Cancer Trollware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 80 % (High) |
| Infected Computers: | 39 |
| First Seen: | February 7, 2017 |
| Last Seen: | June 16, 2022 |
| OS(es) Affected: | Windows |
Computer security researchers announced the discovery of the Cancer Trollware, which is a program packed as 'cancer.exe' and released to users as a fake update for browsers like Google Chrome, Internet Explorer and Mozilla Firefox. Cancer is classified as Trollware a.k.a. Crapware, which is a program that performs mischievous activities and can be very annoying. The Cancer Trollware is small in size, the executable is around 3 MB, and the user is presented with a UAC (Universal Account Control) prompt when it is loaded into the memory. Additionally, Cancer.exe is known to use icons associated with security tools and try to trick users into thinking that it may be a safe program. When you run the Cancer Trollware, it will change the default icon set for your files and restrict your access to the data. Users affected by the Cancer Trollware reported that they could not open files on the drive and their windows flashed and moved, which prevented them from accessing programs on their PCs properly. Windows may show the following dialog box when you attempt to open a file while the Cancer Trollware is running:
'The operation has been canceled due to the restrictions in effect on this computer. Please, contact your system administrator.'
One of the main features of the Cancer Trollware is that it can resize, move, minimize, and flash program windows you have opened or try to open. If that was not enough, an annoying melody is played in the background and images of a boy that has a mischievous grin on his face pop-ups on your screen. The author of the Cancer Trollware enabled his product to gain boot persistence by making modifications to the Registry. Booting into Safe Mode is possible, but reports suggest the Cancer Trollware can run in Safe Mode as well. Experts agree that the Cancer Trollware may not be harmful, but it is very hard to remove and hinder your work, ruin your plans for gaming with your friends and prolong the removal process. PC users may want to seek the help of a credible anti-malware utility and may need computer support from experienced technicians.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.