Track Global Malware Trends
View the trending of malware based on the "detection count" reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Spam Alert: Phishing Email Scam Titled ‘Bank of America Alert: Account Suspended’
We recently discovered a new phishing scam from a Bank of America spam email message that attempts to warn a computer user of an 'invalid login' resulting in a 'suspended banking account'. The spam message is ultimately a phishing scam that tries to lure computer users to a phishing site to...
Top 5 Popular Cybercrimes: How You Can Easily Prevent Them
Over the course of the past few years, hackers and cybercrooks armed with sophisticated malware have stolen literally hundreds of millions of dollars from online banking accounts and individuals all over the world. We have said it many times before in recent articles , the days of robbing...

Top Articles

Play-bar.net

The Play-bar.net search aggregator is similar to Ultimate-search.net , and it is a questionable service that is promoted by a browser hijacker. The Play-bar.net site is operated by Blisbury LLP and features a small search bar, a weather forecast in the top right corner and a clock widget in the top left corner. Additionally, the Play-bar.net site may offer users to play Adobe Flash games on online gaming platforms like Princess Games , GamesRockit and TikiArcade . The browser hijacker related to Play-bar.net is written with the purpose of diverting the Internet traffic of infected users to Play-bar.net and earn affiliate revenue. The Play-bar.net browser hijacker may modify your DNS settings and change your default search aggregator, homepage and a new tab to Play-bar.net. The Play-bar.net browser hijacker might edit your Windows...

Posted on October 14, 2015 in Browser Hijackers

Cerber Ransomware

The Cerber Ransomware is a ransomware infection that is used to encrypt the victims’ files. The Cerber Ransomware adds the extension CERBER to every file that the Cerber Ransomware encrypts. After the Cerber Ransomware has encrypted some of the files of the victim, the Cerber Ransomware demands the payment of a ransom in exchange for the decryption key. According to Cerber Ransomware’s ransom note, computer users have one week to pay the ransom amount before this amount is doubled. The Cerber Ransomware Contains an Audio Message As the Cerber Ransomware encrypts the victim’s files, it creates TXT, HTML, and VBS files named ‘DECRYPT MY FILES’ with instructions on how to pay the Cerber Ransomware’s ransom. These files are dropped on every folder that contains files that were encrypted by Cerber...

Posted on March 4, 2016 in Ransomware

Cerber3 Ransomware

The Cerber3 Ransomware is a new version of a well-known ransomware Trojan. The Cerber Ransomware Trojan now uses a slightly different method during its attack. The main difference is that the files infected by the Cerber3 Ransomware can be identified through the use of .CERBER3 as the extension that identifies the files that have been encrypted in the attack. PC security analysts had observed a Cerber2 variant of this attack previously. This numbering system may indicate new versions of software, and threats are no exception. The appearance of the Cerber3 Ransomware indicates that the Cerber ransomware family is being developed and updated currently. The Cerber3 Ransomware and Possible Updates to this Threat The Cerber3 Ransomware was discovered recently, around the end of August of 2016. The Cerber3 Ransomware presents minor...

Posted on September 1, 2016 in Ransomware

DNS Unlocker

The DNS Unlocker is adware that has caught the attention of PC security researchers. Many computer users have been using programs like the DNS Unlocker to bypass region-locking components in online applications. The DNS Unlocker, in particular, has been advertised as a way for computer users to access Netflix for regions outside of their location. PC security analysts strongly recommend against this approach. There are numerous applications available that supposedly allow computer users to modify their IP or connect to certain websites that are blocked for certain regions. However, this is a common way for adware developers to distribute their low-level and mid-level threats. In several situations, it may be better to avoid using these types of components or looking for reputable options even if they are slightly more expensive than...

Posted on June 15, 2015 in Adware

Tavanero.info

Tavanero.info is a bogus search engine that is associated with a PUP (Potentially Unwanted Program). Tavanero.info attempts to mimic the look and feel of the Google search engine to mislead computer users. Tavanero.info uses the Google logo colors in its layout and even includes the term ‘GoogleTM Custom Search,’ despite the fact that Tavanero.info has no affiliations with Google. Tavanero.info should be considered for what it is, a bogus search engine that may be used to expose computer users to potentially harmful online advertisements and content. There is no legitimate connection between Tavanero.info and Google, despite this fake search engine’s claims. The Activities of Tavanero.info and Its Associated PUP Tavanero.info is linked to a type of PUP known as a browser hijacker, mainly because these components...

Posted on September 6, 2016 in Browser Hijackers

Tech-connect.biz

If Tech-connect.biz start appearing as your homepage and search engine, this means that your computer is housing a browser hijacker. Then you wonder how it could have happened if wasn’t you who introduced Tech-connect.biz on your machine. The answer is very simple; browser hijackers may be part of the installation of a free software you downloaded from the Web recently. This is a well-used method since the computer users may be in a hurry when installing the free program they need and instead of choosing ‘Advanced’ or ‘Custom,’ used the quickest installation method, skipping its EULA and additional details, giving the browser hijacker, adware, and PUPs, the permission to be installed unknowingly. Although not threatening, Tech-connect.biz may cause a series of inconveniences to the computer users, such as...

Posted on September 15, 2016 in Browser Hijackers

Antivirus Security Pro

Antivirus Security Pro screenshot

Antivirus Security Pro is a rogue security application that belongs to a large family of rogue security software known as . Antivirus Security Pro is a fake security program that is disguised as a legitimate anti-virus application. Antivirus Security Pro does this by displaying false positives and bogus security warnings on the victim’s computer. There are several ways in which criminals distribute Antivirus Security Pro, including malicious attack websites and spam email messages containing malicious attachments. Security analysts consider that Antivirus Security Pro presents a threat to your computer. Because of this, ESG security researchers strongly recommend that computer...

Posted on August 22, 2013 in Rogue Anti-Spyware Program

Zepto Ransomware

The Zepto Ransomware is a variant of the Trojan Locky Ransomware . The Zepto Ransomware is designed to infect all versions of the Windows operating system, from Windows XP all the way to Windows 10. Ransomware Trojans like the Zepto Ransomware are especially threatening because, even if removed, the victim’s files will still be inaccessible. Essentially, the Zepto Ransomware takes the victim’s files hostage, encrypting them and demanding the payment of a ransom to decrypt them. Since the files encrypted by the Zepto Ransomware are impossible to recover without access to the decryption key, PC security analysts advise that computer users take immediate preventive measures to avoid becoming victims of this and similar ransomware Trojan attacks. The Files Encrypted by the Zepto Ransomware may be Lost Forever When the...

Posted on June 29, 2016 in Ransomware

CryptoLocker Ransomware

CryptoLocker Ransomware screenshot

The CryptoLocker Trojan is a ransomware infection that encrypts the victim’s files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim’s computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user’s files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer...

Posted on September 11, 2013 in Ransomware

CryptoWall Ransomware

CryptoWall Ransomware screenshot

The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the...

Posted on May 12, 2014 in Ransomware

RelevantKnowledge

RelevantKnowledge screenshot

RelevantKnowledge is software that exists in a moral grey area. RelevantKnowledge is widely considered spyware, because RelevantKnowledge will collect huge amounts of information about your Internet usage, and then use that information to put together even more information about you. That information is then sold, anonymously, either individually or as part of aggregate data. Given the way that RelevantKnowledge is installed on most computers, it is unlikely that most of those users are fully aware of the facts about RelevantKnowledge. What RelevantKnowledge is, and Where it Comes From RelevantKnowledge is a product of the company MarketScore, formerly called Netsetter....

Posted on April 8, 2005 in Adware

From Doc to Pdf Toolbar

From Doc to Pdf Toolbar is an unwanted toolbar/ adware application, which is advertised via other freeware and shareware program downloads to benefit from this. From Doc to Pdf Toolbar modifies the default homepage with Home.tb.ask.com and the default search provider with Search.tb.ask.com. From Doc to Pdf Toolbar installs a Browser Helper Object (BHO) that might corrupt, Internet Explorer, Google Chrome or Mozilla Firefox. From Doc to Pdf Toolbar is used to increase web traffic and make a profit from deceptive advertising by using blackhat SEO methods. PC users should always pay attention while installing software products because often, a software installer carries optional installations, such as From Doc to Pdf Toolbar. From Doc to Pdf Toolbar infiltrates into the attacked computer using misleading tactics without the victimized PC...

Posted on July 24, 2013 in Malicious Toolbars

OnlineMapFinder

OnlineMapFinder is a potentially unwanted program (PUP) that may install a potentially unwanted Ask.com powered toolbar. As component of the download process for the toolbar, the PC user may be given the option to reset the default start page and/or reset the new tab window to an Ask start page and a new tab window. This may give related links and results when the computer user makes a search query in the Web browser address bar, or if his browser address (DNS) request is invalid, misspelled or incorrectly formatted. OnlineMapFinder may set a search box within the toolbar which may help the computer user search online with search results from its search results partner.

Posted on March 4, 2014 in Potentially Unwanted Programs

Elex Hijacker

The Elex Hijacker is a Web browser hijacker that may take over a Web browser, change its homepage and other settings and prevent computer users from restoring their Web browser to its default setting. The Elex Hijacker may be associated with a variety of other unwanted symptoms. The main reason that makes the Elex Hijacker is considered a browser hijacker is because its main purpose is to take over a Web browser to force computer users to view certain websites repeatedly and open new Web browser windows and tabs while the computer users attempt to use their computers. The Elex Hijacker is promoted as a useful Web browser extension or add-on. However, PC security researchers have determined that the Elex Hijacker does not offer any useful or beneficial service. Rather, the Elex Hijacker is designed to make money at the expense of...

Posted on December 12, 2015 in Browser Hijackers

Social2Search Ads

Computer users that favor social media when it comes to choosing a fast and reliable method for staying connect to their friends may be interested in the Social2Search software. The Social2Search program is advertised as ‘a social search engine that gives you access to the knowledge of your friends.’ In other words, the Social2Search software allows you to use a custom search engine at Social.search.com to browse content that your contacts like, share and upload to Facebook, Twitter, Instagram, Pinterest, LinkedIn and Google+. The Social2Search application works as a browser extension that might change your default search engine and homepage settings to customize your Internet experience. The idea behind the Social2Search extension may sound great, but you should avoid installing it. Security researchers reveal that the...

Posted on May 5, 2016 in Adware

CounterFlix

The Counterflix software is advertised as an application that can allow users to load geo-restricted content from services like Hulu, Pandora and Netflix. PC users that live in countries like India, China, and Russia, where Internet censorship applies may be interested in installing Counterflix. The services provided by Counterflix are available through the app and the modification of your DNS configuration. The setup page for Counterflix can be found at Counterflix.com and users will need to edit their system settings to install the Counterflix correctly. You should note that the Counterflix software is provided on an “As-Is” basis and you will not receive support from its developers. Unfortunately, the makers of Counterflix do not provide contact information like a Facebook page or a Twitter account, which you may need in case...

Posted on October 2, 2016 in Adware

Cerber 4.0 Ransomware

The Cerber 4.0 Ransomware represents the next generation in development of the ‘.cerber’ line of encryption Trojans. The Cerber 4.0 Ransomware joins other threats like the ORX-Locker and the Stampado Ransomware , which are offered as Ransomware-as-a-Service package. The RaaS business was pioneered by Encryptor RaaS in early 2015 and the developers of Cerber want a share of the market for ransomware. It appears that the coders behind the Cerber 4.0 Ransomware decided to open their product to foreign programmers and benefit from the expanded distribution network. A New JS Loader, New Obfuscation Layers, Customizable Encryption Engine and More The Cerber 4.0 Ransomware is said to boast several significant improvements compared to the Cerber v3 . The Cerber v4 creates a unique file extension marker for every...

Posted on October 13, 2016 in Ransomware

‘.aesir File Extension’ Ransomware

The ‘.aesir File Extension’ Ransomware is one of the many variants of the Locky Ransomware Trojan that is being used in attacks against computer users currently. The ‘.aesir File Extension’ Ransomware is being distributed in a spam email campaign that uses fake emails from the Internet Service Providers (ISP) claiming that the victim’s computer is being used to send out spam email messages. Computer users, tricked by the message, may open an attached ZIP file that results in the the ‘.aesir File Extension’ Ransomware. The ‘.aesir File Extension’ Ransomware is a Locky variant that changes the files affected by the attack so that their extension becomes ‘.aesir.’ This is a continuation of a Locky variant family that references the Norse Mythology (a previous variant of...

Posted on November 22, 2016 in Ransomware

More Articles

DiscoverLiveRadio Toolbar

The DiscoverLiveRadio Toolbar is advertised by adware and legitimate ads as a valuable addition to browsers such as Google Chrome, Internet Explorer, Opera and Mozilla Firefox. The DiscoverLiveRadio Toolbar is a product of Mindspark Interactive Network, Inc., which released the MyRadioAccess Toolbar , the Easy Radio Access Toolbar and the Your Radio Now . The DiscoverLiveRadio Toolbar is offered at Free.discoverliveradio.com for free download and usage as long as you tolerated advertisements from affiliate marketers. The DiscoverLiveRadio Toolbar may change your new tab page settings and load a customized version of Hp.myway.com, which may include ads from sponsors. Additionally, users of Internet Explorer and Mozilla Firefox may be urged by Mindspark to set Hp.myway.com/discoverliveradio/ttab02/index.html as their home page....

Posted on December 7, 2016 in Possibly Unwanted Program

Driver Updater Plus

The Driver Updater Plus is developed by Jawego Partners LLC and offered for download at Driverupdaterplus.com. The Driver Updater Plus software is promoted to solve driver problems with printers, keyboards, Webcams and other peripheral devices. According to Driverupdaterplus.com, the Driver Updater Plus supports all versions of Windows as far back as Windows XP. Computer users that cannot find the right driver for their hardware could download a trial version of the Driver Updater Plus and diagnose problems on their PCs. Additionally, the Driver Updater Plus is said to give an overview of outdated drivers and backup existing drivers. However, you might want to know that Jawego Partners LLC is known to release riskware, which we have covered in our articles on Super PC Cleanup , PC Protector Plus and PC Clean Plus . Researchers...

Posted on December 7, 2016 in Possibly Unwanted Program

Vo_ Ransomware

The Vo_ Ransomware was discovered in December 2016, five months after the SQ_ Ransomware emerged on security reports. Both threats are encryption Trojans that are delivered to potential victims via spam emails. Additionally, the Vo_ Ransomware is a slightly improved version of the SQ_ Ransomware, and both Trojans come from the same developers according to security experts. The spam emails carrying the dropper for the Vo_ Ransomware appear to feature logos from banks and online stores and urge the user make a payment referred in the invoice attached. Needless to say, users are asked to open a macro-enabled document, which is designed to install the Vo_ Ransomware Trojan in the background. The Vo_ Ransomware and the SQ_ Ransomware are the Two Faces of One Crypto Malware When the Vo_ Ransomware is installed, it determines what type...

Posted on December 7, 2016 in Ransomware

Phoenix Ransomware

When the Phoenix Ransomware was first mentioned amongst security researchers, the Trojan was still in development. Researchers found the threat while digging in reports submitted to the Google’s VirusTotal platform and going on the Dark Web. Samples recovered from reports provided threat investigators with the executable to analyze, and they reveal interesting facts. The Phoenix Ransomware appears to be in development at the time of writing this. However, the Phoenix Ransomware is compact in size and can be deployed with spam emails as a file with a double extension, which may pass as a simple invoice easily. The Phoenix Ransomware is Raised from the Hidden Tear Source Code The researcher Utku Sen published an educational crypto-threat on the Github platform, which was used by threat actors to develop threats like the...

Posted on December 7, 2016 in Ransomware

GoldenEye Ransomware

The GoldenEye Ransomware is an encryption Trojan that is pushed as an improved version of the Petya Ransomware, which surfaced in March 2016. The GoldenEye Ransomware was brought to the attention of security researchers in December 2016. Spam emails aimed at human resource departments were found to carry a corrupted spreadsheet that featured a macro. As you well know by now, the macro is widely abused by threat actors to deliver threats like the Al-Namrood Ransomware and the Osiris Ransomware . PC users that work with CVs on a daily basis appear to be among the primary targets of the GoldenEye Ransomware since they are likely to open a document from an unknown sender. Fake CVs and Spreadsheets Deliver the GoldenEye Ransomware to Computers The macro script used to deliver the GoldenEye Ransomware is designed to write base64...

Posted on December 7, 2016 in Ransomware

‘Add Extension’ Pop-Up

The ‘Add Extension’ pop-ups we are talking about are not those loaded in the Chrome Web store. The ‘Add Extension’ pop-ups we want to talk about are the ones that are generated by a JavaScript code hosted on untrusted pages. Researchers have received reports that users are presented with an ‘Add Extension’ pop-up that cannot be removed with standard procedures and appears to bypass pop-up blocking filters in Google Chrome, Mozilla Firefox and Internet Explorer. Some users may be able to block the ‘Add Extension’ pop-up by using a third-party service like AdBlocker Plus, uBlock Origin and Ghostery. The ‘Add Extension’ notifications are generated on untrusted pages equipped with a JavaScript that keeps a dialog box on your screen as long as you do not close your browser....

Posted on December 6, 2016 in Adware

Sage Ransomware

The Sage Ransomware is an encryption Trojan that is based on TeslaCrypt and appears to be its successor. The Sage Ransomware is part of a family of crypto malware that includes the ‘.aaa File Extension’ Ransomware , the ‘.xort File Extension’ Ransomware and several others. All variants of TeslaCrypt are dispersed via spam emails and corrupted links. The Sage Ransomware is not as sophisticated as the Cerber 4.0 but it gets the job done without the need for administrative privileges. As long as your files are not password protected and are not under a read/write policy, they can be modified by the Sage Ransomware Trojan. The Motto of the Sage Ransomware is—as Longs It is not Locked It can be Encrypted Security experts report that the Sage Ransomware may use outdated certificates to bypass some...

Posted on December 6, 2016 in Ransomware

Satan666 Ransomware

The Satan666 Ransomware is a complex encryption Trojan that uses the ‘.locked’ suffix to mark affected files. The Satan666 Ransomware belongs to the category of crypto malware that employs encryption algorithms to encode data containers and suggest victims pay a fee for the decryptor. The Satan666 Ransomware is an effective threat to regular PC users and servers with bad remote access configuration. The distributors of the Satan666 Ransomware strive to deliver the threat to as many users as possible. The Satan666 Ransomware Trojan may be seen in spam emails, uploaded to compromised sites, and injected into composures using Trojan-Downloaders such as Nemucod . The Satan666 Ransomware is Based on the Infamous Hidden Tear Project Security analysts that observed the Satan666 Ransomware in a controlled environment report...

Posted on December 6, 2016 in Ransomware

Osiris Ransomware

The Osiris Ransomware is part of a wave of Trojans based on the Locky Ransomware , which was detected by security researchers around the end of November and the start of December 2016. The Osiris Ransomware is an encryption Trojan that may be spread among Windows users thanks to phishing emails and corrupted Microsoft Word documents. While spam email may be the main source for the Osiris Ransomware, the Trojan can be delivered via other means including exploit kits like Neutrino as well. The Osiris Ransomware emerged not too long after the ‘.zzzzz File Extension’ Ransomware was spotted in reports. New Obfuscation Layers, a New Extension, and the Same Old Encryption Routine The team behind Locky and the Osiris Ransomware may use new obfuscation layers and a new file extension, but their Trojan continues to be...

Posted on December 6, 2016 in Ransomware

DirectionsWhiz

The DirectionsWhiz software is advertised at Directionswhiz.com as the best solution for users who are looking for directions. Ads that promote DirectionsWhiz may be found on freeware deployment platforms since the program is released for free. DirectionsWhiz is published by Mindspark Interactive Network, Inc. under the GNU Freeware Licence and you are not required to pay for its services. However, the development of DirectionsWhiz is sponsored by advertisers, and you may be welcomed to remove extensions designed to block tracking and unwanted commercials from your browser. The DirectionsWhiz application is browser-dependent and may support Google Chrome, Mozilla Firefox and Internet Explorer. DirectionsWhiz is classified as a Potentially Unwanted Program (PUP) that can change your new tab page and homepage, as well as show...

Posted on December 5, 2016 in Possibly Unwanted Program

‘Windows Defender Prevented Malicious Software’ Scam

The ‘Windows Defender Prevented Malicious Software’ message is generated by a Trojan that is associated with technical support tactics. The ‘Windows Defender Prevented Malicious Software’ should not be trusted because it promotes fake computer support services on the 877-360-0485 toll-free phone line, which is not operated by Microsoft Corp. The Trojan at hand is crafted to generate a lock screen on the desktop, which is loaded as soon as the user logs into Windows. Cyber security experts are not sure how the Trojan is delivered to users, but there is a good chance that a free program may have been bundled with badware. The ‘Windows Defender Prevented Malicious Software’ lock screen cannot be removed with the Alt+F4 keyboard command and tools like regedit.exe, Command Prompt, and taskmngr.exe may...

Posted on December 5, 2016 in Trojans

‘Microsoft Help Desk Tech Support’ Scam

The ‘Microsoft Help Desk Tech Support’ scam is facilitated by a Trojan that behaves very similarly to the one used to generate the Microsoft Security Essentials Alert . The ‘Microsoft Help Desk Tech Support’ Trojan is programmed to display a lock screen that mimics the BSOD error report on Windows systems and suggests the user calls the 888-828-6971 helpline. The ‘Microsoft Help Desk Tech Support’ lock screen is shown as soon as the user logs into Windows thanks to an entry in the MSCONFIG panel, which is used to manage startup programs. The text on the ‘Microsoft Help Desk Tech Support’ lock screen reads: ‘A problem has been detected and windows has been shutdown to prevent damage to your computer. DRIVER_IRQL_NOT_LES_OR_EQUAL Contact your system administrator or technical...

Posted on December 5, 2016 in Trojans

NoValid Ransomware

The NoValid Ransomware is an encoding Trojan that was reported in December 2016 and named after the ‘.novalid’ it appends to modified files. The NoValid Ransomware is a threat to Web servers and regular users. Security analysts note that the NoValid Ransomware may be detected by various AV vendors as the Locked-In Ransomware due to the title of the ransom note being used as a reference. The NoValid Ransomware is a Trojan that is installed via a corrupted macro embedded into documents. These materials can range from PDF, DOCX and SCV files. The authors of the NoValid Ransomware exploit macro to deliver their threat to unsuspecting users. Spam Emails and Links Sent over Social Media Spread the NoValid Ransomware The NoValid Ransomware uses the AES-256 cipher to lock targeted data containers. The NoValid Ransomware starts...

Posted on December 5, 2016 in Ransomware

RIP Ransomware

The RIP Ransomware is an encryption Trojan that is based on the Hidden Tear project that was published by the programmer Utku Sen. The RIP Ransomware Trojan is a credible threat to regular users and server administrators alike. Reports suggest the distributors of the RIP Ransomware Trojan equip phishing messages with a dropper that may appear as a PDF, DOCX, RAR and ZIP file. The dropper is programmed to connect to a remote host, download an obfuscated executable and install the RIP Ransomware on the PC. The crypto malware begins its work by scanning the machine for connected drives and builds an index of files suitable for encryption. What Makes the RIP Ransomware Deadly The RIP Ransomware employs RSA and AES ciphers to encipher files, and their content cannot be recovered without the proper decryptor. The RIP Ransomware is very...

Posted on December 5, 2016 in Ransomware

SurveyLocker Ransomware

The SurveyLocker Ransomware is a Trojan that is designed to restrict the users’ access to the desktop as soon as they are logged in Windows. The SurveyLocker Ransomware is very similar to the FileIce Survey Lockscreen and the Survey Warning Ransomware . The Trojans mentioned before are designed to disable keyboard shortcuts, Command Prompt, the Registry editor and the Task Manager with the aim to keep the user occupied with a task, or it demands payment. Users may be infected with the SurveyLocker Ransomware from clicking a corrupted ad on an online store and opening a file attached to a spam email. Complete a Survey and Have Your Desktop Unlocked by the SurveyLocker The author of the SurveyLocker Ransomware suggests the user complete a survey and have the desktop unlocked or pay a technician to solve the problem for a...

Posted on December 5, 2016 in Ransomware
1 2 3 4 5 6 7 8 9 10 11 1,108