Phobos Ransomware

Posted: October 23, 2017 | Category: Ransomware
Phobos is one of the most recent ransomware strains to join the increasingly large database of malware threats. While Phobos appears to be a new threat, much of its code bears some striking similarities to the code that built the infamous Dharma and Crysis Ransomware families not long ago. Although most cybercriminals rely on malicious email links and attachments to distribute the ransomware payload to as many target PCs as possible, there has been a marked shift towards exploiting exposed Remote Desktop Protocols instead. By using readily available scanners, the crooks search for...

WebDiscover Browser

Posted: July 3, 2015 | Category: Browser Hijackers | Threat Level: 5/10
The WebDiscover Browser is a type of a potentially unwanted program. It can be categorized as a browser hijacker of sorts. WebDiscover is distributed both as an installer download on its official website, as well as through software bundle installers. Software bundles often don't have sufficient disclosure of the features and items they come packed with, which is why potentially unwanted programs often piggy-back in freeware bundles. WebDiscover is a rather obtrusive web search bar that docks a search box on top of your desktop. However, you can neither move, nor close or resize that bar....

Cerber Ransomware

Posted: March 4, 2016 | Category: Ransomware
The Cerber Ransomware is a file encryptor that takes your data hostage for the sake of selling it back in return for Bitcoin currency. The general unreliability of this means of saving your files causes it to be discouraged as a solution when, instead, a sufficiently sound backup strategy can make the Cerber Ransomware's attacks relatively ineffectual. Due to the danger that the Cerber Ransomware poses to your system, data, and Web browser, malware analysts rate the Cerber Ransomware as a significant threat that should be uninstalled by dedicated anti-malware tools. The Cerber Ransomware...

GozNym

Posted: April 15, 2016 | Category: Trojans | Threat Level: 8/10
GozNym is a spyware program in deployment against prominent financial institutions, such as banks currently. This threat combines code from two previous Trojans while delivering itself through specially-crafted e-mail content. Because malware experts have rated GozNym as a sophisticated, high-level threat with the potential for collecting data, PC users should protect their machines by using dedicated anti-malware tools for deleting GozNym infections, rather than trying to detect this threat by eye. Although threat developers may recycle code from old threats to spawn new ones, in most...

WannaCryptor Ransomware (WanaCrypt0r Ransomware)

Posted: March 29, 2017 | Category: Ransomware
WannaCryptor Ransomware (WanaCrypt0r Ransomware) The first major ransomware attack of 2017 involves the use of the WanaCrypt0r Ransomware, an improved version of the '.wcry File Extension' Ransomware which, unfortunately, leverages one of the leaked NSA exploits to exploit vulnerable computers running Windows XP. It is unknown which is the hacking group behind the WanaCrypt0r Ransomware attacks, but one thing is for certain – whoever they are, they certainly know what they are doing. The targets of the WanaCrypt0r Ransomware don't appear to b chosen randomly since most of the infected machines appear to belong to major companies in...

GandCrab Ransomware

Posted: January 29, 2018 | Category: Ransomware
The GandCrab Ransomware is a severe-level, encryption-based malware threat which has plagued users all over the world throughout 2018. Similar to other notorious Ransomware threats in circulation, GandCrab sneaks into target PCs via exploit kits, malicious Javascript and document email attachments, as well as through a Ransomware-as-a-Service (RaaS) affiliate program, ultimately encrypting the victims' files without their knowledge. The affected users face complete data loss unless they pay the required ransom amount, predominantly in the form of аn obscure virtual currency called DASH....

LockerGoga Ransomware

Posted: March 31, 2019 | Category: Ransomware
LockerGoga Ransomware is a file-locking trojan whose campaigns specialize in sabotaging Windows systems related to the industrial sector and other businesses. In addition to locking files and displaying its ransoming demands, LockerGoga Ransomware has a close relationship with backdoor attacks and may disable the infected machine's network connectivity. Updated anti-malware tools may remove LockerGoga Ransomware, and members of the relevant industries should guard their admin login credentials securely in self-defense. File-locker trojans are most notorious for harming small-scale,...

GayFreeVideos

Posted: July 24, 2009 | Category: Tracking Cookies
GayFreeVideos is a tracking cookie that may be used by various pornographic or explicit content websites. The access of the GayFreeVideos tracking cookie may take place when visiting porn sits where certain site settings or preferences are stored. The access of the GayFreeVideos cookie could lead to pornographic sites offering other services or lead to other malware downloads through the site, as it is common for porn sites to be a source of malware. Computer users wanting to rid their system of unnecessary or unwanted tracking cookies like GayFreeVideos are recommended to utilize an...

NiceHash Miner

Posted: April 15, 2019 | Category: Malware | Threat Level: 6/10
The NiceHash Miner is a legitimate program used by the NiceHash platform, a marketplace for cryptocurrency mining where clients can either rent out their computers to mine for various cryptocurrency or purchase the mining power of other users. All of this is legitimate and happens with the approval and knowledge of users, but it would appear that groups of cybercriminals might be exploiting the NiceHash Miner tool by creating modified, stealthy versions of it. As you can probably guess, the purpose of the hidden variant of the NiceHash Miner is to work on computers without notifying the...

How to Remove DLL Files

Posted: June 6, 2006 | Category: Tutorials
DLL (Dynamically Link Library) is an executable file that permits programs to share code to perform one or more predefined functions. A DLL file can be used by several programs at the same time. The benefit of having DLL files is that they don't get loaded into random access memory (RAM) along with the main program, which saves up space in RAM. So instead of all the coding being built into the program, it uses a particular DLL file that, with a simple call, can execute the operation for it. Most DLL files are essential for the running of your programs but there are other malicious...

What is CLSID?

Posted: August 10, 2009 | Category: Tutorials
A CLSID is an acronym used to describe a software application's class ID or "class identifier." In other words, a CLSID is a unique identification number given to software applications or software components to function as a kind of 'social security number' for any particular piece of software. CLSIDs form a subcategory of 'Globally Unique Identifiers,' or GUIDs, that are regularly used in COM, and as such, CLSIDs are used to specifically identify COM objects. COM, or "Component Object Model", is a Microsoft architectural model that is applied to component software applications and...

'Peachland.eu' Pop-Up Scam

Posted: December 9, 2020 | Category: Adware | Threat Level: 2/10
Misleading browser pop-ups are often used to promote shady software or content. The site at Peachland.eu hosts exactly this type of pop-ups. They tell visitors that their Web browsing sessions may be observed by anonymous hackers and that they may be capable of monitoring your online activity. The pop-ups propose a solution – downloading and installing a privacy-enhancing VPN application. We assure you that installing such software is not necessary, especially when it is being promoted by a random and shady website like Peachland.eu. The 'Peachland.eu' pop-up scam displays false information...

Perlox Ransomware

Posted: April 5, 2021 | Category: Ransomware
The Perlox Ransomware is a file encryption Trojan meant to harm the files on your computer and then extort you for money. The threatening application tries to encrypt the contents of images, videos, archives, databases and other important files. Once it damages a file, it will add the '.periox' suffix to its name and drop the ransom message 'help.html' on the desktop. The latter file contains a short message from the attackers who ask to be contacted via the TOR-based mailbox supportperiox@ywtpdnpwihbyuvck.onion. They also demand a ransom payment of $500 that must be sent to a Bitcoin...

OVO Ransomware

Posted: April 5, 2021 | Category: Ransomware
The OVO Ransomware is a nefarious computer threat that may be distributed online through fake downloads, pirated content, corrupted email attachments or other deceptive content. Users who come across the OVO Ransomware's payload may have no idea that they are interacting with a threatening payload designed to encrypt the majority of their hard drive's contents. Unfortunately, once OVO Ransomware's attack is initialized, there is little that the victim can do to prevent it. The only reliable way to mitigate OVO Ransomware's attack is to use an up-to-date anti-virus tool, as well as maintain...

FilesRecoverEN Ransomware

Posted: April 2, 2021 | Category: Ransomware
The FilesRecoverEN Ransomware is a threatening file-encryption Trojan whose attackers are likely to be amateurs that, unfortunately, have managed to craft a file-locker, which is impossible to decrypt for free. The reason why the ransomware's authors are likely to be amateurs is that they are using an email address hosted with Gmail.com – needless to say, Google will not allow them to use the email for extortion, and it is a matter of days for the inbox to be banned probably. This would make it impossible for victims of the FilesRecoverEN Ransomware to contact the criminals, and they may...

'.fake File Extension' Ransomware

Posted: April 2, 2021 | Category: Ransomware
The '.fake File Extension' Ransomware is a cyber threat whose creators might have developed it from scratch since it does not appear to share similarities with any of the popular ransomware families. Unfortunately, the '.fake File Extension' Ransomware uses a very secure file-locking mechanism, and this may make it impossible for victims to decrypt their data via free tools. Currently, the only reliable way to undo the damage that the '.fake File Extension' Ransomware causes is to restore the locked files from a backup – if this option is not available, then victims may need to resort to a...

HENRI IV Ransomware

Posted: April 1, 2021 | Category: Ransomware
Having to deal with the attack of the HENRI IV Ransomware is guaranteed to be a terrible experience because of this file locker's ability to cause long-term damage to files. The goal of HENRI IV Ransomware's creators is to make sure that their threatening application can encrypt the data found on the victim's hard drive and then promise to provide them with a decryptor in exchange for money. Just like other ransomware operators, the ones behind the HENRI IV Ransomware also ask to be paid via cryptocurrency since this method is anonymous. The HENRI IV Ransomware is based on the ...

Ytbn Ransomware

Posted: April 1, 2021 | Category: Ransomware
The Ytbn Ransomware is a piece of malware classified as a file-encryption Trojan. The Ytbn Ransomware is designed to cause damage to the files found on the hard drives of infected machines, and then extort their owners for money by promising to help recover their contents. You can rest assured that this offer is not something you should consider – the criminals ask for hundreds of dollars ($490 to be exact,) and there is no way to be sure that they will not end up collecting your money without contacting you at all. The Ytbn Ransomware is likely to be delivered to your computer via a...

LulzDecryptor Ransomware

Posted: March 31, 2021 | Category: Ransomware
The LulzDecryptor Ransomware is a file-locker application that carries out devastating attacks meant to prevent victims from accessing files that are likely to contain important data – documents, images, archives, videos and others. Surprisingly, the LulzDecryptor Ransomware does not rename locked files, so victims might not be able to spot the damaged files easily. As expected, the authors of the LulzDecryptor Ransomware offer to provide a decryption service in exchange for a ransom payment. They have set the price of their service to $300 via Bitcoin and threaten to increase it if the...

Npsk Ransomware

Posted: March 29, 2021 | Category: Ransomware
The Npsk Ransomware is a file-locker that is considered impossible to decrypt via free tools. It is based on the  S TOP Ransomware  project and, unfortunately, both of these threats use an almost flawless file-locking mechanism, which would be impossible to reverse without acquiring the unique decryption key that the Npsk Ransomware generated for the victim's device. However, this key is only stored on the servers of the attackers, and they are not willing to provide it for free – they ask their victim to purchase the key by paying some Bitcoin. But how does the Npsk Ransomware reach...

Pecunia Ransomware

Posted: March 26, 2021 | Category: Ransomware
The Pecunia Ransomware is a file-encryption Trojan that is being distributed online via fake downloads and updates, misleading advertisements, corrupted email attachments, and other shady content coming from low-quality websites. Needless to say, trying to steer away from suspicious files and websites is not always easy, so it is best to have a secondary later of protection in the shape of a regularly updated anti-virus software suite. Keeping your system secured at all times is the most convenient way to ensure that the Pecunia Ransomware will never get a chance to cause any damage to your...

Onim Ransomware

Posted: March 26, 2021 | Category: Ransomware
Cybercriminals continue to rely on file-lockers to be their #1 extortion tools. Threats of this type are able to cause potentially permanent damage to the files found on infected machines, and recovering them may only be possible with the use of a specialized decryptor. The Onim Ransomware is one of the threats that use this exact strategy and, unfortunately, it is not compatible with free decryption tools. If the Onim Ransomware manages to harm the files on your system, then you will not be able to decrypt them easily. Currently, the only surefire way to undo the damage that the Onim...

Ekvf Ransomware

Posted: March 25, 2021 | Category: Ransomware
The Ekvf Ransomware is a threat that is being spread online via fake downloads, misleading advertisements, pirated games/software and other suspicious files. The best way to make sure that the Ekvf Ransomware will never get to your system is to use an up-to-date anti-virus tool to protect your data. Users who have not taken the necessary precautions to protect their computers may fall victim to Ekvf Ransomware's attack unknowingly and, unfortunately, this may have terrible consequences for their files. Just like other ransomware threats, this one is also designed to encrypt the...

Ncovid Ransomware

Posted: March 25, 2021 | Category: Ransomware
The Ncovid Ransomware is a file-encryption Trojan that shares many similarities with a less popular ransomware family called RIP Lmao . Unfortunately, neither of these threats are compatible with free decryption utilities, and the users who fall victims to their attacks may be unable to recover their data reliably unless they have access to a backup copy of their important files. The Ncovid Ransomware is likely to be spread online with the use of various misleading messages and other deceptive tricks. The criminals may try to disguise it as a free version of a paid game or program, which...

Backup Ransomware

Posted: March 24, 2021 | Category: Ransomware
The Backup Ransomware is a file-encryption Trojan that is being delivered to potential victims with the use of corrupted emails, deceptive advertisements, fake downloads and pirated content. If the Backup Ransomware manages to reach your computer without being stopped by anti-virus software, it may end up causing damage to your files. The Backup Ransomware encrypts documents, images, videos, databases, archives and many other files. Users will be able to recognize the damaged data because of the extension '.[unlockdata@criptext.com][<VICTIM ID>].Backup' to the original filename....

PROM Ransomware

Posted: March 23, 2021 | Category: Ransomware
The PROM Ransomware is a threat that is being spread online with the use of corrupted advertisements, fake downloads, fake email attachments, and other deceptive content. If the PROM Ransomware reaches your device, it may cause damage to your data by encrypting important files. Unfortunately, reversing the encryption is not an easy task – it requires the use of a specialized decryptor combined with the unique key that the PROM Ransomware generates for your device. The files that the PROM Ransomware locks are marked with the extension '.PROM[prometheushelp@mail.ch].' The PROM...

Povlsomware Ransomware

Posted: March 23, 2021 | Category: Ransomware
Povlsomware Ransomware is a file-locker, which can cause irreversible damage to your important data potentially. Threats of this type are designed to encrypt the contents of important files and then offer a paid decryption service, which may often cost hundreds or even thousands of dollars. Unfortunately, there is no free decryption tool for the Povlsomware Ransomware, and victims of this ransomware attack may not be able to restore their data easily. Currently, the only reliable way to undo the damage that the Povlsomware Ransomware causes is to recover the locked files from a backup....
1 2 3 4 5 6 7 8 9 ... 375