'Computer Crime & Intellectual Property Section' ransomware is a variant of the Trojan commonly-identified as Trojan:Win32/Reveton.A . Like Police Central e-crime Unit (PCEU) ransomware , the Strathclyde Police Ukash Virus , ' Poliisi Tietoverkkorikos Tutkinnan Yksikkö' Ransomware and similar ransomware Trojans from this family, 'Computer Crime & Intellectual Property Section' ransomware displays a fraudulent pop-up that claims that your PC is guilty of being used in various...

The BlackShades Remote Controller is a backdoor Trojan (also known as a RAT or Remote Administration Tool) and spyware that's used to monitor and steal private information via keylogging, screenshot-grabbing and similar attacks. BlackShades achieved a headline-worthy status for its involvement in the Syrian military conflict – namely, as an attacker against increasingly-sophisticated and technologically canny anti-government activists. The top means of infection by BlackShades is via Skype...

Trojan.Downloader.Regonid.B is a Trojan that contains rootkit capabilities and, thus, can disguise itself from detection and removal by many security applications. Trojan.Downloader.Regonid.B slows down the targeted PC causes Windows failures. Trojan.Downloader.Regonid.B can distribute more malicious programs to the infected computer. Trojan.Downloader.Regonid.B can steal passwords, user names, email addresses, and credit card information, modify the Windows Registry, add and delete...

Xooxle.net is a search site that includes some of Google's most well-known features, in addition to sharing its basic format with the nigh-identical Wuulo.com . Although Xooxle.net is a relatively new site that hasn't amassed much of a reputation either positive or negative, reports of browser redirects linked to Xooxle.net have caused malware researchers to classify Xooxle.net as a potential threat, and online searches based in Xooxle.net should proceed only with the utmost caution. Browser...

Wuulo.com is a search engine website that uses a template similar to that of the ever-popular Google site. Although Wuulo.com appears to be similar to Google, there are instances of browser hijackers using redirects to force web browsers to load Wuulo.com without permission, which is sometimes symptomatic of malicious, fraudulent or advertisement-based (AKA spam) search engines. Since Wuulo.com is still an extremely new website that hasn't yet been fully analyzed by malware researchers or...

Backdoor.Win32.Agent.cjpk is a backdoor Trojan that can damage the targeted computer system. During installation, Backdoor.Win32.Agent.cjpk replaces critical system files and encrypts important system information. Backdoor.Win32.Agent.cjpk worsens PC performance of the affected computer. Backdoor.Win32.Agent.cjpk may be connected with some ransomware threats that deliberately make modifications to data changing the information with a special code so that it cannot be read by the PC user....

Backdoor.Win64.ZAccess.bm is a kernel mode backdoor Trojan that contains rootkit capabilities. Backdoor.Win64.ZAccess.bm is closely related to a ZeroAccess rootkit that matches a sequence detected in the kernel driver device. Backdoor.Win64.ZAccess.bm allows attackers to obtain remote access and control over the affected PC. Backdoor.Win64.ZAccess.bm may drop and execute other malware infections on the compromised machine.

Win32:Aluroot-C is a rootkit infection that runs in a special sector of the infected computer system. Win32:Aluroot-C blocks access to its components that worsens its removal. In order to eliminate Win32:Aluroot-C, advanced memory formatting is needed. Win32:Aluroot-C blocks legitimate websites, changes the desktop background, causes repeated networking disorders and blue screen of death. Win32:Aluroot-C might be difficult to uninstall by many security applications.

FBI Moneypak ransomware is ransomware that displays a fraudulent FBI warning as part of its attempt to steal money from the victim via MoneyPak. As a close relative of the Gema 'Access to your computer was denied' Virus , Police Central e-crime Unit (PCEU) ransomware , and Buma Stemra Virus , FBI Moneypak Ransomware can be deleted safely by the same anti-malware programs that can remove the so-called Gema Virus, which employs similar tactics, albeit for German rather than US legal...

Smart phones and webcams no doubt helped popularize user-generated videos (UGV) on video hosting sites like youtube.com and vimeo.com. However, the biggest surprise has to be the cross over appeal and use of UGVs on hard news websites and premium TV networks, an honor once reserved only for seasoned production crews. While many professional videographers seek both fame and fortune, amateur producers of UGVs are willing to settle for the bragging rights of having thousands, if not millions, of...

Backdoor.Snifula.D is a backdoor Trojan that opens a back door on the infected computer. Once executed, Backdoor.Snifula.D may modify the certain registry entry in order to disable a security alert. Backdoor.Snifula.D may modify the certain registry entry in order to reduce Internet Explorer security settings. Backdoor.Snifula.D also creates several registry entries. Backdoor.Snifula.D may contact the specific command and control (C&C) servers using a POST request on HTTP port 80....

Trojan.Basutra is a Trojan that modifies the master boot record (MBR) of the infected computer. Once executed, Trojan.Basutra modifies the certain registry entry. Trojan.Basutra then changes the password for the Administrator account to HaHaHa_[RANDOM NUMBERS]. Trojan.Basutra also ends up the Alerter and System Event Notification services. Trojan.Basutra can delete all directories and files on all logical drives. Trojan.Basutra then contacts the particular locations on ports 8080 or 110....

Trojan.Fakeavlock is a Trojan that purposely deteriorates the security status of a PC, locks programs making the PC unusable, and tries to persuade the computer user to buy a rogue security application. Trojan.Fakeavlock leads to system instability by performing actions that block the PC user from accessing particular software programs on the machine. Once executed, Trojan.Fakeavlock creates the certain file. Trojan.Fakeavlock occurs as a security tool and executes numerous actions....

Trojan.Milicenso is a Trojan downloader that uses advanced techniques to misrepresent itself as a low-level PC threat while Trojan.Milicenso is used for other attacks against the infected PC. Because Trojan.Milicenso's payload is configurable, the risks that can result from a Trojan.Milicenso infection may vary, but Trojan.Milicenso's trademark side effect is a series of seemingly-infinite printouts (due to Trojan.Milicenso's incorporation of a fake printer spool or .spl file in its infection...

ACAD/Medre.A is a worm and virus that specializes in theft of files in the AutoCAD format – a commercial program that's widely-used by architectures, engineers and similar professionals for blueprinting and computer-assisted designing activities. Although ACAD/Medre.A's basic line of attack is an unusual niche, ACAD/Medre.A also includes capabilities that would also be harmful to PC users who don't have anything to do with AutoCAD, such as theft of e-mail-related information for future...

With the global economy still on tenuous ground and with many people looking for any new job opportunities, the 'Mystery Shopper Market Research' scam is a particularly exploitative variant of an old scam that's used to attack your finances and personal information under the pretenses of offering you a new career opportunity. Although the 'Mystery Shopper Market Research' scam pretends to be an avenue for steady two hundred dollar checks in mystery shopping positions, the 'Mystery Shopper...

JS.Runfore is a virus that affects .js files. Once executed, JS.Runfore searches for .js files and attaches itself to the files it detects. JS.Runfore can replicate itself and spread from one computer to another. When running, JS.Runfore connects to the certain website [http://][16 RANDOM CHARACTERS].ru/runfor[REMOVED]. JS.Runfore is a serious threat to the compromised PC; therefore, JS.Runfore needs to be uninstalled immediately after detection.

Troj/20121889-B is a Trojan that comes armed with a detection for samples that try to exploit a vulnerability in Microsoft XML Core Services which could allow Remote Code Execution (CVE-2012-1889). Troj/20121889-B detection has been recently reported on the website of the European medical company that was exploiting the CVE-2012-1889 vulnerability. A few files have been inserted into the compromised website. The file named 'deploy.html' includes the vulnerability and loads 'deployJava.js', a...

Troj/SWFExp-AV is a Trojan that comes armed with a detection for samples that try to exploit an Adobe vulnerability in SWF files. Troj/SWFExp-AV protects against the 'movie.swf' file. The file 'movie.swf' with the intriguing parameters '[?apple=' can be executed by the file named 'deploy.html', which includes vulnerability in Microsoft XML Core Services which could allow Remote Code Execution (CVE-2012-1889).

Trojan.Flush.K is a particularly infamous browser hijacker that changes your computer's DNS settings to redirect your browser to unwanted and potentially harmful sites. Although, at the time of this writing, all confirmed Trojan.Flush.K servers have been shut down, recent action by the ISC has also taken down their clean 'substitute' servers. This can result in Trojan.Flush.K-infected PCs suffering from a total loss of Internet connectivity until Trojan.Flush.K is removed. Even though this...