affected user’s back. It is a Trojan, and thus, it can be hard to notice that this infection is there on your computer. When it comes to dealing with Trojan infections, it is necessary to employ regular system scans so that you would know immediately if something goes wrong. Then, it would be possible to remove CryptoShuffler Cryptojacking and other similar infections as soon as possible. It is also important that you employ powerful security applications to protect your system from similar infections in the future. Read more »

Ims00ry Ransomware

Ims00ry Ransomware

Ims00ry Ransomware is a dangerous computer infection that should be taken seriously. This program will encrypt target files to collect ransom payments from the affected users. Needless to say, you need to keep that money to yourself because there is no guarantee that the infection would issue the decryption key in the first place. You don’t even need to buy it because a public decryption tool is available. Thus, you just need to scroll down to the bottom of this entry for the manual removal instructions to remove Ims00ry Ransomware for good, and then fortify your system against similar threats. Read more »

Rodentia Ransomware

Rodentia Ransomware

Rodentia Ransomware is the kind of malware that can instantly ruin your day. If it finds a security crack through which it can slither into your operating system, it might be able to encrypt your personal files. At the time of research, our analysts working in the Anti-Spyware-101.com internal lab did not see the threat encrypting files, but it was found that it is a modified version of the well-known Jigsaw Ransomware, and so it is possible that it could encrypt files successfully. Maybe a bug exists, and maybe it will be fixed in no time. Maybe the infection will remain helpless. In any case, if this infection got into your operating system, it is a good idea to delete it as soon as possible. If you keep reading this guide, you will learn how to remove Rodentia Ransomware, and, hopefully, you will also learn how to secure your operating system and, most important, your personal files against threats that could try to attack in the future. Read more »

ExpBoot Ransomware

ExpBoot Ransomware

If you can find the “.ExpBoot” extension attached at the end of your files’ names, ExpBoot Ransomware must have found a way to invade your operating system. Anti-Spyware-101.com research team has tested this infection in an internal lab, but it was not possible to determine a singular pathway into a system. It is possible that the infection could use different distribution techniques (via spam email, RDP backdoors, malware downloaders, or unreliable websites), but it is also possible that one specific method would be used. At this moment, however, that is unclear. We also cannot promise that the infection will not encrypt files in the future, which is what it claims to be capable of doing now. In reality, this infection does not encrypt files, and, instead, simply adds an alien extension to the files’ names to make sure that you cannot open them. Unfortunately, this could trick some victims into thinking that encryption has happened. Right now, however, if you delete ExpBoot Ransomware and remove the added extension, your files will be “restored.” Read more »

KopiLuwak

KopiLuwak is a backdoor infection that can be used by multiple third parties to access a target system. Whatever happens to the affected system later depends on the criminals who employ this backdoor. In other words, if you remove KopiLuwak, you also have to make sure that you terminate all the other malicious infections that could have entered the target system because of this backdoor. Also, you can find the manual removal instructions at the bottom of this entry, but it would be for the best to invest in a legitimate antispyware program that would delete KopiLuwak for you automatically. Read more »