WebDiscover Browser

Posted: July 3, 2015 | Category: Browser Hijackers | Threat Level: 5/10
The WebDiscover Browser is a type of a potentially unwanted program. It can be categorized as a browser hijacker of sorts. WebDiscover is distributed both as an installer download on its official website, as well as through software bundle installers. Software bundles often don't have sufficient disclosure of the features and items they come packed with, which is why potentially unwanted programs often piggy-back in freeware bundles. WebDiscover is a rather obtrusive web search bar that docks a search box on top of your desktop. However, you can neither move, nor close or resize that bar....

Cerber Ransomware

Posted: March 4, 2016 | Category: Ransomware
The Cerber Ransomware is a file encryptor that takes your data hostage for the sake of selling it back in return for Bitcoin currency. The general unreliability of this means of saving your files causes it to be discouraged as a solution when, instead, a sufficiently sound backup strategy can make the Cerber Ransomware's attacks relatively ineffectual. Due to the danger that the Cerber Ransomware poses to your system, data, and Web browser, malware analysts rate the Cerber Ransomware as a significant threat that should be uninstalled by dedicated anti-malware tools. The Cerber Ransomware...

GozNym

Posted: April 15, 2016 | Category: Trojans | Threat Level: 8/10
GozNym is a spyware program in deployment against prominent financial institutions, such as banks currently. This threat combines code from two previous Trojans while delivering itself through specially-crafted e-mail content. Because malware experts have rated GozNym as a sophisticated, high-level threat with the potential for collecting data, PC users should protect their machines by using dedicated anti-malware tools for deleting GozNym infections, rather than trying to detect this threat by eye. Although threat developers may recycle code from old threats to spawn new ones, in most...

WannaCryptor Ransomware (WanaCrypt0r Ransomware)

Posted: March 29, 2017 | Category: Ransomware
WannaCryptor Ransomware (WanaCrypt0r Ransomware) The first major ransomware attack of 2017 involves the use of the WanaCrypt0r Ransomware, an improved version of the '.wcry File Extension' Ransomware which, unfortunately, leverages one of the leaked NSA exploits to exploit vulnerable computers running Windows XP. It is unknown which is the hacking group behind the WanaCrypt0r Ransomware attacks, but one thing is for certain – whoever they are, they certainly know what they are doing. The targets of the WanaCrypt0r Ransomware don't appear to b chosen randomly since most of the infected machines appear to belong to major companies in...

Phobos Ransomware

Posted: October 23, 2017 | Category: Ransomware
Phobos is one of the most recent ransomware strains to join the increasingly large database of malware threats. While Phobos appears to be a new threat, much of its code bears some striking similarities to the code that built the infamous Dharma and Crysis Ransomware families not long ago. Although most cybercriminals rely on malicious email links and attachments to distribute the ransomware payload to as many target PCs as possible, there has been a marked shift towards exploiting exposed Remote Desktop Protocols instead. By using readily available scanners, the crooks search for...

GandCrab Ransomware

Posted: January 29, 2018 | Category: Ransomware
The GandCrab Ransomware is a severe-level, encryption-based malware threat which has plagued users all over the world throughout 2018. Similar to other notorious Ransomware threats in circulation, GandCrab sneaks into target PCs via exploit kits, malicious Javascript and document email attachments, as well as through a Ransomware-as-a-Service (RaaS) affiliate program, ultimately encrypting the victims' files without their knowledge. The affected users face complete data loss unless they pay the required ransom amount, predominantly in the form of аn obscure virtual currency called DASH....

LockerGoga Ransomware

Posted: March 31, 2019 | Category: Ransomware
LockerGoga Ransomware is a file-locking trojan whose campaigns specialize in sabotaging Windows systems related to the industrial sector and other businesses. In addition to locking files and displaying its ransoming demands, LockerGoga Ransomware has a close relationship with backdoor attacks and may disable the infected machine's network connectivity. Updated anti-malware tools may remove LockerGoga Ransomware, and members of the relevant industries should guard their admin login credentials securely in self-defense. File-locker trojans are most notorious for harming small-scale,...

How to Remove DLL Files

Posted: June 6, 2006 | Category: Tutorials
DLL (Dynamically Link Library) is an executable file that permits programs to share code to perform one or more predefined functions. A DLL file can be used by several programs at the same time. The benefit of having DLL files is that they don't get loaded into random access memory (RAM) along with the main program, which saves up space in RAM. So instead of all the coding being built into the program, it uses a particular DLL file that, with a simple call, can execute the operation for it. Most DLL files are essential for the running of your programs but there are other malicious...

GayFreeVideos

Posted: July 24, 2009 | Category: Tracking Cookies
GayFreeVideos is a tracking cookie that may be used by various pornographic or explicit content websites. The access of the GayFreeVideos tracking cookie may take place when visiting porn sits where certain site settings or preferences are stored. The access of the GayFreeVideos cookie could lead to pornographic sites offering other services or lead to other malware downloads through the site, as it is common for porn sites to be a source of malware. Computer users wanting to rid their system of unnecessary or unwanted tracking cookies like GayFreeVideos are recommended to utilize an...

What is CLSID?

Posted: August 10, 2009 | Category: Tutorials
A CLSID is an acronym used to describe a software application's class ID or "class identifier." In other words, a CLSID is a unique identification number given to software applications or software components to function as a kind of 'social security number' for any particular piece of software. CLSIDs form a subcategory of 'Globally Unique Identifiers,' or GUIDs, that are regularly used in COM, and as such, CLSIDs are used to specifically identify COM objects. COM, or "Component Object Model", is a Microsoft architectural model that is applied to component software applications and...

Random Music Playing Virus

Posted: October 8, 2013 | Category: Viruses | Threat Level: 8/10
The Random Music Playing Virus is a colloquial phrase identifying browser hijackers and other PC threats that load audio clips under arbitrary conditions – and, it goes without saying, without your consent. While Random Music Playing Viruses were more popular in earlier years prior to the reorganization of the threat industry as a black market business institution, occasionally a Random Music Playing Virus still is seen attacking modern computers. SpywareRemove.com malware researchers only can suggest generalized good Web-browsing habits, along with using anti-malware software as necessary,...

Spidey Bot

Posted: October 25, 2019 | Category: Botnets
It is not uncommon for cybercriminals to abuse the files of legitimate software suites to implant malware on the computers of their victims. One of the recent malware families that makes use of this strategy is called Spidey Bot, and it aims to make changes to the files used by Discord, a popular messaging and voice application that is usually used by gamers. When the Spidey Bot plants its code in a Discord file, it will restart the application to ensure that the corrupted modules will be loaded – one of the easiest ways to ensure that your Discord installation has not been infected is to...

MessedUp Ransomware

Posted: October 20, 2020 | Category: Ransomware
The MessedUP Ransomware can mess up your files really badly if you do not have the required anti-virus software to keep you safe from viruses like this one. Unfortunately, users who fall victim to the MessedUP Ransomware's attack may have limited data recovery options because of this Trojan's secure file-encryption routine. It generates an exclusive encryption key for each victim it infects and then transfers it to the attackers' control servers. Decrypting the files without this key is an impossible task. The only reliable way to undo the MessedUP Ransomware's damage is to restore locked...

Easy2Lock Ransomware

Posted: October 20, 2020 | Category: Ransomware
The Easy2Lock Ransomware is a threat that has the ability to cause damage to many important files stored on infected computers. When a file is locked, it will add the '.easy2lock' extension to its name. Instead of dropping a single ransom note, the Easy2Lock Ransomware delivers as many ransom messages as there are encrypted files – for example if the ransomware locked the file 'document.xlsx,' it also would deliver the ransom note 'document.xlsx.easy2lock_read_me.' Victims of the Easy2Lock Ransomware are told to contact the emails leroy3564@protonmail.com, donovan4039@airmail.cc, and...

Encrp Ransomware

Posted: October 19, 2020 | Category: Ransomware
The Encrp Ransomware is a previously unidentified file-locker that, surprisingly, does not share code with any of the trending ransomware families of 2020. Usually, ransomware operators tend to rely on ready-to-use file-lockers, which can be tailored to fit their needs easily. However, it seems that the crooks behind the Encrp Ransomware have decided to write one from scratch, and, sadly, their plan has been somewhat successful. The Encrp Ransomware uses a file-encryption routine, which cannot be cracked for free at the moment – victims can only restore their files reliably if they have a...

Efji Ransomware

Posted: October 19, 2020 | Category: Ransomware
The Efji Ransomware is a spin-off of the very active STOP Ransomware family. Sadly, victims of the Efji Ransomware attack may be unable to restore their data for free because there is no free way to reverse the encryption, which the STOP Ransomware and its variants use. The Efji Ransomware is just one of the many file-lockers to use the  STOP Ransomware  source code, and its creators are asking for a ransom payment of $490 in exchange for their assistance. They also offer to provide free decryption for one file so that the victim will have some reassurance that their files can be fixed....

MaMoCrypt Ransomware

Posted: October 19, 2020 | Category: Ransomware
Advanced Persistent Threat (APT) actors often rely on extortion techniques to monetize their campaigns. Modern organizations of this sort often employ ransomware modules or data theft malware to get their victims to pay some money. However, there are some inconsistencies in this rule, like the DeathStalker APT. This organization's campaigns were analyzed and connected properly only recently, and researchers believe that the group's first attacks might date back to 2012. However, the most notable spike in their activity occurred around 2018, and it piqued the curiosity of security experts...

See_read_me Ransomware

Posted: October 16, 2020 | Category: Ransomware
The See_read_me Ransomware is a file-locking Trojan and variant of the Adhubllka Ransomware, which conducts similar, encryption-based attacks. Along with blocking files, it creates a text ransom note that promotes its TOR data-unlocking service and inserts new extensions into files' names. Appropriate backups will mitigate all data loss sufficiently, and cyber-security products can prevent infections or uninstall the See_read_me Ransomware. As a semi-noteworthy event in the threat landscape, another single Trojan starts up a possible family, with the Somali-like  Adhubllka Ransomware...

Mmpa Ransomware

Posted: October 16, 2020 | Category: Ransomware
The Mmpa Ransomware is a file-locking Trojan that's part of the STOP Ransomware family. This Ransomware-as-a-Service may use illicit torrents or similar exploits to compromise Windows computers and block their files with its custom encryption. Since decryption solutions are limited, users should have backups secure for recovery and protect their systems with anti-malware services that can remove the Mmpa Ransomware. Windows systems have a new target on their backs from the campaign of the Mmpa Ransomware, another branch of STOP Ransomware 's family tree. This group of Trojans, also...

EKING Ransomware

Posted: October 15, 2020 | Category: Ransomware
The EKING Ransomware is a file-locking Trojan that's a variant of the Phobos Ransomware. The EKING Ransomware uses a custom encryption method for blocking media on the PC while also deleting backups and disabling associated security or file management tools. Users with secure backups on other devices should have no recovery issues, and cyber-security products should counteract attacks and remove the Trojan. Macros and other 'advanced' document or spreadsheet content tend to figure in many file-locking Trojans' campaigns. Thanks to the numerous exploits possible through such attacks,...

Artemis Ransomware

Posted: October 15, 2020 | Category: Ransomware
The Artemis Ransomware is a file-locking Trojan that can block media such as documents with its encryption routine. It's a relative of the PewPew Ransomware and includes that threat's signature features, such as the HTA ransom note. Users with protected backups should find recovery easy, although traditional security products should block the Artemis Ransomware attacks and remove the threat immediately. The  PewPew Ransomware , a recently-appearing Trojan family, already is splitting off into variants, with unknown threat actors taking advantage of the new tools for extortion. The...

Osnoed Ransomware

Posted: October 14, 2020 | Category: Ransomware
The Osnoed Ransomware is a file-locking Trojan that blocks media on users' computers through encrypting the files. It's estimated as a variant of a previous Trojan, Babax, although the data-blocking feature is new to this version. Users with backups can protect their work from harm, and most standard security products should remove the Osnoed Ransomware as a threat. The GitHub project, the  Babax Stealer , is returning with an unknown threat actor's help, whose programming enhancements include a module with data-blocking capabilities. The shift in features makes the Osnoed...

MERIN Ransomware

Posted: October 13, 2020 | Category: Ransomware
The MERIN Ransomware is a file-locking Trojan that comes from the NEFILIM Ransomware family. The MERIN Ransomware includes features for blocking files by encrypting them and creating ransom notes, and attackers may install it after hacking targets through software vulnerabilities. As in most cases, backups are the only guarantee for recovery of any data, although dedicated anti-malware services can limit damages by quarantining or removing the MERIN Ransomware. One Trojan family with the oddly-chosen theme of Hewbrew's Nephilim, translatable as either 'giants' or 'fallen angels,' is...

Foqe Ransomware

Posted: October 13, 2020 | Category: Ransomware
The Foqe Ransomware is a file-locking Trojan that's from a Ransomware-as-a-Service known as the STOP Ransomware or the Djvu Ransomware. The Foqe Ransomware keeps files hostage by encrypting their data and performs associated attacks for extorting money out of the victim. Users can best preserve their files from these attacks by backing them up and having anti-malware protection for deleting the Foqe Ransomware without delay. The arguably poorly-chose name of the  STOP Ransomware  for one of the earliest and family-defining campaigns of a Ransomware-as-a-Service continues proving...

CURATOR Ransomware

Posted: October 13, 2020 | Category: Ransomware
The CURATOR Ransomware is a file-locking Trojan of an unknown family. The CURATOR Ransomware blocks the user's files in multiple locations to ransom the unlocking service. Users with surviving backups can recover while ignoring the ransom note, although dedicated anti-malware tools are preferable for uninstalling the CURATOR Ransomware, in either case. A file-locking Trojan dropping notes reminiscent of older campaigns proves, once more, that it's never a safe time to take one's server and home PC backups for granted. While most file-locking Trojans of 2020 owe their brief lives to a...

ZXCV Ransomware

Posted: October 12, 2020 | Category: Ransomware
The ZXCV Ransomware is a file-locking Trojan that's part of the Dharma Ransomware family, a Ransomware-as-a-Service. Infected PCs may show files that can't open due to being encrypted, as well as campaign-specific extensions, and ransom notes as pop-ups or text files. While the necessity of backups for data protection is inestimable, most users with credible anti-malware solutions can block and remove the ZXCV Ransomware on sight. In their haphazard naming conventions, ranging from movie media such as the Jigsaw Ransomware to totally-random strings (like most versions of the STOP...

Cryptme Ransomware

Posted: October 12, 2020 | Category: Ransomware
The Cryptme Ransomware is a file-locking Trojan without a connected family or Ransomware-as-a-Service. This threat's campaign targets employees in the educational sector, with document-based lures crafted for resembling homework assignments. Users should always have backups of their work and personal media for recovery from these attacks, and traditional security programs should block or remove the Cryptme Ransomware. Telecommuting classwork's rise is one of the many side effects of the Coronavirus epidemic. Like most events related to that disease, it's exploitable by bad actors. A...
1 2 3 4 5 6 7 8 9 10 11 359