HTKL_PWDUMP, or PwDump7, is a criminal utility that can extract confidential password information from Windows without the consent of the original PC's user. In conjunction with other attacks, this can be utilized to put in jeopardy the privacy and security of your computer, and may be a prelude to account hijacks by criminals. As noted in the general article on Adobe certificate compromises in Troj/HkCert-A , criminals have exploited an Adobe server vulnerability to give HTKL_PWDUMP (along...

Win32/Spy.Zbot.AAO is a Trojan that is able to send packets including a victim's personal and banking information to remote servers. Win32/Spy.Zbot.AAO is difficult to detect and remove from the targeted PC. Win32/Spy.Zbot.AAO allows attackers to gain full remote access and control over the infected computer system. Win32/Spy.Zbot.AAO may also download and install other malware threats to the corrupted PC. Win32/Spy.Zbot.AAO receives commands from a C&C server to perform malicious actions...

Win32/Fynloski.AA is a backdoor Trojan from the Fynloski family, and like other members of the family, uses backdoor vulnerabilities for the purpose of installing other PC threats, stealing information and harming your computer's security. Installations for Win32/Fynloski.AA have been known to use multiple techniques, but the latest Win32/Fynloski.AA attacks are associated with game account piracy programs that also install a browser hijacker. Unlike its erstwhile partner in crime,...

Like the similar ransomware Trojan ULocker, Urausy is a variant of police ransomware that first appeared in July of 2012. Urausy also shares ULocker's multi-linguistic acrobatics, since Urausy has been confirmed to be able to create pop-up alerts in many languages that are used throughout Europe. After being installed (often by a related Trojan downloader), Urausy displays a screen-wide pop-up alert that claims to be a notice from an 'e-crime' police unit or other police agency. This alert...

Ulocker is a form of police ransomware that attempts to detect the target computer's country (based on the IP address) and display a region-specific legal alert by the International Police Association. While Ulocker's pop-ups claim that your PC has been locked down due to criminal activity occurring, SpywareRemove.com malware researchers note that Ulocker isn't affiliated with the IPA and doesn't have any valid reason to lock your computer. To unlock your PC, Ulocker may request a Ukash or...

Supern0va is a police ransomware Trojan that also includes optional attack functions (such as locking your computer or blocking specific memory processes). Because Supern0va is distributed through malicious online advertisements, SpywareRemove.com malware researchers advise that you keep live anti-malware protection to block Supern0va-downloading exploits that can occur in your web browser – that is, if you're not comfortable with the simple solution of blocking all advertisements entirely....

Ransirac is the technical name for what's casually called the Gema 'Access to your computer was denied' Virus . Evidence of Ransirac's existence was found in February of 2012, and uses the HTML style sheet standards of the German GEMA organization to make its fake pop-up alerts look realistic. By displaying a pop-up alert that claims that your computer has been used to download copyrighted media, Ransirac attempts to extract a hundred Euro ransom from the PC's user. SpywareRemove.com malware...

Madlerax is a Trojan that locks your PC with a fraudulent pop-up alert (typical to police ransomware-based PC threats) which claims that the law requires you to take additional steps to end the lockdown – such as sending a premium SMS message or making a cash transaction through Ukash, etc. As SpywareRemove.com malware researchers have found to be common with recent types of police ransomware, Madlerax's pop-up claims to have legal authority over your computer because of crimes that...

HmBlocker is a variant of Police Ransomware that was first seen in 2010. By blocking your computer with an alert that includes a pornographic image, HmBlocker not-so-gently encourages you to send a premium text message to a specified number, supposedly to unlock your computer. While HmBlocker claims to have the legal authority to do these things, SpywareRemove.com malware researchers stress that HmBlocker is a form of illegal and malicious software that should be circumvented and then...

Trojan Horse Generic29.DFS is a rootkit Trojan that propagates through various software and security vulnerabilities. Trojan Horse Generic29.DFS hides itself on the affected computer system and, thus, is difficult to detect and remove from the victimized PC by many security software. Once executed, Trojan Horse Generic29.DFS will add malicious files and make modifications to computer settings so that your PC will run abnormally. Trojan Horse Generic29.DFS will slow or freeze your computer....

Trojan Horse Generic29.AFZK is a Trojan that targets Windows computers. Trojan Horse Generic29.AFZK can invade the targeted machine secretly and run on the infected computer without a victim's permission and knowledge. Trojan Horse Generic29.AFZK is a serious risk to your security and privacy because it can gather the PC user's online account information, passwords or even system data and transmit it to a remote server. Trojan Horse Generic29.AFZK slows the corrupted system and disconnects...

Uncoverthenet.com is a spam-based search engine that provides inaccurate results to ensure its profitability through link sponsorship and traffic channeling activities. Though easily-avoided on its own, Uncoverthenet.com also is promoted through browser-hijacking attacks that are caused by malware (colloquially referred to as the Uncoverthenet.com Virus or Uncoverthenet.com Redirect Virus). SpywareRemove.com malware research team encourages you to be cautious when interacting with search...

W32.Greypac is a worm that replicates itself to shared web folders. W32.Greypac may be distributed to the targeted computer as a malicious email attachment. Once executed, W32.Greypac replicates itself to the certain location of the corrupted machine. W32.Greypac creates the specific registry entry, which allows it to run automatically every time you start Windows. W32.Greypac then downloads the certain image file and illustrates it. W32.Greypac may also create and show a window with the...

Trojan.Ransomlock.S is a Trojan that locks the desktop of the affected computer and makes the PC unusable. Trojan.Ransomlock.S demands the affected PC user to pay the supposed ransom to unlock the machine. Once executed, Trojan.Ransomlock.S copies itself to the certain location of the compromised PC. Trojan.Ransomlock.S creates the specific registry entry so that it can run automatically every time you start Windows. After the PC is locked, Trojan.Ransomlock.S displays a fake warning message...

Trojan Horse Generic16.CHMI is a Trojan that hides itself on the compromised PC by attaching its own code to legitimate Windows system files so that it is difficult to detect and remove from the machine. Once installed on the corrupted PC, Trojan ZPACK.GEN makes system changes by adding several potentially malicious files and certain registry entries that allow it to run automatically every tine you start your computer. Trojan ZPACK.GEN may display disturbing pop-up alerts on the screen of...

Uwavou.com is a website that's associated with browser hijackers that are promoted through free gaming add-ons and related software. Although Uwavou.com doesn't have any meaningful content and, at the time of this writing, can't be considered dangerous to your computer, SpywareRemove.com malware research team strongly recommends that you use anti-malware products to remove browser hijackers that promote Uwavou.com, since these attacks can reduce your web-browsing security by a meaningful...

Trojan ZPACK.GEN is backdoor Trojan that opens a back door on the affected computer and, thus, allows attackers to gain remote access and control over the targeted PC. Trojan ZPACK.GEN allows attackers to steal personal information from victims and send it to a remote server. Trojan ZPACK.GEN may also download and install other PC threats on the infected computer system. Trojan ZPACK.GEN can hijack the web browser and cause unwanted redirectsto suspicious websites.

The 'Windows Security 2012 has found critical process' pop-up alert is a fake warning message that's used by malicious websites as a lure to make you install malicious software – in most cases, fake anti-malware programs from the FakeRean family or similar PC threats. A 'Windows Security 2012 has found critical process' Pop-Up Alert is displayed automatically through script-based exploits that launch when you load hostile web pages, and SpywareRemove.com malware researchers recommend that...

Trojan Horse Agent3.WJV is a Trojan whose code is based on (via a code injection attack) a compromised system driver that complicates any attempts to detect or delete Trojan Horse Agent3.WJV from your computer. Similar to attacks that are used by some members of the Alueron family, Trojan Horse Agent3.WJV can launch itself from within a normal Windows process and load other PC threats. SpywareRemove.com malware researchers have noted that Trojan Horse Agent3.WJV particularly is noted for...

Trojan:Win32/Alureon.EP is a Trojan dropper that's used to install and launch a secondary component of a multicomponent Alureon infection. Alureon attacks use code injection techniques to hide themselves while they steal confidential information by monitoring your Internet traffic. Because there aren't any meaningful symptoms in a Trojan:Win32/Alureon.EP attack (besides very minor changes to the resource usage of preexisting system processes, like svchost.exe), SpywareRemove.com malware...