Exploit:JS/Coolex.A is a script, which is included in an exploit pack identified as the 'Cool Exploit Kit' . Exploit:JS/Coolex.A can install other malware threats on the vulnerable computer system. Exploit:JS/Coolex.A circulates via malicious or hacked websites. Exploit:JS/Coolex.A may redirect the hijacked web browser to another website, which contains the exploit code detected as Exploit:JS/Coolex.A, which attempts to install malware infections on the infected computer system based on what software you have installed. If you have Adobe Flash, Adobe Reader, or Java in your PC,...

Troj/Zbot-DPM is a Trojan from the Zeus family, a family that's noted for stealing confidential financial information through both advanced and brute-force techniques that range from man-in-the-browser attacks to keylogging (recording your keyboard's input). As one of the numerous variants of Trojan Zeus , Troj/Zbot-DPM also uses one of that family's favorite distribution mechanisms: spam e-mail messages allegedly sent from a legitimate entity, such as an online bank. Troj/Zbot-DPM's 'secure message' e-mails should be deleted as soon as they're seen, and SpywareRemove.com malware...

Giant Savings is a PUP and potential adware program that displays digital coupon offers in your web browser. Due to limited information about the Giant Savings company, SpywareRemove.com malware researchers are unable to verify how many of these coupons are genuine bargains, but they do note that similar programs often are used to promote the products of sponsored partners – rather than being deals that are selected with an eye on your best interests. The Giant Savings PUP is a browser add-on that occasionally is installed by unrelated programs. If you experience Giant Savings's...

Malta Police Force MPF Ransomware is an example of long-occurring ransomware Trojan campaigns that have, apparently, decided to leave no stone unturned in their search for victims. Like most other members of its family (which SpywareRemove.com malware experts have identified as the Reveton group of Trojans), Malta Police Force MPF Ransomware targets a specific country in Europe – the Republic of Malta – and claims to be a software representative of that country's police force implemented for halting computer-related crimes. However, Malta Police Force MPF Ransomware's pop-up...

7search.com is a deceptive website, which promotes itself as a reputable search engine. In reality, 7search.com is supported by browser hijackers that hijack the vulnerable web browser and change Internet settings. Browser hijackers can change your default homepage and search engine to 7search.com, or open 7search.com in a new tab. Browser hijackers related to 7search.com will change your search results in all popular search engines including Google, Yahoo, Bing and others to unrelated links leading PC users to advertisement websites such as 7search.com. You will get unwillingly diverted to...

Ampnetwork.net is an advertising network that has been noted for a history rife with the distribution (whether intentional or accidental) of various PC threats, including malicious software. Although Ampnetwork.net claims to monitor and terminate advertisements that have been confirmed to exploit their services for promoting harmful content, SpywareRemove.com malware experts must emphasize that, under current conditions, visiting advertising content associated with Ampnetwork.net still has a high chance of exposing you to browser-based attacks. Besides these issues, there also have been...

Findsee.com is a search engine site that appears to offer relevant search results, but actually is more likely to trigger your anti-malware programs with suspicious and potentially hazardous content. Besides the mixed nature of its web page content, Findsee.com also has been reported to be one of many sites that are promoted by browser-redirecting attacks from separate PC threats. Browser-redirecting Trojans, also known as browser hijackers, can attack the security settings of your web browser and always should be considered dangerous, regardless of whether they're redirecting you to...

Exploit:JS/Cooexp.A is a script that is added to an exploit pack found as the 'Cool Exploit Kit' . Once executed, Exploit:JS/Cooexp.A will install other malware threats on your computer. Exploit:JS/Cooexp.A spreads via malicious or hijacked websites that contain this malicious script, which attempts to install malware infections on your PC based on what software you have installed. If you have old versions of Java, Adobe Flash, or Adobe Reader installed on your computer system, Exploit:JS/Cooexp.A will deploy a script which will exploit known vulnerabilities in these programs to install...

Setaga Deal Finder is an adware program from the group called Superfish. Setaga Deal Finder installs itself on the vulnerable computer without a PC user's permission and knowledge. Setaga Deal Finder comes from other program that a PC users has installed. Setaga Deal Finder comes bundled with applications that are made available for public and usually covered as an essential part of the website. When Setaga Deal Finder invades the affected computer system, it affects your web browser and installs itself as browser helper object (BHO). Setaga Deal Finder can control your browsing...

My Super Cheap is a potentially unwanted program/adware that will display its own ads on Facebook, eBay, Best Buy, and other websites that PC users are visiting. These advertisements will be displayed as boxes including a variety of coupons that are available or as underlined keywords, which when clicked will display an advertisement that claims it is sent to you by My Super Cheap. My Super Cheap is an add-on for Firefox, Chrome, and Internet Explorer that is usually installed when a computer user installs other free software. When computer users install free software, they will also...

JS/BlacoleRef.W is a component of Blacole, popularly known as the Blackhole Exploit Kit or simply BEK. By redirecting you to other Blacole-related exploits, JS/BlacoleRef.W enables the exploit kit to install malicious software onto your PC after you've accessed a compromised or hostile website. SpywareRemove.com malware research team has particularly taken notice of JS/BlacoleRef.W-related attacks that have utilized faux LinkedIn-based spearheads, which pretend to offer social media links from a variety of sites. Clicking these links while using a vulnerable PC will allow...

Trojan:Win64/sirefef.AF is a rootkit Trojan that opens a backdoor on the targeted PC and downloads and installs another security threats onto the infected computer system. Trojan:Win64/Sirefef.AF spreads via malicious links, file-sharing networks, and spam email attachments, and invades the victimized computer system without a PC user's permission and knolwdge. Once installed on the corrupted machine, Trojan:Win64/Sirefef.AF slows down the targeted computer and makes it unstable. Trojan:Win64/Sirefef.AF compromises the affected computer and violates privacy. Trojan:Win64/Sirefef.AF will...

Trojan:Win32/Loktrom.B is a ransomware Trojan that affects PC users in various countries. Trojan:Win32/Loktrom.B locks the targeted computer system and displays a bogus full-screen warning message that covers the desktop. The tricky alert pretends to come from a legal authority which states a relation with Windows and Microsoft Security Essentials. The fake warning message of ransomware demands a ransom from victims to be paid for the imaginary storage of illegal files. Trojan:Win32/Loktrom.B may make continuous changes to the affected PC that make it difficult for the PC user to...

Trojan:BAT/Bancos.B is a Trojan that changes an affected computer's security settings by preventing alerts in Windows Security Center from occurring so that the computer is not informed if automatic Windows updates, antivirus program, or Windows Firewall are disabled. Once executed, Trojan:BAT/Bancos.B makes system changes by dropping potentially malicious files and making registry modifications. Trojan:BAT/Bancos.B creats the registry entry so that it can load automatically every time the PC user logs on. Trojan:BAT/Bancos.B may be installed on the compromised PC by other PC threats....

Worm:Win32/Cridex.E is a worm that circulates via a spam email supposedly coming from US Airways. The fake US Airways email claims to be a confirmation of online-registration while tricking recipients into following malicious web-links. The misleading US Airways email message tells the affected PC user that he/she must arrive at the airport within 24 hours for a maximum time of 1 hour before his/her flight, which will take 2 hours in case of a journey to a foreign country. The affected PC user is required by the bogus email to take a print out of his/her boarding pass followed with...

Mal/FakeAV-OY is a rogue anti-virus program that currently is being distributed by spam e-mail messages. These messages use templates that make them look like update notifications from ADP, a prominent payroll/tax management company. Since installing Mal/FakeAV-OY is done under the pretense of installing a security patch, victims may think that they're making their PCs safer – when what they actually are doing is subjecting their PC to fake pop-up alerts, blocked software usage and other problems that are common to scamware like Mal/FakeAV-OY. Since anti-malware software can detect...

It seems every year there is a virtual battle among malware threats and computer worms to win-over its predecessor with new sophisticated attack methods and a means of spreading faster than ever before. With this virtual fight, come many unfortunate victims left to wither and die until a solution is created to either stop the attack or diminish its future effectiveness. One security firm thinks they have the answer to help abolish future malware attacks all by mapping or recording the world's malware. Josh Saxe from Invincea labs Fairfax, Virginia says, "Our vision is to have a database...

Worm:Win32/Hilgild!gen.A is a worm that circulates via removable drives. Worm:Win32/Hilgild!gen.A downloads other files into the affected computer system. Once installed, Worm:Win32/Hilgild!gen.A makes system changes by dropping potentially malicious files and making registry modifications. Worm:Win32/Hilgild!gen.A downloads a copy of itself into the vulnerable computer with the specific file. Worm:Win32/Hilgild!gen.A creates the registry entry so that its copy can run automatically every time you start Windows. Worm:Win32/Hilgild!gen.A circulates by copying itself to all removable...

Exploit:Java/CVE-2012-1723.AHN is a malicious Java application that strives to exploit a vulnerability (CVE-2012-1723) in the Java Runtime Environment (JRE) in order to download and install potentially malicious files onto the targeted computer. If PC users visit a website which contains the malicious code while using a vulnerable version of Java, Exploit:Java/Blacole.AHN is loaded. Exploit:Java/Blacole.AHN then strives to download and execute files from a remote host/URL; the files that are downloaded and executed could involve other malware threats. If Exploit:Java/Blacole.AHN is...

Infostealer.Donx is a Trojan that steals information and may download potentially malicious files on to the affected computer. When Infostealer.Donx is executed, it copies itself to the specific location. Infostealer.Donx creates the registry entry so that it can run automatically every time you start Windows. Infostealer.Donx may perform numerous damaging actions on the corrupted PC such as steal system information and transfer it to a remote location, record keystrokes and transmit them to a remote location, and download and execute other files.