Cerber Ransomware

Posted: March 4, 2016 | Category: Ransomware
The Cerber Ransomware is a file encryptor that takes your data hostage for the sake of selling it back in return for Bitcoin currency. The general unreliability of this means of saving your files causes it to be discouraged as a solution when, instead, a sufficiently sound backup strategy can make the Cerber Ransomware's attacks relatively ineffectual. Due to the danger that the Cerber Ransomware poses to your system, data, and Web browser, malware analysts rate the Cerber Ransomware as a significant threat that should be uninstalled by dedicated anti-malware tools. The Cerber Ransomware...

GozNym

Posted: April 15, 2016 | Category: Trojans | Threat Level: 8/10
GozNym is a spyware program in deployment against prominent financial institutions, such as banks currently. This threat combines code from two previous Trojans while delivering itself through specially-crafted e-mail content. Because malware experts have rated GozNym as a sophisticated, high-level threat with the potential for collecting data, PC users should protect their machines by using dedicated anti-malware tools for deleting GozNym infections, rather than trying to detect this threat by eye. Although threat developers may recycle code from old threats to spawn new ones, in most...

WebDiscover Browser

Posted: July 3, 2015 | Category: Browser Hijackers | Threat Level: 5/10
The WebDiscover Browser is a type of a potentially unwanted program. It can be categorized as a browser hijacker of sorts. WebDiscover is distributed both as an installer download on its official website, as well as through software bundle installers. Software bundles often don't have sufficient disclosure of the features and items they come packed with, which is why potentially unwanted programs often piggy-back in freeware bundles. WebDiscover is a rather obtrusive web search bar that docks a search box on top of your desktop. However, you can neither move, nor close or resize that bar....

GandCrab Ransomware

Posted: January 29, 2018 | Category: Ransomware
The GandCrab Ransomware is a severe-level, encryption-based malware threat which has plagued users all over the world throughout 2018. Similar to other notorious Ransomware threats in circulation, GandCrab sneaks into target PCs via exploit kits, malicious Javascript and document email attachments, as well as through a Ransomware-as-a-Service (RaaS) affiliate program, ultimately encrypting the victims' files without their knowledge. The affected users face complete data loss unless they pay the required ransom amount, predominantly in the form of аn obscure virtual currency called DASH....

Phobos Ransomware

Posted: October 23, 2017 | Category: Ransomware
Phobos is one of the most recent ransomware strains to join the increasingly large database of malware threats. While Phobos appears to be a new threat, much of its code bears some striking similarities to the code that built the infamous Dharma and Crysis ransomware families not long ago. Although most cybercriminals rely on malicious email links and attachments to distribute the ransomware payload to as many target PCs as possible, there has been a marked shift towards exploiting exposed Remote Desktop Protocols instead. By using readily available scanners, the crooks search for...

LockerGoga Ransomware

Posted: March 31, 2019 | Category: Ransomware
LockerGoga Ransomware is a file-locking trojan whose campaigns specialize in sabotaging Windows systems related to the industrial sector and other businesses. In addition to locking files and displaying its ransoming demands, LockerGoga Ransomware has a close relationship with backdoor attacks and may disable the infected machine's network connectivity. Updated anti-malware tools may remove LockerGoga Ransomware, and members of the relevant industries should guard their admin login credentials securely in self-defense. File-locker trojans are most notorious for harming small-scale,...

WannaCryptor Ransomware (WanaCrypt0r Ransomware)

Posted: March 29, 2017 | Category: Ransomware
WannaCryptor Ransomware (WanaCrypt0r Ransomware) The first major ransomware attack of 2017 involves the use of the WanaCrypt0r Ransomware, an improved version of the '.wcry File Extension' Ransomware which, unfortunately, leverages one of the leaked NSA exploits to exploit vulnerable computers running Windows XP. It is unknown which is the hacking group behind the WanaCrypt0r Ransomware attacks, but one thing is for certain – whoever they are, they certainly know what they are doing. The targets of the WanaCrypt0r Ransomware don't appear to b chosen randomly since most of the infected machines appear to belong to major companies in...

GayFreeVideos

Posted: July 24, 2009 | Category: Uncategorized

xHelper

Posted: August 30, 2019 | Category: Trojans | Threat Level: 8/10
xHelper is an Android Trojan that was discovered at the beginning of 2019, but it did not gain much attention due to lacking distinctive features or impressive reach. However, it seems that the operators of this Trojan are serious about its propagation, and xHelper is in the top ten list of most active Android threats currently. This Trojan appears to have two separate variants that are likely to be propagated in the same way – one of the functions in a semi-stealth mode, while the other one tries to be as stealthy as possible by disguising most of its components and keeps them far away...

MDRL Ransomware

Posted: August 1, 2019 | Category: Ransomware
The MDRL Ransomware is a new file-locking Trojan from the AES-Matrix Ransomware's Ransomware-as-a-Service. The MDRL Ransomware can lock your files with encryption, which places documents and other, prominent media formats in an extortionist, hostage situation. Users should back their work up for preventing this circumstance and have a trusted anti-malware program delete the MDRL Ransomware, or isolate it safely. File-locking Trojans from the AES-Matrix Ransomware 's family aren't up to the same numbers as their more-fecund counterparts in the underground industry, such as the Scarab...

Search Pulse

Posted: March 28, 2018 | Category: Potentially Unwanted Programs (PUPs)
The Search Pulse is a dubious extension for Google Chrome, which might promise to enhance the users' Web searching experience by introducing them to a brand new search engine, which features a set of convenient tools and utilities. Unfortunately, this is not what you are going to get when you install the Search Pulse because the search engine it promotes is not as reputable and functional as Yahoo, Google, Bing or other popular choices certainly. Users who opt to add the Search Pulse to Google Chrome will need to give this add-on the permission to change both their default search engine...

Trojan.Spy.SocStealer

Posted: November 5, 2017 | Category: Trojans | Threat Level: 8/10

How to Find Spyware with File Search Tool

Posted: June 6, 2006 | Category: Tutorials
Spyware can infect your computer and compromise your privacy, security and computer performance. Spyware is constanly changing and can infect your computer without you even being aware of it. Spyware can install onto your computer and gain access to sentitive information like your passwords, credi card numbers and emails. Spyware is very difficult to detect and remove so trying to uninstall it can prove to be a huge undertaking. If you suspect that your computer is infected with spyware, the best advice is to remove the spyware IMMEDIATELY before it exposes your computer to other...

How to Remove DLL Files

Posted: June 6, 2006 | Category: Tutorials
DLL (Dynamically Link Library) is an executable file that permits programs to share code to perform one or more predefined functions. A DLL file can be used by several programs at the same time. The benefit of having DLL files is that they don't get loaded into random access memory (RAM) along with the main program, which saves up space in RAM. So instead of all the coding being built into the program, it uses a particular DLL file that, with a simple call, can execute the operation for it. Most DLL files are essential for the running of your programs but there are other malicious...

Chameleon Malware

Posted: March 20, 2013 | Category: Malware | Threat Level: 6/10
Chameleon malware is a botnet-based Trojan that creates fraudulent 'clicks' on online advertisements as a money-generating scam. Based on current analyses, SpywareRemove.com malware researchers estimate that Chameleon malware doesn't throttle its fake clicks to hide itself from the PC user; as a result of these excessive numbers of fake advertisement clicks, your PC may suffer from poor speed or stability. Chameleon malware has been known to crash and restart itself frequently and is unlikely to be designed with the sophistication that more extensive botnets than itself are known to harbor....

Bad Image Virus

Posted: February 1, 2012 | Category: Fake Warning Messages
The Bad Image Virus, also known by the name 'Bad Image error,' is a symptom of infection by a Trojan or rogue security program that pretends to be a legitimate warning message from Windows. Although legitimate Bad Image pop-ups are indicative of damage to an application's files that should be repaired by reinstalling the program in question, fraudulent Bad Image pop-ups don't offer legitimate information about your PC and may be used to market scamware or confuse you about the state of your computer's health. Because the Bad Image Virus is likely to occur in a Trojan infection scenario,...

Microsoft Security Essentials Alert Virus

Posted: August 21, 2012 | Category: Fake Warning Messages
Microsoft Security Essentials Alert Virus The Microsoft Security Essentials Alert Virus is a ransomware Trojan that imitates the pop-up alerts of Microsoft Security Essentials to encourage you to pay an illegal fine through one of several methods. Because Microsoft Security Essentials Alert Virus may block other programs to prevent you from removing Microsoft Security Essentials Alert Virus and its pop-up, SpywareRemove.com malware analysts recommend disabling Microsoft Security Essentials Alert Virus's startup exploits prior to any anti-malware scans that could delete Microsoft Security Essentials Alert Virus safely. Contrary to...

Dishwasher Ransomware

Posted: November 1, 2019 | Category: Ransomware
The Dishwasher Ransomware is a new addition to the ever-growing number of file-locking malware threats. Its name comes from the core executable file of the threat called 'dishwasher.exe.' The goal of every ransomware is to infiltrate computer systems, following it with encryption of all the most widely used file types. Businesses might suffer significant losses if they lost access to their archives or client databases suddenly, while private users could find themselves locked out of their pictures, photos, videos or other important files. Nearly all ransomware demand payment in...

Decrypme Ransomware

Posted: November 1, 2019 | Category: Ransomware
The .decrypme ransomware is a new variant of the infamous MedusaLocker Ransomware. However, it comes with a new extension added to affected data - .decrypme – which is now joining the lines of older appendices such as .bomber, .locker16, .skynet, .boroff, .breakingbad, etc. In accordance with older MedusaLocker attacks, the new Decrypme ransomware is likely to apply a strong AES encryption algorithm in order to encrypt the targeted user’s data, and then use a public RSA-2048 key to encrypt the encryption key. The crooks in charge of Decrypme use the crypto-virus to encrypt dozens of...

SIFRELI Ransowmare

Posted: November 1, 2019 | Category: Ransomware
Security researchers spotted a new strain of ransomware being used in early November 2019. The reports of infections originate from Turkey almost entirely, which means the attack is very likely targeted and constrained within this country. The ransomware is named the Sifreli Ransomware, as per the extension it attaches to encrypted files. The SIFRELO Ransomware encrypts its victims' files and appends either the ".SIFRELI" or the ".SIFRELI_DOSYA" extension. The extension itself means "encrypted file" in the Turkish language. The ransom note is contained in a file named "fidye-uyari.txt,"...

SorryForThis Ransomware

Posted: October 31, 2019 | Category: Ransomware
A new ransomware threat called SorryForThis Ransomware has been detected in the wild. It is named after the extension it uses for the encrypted files - '.sorryforthis.' The criminals behind this malware may say that they are sorry, but that is not stopping them from extorting their victims for a significant amount of money in exchange for the restoration of the locked data. SorryForThis Ransomware was created using the Python programming language. The malware seeks to infiltrate vulnerable computer systems, encrypt all targeted files rendering them unusable, and demand money for their...

Start Ransomware

Posted: October 31, 2019 | Category: Ransomware
The .Start Ransomware is a crypto-virus belonging to the ever-growing Dharma/CrySiS Ransomware family. However, the new dog in the regiment comes with a new email contact namely starter@cumallover.me and appends the new ‘.start’ extension to the encrypted data. The latter may (or may not) be preceded by the victim’s unique ID number. Dozens of AV solutions are already capable of detecting the Start Ransomware. The ‘.start’ appendix is new to the Dharma Ransomware family, and that’s what differentiates its most recent offshoot from those, which came before. Albeit new, the .Start...

Asus Ransomware

Posted: October 31, 2019 | Category: Ransomware
A new strain of file-encrypting ransomware started making the rounds in late October 2019. Researchers are calling it the Asus Ransomware, after the file extension it appends to any encrypted file. It appears this new version is an offshoot of the Dharma Ransomware family. You can find more information about the Dharma Ransomware in our article on it here. The distribution method for the Asus Ransomware is the one most commonly used by ransomware actors in general - corrupted e-mail messages that contain either an attachment or a link to a site that hosts the payload. The Asus...

Encryptd Ransomware

Posted: October 30, 2019 | Category: Ransomware
The Encryptd Ransomware is a crypto-virus named after the extension it adds to every file it affects - .encryptd. However, there were scarce details about its overall behavior. Nevertheless, some of its features give researchers a clue in what the .Encryptd Ransomware may be all about. After bringing the encryption process to a successful end, this ransomware appends the ‘.encryptd’ suffix to damaged data and generates a ransom note. The latter is a text file dubbed 'README_FOR_DECRYPT.txt,' and its content is as follows: 'All your data has been locked(crypted). How to...

Nakw Ransomware

Posted: October 30, 2019 | Category: Ransomware
The Nakw Ransomware is a brand-new crypto-virus which, according to researchers, stems from the popular Djvu Ransomware breed. The malware applies a strong encryption algorithm, which renders the user’s files inaccessible unless a ransom is paid out in exchange for a decryption tool. The encrypted files are recognizable easily thanks to the ‘.nakw’ appendix, which is added next to the encrypted file real extension. Unlike other popular ransomware threats out there, the Nakw Ransomware does not demand Bitcoin or other cryptocurrency. Rather, it demands real money, as set out in the ransom...

Mespinoza Ransomware

Posted: October 30, 2019 | Category: Ransomware
In late October 2019, a new variety of ransomware was spotted in the wild. There are few details concerning any relationships to larger families of existing ransomware, so researchers are calling the new strain by the handle used in the ransom demand email - Mespinoza Ransomware. The Mespinoza Ransomware affects a wide variety of file types, comprising all common extensions, including images, audio and music files, databases, office documents and PDF files. The encrypted files receive the .locker extension, which means that a file named "cat_and_dog.jpg" originally will become...

JayTHL Ransomware

Posted: October 30, 2019 | Category: Ransomware
A new ransomware sample is attacking users on a global scale this month. Known as the JayTHL virus, this new malware string seems to belong to the infamous SamSam Ransomware family. Recent research still does not reveal which hacking group stays behind it. However, the typical operational chain and the built-in encryption module suggest that JayTHL is being developed and operated by experienced hackers. The JayTHL Ransomware main distribution methods also are still undefined; yet crypto viruses usually infect their victims over phishing email campaigns, corrupted links on website...

Coot Ransomware

Posted: October 29, 2019 | Category: Ransomware
The Coot Ransomware is a file-locking Trojan that's part of the STOP Ransomware or Djvu Ransomware's family. The Coot Ransomware appends its extension onto files' names after locking them using encryption and asks for money through ransom notes. Paying the ransom doesn't unlock anything automatically, however, and users should depend on backup solutions combined with anti-malware services that can remove the Coot Ransomware safely. As propagation-heavy as the STOP Ransomware 's family business is, there remains room for more versions of it in the wild, as the Coot Ransomware's campaign...

FuxSocy Ransomware

Posted: October 29, 2019 | Category: Ransomware
A new ransomware strain that borrows large chunks of code from the now infamous Cerber Ransomware has been detected in the wild. First discovered by cybersecurity expert, the malware goes by the name FuxSocy Encryptor, which, apparently, is inspired by the FSociety hacking group from the hit TV series Mr. Robot. The FuxSocy Ransomware follows the typical ransomware model of behavior - it infiltrates the user computer, uses strong encryption algorithms to lock the targeted files, and then demands a ransom from the victim in exchange for a decryptor tool that can restore the data. While it...

Xda Ransomware

Posted: October 29, 2019 | Category: Ransomware
The Xda Ransomware is a new strain that appeared in late-October 2019. However, it is believed to be an offshoot of the Dharma/Crysis Ransomware clan. In accordance with older Dharma attacks, this new variant assigns a unique nine-character ID number to each victimized PC. The ID number is a random mixture of numbers and letters and forms the first part of the extension appended to each encrypted file. It is then followed by the email contact provided by the crooks behind the attack. A .xda appendix rounds out the whole thing so that it looks like this: [File name].[File...

Bot Ransomware

Posted: October 29, 2019 | Category: Ransomware
The Bot Ransomware is a new variant of the infamous Dharma Ransomware that comes with a new extension added to the encrypted data, as well as a new email contact for getting in touch with the crooks behind it. Everything else in terms of features and modus operandi is practically identical to the Dharma Ransomware . While a typical Dharma Ransomware attack may feature one appendix or another, never before has it appended the ‘.id-XXXXXXX.[admin@sectex.net].bot!’ extension to each file it encrypts. Nor has it featured the contact email admin@sectex.net, either. However, if victims do...

CCryptor Ransomware

Posted: October 29, 2019 | Category: Ransomware
A new ransomware is on the loose. Security researchers spotted the new threat in late October 2019 and are calling it the CCryptor Ransomware. The CCryptor Ransomware is distributed primarily through phishing emails that contain malicious links and exploit vulnerability CVE-2017-11882 on Windows machines. The CCryptor Ransomware uses the RSA and AES256 encryption, and in addition to being ransomware, it's also a delayed wiper. The CCryptor Ransomware gives its victims four days to pay the ransom, and if payment is not made within that time frame, all data in the encrypted files will be...
1 2 3 4 5 6 7 8 9 10 11 330