WebDiscover Browser

Posted: July 3, 2015 | Category: Browser Hijackers | Threat Level: 5/10
The WebDiscover Browser is a type of a potentially unwanted program. It can be categorized as a browser hijacker of sorts. WebDiscover is distributed both as an installer download on its official website, as well as through software bundle installers. Software bundles often don't have sufficient disclosure of the features and items they come packed with, which is why potentially unwanted programs often piggy-back in freeware bundles. WebDiscover is a rather obtrusive web search bar that docks a search box on top of your desktop. However, you can neither move, nor close or resize that bar....

Cerber Ransomware

Posted: March 4, 2016 | Category: Ransomware
The Cerber Ransomware is a file encryptor that takes your data hostage for the sake of selling it back in return for Bitcoin currency. The general unreliability of this means of saving your files causes it to be discouraged as a solution when, instead, a sufficiently sound backup strategy can make the Cerber Ransomware's attacks relatively ineffectual. Due to the danger that the Cerber Ransomware poses to your system, data, and Web browser, malware analysts rate the Cerber Ransomware as a significant threat that should be uninstalled by dedicated anti-malware tools. The Cerber Ransomware...

GozNym

Posted: April 15, 2016 | Category: Trojans | Threat Level: 8/10
GozNym is a spyware program in deployment against prominent financial institutions, such as banks currently. This threat combines code from two previous Trojans while delivering itself through specially-crafted e-mail content. Because malware experts have rated GozNym as a sophisticated, high-level threat with the potential for collecting data, PC users should protect their machines by using dedicated anti-malware tools for deleting GozNym infections, rather than trying to detect this threat by eye. Although threat developers may recycle code from old threats to spawn new ones, in most...

WannaCryptor Ransomware (WanaCrypt0r Ransomware)

Posted: March 29, 2017 | Category: Ransomware
WannaCryptor Ransomware (WanaCrypt0r Ransomware) The first major ransomware attack of 2017 involves the use of the WanaCrypt0r Ransomware, an improved version of the '.wcry File Extension' Ransomware which, unfortunately, leverages one of the leaked NSA exploits to exploit vulnerable computers running Windows XP. It is unknown which is the hacking group behind the WanaCrypt0r Ransomware attacks, but one thing is for certain – whoever they are, they certainly know what they are doing. The targets of the WanaCrypt0r Ransomware don't appear to b chosen randomly since most of the infected machines appear to belong to major companies in...

Phobos Ransomware

Posted: October 23, 2017 | Category: Ransomware
Phobos is one of the most recent ransomware strains to join the increasingly large database of malware threats. While Phobos appears to be a new threat, much of its code bears some striking similarities to the code that built the infamous Dharma and Crysis Ransomware families not long ago. Although most cybercriminals rely on malicious email links and attachments to distribute the ransomware payload to as many target PCs as possible, there has been a marked shift towards exploiting exposed Remote Desktop Protocols instead. By using readily available scanners, the crooks search for...

GandCrab Ransomware

Posted: January 29, 2018 | Category: Ransomware
The GandCrab Ransomware is a severe-level, encryption-based malware threat which has plagued users all over the world throughout 2018. Similar to other notorious Ransomware threats in circulation, GandCrab sneaks into target PCs via exploit kits, malicious Javascript and document email attachments, as well as through a Ransomware-as-a-Service (RaaS) affiliate program, ultimately encrypting the victims' files without their knowledge. The affected users face complete data loss unless they pay the required ransom amount, predominantly in the form of аn obscure virtual currency called DASH....

LockerGoga Ransomware

Posted: March 31, 2019 | Category: Ransomware
LockerGoga Ransomware is a file-locking trojan whose campaigns specialize in sabotaging Windows systems related to the industrial sector and other businesses. In addition to locking files and displaying its ransoming demands, LockerGoga Ransomware has a close relationship with backdoor attacks and may disable the infected machine's network connectivity. Updated anti-malware tools may remove LockerGoga Ransomware, and members of the relevant industries should guard their admin login credentials securely in self-defense. File-locker trojans are most notorious for harming small-scale,...

GayFreeVideos

Posted: July 24, 2009 | Category: Tracking Cookies
GayFreeVideos is a tracking cookie that may be used by various pornographic or explicit content websites. The access of the GayFreeVideos tracking cookie may take place when visiting porn sits where certain site settings or preferences are stored. The access of the GayFreeVideos cookie could lead to pornographic sites offering other services or lead to other malware downloads through the site, as it is common for porn sites to be a source of malware. Computer users wanting to rid their system of unnecessary or unwanted tracking cookies like GayFreeVideos are recommended to utilize an...

Trojan.Bitcoinminer

Posted: June 23, 2017 | Category: Trojans | Threat Level: 8/10
Trojan.Bitcoinminer is a Trojan that hijacks your PC's system resources for creating cryptocurrency, which it transfers to a threat actor's account. System performance problems and even hardware failure are possible symptoms of this infection, although Trojan.Bitcoinminer will not display a user interface and may conceal its installed components. Scan your PC with specialized anti-malware tools to remove Trojan.Bitcoinminer before it can cause any long-term harm. The innovation of no-borders, all-digital cryptocurrency, while of benefit to some segments of the investment sector, also is...

NiceHash Miner

Posted: April 15, 2019 | Category: Malware | Threat Level: 6/10
The NiceHash Miner is a legitimate program used by the NiceHash platform, a marketplace for cryptocurrency mining where clients can either rent out their computers to mine for various cryptocurrency or purchase the mining power of other users. All of this is legitimate and happens with the approval and knowledge of users, but it would appear that groups of cybercriminals might be exploiting the NiceHash Miner tool by creating modified, stealthy versions of it. As you can probably guess, the purpose of the hidden variant of the NiceHash Miner is to work on computers without notifying the...

How to Remove DLL Files

Posted: June 6, 2006 | Category: Tutorials
DLL (Dynamically Link Library) is an executable file that permits programs to share code to perform one or more predefined functions. A DLL file can be used by several programs at the same time. The benefit of having DLL files is that they don't get loaded into random access memory (RAM) along with the main program, which saves up space in RAM. So instead of all the coding being built into the program, it uses a particular DLL file that, with a simple call, can execute the operation for it. Most DLL files are essential for the running of your programs but there are other malicious...

What is CLSID?

Posted: August 10, 2009 | Category: Tutorials
A CLSID is an acronym used to describe a software application's class ID or "class identifier." In other words, a CLSID is a unique identification number given to software applications or software components to function as a kind of 'social security number' for any particular piece of software. CLSIDs form a subcategory of 'Globally Unique Identifiers,' or GUIDs, that are regularly used in COM, and as such, CLSIDs are used to specifically identify COM objects. COM, or "Component Object Model", is a Microsoft architectural model that is applied to component software applications and...

ByteLocker Ransomware

Posted: January 27, 2021 | Category: Ransomware
The ByteLocker Ransomware is a piece of malware whose authors seem to have put in some effort to make it look more polished and professional. Thankfully, the reality is entirely different - ByteLocker Ransomware's code is copied off of the HiddenTear project. This means that it uses a flawed file-encryption routine, which is very likely to be reversible with the use of the free HiddenTear decryptor. The availability of a free decryption option is undoubtedly great news, but you should still take appropriate security measures to protect your system and files from threats of this sort. The...

Fcorp Ransomware

Posted: January 27, 2021 | Category: Ransomware
Ransomware is always threatening, but some file-lockers use a file-encryption routine that can be deciphered for free. This is the case of the newly spotted Fcorp Ransomware, a fully weaponized file-locker that, thankfully, was created by using the HiddenTear project. Because of this, it uses a flawed encryption routine, which might be cracked by using the free 'HiddenTear' decryptor. Despite the low quality of the Fcorp Ransomware, its ransom message claims that the victim has no option to recover their files and that they will need to pay a ransom fee if they wish to use their data again....

Judge Ransomware

Posted: January 26, 2021 | Category: Ransomware
The Judge Ransomware is a threat you do not want to encounter. If this malware manages to infect your computer, you may be unable to undo its damages by removing the problem's source. This is because the Judge Ransomware attack is meant to encrypt the contents of potentially valuable files like media, documents, archives and others. All locked files will be marked by a minor change to their name – the ransomware will add the extension '.[judgemebackup@tutanota.com].judge.' In addition to this, the malware will drop the ransom message 'info.txt' on the desktop before spawning a program...

SUMMON Ransomware

Posted: January 26, 2021 | Category: Ransomware
The SUMMON Ransomware is a threat that may arrive on your computer through a fake download, fake update, or a shady piece of software you downloaded from a torrent tracker. This malware's authors may rely on different strategies to propagate the corrupted files, and the best way to be protected is to use a reputable anti-virus software suite. Suppose the SUMMON Ransomware's attack is successful. In that case, it will encrypt a large portion of your files and then mark their names by renaming them using the following pattern – '[SummonunLock@gmail.com][id=<VICTIM ID>]<ORIGINAL...

Deathfiles Ransomware

Posted: January 25, 2021 | Category: Ransomware
The Deathfiles Ransomware is a threatening piece of malware whose name is not a lie – it does have the ability to kill your files by encrypting their contents and rendering them useless. Fortunately, this damage may not be permanent, but recovering the lost files will not be an easy task. The easiest and most trustable way to undo the damage that the Deathfiles Ransomware causes is to restore the files from a backup. However, if you do not have a backup copy available, then you might need to resort to alternative data restoration solutions. When the Deathfiles Ransomware infiltrates a...

ZaToN Ransomware

Posted: January 25, 2021 | Category: Ransomware
The ZaToN Ransomware is a low-quality file-locker, which is based on the Xorist Ransomware project. Surprisingly, many cybercriminals have been using the Xorist project in the past couple of months, even though the source code of this ransomware has been available for a few years. The good news is that the  Xorist Ransomware 's file-encryption routine is not very good, and this makes variants like the ZaToN Ransomware decryptable. If you are a victim of the ZaToN Ransomware attack, you should not listen to the promises of the criminals because you may be able to recover your data for...

0l0lqq Ransomware

Posted: January 25, 2021 | Category: Ransomware
The 0l0lqq Ransomware is a threatening piece of malware that shares code with the infamous TeslaCrypt Ransomware. Unfortunately, neither the 0l0lqq Ransomware nor the  TeslaCrypt Ransomware  is decryptable via free software, and their victims may have a difficult time restoring access to their files. The 0l0lqq Ransomware may be distributed on the Internet through fake downloads and updates, pirated software/games, or other shady content. It is recommended to protect yourself from this ransomware and similar file-lockers by investing in a reputable and regularly updated anti-malware...

EnCryp13d Ransomware

Posted: January 22, 2021 | Category: Ransomware
The EnCryp13d Ransomware is a threatening piece of software that causes long-lasting damage to the files it can access on compromised computers. The accessible files will have their contents encrypted, and the file-locker will also rename them by adding the '.EnCryp13d' extension. After finishing the file-encryption attack, the EnCryp13d Ransomware will drop the message 'HOW TO DECRYPT FILES.txt' on the desktop. The ransom note tells victims that they cannot use the free decryption tool, and their only chance of recovering their data is to contact the attackers and follow their...

DEcovid19bot Ransomware

Posted: January 21, 2021 | Category: Ransomware
COVID-19-themed malware continues to be popular among cybercriminals even in 2021. The latest threat to adopt a name of this type is the DEcovid19bot Ransomware. This threatening file-locker is likely to be propagated online via fake downloads, corrupted advertisements, pirated content and other shady content. Users who come across the DEcovid19bot Ransomware's files may be in a lot of danger, especially if their computers are not protected by an up-to-date anti-virus tool. The DEcovid19bot Ransomware uses a complicated file-encryption mechanism to prevent you from accessing your files...

Solaso Ransomware

Posted: January 21, 2021 | Category: Ransomware
The Solaso Ransomware is malware that can cause long-term damage to your files. Removing this threat from your system is not enough to fully recover because you will still need a reliable way to restore the encrypted files during the attack. Sadly, the Solaso Ransomware is not compatible with free decryption tools, and its victims may have a difficult time recovering their data. According to Solaso Ransomware's creators, they are willing to provide a paid decryption service, but users must agree to pay a ransom fee beforehand. Just like other ransomware creators, the ones behind this...

Esexz Ransomware

Posted: January 20, 2021 | Category: Ransomware
The Esexz Ransomware is a threat that you do not want to have to deal with. This newly spotted malware is still undergoing analysis, and, unfortunately, it is not yet clear whether its file-locking mechanism can be deciphered via free utilities. For now, the Esexz Ransomware should be considered to be a non-decryptable threat – this means that its victims will not have access to free decryption tools. The primary purpose of this Trojan is to prevent its victims from using their files. It does this by encoding the contents of dozens of files, many of which are documents, media, archives,...

Qsayebk Ransomware

Posted: January 20, 2021 | Category: Ransomware
Qsayebk Ransomware is a threat that may reach your computer via pirated content, fake downloads or deceptive advertisements. You can only fall victim to the Qsayebk Ransomware attack if you download and run a non-trustworthy file. The best way to keep your data and computer safe from such threats is to rely on up-to-date anti-virus protection, as well as only to interact with legitimate websites and files. Falling victim to the Qsayebk Ransomware attack results in losing access to a large portion of your files. Many documents, images, videos, databases, archives, and other files will...

DIS Ransomware

Posted: January 19, 2021 | Category: Ransomware
The DIS Ransomware is a newly identified file-locker that has the ability to cause long-term damage to your file system. This malware's creators' goal is to lock you out of your files and then extort you for money. Their extortion plan is to offer a decryption service, but only if the victim agrees to pay a ransom fee of a few hundred dollars. Of course, the creators of this ransomware want to be paid via Bitcoin since this ensures their anonymity and makes it impossible to cancel the transaction. You should never trust ransomware creators and paying them should be a last resort. The DIS...

DeroHE Ransomware

Posted: January 19, 2021 | Category: Ransomware
The DeroHE Ransomware is a low-quality file-locker that is still very threatening. Its authors appear to be offering several paid decryption options, and they seem to be invested in a type of cryptocurrency called DERO. According to their ransom message, victims can pay about 200 DERO coins (worth about $100) in exchange for a decryption tool. Furthermore, the crooks claim that the price of DERO will jump to $100/coin soon, and the criminals will return $500 to the victim when this happens. Needless to say, the 'financial analysis' and promises of the cybercriminals shouldn't be trusted....

Blackheel Ransomware

Posted: January 19, 2021 | Category: Ransomware
Open-source file-lockers continue to be used by low-skilled cybercriminals who are interested in crafting their personalized ransomware variant. One of the latest threats to use this strategy is the Blackheel Ransomware. Fortunately, its authors have based their threat on the HiddenTear ransomware project, which uses a flawed encryption routine. This means that while the Blackheel Ransomware causes damage to your files, it should be possible to reverse the damages with the use of free decryption software. Although the Blackheel Ransomware may be decryptable for free, it is recommended to...
1 2 3 4 5 6 7 8 9 ... 370