Desk 365 Virus is a potentially unwanted application created by 337 Technology Limited. Desk 365 Virus can also be categorized as an adware application because it can be used to distribute other malware infections by making system's changes without an affected PC user's permission. Desk 365 Virus advertises22find.com and Globososo.com suspicious search engines. Desk 365 can be downloaded from an official website as a tool, which can be used for managing desktop shortcuts and applications. However, there is another way used for delivering Desk 365, and it is based on the third party...

Trojan.JS.Redirector.za is a Trojan that is a part of certain web attacks initiated by Brazilian attackers. Trojan.JS.Redirector.za spreads as a malicious PAC (Proxy Auto-Config) via phishing domain. These types of malicious scripts are used to redirect the victimized PC user's connection to a phishing web page of banks, credit cards and other. After registering the URL 'java7update.com', Brazilian cybercriminals started attacking several websites, injecting a malicious iframe in some hacked websites. The iframe loads a malicious Java applet prepared to change the proxy configuration on...

Trojan.Fakesafe is a Trojan that is included in a targeted attack called 'SafeNet' (the campaign's name is unrelated to the security company of the same name). Attackers behind this malware attack are using phishing emails with malicious attachments, detected as Trojan.Fakesafe. These attachments are document files that exploit vulnerabilities in Microsoft Word. Some of the documents exploit the Microsoft Windows Common Controls ActiveX Control Remote Code Execution Vulnerability (CVE-2012-0158). If exploitation is successful, the malicious documents download the potentially malicious...

The 'You Shall Not Pass' Virus is a browser hijacker that, similar to the notorious DNS Changer , makes changes to your operating system's Hosts file for the purpose of blocking your ability to browse the web, after which the 'You Shall Not Pass' Virus may redirect you to malicious websites. The 'You Shall Not Pass' Virus acquires its name from the website that the 'You Shall Not Pass' Virus currently redirects its victims towards, which contains a simplified depiction of a famous Lord of the Rings scene wherein a major character insisted that 'You shall not pass!' Deleting the 'You...

Over the course of the past year, we have witnessed a serious rash of FBI viruses in the form of misleading and baseless pop-up messages claiming to be the Federal Bureau of Investigation (FBI) detecting alleged illegal activity on computers around the world. These messages come in many different variations, but all have the main objective of conducting aggressive money extortion techniques . FBI virus authors, what you may technically refer to as hackers or cybercrooks, have utilized FBI virus message threats in the place of rogue anti-spyware programs, which were a common denominator...

Trojan.Sirefef.HU is a rootkit Trojan that propagates via security exploits and free software installations. Trojan.Sirefef.HU is difficult to detect and remove from the compromised PC by many security software. Trojan.Sirefef.HU is linked to ransomware and other malware threats such as fake security programs, that is, Trojan.Sirefef.HU can be used by attackers to spread these security infections to vulnerable computers. Trojan.Sirefef.HU results in failure of multiple system services and eventual system crash.

HIDDENEXT/Worm.Gen is a worm that proliferates via spam email messages, which include bogus invoices from Zalando and Deutsche Bahn. The unsolicited email dupes affected computer user into running a malevolent file, found as HIDDENEXT/Worm.Gen. Cybercrooks are sending personalized emails in the German language allegedly coming from the popular website Zalando.de (shoes and women accessories) and from the Deutsche Bahn (German Railways). The text is addressed to the attacked computer PC user directly, and it threatens him/her so that the computer user opens the ZIP archive and runs the...

Trojan.Jorik.Androm.pqr is a Trojan that spreads via spam emails, which contain fake invoices from Zalando and Deutsche Bahn. The spam email tricks target recipients into executing a malicious file, detected as Trojan.Jorik.Androm.pqr. Attackers are sending personalized emails in the German language supposedly coming from the well-known website Zalando.de (shoes and women accessories) and from the Deutsche Bahn (German Railways). The text is addressed to the affected PC user directly, and it threatens the victim so that the computer user opens the ZIP archive and executes the infected...

Europol Interpol Ransomware, also known as Europol Interpol Virus, is a malware threat detected as ransomware, which attempts to steal money from trusting computer users in Germany. Europol Interpol Ransomware is spread by a 'Police' Trojan, which blocks the targeted computer and asks the affected PC user to make a payment as a ransom to receive an unlock code. Europol Interpol Ransomware Virus blocks the desktop of the targeted PC and makes the victimized computer completely unusable. Europol Interpol Ransomware displays a pop-up warning message 'Ihr Internet Service Provider...

Trojan:Win32/Estiwir.A is a Trojan that downloads and installs other security threats onto the affected computer and can block some programs or applications from functioning appropriately. Trojan:Win32/Estiwir.A is downloaded onto the targeted computer system by other security threats. Trojan:Win32/Estiwir.A may download other malware threats that can steal a victimized PC user's information by recording usernames and passwords. After removal of Trojan:Win32/Estiwir.A, it is recommended to change your passwords. Trojan:Win32/Estiwir.Ae may prevent AhnLab security application or ESTsoft...

Pcspeedplus.com/scan is a malicious website, which hosts malware, specifically a rogue registry cleaner called PC Speed Maximizer in it. The main aim of Pcspeedplus.com/scan is to run a scan on a visitor's computer. Pcspeedplus.com/scan executes online malware scan and tricks computer users into believing that numerous security threats have been detected on their PCs. Pcspeedplus.com/scan claims that detected malware threats should be removed immediately using its supported program known as PC Speed Maximizer. If your computer is affected by a Trojan, you will get redirected to...

Searchpig.net is a tricky website, which presents itself as a trustworthy search engine. Searchpig.net is associated with browser hijackers that take over the vulnerable web browser and redirect affected PC users to dubious websites for raising traffic and making money. Browser hijackers can set Searchpig.net as the default homepage, default search engine and new tab without the PC user's permission asked. If you computer is affected by any browser hijackers, Searchpig.net will start showing up on the Internet browser of the targeted computer gets. Commonly, browser hijackers related to...

Web Browser Search is an adware application, which can be installed on a vulnerable computer bundled with other programs. Usually, Web Browser Search enters the attacked PC without the affected computer user's permission asked, but it can be blocked by monitoring each installation window of the software product. Once Web Browser Search invades the affected computer, it gets on each of the victim's Internet browsers, including Internet Explorer, Google Chrome and Mozilla Firefox. Web Browser Search also sets webbrowsersearch.com as the start page, new tab and default search engine on the...

'Jūsu Dators ir Bloķēts' Ransomware, also known as 'Jūsu Dators ir Bloķēts' Virus is an online scam found as ransomware, which affects computer users in Latvia. 'Jūsu Dators ir Bloķēts' Ransomware uses a frightening pop-up image/alert produced by a Police Trojan that allegedly comes from the Latvia Police (Latvijas Policijas – Kibernoziegumi Departaments); however, security institutions do not use such means to announce computer users of possible online cybercrime actions. Therefore, you should not believe the fraudulent pop-up warning message displayed by 'Jūsu Dators ir...

Trojan:Win32/Matsnu.D is a Trojan that makes changes to the infected computer to make it more vulnerable for other malware infections, and contacts a remote host to retrieve commands that can have practically any intention. Once installed and executed, Trojan:Win32/Matsnu.D makes system changes by modifying the Windows Registry. Trojan:Win32/Matsnu.D copies itself to the certain locations with a random file name. Trojan:Win32/Matsnu.D modifies the registry entries to make sure that its copy runs automatically every time Windows is started. Trojan:Win32/Matsnu.D disables registry editing...

Trojan:Win32/BeeVry is a Trojan that modifies numerous computer settings to block the affected PC users from accessing security-related websites, and reduce the security of the affected computer. When installed and executed, Trojan:Win32/BeeVry makes system changes by dropping the potentially malicious files. Trojan:Win32/BeeVry also makes registry modifications. Trojan:Win32/BeeVry may be downloaded by other malware threats, or it may come as an email attachment with an attractive file name. Trojan:Win32/BeeVry modifies the Windows Hosts file. The local Hosts file overrides the DNS...

TrojanDownloader:Win32/Delf.GK is a Trojan that downloads files, which include other malware threats onto the affected computer system. Once installed on the corrupted PC, TrojanDownloader:Win32/Delf.GK makes system changes by adding the potentially malicious files. When run, TrojanDownloader:Win32/Delf.GK creates a file named 'explorer.exe', and inserts itself into this file in an attempt to disguise its existence on the infected computer. If TrojanDownloader:Win32/Delf.GK finds older versions of itself on the targeted PC, it deletes them.

Kexqoud is a Trojan that uses an affected computer without a PC owner's consent to create a specific digital currency known as Bitcoins. Kexqoud uses a legal program used for mining Bitcoins, using multiple accounts, to create this currency. Kexqoud is often bundled with legal applications such as games and productivity tools. Once executed, Kexqoud adds a copy of itself to the %APPDATA% directory with a random file name. Kexqoud also adds a legal Bitcoin-mining tool in the %TEMP% directory, also with a random file name. Kexqoud may also make the modifications to the Windows Registry, to...

Worm.Dorpiex.A (Worm:Win32/Dorpiex.A) is a worm that sends Facebook messages that carry a web link that downloads additional malware threats onto the affected computer. When installed on the infected computer, Worm:Win32/Dorpiex.A makes system changes. Worm:Win32/Dorpiex.A displays messages from an affected PC user's Facebook account that he/she does not recall writing. Once run, Worm.Dorpiex.A to a remote server, from which it gains the list of web links that it uses in the messages it delivers on Facebook. Worm.Dorpiex.A then attempts to get Facebook authentication cookies from the web...

'Ihr Computer Wurde Gesperrt und Alle Daten Verschlüsselt Wurden' Virus is ransomware, which targets vulnerable computers in located in Austria. 'Ihr Computer Wurde Gesperrt und Alle Daten Verschlüsselt Wurden' Virus Ransomware propagates with the help of a Police Trojan and displays a bogus pop-up image/notification supposedly sent by the Austrian police in an attempt to dupe attacked PC users into believing they have committed cybercrime. A misleading pop-up alert shown by 'Ihr Computer Wurde Gesperrt und Alle Daten Verschlüsselt Wurden' Virus Ransomware on the screen of the...