Troj/FakeAV-GNL is a Trojan that is a part of a spam malware campaign. Troj/FakeAV-GNL is distributed via malicious fax and email messages. The spam email that spreads Troj/FakeAV-GNL declares to have been sent by an online fax service called 'DuoFax'. However, the sender's email address has been forged, and 'DuoFax' is not associated with these messages. Attached to the unsolicited emails is a file called 'fax[random number].zip', which itself includes an executable file called 'fax01001_DIGIT[5]_.exe'. The .EXE file is detected as Troj/FakeAV-GNL. If an affected PC user opens a harmful...

Trojan.Win32.agent.AXCS is a Trojan that propagates through the network and affects PC users while they browse the web inappropriately. When installed, Trojan.Win32.agent.AXCS changes system files and registry entries to exploit vulnerabilities of the targeted computer system. Trojan.Win32.agent.AXCS slows down the computer system's performance and results in loss of Internet connection. Trojan.Win32.agent.AXCS also causes data loss and computer freezing problems. Trojan.Win32.agent.AXCS blocks anti-virus software to avoid detection and removal from the infected computer.

Infostealer.Somabix is a Trojan that steals information from the targeted computer. When Infostealer.Somabix is executed, it creates the malevolent files on the infected computer. Infostealer.Somabix creates a service with the specific properties. Infostealer.Somabix then creates the registry subkey to register the service. Infostealer.Somabix then adds the registry entry. Infostealer.Somabix then also modifies the registry entries. Infostealer.Somabix then collects information from the affected computer and transfers it to the particular remote locations.

Infostealer.Nemim is a Trojan that steals information from the affected computer. When Infostealer.Nemim is executed, it collects the specific information from the corrupted PC including computer name, user name, Windows version and service pack details, network card information, CPU information and USB information. Infostealer.Nemim then transfers the stolen information to the specific locations. It may also connect to the specific web addresses.

Backdoor.Jabeefit is a Trojan that opens a back door and steals information from the affected computer. When Backdoor.Jabeefit is executed, it creates a copy of itself to the specific locations of the compromised PC. Backdoor.Jabeefit then adds the malevolent files. Backdoor.Jabeefit creates the registry entry so that it can run automatically every time Windows is started. Backdoor.Jabeefit then opens a back door on the infected computer, and connects to the specific URL. Backdoor.Jabeefit creates new processes, stops processes and downloads files on the attacked PC. Backdoor.Jabeefit...

Maxdatafeed.com is a search engine that appears to display irrelevant links instead of search query-related results. Currently, Maxdatafeed.com hasn't been found to be a host for malicious scripted content or other PC threats that are often found on suspicious websites, and Maxdatafeed.com is not likely to harm your computer in any direct way. However, some browser hijackers have been known to redirect their victims' web browsers to Maxdatafeed.com automatically. Such problems can be resolved, as always, by the dutiful application of a solid anti-malware product, which will remove the...

Often associated with rogue system-scanning products, the Fake Windows Firewall is a fraudulent firewall utility that doesn't provide any actual protection for your PC – instead of performing real firewall functions, the Fake Windows Firewall, will, at best, block legitimate programs while the Fake Windows Firewall delivers fake pop-up warnings about various unrelated PC threats that supposedly are attacking your computer. Although a Fake Windows Firewall sometimes is found alone, usually a Fake Windows Firewall's purpose is to encourage you to buy an associated rogue anti-malware or...

Also known as Beebus, Mutter is a comprehensively-equipped backdoor Trojan that is being used to gather government data related to unmanned drone operations. Although Mutter's place in its attack operation appears to have been substituted by a pair of brand-new backdoor Trojans, SpywareRemove.com malware experts warn that Mutter still is capable of harming computers that are infected with Mutter and grants a high level of access to the criminals using its C&C server. Since Mutter primarily is a concern for business and government PCs that are used to process highly confidential data,...

Trojan.Spamats is a Trojan that opens a back door and sends spam emails from the affected computer. When Trojan.Spamats is executed, it creates the potentially malicious files. Trojan.Spamats creates the registry entry so that it can run automatically every time Windows is started. Trojan.Spamats then opens a back door on the targeted computer and downloads files from the certain domains. Trojan.Spamats may then send spam from the corrupted PC.

W32.Inabot is a worm that circulates through removable drives and network shares. W32.Inabot steals information from the infected computer. When W32.Inabot is executed, it creates the potentially malicious file. Once run, the original executable file is deleted in order to disguise its existence on the affected computer. W32.Inabot then creates the registry entry so that it runs every time Windows is started. W32.Inabot then connects to one of the command-and-control (C&C) servers and opens a back door on the corrupted PC. W32.Inabot grabs information from the victimized PC and...

Exploit:Java/CVE-2013-0431 is a malicious Java application that spreads via hijacked websites and targets computers using a vulnerable version of Java. Exploit:Java/CVE-2013-0431 is a malicious code that uses a vulnerability (CVE-2013-0431) to download and install other malware threats onto the compromised PC. Exploit:Java/CVE-2013-0431 is to be identified in the course of web browsing, while the malware threats it downloads, if already downloaded, betray the vulnerability on the host computer.

Priceblink Virus is a potentially unwanted program, which is categorized as an adware application. Once Priceblink Virus gets inside the targeted PC, it drops an extension on all Internet browsers, involving Internet Explorer, Mozilla Firefox and Google Chrome. Additionally, Priceblink Virus starts its annoying activity, which is based on numerous pop-up advertisements, alerts and underlined words that redirect affected computer users to dubious websites. As its name suggests, Priceblink Virus promises to give information about coupons, promotions, price comparisons and similar things....

Trojan-Banker.Win32.BifitAgent is a banking Trojan – a Trojan that steals financial information and uses any accessible bank account's Web interface to initiate fraudulent transactions. Specifically designed to compromise banks using Bifit-protected technology, Trojan-Banker.Win32.BifitAgent has warranted interest from SpywareRemove.com malware researchers and other industry experts as a consequence of its employment of advanced techniques to initiate its attacks, conceal itself and maintain its various components. Even though Trojan-Banker.Win32.BifitAgent doesn't show any symptoms of...

PUP.VShareRedir is a potentially unwanted program, which disables Google Chrome and other web browsers. When installed on the infected computer system, PUP.VShareRedir deteriorates the compromised PC's performance, however, without a malicious purpose. PUP.VShareRedir takes over the hijacked Internet browser and causes annoying redirects to suspicious websites, particularly, to a sharing portal. PUP.VShareRedir is difficult to detect and remove from the affected PC. PUP.VShareRedir can also restrict attacked PC users from accessing it on the targeted computer system. Legal anti-malware...

Trojan.Tesch.A is a mischievous Trojan horse that may perform many malicious activities without notifying the computer user. These actions may load other unknown malware on the infected system. Additionally, a remote attacker may be able to connect to a system infected with Trojan.Tesch.A through a vulnerability or connection created by the deceptive Trojan. Eliminating the Trojan.Tesch.A threat may require an antispyware program safely detecting all related files and then removing each of them.

The TorRAT malware is a malicious form of Remote Administration Tool that enables criminals to control your computer by issuing various instructions, installing other malware and working around your computer's security features. Even though the TorRAT malware has been identified for an extended period of time, the TorRAT malware's latest distribution scheme has placed a heavy emphasis on the TorRAT malware in cybersecurity news. By hijacking Twitter accounts to spam malicious links to new victims, the TorRAT malware enables its own distribution swiftly and efficiently. Twitter users are...

The Morocco Sûreté Nationale Ransomware is a confirmed member of the CashU family, a close group of related Police Trojans that previously have targeted primarily Middle Eastern countries. With the Morocco Sûreté Nationale Ransomware's attacks targeting civilians in the Kingdom of Morocco, but otherwise being identical to past examples of related Police Ransomware Trojan attacks, the Morocco Sûreté Nationale Ransomware only exemplifies how far abroad criminals are willing to look for new victims. Since the Morocco Sûreté Nationale Ransomware attempts to pose as a legitimate...

There is no doubt that we have a serious mobile malware issue emerging, mainly effecting devices running the Android operating system. In the most recent findings by the Russia-based Doctor Web, new malicious in-app advertising schemes claiming to scan devices for viruses are primarily used to download a fake antivirus app. Offering some type of antivirus solution for Android devices is becoming quite the popular action for many just due to the increase in mobile device malware in general. Android device users are beginning to become more curious of protecting their device from emerging...

Motsob is a Trojan that was disseminated through e-mail spam attacks that lured victims into a compromised site through links themed after news regarding the Waco, Texas fertilizer plant disaster. While the drive-by-download exploit that was used to install Motsob has since been pulled down from its hosting site, SpywareRemove.com malware experts warn that computers already compromised by Motsob may be at risk for attacks like system-blocking pop-ups from Police Ransomware Trojans or theft of highly sensitive account information. Anti-malware applications can be used to remove Motsob from...

Exploit.Java.CVE-2013-0422.z is a Java exploit, which spreads via a hijacked website that hosts and pushes a malicious Java applet exploiting the CVE 2013-0422 vulnerability. The malicious Java application, Exploit.Java.CVE-2013-0422.z, spreads via the infectious website called 'minjok.com', which turns out to be a news website in Korean and English languages including mainly political events around the Korean peninsula. The website is currently closed. The attackers added a single line in a page code displaying the latest news about Korea. This line of code pressed an attacked visitor's...