More Articles


Trojan.Gen.3 is a generic detection for various types of Trojan infections. These typically affect computer systems running the Windows operating system and have been around for more than a decade. Typically, a security program will detect a Trojan.Gen.3 infection when it detects the presence of a Trojan that does not have a specific malware definition. This means that the Trojan present in the victim's computer contains various characteristics that have triggered the security program's security measures due to the fact that they are commonly present in known Trojan infections. The presence of a Trojan.Gen.3 infection usually indicates that it is necessary to run a strong anti-malware program to disinfect your computer. The Bad Payload of Trojan.Gen.3 and Other Trojan Infections Trojan.Gen.3 and other Trojans are named after the Trojan horse from the Greek literature. This is...

Posted on August 23, 2013 in Trojans


Trojan.Silentbrute is a Trojan that opens a back door and adds malevolent files onto the compromised PC. Once run, Trojan.Silentbrute creates a copy of itself to the particular locations. Trojan.Silentbrute then creates the registry entry so that it can load automatically whenever the PC user boost up Windows. Trojan.Silentbrute then connects to a command-and-control (C&C) server using the partcular web address and then waits for instructions. Trojan.Silentbrute will also add lists of common user names and passwords and use them in brute force attacks against a list of attacked hosts. Trojan.Silentbrute will send back successful credentials to the C&C server using one of the particular URLs.

Posted on August 23, 2013 in Trojans


Trojan.Ransomlock.AG is a Trojan that blocks the victimized computer user's Internet browser. Trojan.Ransomlock.AG then demands a supposed ransom from the attacked PC user to restore access to the targeted computer system. When Trojan.Ransomlock.AG is opened in the hijacked Internet browser, it shows the bogus notification. Trojan.Ransomlock.AG may show various images with numerous law enforcement insignias, which are based on the victim's location. Trojan.Ransomlock.AG will display the false warning message if the computer user strives to close the hijacked web browser or the web browser tab that Trojan.Ransomlock.AG is opened in. Trojan.Ransomlock.AG will block the hijacked Internet browser or web browser tab from closing.

Posted on August 23, 2013 in Trojans


Backdoor.Flyoutburn is a backdoor Trojan that executes harmful activities on the corrupted PC. Once run, Backdoor.Flyoutburn creates a few folders and the malevolent files on the affected computer system. Backdoor.Flyoutburn creates the registry entry and registry subkeys. Backdoor.Flyoutburn may connect to port 9696 on the particular web addreass. Backdoor.Flyoutburn may also connect to port 61786 on the particular web addresses. Backdoor.Flyoutburn may strive to use local RAS services to open a VPN connection.

Posted on August 23, 2013 in Backdoors

The domain is closely associated with an adware infection. Various computer users have reported that their computer displays pop-up windows associated with These adware infections are often bundled along with freeware media players and other common free programs. The pop-up window claims that the computer user needs to download and install a media player that is closely related to malware. If you are being pestered by the pop-up window and other symptoms associated with this domain, ESG security researchers strongly advise computer users to scan their computer with the help of a strong, reliable anti-malware application that is fully up to date. Dealing with Pop-Ups and Redirects If you wish to remove browser hijackers or adware infections associated with, it is important to take action...

Posted on August 23, 2013 in Browser Hijackers


W32.Changeup!gen44 belongs to a large family of worms that have been active since 2009. Malware in the W32.Changeup!gen44 family has numerous aliases, the most common of which are Vobfus and Changeup . These infections are designed to attack computer systems running the Windows operating system. Although new variants of W32.Changeup!gen44 have been uncovered as late as 2013 (including the W32.Changeup!gen44 variant itself), most versions of W32.Changeup!gen44 infect computer systems running versions of Windows up to Windows Vista and going as far back as Windows 95. W32.Changeup!gen44 will take advantage of a known vulnerability categorized as CVE-2010-2568. The W32.Changeup!gen44 infection can be avoided by taking certain precautions. First, it is important to avoid files and downloads from unknown sources, such as unsolicited email messages or unknown removable drive. You should...

Posted on August 23, 2013 in Worms

Antivirus Security Pro


Antivirus Security Pro is a rogue security application that belongs to a large family of rogue security software known as . Antivirus Security Pro is a fake security program that is disguised as a legitimate anti-virus application. Antivirus Security Pro does this by displaying false positives and bogus security warnings on the victim's computer. There are several ways in which criminals distribute Antivirus Security Pro, including malicious attack websites and spam email messages containing malicious attachments. Security analysts consider that Antivirus Security Pro presents a threat to your computer. Because of this, ESG security researchers strongly recommend that computer users...

Posted on August 22, 2013 in Rogue Anti-Spyware Program


WSearch is a browser hijacker that hijacks Internet Explorer, Mozilla Firefox or Google Chrome. WSearch can access the victimized PC packaged with other software products that computer users are downloading by themselves from the Internet. While being installed on the attacked PC, WSearch alters the affected computer system's settings and executes a variety of annoying potentially damaging activities. WSearch substitutes the default search engine and homepage. Although WSearch appears as a common search system, in truth, it reroutesvictims to numerous advertising websites and also inserts these websites to the target PC user's search results in any authentic search engine. WSearch can also divert the victimized PC user to damaging websites where their computers can easily get corrupted by numerous malware threats. Web users should be very attentive with their downloads if they want to...

Posted on August 22, 2013 in Browser Hijackers


Webwise is an adware application that gets installed onto compromised PCs together with spam emails including malicious attachments or comes packaged with freeware and shareware programs. Webwise is added into Internet Explorer, Mozilla Firefox or Google Chrome web browsers and reduces overall attacked PC's performance. Webwise shows a variety of annoying pop-up advertisements, which reroute victimized Internet users to suspicious advertising websites if they click on them. This way, victimized PC users undergo repeated diversions whenever they use the hijacked Internet browser. The main aim of Webwise may be to raise traffic for specific advertisement websites and benefit from relevant links and the pay-per-click technique. Computer users find Webwise to be irritating. Webwise can reroute affected computer users to harmful websites full of numerous malware infections. So although...

Posted on August 22, 2013 in Adware

Kwible Search

Kwible Search is a browser hijacker, which spreads via other freeware software (download-managers, video recording/streaming or PDF creators) downloads. While being installed on a targeted computer system, Kwible Search will add the Kwible Search, substitute the default homepage and default search provider with Kwible Search will show annoying pop-up advertisements and sponsored links in compromised search results of any genuine search provider, and may grab search terms from the attacked computer user's search queries. Kwible Search may be used by cybercrooks to make a profit by using blackhat SEO and raising website traffic. Kwible Search is also packed within the custom installer on many download websites such as CNET, Brothersoft or Softonic. So if the web user has downloaded a particular software product from these websites, he/she might also downloaded and...

Posted on August 22, 2013 in Browser Hijackers

Lucky Leap

Lucky Leap is an adware application that shows advertisements, coupons, and sponsored links through a pop-up box in Google, Youtube, Amazon, Facebook and other websites that are visited by computer users. Lucky Leap pop-up advertisements will be delivered as boxes, which include a variety of coupons that are available or as underlined keywords, which when clicked will illustrate a pop-up advertisement that declares it comes to the web user by Lucky Leap. Lucky Leap is produced by cybercriminals most likely with the goal to make a profit from click fraud and raised traffic. Lucky Leap may boost web traffic, gather sales leads for other doubtful websites, and show diturbing pop-up advertisements and sponsored links within the hacked Internet browser. Lucky Leap is technically not a security infection, but it encompasses numerous harmful features, such as rootkit functionalities that...

Posted on August 22, 2013 in Adware

Savepath Deals

Savepath Deals is an adware infection that is frequently tied with freeware downloads. Although many freeware programs do give computer users ample warning that Savepath Deals will be installed, in some cases it is not entirely clear, or the computer user may overlook the option to opt out of installing this adware component. These types of components are commonly known as PUPs (Potentially Unwanted Programs) and are not considered as severe malware threats. Although they allow freeware creators to monetize their software and create new programs, these PUPs often cause various unwanted symptoms or even use tactics more commonly associated with malware infections. In many cases, installing Savepath Deals and other adware is not worth the supposed functionality gained from the freeware application, especially because there are often many advertisement-free low-cost or even free...

Posted on August 22, 2013 in Adware


Win32/TrojanDownloader.Zurgop.AZ is one of the names by which the Smoke malware loader or Trojan loader is known. This malware infection has been around for quite a long time, with a major period of activity in Spring of 2012. However, the use of Win32/TrojanDownloader.Zurgop.AZ in association with several other malware scams, including the dangerous Avatar rootkit which first made its appearance in Summer of 2013. There is a constant race between criminals and malware researchers, with the former creating more resilient, self-protecting malware to combat new developments in security software created by the latter. The goal of criminals is to create malware that can thwart removal and analysis while attacking new platforms and exploiting new vulnerabilities in software used by a wide variety of people. Win32/TrojanDownloader.Zurgop.AZ is created with various modules, which can be...

Posted on August 22, 2013 in Trojan Downloader


Win32/Agent.UZD is a Trojan that functions as a proxy server. While being installed on a corrupted PC, Win32/Agent.UZD downloads a malevolent file, which is run-time compressed using PECompact. When run, Win32/Agent.UZD replicates itself in the specific location. Win32/Agent.UZD gets data and commands from a distant server or the web. Win32/Agent.UZD carries a list of domain names. The HTTP protocol is used in the communication. Win32/Agent.UZD can run the malevolent operations such as eliminate itself from the compromised, establish a proxy server and update itself to a newer version.

Posted on August 22, 2013 in Trojans


Trojan.Ransomlock.AF is a Winlocker infection that carries out a rarely seen variant in the ransomware scam. Trojan.Ransomlock.AF is a Chinese variant of a ransomware scam. Trojan.Ransomlock.AF is designed to steal money from computer users by blocking access to the Windows operating system. Ransomware threats have affected computer systems all around the world, however, Chinese versions of this scam are more rarely seen. Trojan.Ransomlock.AF is a ransomware infection that was created in China and that uses a technique not seen before to lock computer users out of their computer. Security researchers consider Trojan.Ransomlock.AF a dangerous ransomware infection that should be removed immediately. Refrain from paying any money to remove Trojan.Ransomlock.AF and instead use a reliable security program to disinfect your computer. The Unique Behavior of Trojan.Ransomlock.AF Most...

Posted on August 22, 2013 in Trojans
previous  152  153  154  155  156  157  158  159  160  161  162  163  164  165  166  167  168  169  170  171  172  next     total items: 12178