Trojan:JS/FakePAV is a Trojan which is loaded through particular unpatched errors in applications using JavaScript. Trojan:JS/FakePAV spreads via spam email attachments sent by familiar contacts through compromised mailboxes. Trojan:JS/FakePAV also spreads through malicious websites related to browser hijackers that cause unwanted redirects. Trojan:JS/FakePAV may also download and install additional malware threats on the compromised PC system. Remove Trojan:JS/FakePAV immediately after detection with a legitimate anti-malware program.

Although Greece's financial difficulties have been in global news for quite some time, its relative dearth of funding hasn't stopped criminals from developing a Greek-specific variant of the Ukash Virus, which is identified as Athens Security Prosecution of Electronic Crime Ransomware. Aside from a change of language and other aesthetic quirks, the operating methodology and presentation by Athens Security Prosecution of Electronic Crime Ransomware is identical to that of other members of its family: by creating a program-blocking pop-up and accusing you of committing line crimes, Athens...

Bundespolizei National Cyber Crimes Unit Ransomware is another version of the Ukash Virus (noted by many clones and synonyms, such as the Fake Federal German Police (BKA) notice variante) that targets Germany, although other variants of Bundespolizei National Cyber Crimes Unit Ransomware can target countries such as Canada, the United States and France. Like its close relatives, Bundespolizei National Cyber Crimes Unit Ransomware prevents you from using other programs by blocking your screen with a fraudulent criminal activity pop-up alert, and instructs you to use one of several digital...

BarDiscover.com is a clone of other fake search engines from the same family, which are all readily identifiable due to shared blue template and interface (which includes a fake privacy policy and other false guarantees of your safety). Even though BarDiscover.com looks like a search engine, BarDiscover.com's real capabilities are focused on attacking your PC with drive-by-downloads and propagation of hostile software, potentially including browser hijackers, Trojans and other PC threats. SpywareRemove.com malware analysts strongly discourage any contact with BarDiscover.com or sites...

TabQuery.com has the mild and toned-down appearance of a low-budget search engine, but SpywareRemove.com malware researchers were quick to note that TabQuery.com's innocent demeanor conceals malicious content. As a confirmed distribution center for malicious software, TabQuery.com should be avoided in all contexts and at all costs, and any unanticipated visit to TabQuery.com should be followed up with a scan of your PC by qualified anti-malware software. TabQuery.com, like other fake search engines from its family, is also promoted by search engine hijackers that can redirect your...

BKDR_SASFIS.EVL is a backdoor Trojan which is involved in the Tibetan malicious email attack which targets both Windows and Mac Ss. BKDR_SASFIS.EVL contacts the C&C server. BKDR_SASFIS.EVL uploads and downloads files and navigates through files and directories in the infected computer system. BKDR_SASFIS.EVL gives the files further instructions for their lateral movement and data exfiltration activities. Eliminate BKDR_SASFIS.EVL as early as possible.

JAVA_RHINO.AE is a malicious Java applet which is involved in the Tibetan malicious email attack which targets both Windows and Mac OSs. The fake email includes the link which, if clicked, will lead recipients to a website containing a script that identified if the PC user is using a Windows or a Mac operating system. The script will load JAVA_RHINO.AE which exploits CVE-2011-3544, an unspecified vulnerability in the Java Runtime Environment component. You should remove JAVA_RHINO.AE to protect your computer from damage.

Trojan-Spy.Win32.Lurk is a Trojan that's installed through virus-based attacks from Russian advertisement servers. Although the virus that installs Trojan-Spy.Win32.Lurk is automatically injected into the relevant memory process, Trojan-Spy.Win32.Lurk is unable to survive a reboot, and is, therefore, only a risk in the sense that it installs Trojan-Spy.Win32.Lurk without your consent. Trojan-Spy.Win32.Lurk is further identified as a form of generic spyware that tries to steal personal information that potentially can include bank account passwords and other forms of sensitive data that...

Trojan.Win32.Mediyes is a browser hijacker that redirects your web browser to exploit pay-per-click traffic for profit. Because Trojan.Win32.Mediyes is installed by a rootkit that injects Trojan.Win32.Mediyes's code into that of a web browser process, with the rootkit deleting itself afterwards, SpywareRemove.com malware researchers suggest that you use anti-malware applications to detect and delete Trojan.Win32.Mediyes. Symptoms of Trojan.Win32.Mediyes infection are typically limited to redirects to unwanted websites, although Trojan.Win32.Mediyes may also use attacks that don't have...

Asktofriends.com is a site under the disguise of providing an online search tool. Asktofriends.com has a history of being promoted by browser hijackers and online redirect attacks; therefore, you should also be watchful for symptoms of unwanted Asktofriends.com redirects, which can force your browser to load Asktofriends.com even if you're trying to load a completely different website (such as a legitimate search engine). SpywareRemove.com malware researchers suggest scanning your PC after any visit to hostile sites, regardless of whether or not you make any use of its questionable search...

Trojan.Ransom.HM is a ransomware Trojan that's distributed through the same channels that also distribute popular and illegal media files, such as torrent networks. Like many ransomware Trojans, Trojan.Ransom.HM will claim that all of your computer's files have been encrypted (encoded to make using them impossible) and insists that you pay a fee to unlock a decryption code to regain your music, documents, etc. Unlike most Trojans of its type, however, Trojan.Ransom.HM actually follows through on its encryption threat. However, SpywareRemove.com malware researchers strongly advise you to...

Gamarue is a backdoor Trojan that allows criminals to have a dangerous level of access to your PC. Gamarue's functions can include installing other malware, changing your system settings and stealing system information that can be exploited in future attacks. SpywareRemove.com malware researchers have seen Gamarue being distributed in multiple ways, but the most recent of Gamarue's attacks appear to use spam e-mail messages that pretend to be booking reservations for high-class European hotels. Recognizing and deleting Gamarue's e-mail spam is the best way to keep your PC safe, but if...

Win32/Bocinex is a malware threat that initiates a Bitcoin mining client, detected as Program:Win32/CoinMiner. The client is configured to attribute newly created Bitcoin digital cash, or "BTC", to an attacker's Bitcoin account. Win32/Bocinex may spread via spam email attachments, through malicious links using instant messaging, or through downloads of its installer that is hidden as another useful program. The installer is often a file with a random name that comes in the form of a self-extracting executable archive (RarSFX), for example, as in "169E.exe" or "9D1A.exe". Remove...

Win32/Claretore is a Trojan that adds a malicious code into Windows processes to block web browser communication. Win32/Claretore may control the affected PC user's activity and transmit stolen information to a remote location. Win32/Claretore could also redirect the hijacked web browser to a malicious website link. Once executed, Win32/Claretore drops a copy of itself with 'hidden' and 'system' file attributes. Win32/Claretore modifies the Windows registry so that it can run each time you start Windows. Win32/Claretore has to be removed with a reputable anti-malware program.

Worm.Win32.Downad.Gen is an alias for the Downadup worm, which is also known by the appellations Kido and Conficker . Like many other worms, Worm.Win32.Downad.Gen uses stealthy techniques to spread throughout local networks and through removable drive devices, which can allow Worm.Win32.Downad.Gen to spread to closely-associated computers rapidly if proper security procedures aren't in place. However, SpywareRemove.com malware researchers are even more worried about the rest of Worm.Win32.Downad.Gen's payload, which involves security-attacking risks that hijack your web browser,...

Trojan.Darkshell is a Trojan that may launch distributed denial of service (DDoS) attacks. Once installed, Trojan.Darkshell copies itself to the certain location. Trojan.Darkshell also drops a rootkit with the certain file name. The rootkit modifies the System Service Dispatch Table (SSDT) in order to cover Trojan.Darkshell. Trojan.Darkshell then creates the particular registry subkey to add itself as a system service. Trojan.Darkshell also creates several registry entries. Trojan.Darkshell connects to the certain domain to post a unique identifier of the corrupted PC system and...

Enfiltrator Black Box is a keylogger/spyware that is created to record all computer activities. Enfiltrator Black Box can log all your keystrokes that is it can log all your personal information such as your usernames and passwords, credit card numbers, Social Security numbers and other private details and chat, email or instant messaging conversations. Enfiltrator Black Box can disguise itself and not show as an icon or may not exist on the list of programs running in your PC. Enfiltrator Black Box may be difficult to remove from the targeted machine. Use a legitimate and powerful...

Office Central de Lutte contre la Criminalité Ransomware is a French version of the Ukash ransomware Trojan (AKA the Ukash Virus), a Trojan that displays fake legal warnings about e-crime while it locks down your PC in an attempt to extort money via Ukash or Paysafecard. French Police Ukash Virus isn't the first France-targeting version of the Ukash Virus, as SpywareRemove.com malware researchers have also noted an earlier version of the Trojan, Gendarmerie Nationale Ransomware or the French Police Ukash Virus, which also targeted that country. Although Office Central de Lutte contre...

Poliisi Tietoverkkorikos Tutkinnan Yksikkö Ransomware is a Finland-specific variant of the widespread Ukash Virus, a ransomware Trojan that includes local variants for various countries throughout the globe, including most of Europe and the Americas. Detecting Poliisi Tietoverkkorikos Tutkinnan Yksikkö Ransomware is extremely easy due to its habit of locking down your PC with a fake warning message about illegal activities that cover up shortcuts, the start menu and other aspects of your desktop that would let you access other programs. However, the same attack that makes Poliisi...

Troj/Dorkbot-BL is a Trojan included in a spam campaign. Malicious emails that contain Troj/Dorkbot-BL various subject lines, refer to selling real estate notes and allegedly come from a company called FCI Exchange. The subject lines used in the spam emails involve 'RE notes wanted Exchange', 'We sell Real Estate notes' and 'Performing Notes Wanted'. A ZIP file (usually called FCI_Exchange_Report_[random number].zip) which includes a malicious file, detected as Troj/Dorkbot-BL, created to corrupt Windows computers is attached to the fake email. Do not open such email attachments...