Backdoor.Mirafox is a backdoor Trojan that opens a back door on the affected computer. Once executed, Backdoor.Mirafox may copy itself by creating and dropping potentially malicious files. Backdoor.Mirafox also creates the certain registry entry so that it can start automatically every time you start Windows. Backdoor.Mirafox collects the certain information about the compromised PC including OS version, computer name and CPU information, which is then transfered to a command-and-control...

The IPA Virus is a ransomware Trojan that detects the victim's country by the IP address and displays a nationality-specific pop-up alert while the IPA Virus blocks your computer. Although the IPA Virus's pop-up claims to be a legal notice from the International Police Association, the real IPA is unaffiliated with all variants of the IPA Virus and doesn't make a habit of designing Trojans that lockdown random PCs. Besides its efforts to borrow the legitimacy of a real law enforcement...

Sendori is a PUP that disguises its redirects under the supposed feature of protecting your browser from mistyped Web addresses. As an unusually invasive browser hijacker that actively interferes with your browser, Sendori should be treated as a low-level threat, and anti-malware software is recommended for deleting Sendori and the browser changes Sendori implements to promote third party websites. SpywareRemove.com malware experts have had numerous encounters with browser hijackers in the...

Enfal is a backdoor Trojan that's noted for its participation in the LURID downloader attacks that targeted over half a hundred countries with attempts to compromise PC security and steal information from government and industrial networks. While Enfal isn't available to the public-at-large, the widespread nature of its attacked, coupled with evidence of its ongoing development, have led SpywareRemove.com malware experts (along with others in the industry) to suspect that Enfal is the product...

BKDR_MECIV.AF is a new variant of the Enfal Trojan, a Trojan that's been widely-utilized in attacks against NGOs, various governments and industrial sectors since at least 2004. Even though Enfal is, as far as Trojans go, quite old, SpywareRemove.com malware experts have noted that BKDR_MECIV.AF includes several modifications that imply that Enfal's development remains ongoing as of 2012. Like other variants of Enfal, BKDR_MECIV.AF is used to compromise your PC through standard backdoor...

TROJ_ARTIEF.JN is a malicious Word document that's designed to install a recent variant of the Enfal Trojan. TROJ_ARTIEF.JN's distribution is handled by e-mail messages that are crafted to look like messages regarding relevant political issues or business/government agendas, with TROJ_ARTIEF.JN included as a seemingly-innocent DOC file attachment. Victims who open TROJ_ARTIEF.JN will find their PCs infected by Enfal without any symptoms of the attack, and Enfal will continue its assault by...

Adware.win32.Adkubru is an adware application that distributes and shows unwanted ads from the web. Adware.win32.Adkubru displays pop-up pages containing various ads. Adware.win32.Adkubru modifies browser settings so that an unwanted URL serves as a browser start page and new tab default destination. Adware.win32.Adkubru interferes with online searches that block legitimate search engines while loading suspicious websites it is guided to advertise. Adware.win32.Adkubru is injected into...

An Internet Explorer bug that has allowed exploitation by hackers by installation of malicious hijacking software has a new updated fix tool called Fixit planned for release by Microsoft. Microsoft recently released a security advisory with several steps that PC users may take to temporarily fix a potentially dangerous vulnerability found within the latest versions of Internet Explorer. As a follow-up to the temporary fix recommendations, Microsoft has revealed that they will ship 'Fixit',...

Trojan.Encriyoko is a Trojan that encrypts certain files on the affected PC. Trojan.Encriyoko may be distributed on to the targeted computer by other PC threats such as Trojan.Downloader . Once executed, Trojan.Encriyoko encrypts all files that do not have the certain strings in their file path location. Trojan.Encriyoko encrypts any files that have the certain file extensions. Trojan.Encriyoko also encrypts files that include the following strings in the file extension. Trojan.Encriyoko...

Backdoor.Wisti is a backdoor Trojan that opens a back door on the infected computer. Backdoor.Wisti usually spreads via malicious PDF files. Once executed, Backdoor.Wisti can create malicious files and modify the Windows Registry. Backdoor.Wisti may connect to numerous URLs. Backdoor.Wisti connects to a command-and-control (C&C) server in order to receive instructions from attackers. Backdoor.Wisti allows attackers to collect computer system and PC user's information and retrieve...

Troj/SWFDL-I is a variation of the Poison Ivy Trojan that is used in web-based attacks associated with a 'zero day' hole in Internet Explorer to infect targeted Windows Vista, Windows 7 and Windows Server 2003 and 2008 computer systems running the Internet Explorer versions 6, 7, 8 and 9. Troj/SWFDL-I exploits the Java vulnerability that affects most supported versions of Internet Explorer and Windows. A remote code execution vulnerability exists in an Internet Explorer function to access an...

Troj/SWFDL-H is a version of the Poison Ivy Trojan that is used in web-based attacks linked to a 'zero day' hole in Internet Explorer to affect compromised Windows systems running Internet Explorer. Troj/SWFDL-H exploits the Java vulnerability that affects Internet Explorer (versions 6, 7, 8 and 9) and Windows Vista, Windows 7 and Windows Server 2003 and 2008. A remote code execution vulnerability exists in an Internet Explorer function to access an object that has been erased or improperly...

Troj/SWFDL-G is an alert for web content that's attempting to exploit a zero-day IE vulnerability to install malicious software, with the most common payload being variants of the backdoor Trojan known as Poison Ivy . At the time of this article's writing, this exploit is unpatched, and SpywareRemove.com malware analysts have confirmed that Troj/SWFDL-G attacks can affect most versions of Internet Explorer, as well as most versions of Windows. Since patching your software is, for once, not a...

Metacrawler.com is a search engine-consolidating website that gathers the results of Google, Yahoo, Bing, etc and presents them in its search page. Although malware analysts have found that Metacrawler.com is a safe website that isn't associated with any noticeable PC threats, there are many less reputable websites than Metacrawler.com that borrow Metacrawler.com's content while using browser hijackers to promote their own domains. If you're redirected to a website that uses Metacrawler.com's...

We live in an uncertain world and we happen to be in the know of the latest sneaky tricks hackers are up to on the evil ends of earth. In our latest 'evil-doer' findings, we have been alerted to a finding by the BBC on a scheme where blackmailing scammers are targeting online daters through a forceful and demoralized approach. Reportedly, a new hacker scheme has been uncovered to utilize a dating or social network where a woman initiates contact with men. After the woman sparks up a chat,...

Trojan.Win32.FakeGdf.A is a variant of the Ukash Virus and, like other members of that family, uses your IP address to determine your location before Trojan.Win32.FakeGdf.A displays fraudulent pop-up warnings. These warnings are used to lock your computer – supposedly until you pay a legal fine in penance for computer-based criminal activities, although legal warnings that issue forth from Trojan.Win32.FakeGdf.A always should be considered fake and their fines should never be paid. Although a...

The backdoor Trojan Troj/Backdr-HG uses multiple levels of deceit in its attempt to install itself on your PC and then launch itself without your attention. SpywareRemove.com malware analysts have traced Troj/Backdr-HG attacks back to fake license agreements that pretend to be from Microsoft – right up to the point of copying the actual text of a previous Microsoft e-mail. After victims have open the mislabeled file attachment, Troj/Backdr-HG will install and launch itself with the same name...

Fantastigames.com is the base domain for Search.fantastigames.com , a search engine website that's promoted through browser hijacks from its associated toolbar. While Fantastigames.com will try to portray its browser add-on as a helpful product that allows you to search for games and other relevant interests online, Fantastigames.com's accompanying software has been confirmed by malware researchers as a low-level PC threat and browser hijacker. Despite the lack of danger associated with...

Search.rpidity.com is a Google-powered search engine, but while its search results may be genuine and its content may be safe, Search.rpidity.com is unlikely to be completely innocent of association with PC threats. SpywareRemove.com malware researchers have confirmed a series of incidents wherein Search.rpidity.com is promoted by browser hijackers through redirects and undesirable settings changes that force hapless web surfers to Search.rpidity.com without their consent. Even though...

Find-asap.com is a clone of the ever-popular Google website and uses that site's search results with the mere addition of advertisements alongside them. With results that give you no reason to use Find-asap.com instead of the original site that Find-asap.com is borrowing its sources from, Find-asap.com could be considered a valueless albeit non-malicious site, if it weren't for recent Find-asap.com-related attacks that have involved browser hijackers. PC threats with browser-hijacking...