Virus and Spyware Removal Guides, uninstall instructions

What is "You may not know me"?

The "You may not know me" scam is proliferated using the 'spoofing' method: scammers falsify email addresses to make it seem as if recipients of emails are also senders.

Cyber criminals send this email to many people hoping that some will fall for the scam and pay a ransom to prevent distribution of a compromising video. In fact, the video does not exist. This is a common scam used to extort money from users. These emails should not be trusted and the best option is simply to ignore them.

What is bodelen.com?

bodelen.com is one of many rogue websites similar to mobnootiffy.com, lameterthenhep.info, pecul1ar.com, etc. Its purpose is to display dubious content or redirect visitors to other untrustworthy sites. People usually visit this website unintentionally, since potentially unwanted apps (PUAs) are responsible for these unwanted redirects.

PUAs are often installed inadvertently and go on to cause redirects to websites such as bodelen.com, feed users with intrusive ads, and collect user-system information.

What is Maoloa?

Discovered by S!Ri, Maoloa is a malicious program categorized as ransomware. Once it has infiltrated the system, Maoloa encrypts all files stored on the computer and generates a ransom-demand message called "HOW BACK YOUR FILES.txt". It also renames all encrypted files by adding a new/additional ".maoloa" extension.

For example, "1.jpg" becomes "1.jpg.maoloa". Updated variants of this ransomware add ".shelbyboom" extension to encrypted files.

What is "You've Made The 5-billionth Search"?

"You've Made The 5-billionth Search" is a scam, which is a part of another scam called "You Have Won A Google Gift" and is distributed through a deceptive website.

People commonly visit websites of this type unintentionally - they are redirected to them by potentially unwanted applications (PUAs) installed on their computers or web browsers. In summary, these applications cause unwanted redirects to untrustworthy websites. Furthermore, they usually collect data and feed users with intrusive advertisements.

What is "CookieMiner"?

CookieMiner is high-risk malware that targets the Mac operating system. Following successful infiltration, CookieMiner records personal data.

Its main purpose is to steal credentials of various accounts (mostly those relating to cryptocurrencies). This malware also opens a 'backdoor' called EmPyre and injects a cryptomining tool into the system. Thus, the presence of CookieMiner leads to a significant reduction in system performance. You can view the entire list of CookieMiner features below.

What is "Verizon Email Virus"?

"Verizon Email Virus" is a scam distributed using a spam (email) campaign. Cyber criminals use the scam to infect computers with Emotet (a malicious program). 

The main purpose of "Verizon Email Virus" is to trick people into clicking a presented website link associated with a malicious document, which then leads to download and installation of the Emotet malicious program. We strongly advise you to ignore this email. Do not open (click) the presented website link.

What is .blower?

There are plenty of ransomware-type infections and .blower is one these malicious programs. As with most rogue software of this type, it is used to encrypt data and blackmail people who have computers infected by it (by demanding ransom payments). They encourage victims to purchase a decryption tool.

Note that this malicious program belongs to the Djvu ransomware family and was discovered by dis. It adds the ".blower" extension to each encrypted file. For example, "1.jpg" becomes "1.jpg.blower". Note that .blower also creates a "_readme.txt" file (a ransom message).

What is CryptoID?

Ransomware-type programs are malicious programs developed by cyber criminals who use them to encrypt data (lock files) and make ransom demands. CryptoID is an example, which is also known as RICKROLL LOCKER. This is an offline version of another ransomware infection called Aurora. CryptoID was discovered by MalwareHunterTeam.

It renames each encrypted file by adding the ".cryptoid" extension: "1.jpg" becomes "1.jpg.cryptoid". It also creates three ransom messages within separate text files: "CRYPTOID_BLOCKED.txt"; "CRYPTOID_HELP.txt", and; "CRYPTOID_MESSAGE.txt".

They are stored in each folder that contains encrypted data. All of these ransom demand files contain identical text.

What is My Best Year?

According to the developers of this app, My Best Year provides users with various daily tips for a better life and a free web search. This app promotes search.getmybestyear.com, a fake search engine. Furthermore, the app itself is categorized as a potentially unwanted application (PUA).

Typically, apps of this type (including My Best Year) are promoted using the "bundling" method. This is used to trick people into installing PUAs inadvertently. Furthermore, My Best Year is related to Genieo, another unwanted application.

What is Cosanostra?

Cosanostra is a malicious program classified as ransomware. Once a computer is infected, users lose access to their files due to encryption. This allows cyber criminals (in this case, Cosanostra's developers) to blackmail victims and demand ransom payments.

This particular ransomware is a new variant of Garrantydecrypt and was discovered by MalwareHunterTeam. Cosanostra adds the ".cosanostra" extension to each encrypted file. For example, "1.jpg" becomes "1.jpg.cosanostra", and so on. This malicious program also creates a ransom message called "#RECOVERY_FILES#", which is presented in a text (.txt) file.