http://www.enigmasoftware.com PC security software available and information on removal instructions, tips, and alerts on new threats plaguing the Web. Fri, 24 May 2013 17:24:30 +0000 http://wordpress.org/?v=2.8.4 en hourly 1 http://www.enigmasoftware.com/trojansyndicasec-removal/ http://www.enigmasoftware.com/trojansyndicasec-removal/#comments Fri, 24 May 2013 17:24:30 +0000 GoldSparrow http://www.enigmasoftware.com/feed/ Trojan.Syndicasec is a Trojan that steals information and drops files on to the compromised PC. Once run, Trojan.Syndicasec creates the malevolent files. Trojan.Syndicasec then grabs the information involving host name, operating system version and MAC address from the targeted PC. Trojan.Syndicasec transmits the above information to the particular locations. Trojan.Syndicasec drops a JavaScript from one of the locations and runs it.... ]]> ]]> http://www.enigmasoftware.com/trojansyndicasec-removal/feed/ 0 http://www.enigmasoftware.com/driverperformer-removal/ http://www.enigmasoftware.com/driverperformer-removal/#comments Fri, 24 May 2013 15:21:01 +0000 ESGI Advisor http://www.enigmasoftware.com/feed/ Driver Performer is a fake computer optimization tool, which poses as a trustworthy security program. Driver Performer declares to be able to enhance the PC's performance; however, in reality, it does not find and uninstall any type of system errors and hard drive issues. Driver Performer also states to be capable of removing unnecessary entries on the hardware. Driver Performer is distributed and installed on the vulnerable computer system without the affected PC user's consent and knowledge through the use of Trojans. Driver Performer may also be delivered via suspicious websites and spam email attachments. Once installed on the infected computer, Driver Performer launches bogus system scans and reports false hard drive errors and system issues. Driver Performer also shows tricky error messages stating that the PC's hard drive is corrupted. Driver Performer's main goal is to scare... ]]> ]]> http://www.enigmasoftware.com/driverperformer-removal/feed/ 0 http://www.enigmasoftware.com/webcake-removal/ http://www.enigmasoftware.com/webcake-removal/#comments Thu, 23 May 2013 21:20:03 +0000 Domesticus http://www.enigmasoftware.com/?p=93741 WebCake is an adware application that is supposed to enhance your browsing experience but, in actuality, it results in numerous issues on an attacked PC. Although WebCake declares to be a great tool that can give computer users the best offers and discount coupons, as well as an option to compare prices of particular products and services, it causes more inconveniences than benefits. WebCake enters the corrupted PC without the target computer user's permission and, therefore, it is also categorized as a potentially unwanted program. WebCake is usually installed onto the targeted PC together with free software downloads from the web. WebCake can be embedded into Internet Explorer, Mozilla Firefox or Google Chrome. WebCake is not a malware threat, and it doesn't harm the affected PC directly. However, WebCake creates various situations that raise the chances of getting contaminated with... ]]> ]]> http://www.enigmasoftware.com/webcake-removal/feed/ 0 http://www.enigmasoftware.com/searchrockethijacker-removal/ http://www.enigmasoftware.com/searchrockethijacker-removal/#comments Thu, 23 May 2013 21:13:30 +0000 Domesticus http://www.enigmasoftware.com/feed/ Searchrocket Hijacker is a browser hijacker and annoying program that attacks Internet Explorer, Google Chrome or Mozilla Firefox web browsers and results in numerous inconveniences for affected Internet users. Searchrocket Hijacker propagates to random PCs packed with numerous free programs from the web, such as video players and similar applications. Although computer users have an option to refuse installing Searchrocket, they usually skip it because of a rush. While being installed on the compromised PC, Searchrocket Hijacker makes changes to browser settings. Searchrocket Hijacker replaces the default homepage and search engine with Websearch.searchrocket.info. Searchrocket Hijacker is also closely associated with Smart Address Bar browser add-on and even uses Smart Address Bar search. Searchrocket Hijacker hijacks the target Internet browser and reroutes victimized web users to... ]]> ]]> http://www.enigmasoftware.com/searchrockethijacker-removal/feed/ 0 http://www.enigmasoftware.com/trojanwinntsirefefn-removal/ http://www.enigmasoftware.com/trojanwinntsirefefn-removal/#comments Thu, 23 May 2013 21:07:40 +0000 GoldSparrow http://www.enigmasoftware.com/feed/ Trojan:WinNT/Sirefef.N is a Trojan with rootkit functionalities that prevents target computer users from normal web browsing by replacing search results with suspicious links and using click fraud to benefit from web users. Trojan:WinNT/Sirefef.N downloads updates and additional components and covers existing components on the targeted PC. Trojan:WinNT/Sirefef.N uses advanced surreptitious techniques in an effort to avoid detection and elimination from the attacked PC. Trojan:WinNT/Sirefef.N uses specific ports for its peer-to-peer communications.... ]]> ]]> http://www.enigmasoftware.com/trojanwinntsirefefn-removal/feed/ 0 http://www.enigmasoftware.com/trojanwinntsirefefj-removal/ http://www.enigmasoftware.com/trojanwinntsirefefj-removal/#comments Thu, 23 May 2013 21:02:56 +0000 JubileeX http://www.enigmasoftware.com/feed/ Trojan:WinNT/Sirefef.J is a Trojan with rootkit capabilities that blocks attacked PC users from normal web browsing by modifying search results in any genuine search engine and using the pay-per-click technique to make money. Trojan:WinNT/Sirefef.J downloads updates and additional components and conceals existing components on the corrupted PC. Trojan:WinNT/Sirefef.J uses advanced stealthy techniques in an effort to bypass the detection and extermination from the affected computer. Trojan:WinNT/Sirefef.J uses particular ports for its peer-to-peer communications.... ]]> ]]> http://www.enigmasoftware.com/trojanwinntsirefefj-removal/feed/ 0 http://www.enigmasoftware.com/exploitjscoolexd-removal/ http://www.enigmasoftware.com/exploitjscoolexd-removal/#comments Thu, 23 May 2013 20:49:06 +0000 Domesticus http://www.enigmasoftware.com/?p=93761 Exploit:JS/Coolex.D is a script, which is involved in an exploit pack known as the 'Cool Exploit Kit'. Exploit:JS/Coolex.D can install other malware infections on the corrupted PC through exploiting software vulnerabilities in Java version 7, update 17 and earlier. As the Cool Exploit Kit and the Blacole Exploit Kit share malevolent website patterns and exploits, in some cases a computer user might see Exploit:JS/Blacole found on the PC alongside Exploit:JS/Coolex.D. Exploit:JS/Coolex.D is loaded if the PC user visits an infected or hacked website. The hacked Internet browser may be rerouted to another website, which carries the exploit code identified as Exploit:JS/Coolex.D, which strives to install malware infections on the targeted PC depending on what applications the PC user has installed. If the attacked computer user has Java, Adobe Flash, or Adobe Reader in the PC,... ]]> ]]> http://www.enigmasoftware.com/exploitjscoolexd-removal/feed/ 0 http://www.enigmasoftware.com/wormmsilmurkadosa-removal/ http://www.enigmasoftware.com/wormmsilmurkadosa-removal/#comments Thu, 23 May 2013 17:55:04 +0000 JubileeX http://www.enigmasoftware.com/feed/ Worm:MSIL/Murkados.A is a worm, which proliferates via removable drives. Worm:MSIL/Murkados.A drops Google Chrome Internet browser extension files that change the way the Internet browser functions. Worm:MSIL/Murkados.A propagates by corrupting removable devices, such as a USB stick or flash drive. While being installed on the compromised PC, Worm:MSIL/Murkados.A makes system modifications by dropping the malevolent files and modifying the Windows Registry to ensure it launches automatically whenever you start Windows. Worm:MSIL/Murkados.A may also close Google Chrome web browser unexpectedly. When executed, Worm:MSIL/Murkados.A creates a copy of itself to the particular location. Worm:MSIL/Murkados.A searches the targeted PC to find 'chrome.exe'. This file specifies that the computer user has the Google Chrome web browser installed on the computer system. If it finds 'chrome.exe' it... ]]> ]]> http://www.enigmasoftware.com/wormmsilmurkadosa-removal/feed/ 0 http://www.enigmasoftware.com/trojanspywin32usteal-removal/ http://www.enigmasoftware.com/trojanspywin32usteal-removal/#comments Thu, 23 May 2013 17:36:04 +0000 Domesticus http://www.enigmasoftware.com/feed/ TrojanSpy:Win32/Usteal is a Trojan that steals a an attacked PC user's usernames and passwords for online games and programs. TrojanSpy:Win32/Usteal can also drop other malware infections on the targeted computer. TrojanSpy:Win32/Usteal is usually installed on the corrupted PC when the computer user downloads other applications, images or programs. TrojanSpy:Win32/Usteal can also be installed by other malware threats such as Trojan:Win32/LockScreen. While being installed on the infected computer system, TrojanSpy:Win32/Usteal makes system modifications by adding malevolent files. TrojanSpy:Win32/Usteal may stop the applications such as ICQ Messenger (icq.exe) and Mail.ru mail agent (magent.exe) unexpectedly. TrojanSpy:Win32/Usteal is packaged with other tools, which involve online gaming-related apps, for example, World of Tanks, Dota2, and Steam applications, images, and other malware... ]]> ]]> http://www.enigmasoftware.com/trojanspywin32usteal-removal/feed/ 0 http://www.enigmasoftware.com/trojanblackrev-removal/ http://www.enigmasoftware.com/trojanblackrev-removal/#comments Thu, 23 May 2013 17:28:03 +0000 Domesticus http://www.enigmasoftware.com/?p=93771 Trojan.BlackRev, otherwise known as the 'Black Revolution' Trojan, is called for the Mutex set in early versions of the malware infections. Trojan.BlackRev is a DDoS-specific bot with numerous attacks. Trojan.Blackrev accepts instructions from a command-and-control (C&C) server which may use the targeted PC in distributed denial-of-service (DDoS) attacks. Once run, Trojan.BlackRev communicates with a remote host which is used to register the corrupted PC on the botmaster's network. Trojan.BlackRev may also kill the processes such as 'winlogon.exe', 'explorer.exe' and 'smss.exe'. Trojan.BlackRev requests a list of targets to launch DDoS attacks against. Trojan.BlackRev may initiate a DDoS attack by fulfilling the particular actions on the infected computer system such as execute UDP and TCP floods with appended data, execute ICMP, SYN, and UDP floods and send multiple GET and POST... ]]> ]]> http://www.enigmasoftware.com/trojanblackrev-removal/feed/ 0