WebDiscover Browser

Posted: July 3, 2015 | Category: Browser Hijackers | Threat Level: 5/10
The WebDiscover Browser is a type of a potentially unwanted program. It can be categorized as a browser hijacker of sorts. WebDiscover is distributed both as an installer download on its official website, as well as through software bundle installers. Software bundles often don't have sufficient disclosure of the features and items they come packed with, which is why potentially unwanted programs often piggy-back in freeware bundles. WebDiscover is a rather obtrusive web search bar that docks a search box on top of your desktop. However, you can neither move, nor close or resize that bar....

Cerber Ransomware

Posted: March 4, 2016 | Category: Ransomware
The Cerber Ransomware is a file encryptor that takes your data hostage for the sake of selling it back in return for Bitcoin currency. The general unreliability of this means of saving your files causes it to be discouraged as a solution when, instead, a sufficiently sound backup strategy can make the Cerber Ransomware's attacks relatively ineffectual. Due to the danger that the Cerber Ransomware poses to your system, data, and Web browser, malware analysts rate the Cerber Ransomware as a significant threat that should be uninstalled by dedicated anti-malware tools. The Cerber Ransomware...

GozNym

Posted: April 15, 2016 | Category: Trojans | Threat Level: 8/10
GozNym is a spyware program in deployment against prominent financial institutions, such as banks currently. This threat combines code from two previous Trojans while delivering itself through specially-crafted e-mail content. Because malware experts have rated GozNym as a sophisticated, high-level threat with the potential for collecting data, PC users should protect their machines by using dedicated anti-malware tools for deleting GozNym infections, rather than trying to detect this threat by eye. Although threat developers may recycle code from old threats to spawn new ones, in most...

WannaCryptor Ransomware (WanaCrypt0r Ransomware)

Posted: March 29, 2017 | Category: Ransomware
WannaCryptor Ransomware (WanaCrypt0r Ransomware) The first major ransomware attack of 2017 involves the use of the WanaCrypt0r Ransomware, an improved version of the '.wcry File Extension' Ransomware which, unfortunately, leverages one of the leaked NSA exploits to exploit vulnerable computers running Windows XP. It is unknown which is the hacking group behind the WanaCrypt0r Ransomware attacks, but one thing is for certain – whoever they are, they certainly know what they are doing. The targets of the WanaCrypt0r Ransomware don't appear to b chosen randomly since most of the infected machines appear to belong to major companies in...

Phobos Ransomware

Posted: October 23, 2017 | Category: Ransomware
Phobos is one of the most recent ransomware strains to join the increasingly large database of malware threats. While Phobos appears to be a new threat, much of its code bears some striking similarities to the code that built the infamous Dharma and Crysis Ransomware families not long ago. Although most cybercriminals rely on malicious email links and attachments to distribute the ransomware payload to as many target PCs as possible, there has been a marked shift towards exploiting exposed Remote Desktop Protocols instead. By using readily available scanners, the crooks search for...

GandCrab Ransomware

Posted: January 29, 2018 | Category: Ransomware
The GandCrab Ransomware is a severe-level, encryption-based malware threat which has plagued users all over the world throughout 2018. Similar to other notorious Ransomware threats in circulation, GandCrab sneaks into target PCs via exploit kits, malicious Javascript and document email attachments, as well as through a Ransomware-as-a-Service (RaaS) affiliate program, ultimately encrypting the victims' files without their knowledge. The affected users face complete data loss unless they pay the required ransom amount, predominantly in the form of аn obscure virtual currency called DASH....

LockerGoga Ransomware

Posted: March 31, 2019 | Category: Ransomware
LockerGoga Ransomware is a file-locking trojan whose campaigns specialize in sabotaging Windows systems related to the industrial sector and other businesses. In addition to locking files and displaying its ransoming demands, LockerGoga Ransomware has a close relationship with backdoor attacks and may disable the infected machine's network connectivity. Updated anti-malware tools may remove LockerGoga Ransomware, and members of the relevant industries should guard their admin login credentials securely in self-defense. File-locker trojans are most notorious for harming small-scale,...

How to Remove DLL Files

Posted: June 6, 2006 | Category: Tutorials
DLL (Dynamically Link Library) is an executable file that permits programs to share code to perform one or more predefined functions. A DLL file can be used by several programs at the same time. The benefit of having DLL files is that they don't get loaded into random access memory (RAM) along with the main program, which saves up space in RAM. So instead of all the coding being built into the program, it uses a particular DLL file that, with a simple call, can execute the operation for it. Most DLL files are essential for the running of your programs but there are other malicious...

GayFreeVideos

Posted: July 24, 2009 | Category: Tracking Cookies
GayFreeVideos is a tracking cookie that may be used by various pornographic or explicit content websites. The access of the GayFreeVideos tracking cookie may take place when visiting porn sits where certain site settings or preferences are stored. The access of the GayFreeVideos cookie could lead to pornographic sites offering other services or lead to other malware downloads through the site, as it is common for porn sites to be a source of malware. Computer users wanting to rid their system of unnecessary or unwanted tracking cookies like GayFreeVideos are recommended to utilize an...

What is CLSID?

Posted: August 10, 2009 | Category: Tutorials
A CLSID is an acronym used to describe a software application's class ID or "class identifier." In other words, a CLSID is a unique identification number given to software applications or software components to function as a kind of 'social security number' for any particular piece of software. CLSIDs form a subcategory of 'Globally Unique Identifiers,' or GUIDs, that are regularly used in COM, and as such, CLSIDs are used to specifically identify COM objects. COM, or "Component Object Model", is a Microsoft architectural model that is applied to component software applications and...

Omegle Phishing Virus

Posted: August 8, 2019 | Category: Browser Hijackers | Threat Level: 5/10
The Omegle Phishing Virus is a general family of threats that may redirect you from the Omegle chat service to another, corrupted website. These attacks can use browser-hijacking software or settings, or even tactic artists that operate through Omegle, itself. Users can protect themselves by checking links for safety before clicking and keeping anti-malware programs on hand for deleting the Omegle Phishing Virus in its browser-hijacking variants. Omegle has garnered both modest fame and some notoriety from the semi-anonymous nature of its chat interface, but word of mouth is something...

'0800-015-4654' Pop-Ups

Posted: September 27, 2016 | Category: Adware | Threat Level: 2/10
The '0800-015-4654' pop-ups are corrupted messages that may impair a Web browser completely by preventing users from accessing any of their tabs, bookmarks or browser tools. The appearance of these pop-ups may often come as a complete surprise, because they might get to your Web browser either via threatening software or when you visit a low-quality website that promotes the '0800-015-4654' pop-ups. Some of the pages that may host these pop-ups are rockno20.xyz, rockno19.xyz, rockno21.xyz, rockno15.xyz and rockno18.xyz, but users do not have to visit these Web pages directly to see the...

LAZPARKING Ransomware

Posted: December 3, 2020 | Category: Ransomware
The LAZPARKING Ransomware is a newly detected file-locker, which is still being studied thoroughly. For now, it is certain that the LAZPARKING Ransomware has the ability to encrypt a rich list of file types, therefore causing severe damage to the infected computer's file system. Of course, the creators of the LAZPARKING Ransomware claim to be in possession of a decryption tool, which their victims can use as soon as they agree to pay a ransom fee via Bitcoin. The attackers' full instructions are found in the file '! LAZPARKING-MESSAGE.txt', which is dropped on all computers infected by the...

NORD Ransomware

Posted: December 2, 2020 | Category: Ransomware
The NORD Ransomware is a file-locking Trojan that attacks the user's digital media files and stops them from opening. As part of the small family of the DarkCrypt Ransomware, it delivers ransom notes in HTA and TXT formats similar to previous members, changes files' extensions, and has no free unlocking solution. Windows users should have backups for protecting any files and let traditional anti-malware utilities delete the NORD Ransomware as they detect it. The  DarkCrypt Ransomware  is a group of file-locker Trojans with far fewer variants than, for instance, the...

Fair Ransomware

Posted: December 1, 2020 | Category: Ransomware
The Fair Ransomware is a file-locking Trojan that targets Windows systems and encrypts their media, such as documents. As a variant of the Makop Ransomware, the Fair Ransomware uses a secure encryption routine and delivers a standardized text note that asks for a ransom to help with data recovery. Users should protect their backups for a safer restoration option for any files and have their favored anti-malware service remove the Fair Ransomware after detection. File-locking Trojans of the  Makop Ransomware  family make up far less space in the threat landscape relative to other...

RestorFile Ransomware

Posted: November 30, 2020 | Category: Ransomware
The RestorFile Ransomware is a file-locking Trojan or a threat that can block users' personal and work files by encryption or other methods. As part of AES-Matrix Ransomware's family, its encryption routine is probably secure, and victims will need backups for restoring files, typically. Proper security habits also can limit infection opportunities, and most anti-malware programs for Windows should readily delete the RestorFile Ransomware. The AES-Matrix Ransomware's threat actor is resorting to leaving off letters in e-mail addresses for the latest Trojan campaign, possibly, due to...

Weui Ransomware

Posted: November 30, 2020 | Category: Ransomware
The Weui Ransomware is a file-locker Trojan that's from the STOP Ransomware family. The Weui Ransomware can block files on Windows systems, digital media like documents, pictures, or audio, particularly, and withholds them while demanding a ransom. Users should have anti-malware products remove the Weui Ransomware immediately and recover from their last, secure backups as appropriate. The  STOP Ransomware , a Ransomware-as-a-Service that roams the world with near-infinite variants like the  Foqe Ransomware , the  MOOL Ransomware , the  Topi Ransomware  or the  Zwer...

SUKA Ransomware

Posted: November 30, 2020 | Category: Ransomware
The SUKA Ransomware is a file-locking Trojan that's part of a Ransomware-as-a-Service family, the Dharma Ransomware (or Crysis Ransomware). The SUKA Ransomware blocks documents, images, and similar media by securely encrypting the files, demanding a ransom for restoring them. Users should have backups on secondary storage or PCs for recovering any lost content and let their usual anti-malware solutions delete the SUKA Ransomware. Irony and insults may make appearances in Trojans' ransom notes, but rarely do they come together with such synergy as the SUKA Ransomware variant of the ...

Adr Ransomware

Posted: November 27, 2020 | Category: Ransomware
The Adr Ransomware is a file-locking Trojan that blocks media such as documents by encrypting it. The Adr Ransomware also removes the files' names and replaces them with random characters and a static 'adr' extension. All Windows users should have secure backups for restoring any affected media and let a preferred anti-malware solution remove the Adr Ransomware from infected computers. The way a file-locking Trojan gets onto a victim's computer is, perhaps, more critical than the well-established techniques it uses for harming any files. The Windows Trojan the Adr Ransomware runs with...

CoderWare Ransomware

Posted: November 27, 2020 | Category: Ransomware
The CoderWare Ransomware is a file-locking Trojan independent of Ransomware-as-a-Service or open-source families. The CoderWare Ransomware can block media like documents through encryption, like most threats of this type, and deliver ransom messages in pop-ups and text readme files. Windows users should have backups for recovering without paying and let their choice of cyber-security service uninstall the CoderWare Ransomware where appropriate. With the same sensationalism already established by Trojans like the Jigsaw Ransomware and the WannaCryptor Ransomware , new campaigns also...

FileEngineering Ransomware

Posted: November 26, 2020 | Category: Ransomware
The FileEngineering Ransomware is a file-locking Trojan that's not part of a known family. The FileEngineering Ransomware can block most files on Windows computers through encryption, adds extensions to their names with ransoming details, and creates security engineer-themed ransom notes in Notepad. Users with adequate backups should suffer little damage from infections, and most AV vendors should provide solutions for safely removing the FileEngineering Ransomware. Most file-locking Trojans, even ones without relationships with open-source projects or Ransomware-as-a-Services, recycle...

Fireee Ransomware

Posted: November 25, 2020 | Category: Ransomware
The Fireee Ransomware is a file-locking Trojan that's part of the small family of the Makop Ransomware. The Fireee Ransomware can block most files on infected Windows computers through encrypting them with AES and may conduct additional attacks, such as delivering extortionist ransom notes, changing files' names or wiping some backups. Users with anti-malware tools can remove the Fireee Ransomware safely and should use any unharmed backups for data restoration. Despite not being nearly one of the larger, nor even medium-sized families of file-locking Trojans, the appearance of near...

REDROMAN Ransomware

Posted: November 25, 2020 | Category: Ransomware
The REDROMAN Ransomware is a file-locking Trojan of an unknown family. It can block files with encryption, modify various network settings, and demand ransoms through three separate HTML notes. Users should ignore the ransoms and recover from any secured backup, if possible, while having their favored security solution remove the REDROMAN Ransomware from their computer. File-locking Trojans outside of Ransomware-as-a-Services are, frequently, less secure than their RaaS counterparts. However, this comes with a trade-off for any victims, who also face more possibilities in these...

World Ransomware

Posted: November 25, 2020 | Category: Ransomware
The World Ransomware is a file-locking Trojan that's part of the Dharma Ransomware family, a Ransomware-as-a-Service. Although RaaS infection methods may change with new affiliates, this family's payload is consistent, including blocking files with secure encryption, deleting backups, and creating ransom notes. Users should invest in appropriate backups for recovering from infections after a preferred security solution removes the World Ransomware. For threat actors with interests in extortion, the free options for file-locking Trojans abound. Therefore, it says something about the...

1500dollars Ransomware

Posted: November 24, 2020 | Category: Ransomware
The 1500dollars Ransomware is a file-locking Trojan of the Phobos Ransomware family that can block digital media by encrypting the files' internal data. The 1500dollars Ransomware also includes stereotypical symptoms such as adding extensions or creating ransom notes. As always, users should have backups for getting their work back without issue and have dedicated security services safely delete the 1500dollars Ransomware. As a spin-off of the still-running Crysis Ransomware 's Ransomware-as-a-Service, the Phobos Ransomware remains of interest as a concurrent but competing business...

Cvc Ransomware

Posted: November 24, 2020 | Category: Ransomware
The Cvc Ransomware is a file-locking Trojan that's part of the family of the Dharma Ransomware. The Cvc Ransomware can block media files from opening through its encryption feature while asking for a ransom through generic warning messages. Users with externally-secured backups are in little danger from this threat, although they still should have suitable PC security solutions to remove the Cvc Ransomware. With many Ransomware-as-a-Service campaigns, the next Trojan variant is a chameleon differing from its ancestors in few ways, besides addresses, random ID strings and some cosmetic...

Dulgtv Ransomware

Posted: November 23, 2020 | Category: Ransomware
The Dulgtv Ransomware is a file-locking Trojan that's part of Xorist Ransomware's family, a freeware Trojan project. The Dulgtv Ransomware can stop files from opening by encrypting their internal data and adds extensions to their identification names. Users can restore from backups or with a free decryption solution but should safely remove the Dulgtv Ransomware first through traditional anti-malware tools. File-locking Trojans may come from almost anywhere, but some wellsprings last longer than others – like Trojan-generating 'builder' applications. The Dulgtv Ransomware is one of the...
1 2 3 4 5 6 7 8 9 ... 365