BKDR_CYSXL is a backdoor Trojan that is included in a spam email associated with the London Olympics 2012. However, instead of the usual scams connected with the Olympics which are sent by web attackers in the form of a lottery wherein online users could allegedly win a free travel package to the event, this scam comes as a spam message concealed as an email advisory. BKDR_CYSXL.A may be downloaded and installed by other malware threats. BKDR_CYSXL.A connects to a certain website to transmit and obtain information. The DLL component of BKDR_CYSXL.A is inserted in the svchost.exe process....

TROJ_ARTIEF.ZIGS is a Trojan dropper that installs a backdoor Trojan onto your PC, and, thusly presents a severe security threat to any computer. Since TROJ_ARTIEF.ZIGS is distributed as a fake Word Document attachment for spam e-mail messages that pretend to be advisories about London Olympics ticket hoaxes, SpywareRemove.com malware researchers recommend that you be careful to avoid downloading or opening suspicious file attachments that resemble the above description. Other than installing a second Trojan onto your computer, TROJ_ARTIEF.ZIGS hasn't been noted to engage in other...

Troj/Bredo-VV is a Trojan that's distributed by spam e-mails under the fraudulent pretense that the file attachment containing Troj/Bredo-VV is supposedly some kind of private photo of the victim or a female acquaintance that was leaked online. Troj/Bredo-VV connects to remote servers without your consent and launches processes that imitate the names of Windows components to make Troj/Bredo-VV difficult for you to delete or even detect Troj/Bredo-VV without competent anti-malware software. Although SpywareRemove.com malware researchers haven't finished analyzing Troj/Bredo-VV, Trojans...

Trojan.fakealert.sfxgen3 is a Trojan that usually generates fake pop-up security warning. Trojan.fakealert.sfxgen3 is usually added into downloads folder as a setup.exe file. Then the file moves to a more stable location on the compromised PC. The system names, size, scripts and encoding techniques of the file may vary. The tricky pop-up security message displayed by Trojan.fakealert.sfxgen3 is usually associated with nonexistent security issues and attempts to frighten PC users into downloading malicious software programs. Trojan.fakealert.sfxgen3 does not necessarily display a...

Shoppingcove.com is a website that specializes in product comparisons and shopping searches. While Shoppingcove.com hasn't been found to host malicious software or attack your PC, there are indications that browser hijackers are forcing redirects to Shoppingcove.com. Redirects to Shoppingcove.com may also prevent you from using other search engines and can be included alongside other attacks that may be security hazards. Since any browser hijacker is a potential danger to your computer's safety, it's recommended for you to scan your PC with good anti-malware software after any symptoms...

West Yorkshire Ransomware is one of the latest variants of the infamous Ukash Virus, sporting a new look that West Yorkshire Ransomware also shares with its French clone, Sacem Police Nationale Ransomware . Unlike its French twin, West Yorkshire Ransomware prefers a Ukash-based ransom scam, but the other details of its attacks – including a pop-up that blocks you from using programs or any part of the Windows interface, accusations of your PC having been caught in illegal music-uploading/downloading activities and fake references to a regional law enforcement agency remain in line...

Sacem Police Nationale Ransomware is a recently-identified ransomware Trojan that strongly resembles members of the Trojan:Win32/Ransom.DU (AKA the 'Ukash Virus') family. Like Votre ordinateur est bloqué Gendarmerie Ransomware and Gendarmerie Nationale Ransomware , Sacem Police Nationale Ransomware targets the nation of France, although other versions of this globe-trotting Trojan have been spotted by SpywareRemove.com malware experts on both sides of the Atlantic. Just as similar ransomware Trojans are wont to do, Sacem Police Nationale Ransomware creates a pop-up alert that...

Trojan.Tracur!gen2 is Trojan that uses all possible ways to remain on the infected computer when a system scan is performed. Trojan.Tracur!gen2 attempts to avoid removal by adding a copy of its main file into System folder and naming it by the actual dll. A usual PC scanner, which trusts names, would delete Trojan.Tracur!gen2 on the pretext that its name matches the common knowledge system dll. Trojan.Tracur!gen2 registers itself as a COM Object so as to gain further trust of a scanner. Rootkits are used to worsen extermination of Trojan.Tracur!gen2 by blocking and even damaging...

Backdoor.Agent.RCGen is a backdoor Trojan which often comes bundled with a fake defragmentation and system optimization utility named FakeHDD . Backdoor.Agent.RCGen creates its copies on all drives, especially shared ones, so that the affected computer works as a source of the backdoor Trojan. When computers provide information from their locations including the hidden copy of Backdoor.Agent.RCGen to other PCs, the receiving operating system gets a copy of Backdoor.Agent.RCGen. Backdoor.Agent.RCGen controls a hidden channel to allow remote attackers spy on the compromised PC and...

Votre ordinateur est bloqué Gendarmerie Ransomware is a new French version of ransomware from the Ukash Virus family, which also includes the ' I Suoi Archivi Sono Stati Cifrati' Trojan , Poliisi Tietoverkkorikos Tutkinnan Yksikkö Ransomware , the Scotland Yards Ukash Virus , Police Central e-crime Unit (PCEU) ransomware , the Strathclyde Police Ukash Virus , Gendarmerie Nationale Ransomware and Fake Federal German Police (BKA) notice variante . While Votre ordinateur est bloqué Gendarmerie Ransomware isn't the first ransomware Trojan from this family to attack France,...

Trojan.Win32.Generic.pak!cobra is a generic identification for various types of Trojan PC threats, most notably including a Trojan downloader that's distributed by pizza delivery-themed e-mail spam along with a variant of the Zlob Trojan. Current Trojan.Win32.Generic.pak!cobra e-mail messages can be identified by their poor attempts to fake being sent by the reputable Girolamo Pizzeria, especially since the text misspells Girolamo as 'Gerolamo!' Like many types of spam, Trojan.Win32.Generic.pak!cobra's fraudulent e-mail claims that you've made an order and includes a link to cancel it...

Trojan.Encoder.94 is a detection label for an English-language variant of a ransomware Trojan that encrypts a variety of media files on the infected computer and requests a fee to undo this attack, which, in the meantime, will cause these files to be inaccessible. Although earlier variants of Trojan.Encoder.94 were commonly distributed throughout Russia and other ex-Soviet Union countries, newer versions of ransomware Trojans from this family, like Trojan.Encoder.94, have been seen in significant quantities in other countries throughout Europe. SpywareRemove.com malware researchers...

JS:Iframe-FP is a Trojan that is inserted in malicious HTML web pages. Web criminals embed a script code into compromised websites, which infects the victim's computer with an infected JavaScript file detected as JS:Iframe-FP on a remote server. The embedded code is either written in cleartext or encoded and, therefore, covered. The injection of the infectious code is reported as HTML:Script-inf. JS:Iframe-FP is made to steal session cookies for enabling web criminals to impersonate the real PC user and use this session for deceptive actions. Once JS:Iframe-FP is executed it aims at...

Trojan.JS.Iframe.BDV is a malicious JavaScript attack that steals web browser and cookie-based information, which can allow criminals to compromise your online accounts and steal private information. Although Trojan.JS.Iframe.BDV is, itself, hosted on a variety of malicious servers, SpywareRemove.com malware researchers are displeased to note that redirect attacks to Trojan.JS.Iframe.BDV's websites have been slipped into a wide range of otherwise reputable sites. Since compromised sites that inadvertently redirect you to Trojan.JS.Iframe.BDV can also be identified and protected against...

Win32.Rmnet.12 is a computer virus which allows attackers to create a botnet including a huge number of contaminated PCs. Win32.Rmnet.12 targets Windows PCs, executes backdoor activities and steals passwords saved by well-known ftp clients. The stolen passwords may then be used to set up network attacks and compromise websites. Win32.Rmnet.12 creates instructions from a remote server which may involve corrupting the targeted operating system. Win32.Rmnet.12 enters machines via malicious flash drives, with malicious executable files, and using special scripts inserted into HTML documents...

Trojan:Win32/Sirefef.AG is a Trojan which is associated with adware programs. Trojan:Win32/Sirefef.AG has a capability of changing search result links on any search engine to spam websites not related to your requests created by scammers. Cybercriminals try to add the main components of Trojan:Win32/Sirefef.AG into System Folder and WinDir thus making removal of Trojan:Win32/Sirefef.AG a risky process. Extermination of Trojan:Win32/Sirefef.AG needs to be made correctly; otherwise, this could cause data loss or damage. To keep your PC safe, remove Trojan:Win32/Sirefef.AG as early as...

Trojan-FakeAV.Win32.Romeo.dv is a Trojan which is a part of a Twitter spam attack. Huge numbers of hijacked Twitter accounts send spam malicious links, hosted on .TK and .tw1.su domains, redirecting affected users to fake anti-virus software including Windows Guard Solutions . If clicked on a malicious link, computer users get a security alert illustrated by Windows Antivirus 2012 which says that harmful activities have been found on their machines and they need to make a quick scan of their system files. The hijacked accounts also send spam messages that carry links redirecting...

Trojan-FakeAV.Win32.Agent.dqs is a new rogue security program that's distributed by extremely aggressive (with some links being sent out as often as eight times per second) Twitter spam campaign. Links for Trojan-FakeAV.Win32.Agent.dqs also use Black Hole Exploit Kit attacks to assist with Trojan-FakeAV.Win32.Agent.dqs's installation and will display fake security warnings about PC threats that are (not, in reality) on your computer. Simple caution around suspicious links from unusual sources can help to prevent Trojan-FakeAV.Win32.Agent.dqs attacks, and SpywareRemove.com malware...

Hary.A is a worm that disguises itself as a text document for J.K. Rowling's novel 'Harry Potter and the Deathly Hallows.' Although the majority of Hary.A's attacks consist of minor mischief such as opening insulting (and Harry Potter-themed) text documents and embedding mocking text into Internet Explorer, SpywareRemove.com malware researchers have also found that some of Hary.A's other attacks are security risks. Because Hary.A reduces Internet Explorer's security and also attacks System Restore, you should consider using other security software to find and remove Hary.A posthaste...

Trojan.JS.Iframe.rg is a coded Trojan that is embedded in malicious HTML pages. Trojan.JS.Iframe.rg leads to unwanted web browser redirects to malicious websites designed by scammers. If the hijacked web browser opens a malicious HTML page, Trojan.JS.Iframe.rg is allowed to self-decrypt and load a hidden frame so that it can enter the compromised PC without suspicion. Trojan.JS.Iframe.rg can substitute your search request links to secure websites any search engine with its spam links. Eliminate Trojan.JS.Iframe.rg with a reputable malware removal application to get rid of unwanted...