Trojan:Win32/Alureon.FP is a Trojan that points to the detection method which allows to identify certain modifications of the Alureon rootkit. Extermination of Trojan:Win32/Alureon.FP deletes malicious Volume Boot Record (VBR). Trojan:Win32/Alureon.FP is set to a white-listed area so that its removal needs special skills, because any errors could cause severe PC system harm and even result in PC system crash. In spite of deletion errors in the process of the rootkit removal, PC users of the infected computers, particularly 64-bit version Windows XP operating system, by...

GVU Gesellschaft zur Verfolgung Ransomware is a ransomware Trojan that uses a fake warning message (supposedly from a German anti-copyright infringement organization) to lock down your PC. Despite its pretensions, GVU Gesellschaft zur Verfolgung Ransomware isn't affiliated with the actual GVU, which is an independent and reputable organization, and warning messages from GVU Gesellschaft zur Verfolgung Ransomware aren't indicative of your PC being caught red-handed in any sort of copyright-infringing crime. However, since GVU Gesellschaft zur Verfolgung Ransomware's pop-up will prevent...

Blackhole Exploit Kit 2150, known more thoroughly as Exploit Blackhole Exploit Kit (type 2150), is a recent variant of Blackhole Exploit Kit (also known as Blackhole), a configurable package of exploits that installs other PC threats onto your computer – particularly rogue security programs. Symptoms of a successful attack by Blackhole Exploit Kit 2150 can vary due to the configurable nature of BEK-based PC threats, but have been known to include unusual program behavior, an inability to launch certain applications, browser redirects and the presence of fraudulent security pop-ups that...

Win32/Bifrose.NEC is a backdoor Trojan that is detected in numerous files. Win32/Bifrose.NEC mainly occurs in .exe files; however, it can be found in .rar files as well, which, when unpacked, turn also to be executable files. The full code of the file detected as Win32/Bifrose.NEC is malicious. Win32/Bifrose.NEC slows down your computer because it uses a large amount if system resources. Win32/Bifrose.NEC also deletes important files that include system drives. Win32/Bifrose.NEC can completely crash your computer. To protect your computer from damage, remove Win32/Bifrose.NEC as soon as...

PWS:Win32/Karagany.A is spyware that specializes in stealing FTP login credentials, including passwords and user login names. While PWS:Win32/Karagany.A's payload is ranked as a high-priority threat by SpywareRemove.com malware analysts, PWS:Win32/Karagany.A doesn't display significant symptoms, and you may be unable even to detect PWS:Win32/Karagany.A, let alone remove PWS:Win32/Karagany.A from your hard drive unless you have appropriate anti-malware software on your PC. PWS:Win32/Karagany.A is also associated with the EyeStye family of Trojans that conduct a variety of...

Troj zaccess CQJ is a Trojan that creates a kernel mode item _max++. There is a part of the object's code named ZeroAccess in a kernel device object. Alternate data streams are used to store the code of Troj zaccess CQJ. Those streams are secured from scans, unless an appropriate utility is being used, because Troj zaccess CQJ can monitor activities on the targeted PC system. If Troj zaccess CQJ finds a way to access the streams that contain the rootkit, it creates processes that try to locate and block the application that attempts to gain the access. Troj zaccess CQJ creates its own...

Trojan Horse Dropper.Generic5.CGOS is a Trojan created to download other malicious software programs on the infected computer. Trojan Horse Dropper.Generic5.CGOS can also perform other malicious activities on the targeted computer. Trojan Horse Dropper.Generic5.CGOS uses reverse engineering and similar encoding methods to avoid detection and removal from security software. The server Trojan Horse Dropper.Generic5.CGOS connects to is modified for up to several times a day to block attacks by cyber security groups so that the Trojan Horse Dropper.Generic5.CGOS's instruction is modified...

Vshare.toolbarhome.com is, as its URL implies, associated with the vShare plugin (a live and VOD broadcasting utility) for various web browsers. While both Vshare.toolbarhome.com and its plugin have been found to be non-malicious, careless installation of the vShare toolbar can cause unwanted redirects to Vshare.toolbarhome.com when you try to access your default search engine. Redirects to Vshare.toolbarhome.com are functional in both Internet Explorer and Firefox, and if they're deemed undesirable, can be stopped by deleting Vshare.toolbarhome.com's toolbar product. Although vShare isn't...

Mal/HTMLGen-A might be a malware threat that is created by hackers to block access to safe websites on the Internet. Particularly, Mal/HTMLGen-A is related to services of Google such as google-analitics.com. If an affected online user attempts to access the certain website, he/she is blocked from loading it. Mal/HTMLGen-A is able to block any websites associated with Google Analytics. Meanwhile, Mal/HTMLGen-A is a heuristic routine and legitimate technique for identifying security threats. You are strongly advised to remove all marked items of Mal/HTMLGen-A, despite the plethora of false...

Police Nationale FR Ransomware is yet another variant of the Ukash Virus (whose progenitor was identified by Microsoft as Trojan:Win32/Ransom.DU ) that, once again, targets unfortunate French computers with its ransom hoax. Police Nationale FR Ransomware creates a pop-up alert that blocks you from using other programs while claiming that your PC is being blocked due to its involvement with PC threat-distributing or pornographic websites. However, SpywareRemove.com malware analysts stimulate you to pay no attention to this warning, since Police Nationale FR Ransomware isn't linked to any...

As people continue to be obsessed with The Hunger Games, you can bet that cybercriminals also are obsessed with the phenomenon surrounding The Hunger Games and want to get a piece of the action. Internet users are searching the Web for 'free' Hunger Games movies, ebooks, screensavers, etc. Therefore, anything related to The Hunger Games is a perfect oportunity to hunt for prospective, gullible PC users to scam or infect with malware. Blockbuster hits like the Hunger Games have their uses for criminal enterprises, and we've taken note of a range of attacks that exploit the popularity of...

Trojan.Ransomlock.K is a Trojan that locks the desktop of the affected computer and makes the PC unusable. Trojan.Ransomlock.K then asks the affected PC user to pay a penalty to unlock the computer. Trojan.Ransomlock.K uses an active command-and-control (C&C) server login. Trojan.Ransomlock.K uses a control panel known as the Silent Locker Control Panel which is freely available for download on the Internet. The Silent Locker Control Panel, while in Russian, has some similar capabilities to other control panels used together with such malware threats as Trojan.Zbot and Trojan.Spyeye. To...

BKDR_CYSXL is a backdoor Trojan that is included in a spam email associated with the London Olympics 2012. However, instead of the usual scams connected with the Olympics which are sent by web attackers in the form of a lottery wherein online users could allegedly win a free travel package to the event, this scam comes as a spam message concealed as an email advisory. BKDR_CYSXL.A may be downloaded and installed by other malware threats. BKDR_CYSXL.A connects to a certain website to transmit and obtain information. The DLL component of BKDR_CYSXL.A is inserted in the svchost.exe process....

TROJ_ARTIEF.ZIGS is a Trojan dropper that installs a backdoor Trojan onto your PC, and, thusly presents a severe security threat to any computer. Since TROJ_ARTIEF.ZIGS is distributed as a fake Word Document attachment for spam e-mail messages that pretend to be advisories about London Olympics ticket hoaxes, SpywareRemove.com malware researchers recommend that you be careful to avoid downloading or opening suspicious file attachments that resemble the above description. Other than installing a second Trojan onto your computer, TROJ_ARTIEF.ZIGS hasn't been noted to engage in other...

Troj/Bredo-VV is a Trojan that's distributed by spam e-mails under the fraudulent pretense that the file attachment containing Troj/Bredo-VV is supposedly some kind of private photo of the victim or a female acquaintance that was leaked online. Troj/Bredo-VV connects to remote servers without your consent and launches processes that imitate the names of Windows components to make Troj/Bredo-VV difficult for you to delete or even detect Troj/Bredo-VV without competent anti-malware software. Although SpywareRemove.com malware researchers haven't finished analyzing Troj/Bredo-VV, Trojans...

Trojan.fakealert.sfxgen3 is a Trojan that usually generates fake pop-up security warning. Trojan.fakealert.sfxgen3 is usually added into downloads folder as a setup.exe file. Then the file moves to a more stable location on the compromised PC. The system names, size, scripts and encoding techniques of the file may vary. The tricky pop-up security message displayed by Trojan.fakealert.sfxgen3 is usually associated with nonexistent security issues and attempts to frighten PC users into downloading malicious software programs. Trojan.fakealert.sfxgen3 does not necessarily display a...

Shoppingcove.com is a website that specializes in product comparisons and shopping searches. While Shoppingcove.com hasn't been found to host malicious software or attack your PC, there are indications that browser hijackers are forcing redirects to Shoppingcove.com. Redirects to Shoppingcove.com may also prevent you from using other search engines and can be included alongside other attacks that may be security hazards. Since any browser hijacker is a potential danger to your computer's safety, it's recommended for you to scan your PC with good anti-malware software after any symptoms...

West Yorkshire Ransomware is one of the latest variants of the infamous Ukash Virus, sporting a new look that West Yorkshire Ransomware also shares with its French clone, Sacem Police Nationale Ransomware . Unlike its French twin, West Yorkshire Ransomware prefers a Ukash-based ransom scam, but the other details of its attacks – including a pop-up that blocks you from using programs or any part of the Windows interface, accusations of your PC having been caught in illegal music-uploading/downloading activities and fake references to a regional law enforcement agency remain in line...

Sacem Police Nationale Ransomware is a recently-identified ransomware Trojan that strongly resembles members of the Trojan:Win32/Ransom.DU (AKA the 'Ukash Virus') family. Like Votre ordinateur est bloqué Gendarmerie Ransomware and Gendarmerie Nationale Ransomware , Sacem Police Nationale Ransomware targets the nation of France, although other versions of this globe-trotting Trojan have been spotted by SpywareRemove.com malware experts on both sides of the Atlantic. Just as similar ransomware Trojans are wont to do, Sacem Police Nationale Ransomware creates a pop-up alert that...

Trojan.Tracur!gen2 is Trojan that uses all possible ways to remain on the infected computer when a system scan is performed. Trojan.Tracur!gen2 attempts to avoid removal by adding a copy of its main file into System folder and naming it by the actual dll. A usual PC scanner, which trusts names, would delete Trojan.Tracur!gen2 on the pretext that its name matches the common knowledge system dll. Trojan.Tracur!gen2 registers itself as a COM Object so as to gain further trust of a scanner. Rootkits are used to worsen extermination of Trojan.Tracur!gen2 by blocking and even damaging...