It is an Internet Explorer toolbar that provides a web search service and pop-up blocker and also shows links to many, mostly adult web sites. Cram Toolbar changes the Internet Explorer default home page to a pornographic site and alters web browser's configuration. The threat is related to the infamous cracks.am site, which distributes illegal cracks for popular software. Cram Toolbar must be manually installed. It runs every time the user launches Internet Explorer. The following...

Inproc is a dialer that connects a compromised PC to the Internet by dialing premium rate phone numbers using a modem. Inproc also contacts certain remote web servers and may secretly download and install another dialer spyware without asking for user permission. The threat is bundled with some unsafe software. It also can get into the computer from many insecure web sites. The following files were created in the system:

Franvir is an Internet worm that spreads through file sharing networks using the Kazaa peer-to-peer application. It comes in files with meaningful names that trick the user into downloading and opening them. The following files were created in the system:

HeissSex is a dialer that connects a compromised PC to paid Internet resources providing adult content. The threat can get into the computer while visiting some pornographic web sites. HeissSex doesn't attempt to hide from the user. It shows an icon in the computer tray and shows a warning message explaining what a application does. Nevertheless, HeissSex acts as a computer service and automatically runs on every Windows startup. The following files were created in the system:

Getupdate, also known as Getup, is an adware application that serves commercial advertisements, changes web browser search settings and sends a user to undesirable web sites. It also downloads from the Internet and executes arbitrary files. Getupdate is able to automatically update itself. The threat is bundled with several advertising-supported products. It can also be manually installed. The following files were created in the system:

Onban is an adware spyware that serves unsolicited pop-up windows containing many commercial advertisements. The threat silently updates itself via the Internet. Onban is bundled with some ad-supported applications. It can also be manually installed. The adware runs on every Windows startup. The following files were created in the system:

Replace is an adware spyware that shows excessively large amount of unsolicited pop-up advertisements. The threat silently downloads from the Internet and executes arbitrary potentially harmful files. It also is able to update itself. Replace runs on every Windows startup. The following files were created in the system:

Brakkeshell is a dangerous backdoor that gives the attacker unauthorized remote access to a compromised PC. The spyware can be used to manipulate files, modify essential computer settings, manage computer services and running processes, restart or shutdown a PC. It also allows to download and execute arbitrary files and collect information about the infected computer. Brakkeshell automatically runs as a computer service on every Windows startup. The following newly produced Registry...

Stranget is a dangerous parasitical keylogger that records user keystrokes and steals many passwords. It also collects information about the infected computer and its network configuration, terminates running processes of most more or less popular antivirus applications, firewalls and other security-related software. Stranget sends gathered data to a predefined e-mail address or uploads it to a predetermined FTP server. The threat can download and execute arbitrary potentially harmful files....

Ragnarok is a backdoor Trojan that steals private information that's related to the online mmorpg Ragnarok Online. However, SpywareRemove.com malware experts have also found some instances where Ragnarok detections are false positives that are caused by the Ragnarok game itself. Use your own judgment and the assistance of appropriate anti-malware programs to determine whether you have a genuine spyware or a false alarm, before taking action against any file that's deemed to be infected by...

NeededWare is a malicious adware spyware that serves undesirable commercial advertisements, downloads from the Internet and silently installs other threats or unsolicited advertising applications. NeededWare is able to automatically update itself. It can get into the computer while visiting some insecure web sites. The threat is installed without asking for user permission. NeededWare runs on every Windows startup. The following newly produced Registry Values are: HKEY..\..\..\.....

Stefanie, also known as Stefan, is a specific Internet worm written in Visual Basic Script language. It spreads through file sharing networks using popular peer-to-peer softwares such as Kazaa, Morpheus, Grokster or BearShare. The spyware attempts to corrupt the computer by deleting the Windows Explorer and AIM messenger. It compromises overall computer security by disabling essential Windows tools and preventing antivirus applications, firewalls, security-related software and other widely...

CDT is a malicious adware spyware that shows unsolicited commercial pop-up advertisements and reduces computer security by modifying Internet Explorer essential security settings. The threat adds advertising, marketing, pornographic and similar insecure web resources into the web browser's Trusted Sites list. It also enables support for ActiveX controls and .NET components, allows to silently download and run harmful scripts and plugins and registers certain adware companies as trusted...

Dagonit is a dangerous backdoor that gives the remote attacker full unauthorized access to the compromised PC. The following files were created in the system:

Rontokbro is a rapidly spreading Internet worm that propagates by e-mail in messages with infected attachments. Once the user executes such an attachment, the spyware installs itself to the computer and runs its spreading routine. It scans the entire computer for e-mail addresses and sends itself there using own mail engine. Rontokbro modifies essential computer settings in order to disable standard Windows tools such as the Registry Editor or Command Prompt. It also immediately restarts a PC...

Gamanlock is a trojan designed to steal user confidential information. The spyware records passwords of popular online game Lineage and logs user keystrokes when the web browser opens certain web sites. Gathered data is secretly sent to predetermined remote servers. Gamanlock terminates running antivirus applications, firewalls, security-related tools and several other softwares and removes Windows standard audio files. The threat also blocks access to reputable web sites and security...

Suclove is a dangerous widely-spread Internet worm that propagates by e-mail in messages with infected attachments and through IRC chat networks using mIRC application. The spyware usually arrives in files that look like regular text documents, but actually have .exe extension and therefore are executable. Once the user runs such a file, Suclove secretly installs itself to the computer and initiates a spreading routine. It uses Microsoft Outlook to send harmful e-mail letters to all the...

RatedXXX is a dialer that connects a compromised PC to the Internet by dialing premium rate phone numbers using a modem. The threat also changes the Internet Explorer default home page to a web site on the wazzupnet.com domain. RatedXXX must be manually installed. The following files were created in the system:

Hesive is a dangerous backdoor that gives the attacker unauthorized remote access to a compromised PC. The threat allows the intruder to download, upload, run and manipulate files, execute many computer commands, terminate running processes, modify computer configuration through the registry, get OS and network information, etc. Hesive also attempts to steal user confidential data and transfer it to a predetermined remote server. The backdoor runs on every Windows startup. The...

Teensearch Bar is an Internet Explorer toolbar providing a web search service. It tracks user web browsing habits and sends gathered information to predetermined remote servers. The threat also records unique product ID of installed Windows operating computer and specific details of the main hard disk volume. Teensearch Bar is distributed through Active drive-by downloads and therefore can get into the computer while visiting some insecure web sites. The malware runs every time the user...