More Articles

TrojanDownloader:AutoIt/Fadef

The TrojanDownloader:AutoIt/Fadef malware is part of the AutoIt family of trojans that includes threats like Trojan.Win32.Autoit.aie , W32/AutoIt-JY , and Trojan:AutoIt/Kilim.A . TrojanDownloader:AutoIt/Fadef is written with the aim of aiding cyber criminals in delivering other malware to infected users. Computer infected with the TrojanDownloader:AutoIt/Fadef malware may be sluggish and exhibit system errors. Third parties that operate builds of the TrojanDownloader:AutoIt/Fadef malware could use it to install on your computer CryptoDefense and CrypVault ransomware and claim affiliate revenue. Another way to utilize the successful intrusion of the CrypVault malware is to use a keylogger like the GoldenKeylogger and the KeyBase Keylogger to steal your credentials for online banking portals and social networks. TrojanDownloader:AutoIt/Fadef is reported to place two files...

Posted on September 1, 2015 in Trojans

SoftwareBundler:Win32/FakeDiX

The SoftwareBundler:Win32/FakeDiX detection is used by security applications to notify users of a program installer that contains more than one program and may download other software without your consent. The SoftwareBundler:Win32/FakeDiX detection usually refers to an online installer that is not more than 5MB and may claim to install the latest version of the DirectX software. However, SoftwareBundler:Win32/FakeDiX will not download safe software and may install on your PC programs like SupTab and Orbitum . Additionally, the SoftwareBundler:Win32/FakeDiX program will place two DLL files named '_shfoldr' and 'idp' in your Temp folder to inject code into your browser. Keep in mind that SoftwareBundler:Win32/FakeDiX may connect to the Internet via insecure channels and change your default search engine to Delta-search.com and Css.infospace.com that are associated with browser...

Posted on September 1, 2015 in Potentially Unwanted Programs

ORX-Locker

The ORX Locker software is a cloud-based software that is a ransomware building kit and is an example of the of the Ransomware-As-A-Service idea. Malware researchers point out that the simplicity and efficiency of the first RAAS building kit Tox revealed new possibilities for cryptomalware development and a new market may be forming before us. We should mention the Encryptor RAAS family of ransomware as it is the second generation software in this line of developing kits. The cryptomalware mentioned above has a common model of behavior namely allowing cyber criminals to mass produce and spread ransomware in exchange for a percentage of their earnings. The ORX locker makes another step further and employs advanced obfuscation techniques to evade security scans. A sample of ransomware made with ORX Locker reveals that it communicates with IP addresses belonging to trusted...

Posted on September 1, 2015 in Ransomware

LaSuperba

LaSuperba is a web browser extension that may completely change the way your web browser behaves. Once LaSuperba is installed on a computer, it may inject numerous advertisements in the web browsers affected by its presence. The LaSuperba ads may show up on any web page you visit and having to close them constantly may significantly worsen your online experience. The LaSuperba advertising techniques are fairly aggressive, so this adware may cause you a lot of troubles and annoyances unless you remove it swiftly and efficiently. The LaSuperba adware may also use a tracking cookie to collect some information about your online habits like search queries, frequently visited websites, most used search engine and other information. The collected data may be used to improve LaSuperba's targeted advertising campaigns, which means that you may see LaSuperba ads that have been tailored...

Posted on August 31, 2015 in Adware

MovixHub

MovixHub is a dubious application that offers users the opportunity to stay up to date with the latest movies, trailers and news from the movie world. Avid movie lovers may be pleasantly surprised by the functionality of the MovixHub browser extension, but they may be disappointed to hear that by installing MovixHub they may experience some changes in the way their web browser behaves. For starters, the MovixHub browser extension may hijack the web client's configuration and manipulate its homepage and default search engine. Furthermore, the extension may inject MovixHub ads in the web browser, so that's another good reason you may want to think twice before accepting to install MovixHub. The MovixHub website offers users to install two of its official Chrome extensions – Search by MovixHub and MovixHub Start. Both of these serve similar purposes, and both of them may introduce...

Posted on August 31, 2015 in Adware

Advanced PC Care

Advanced PC Care is a potentially unwanted program that may be found useful by some users. The application is best described as a PC optimization tool that has the ability to scan, clean and optimize the Windows registry, modify Windows start-up items, control web browser extensions, and provide the user with access to several other neat features that may help them take better control over their system. Everything about Advanced PC Care would be great if it weren't for the questionable distribution and promotion techniques that its authors have adopted. The Advanced PC Care software may often be distributed via software bundles, so the significant fractions of this software's total installations may have occurred without the user's knowledge. Furthermore, once installed the Advanced PC Care software uses a trial version that includes a working scanner. However, the trial version is...

Posted on August 31, 2015 in Potentially Unwanted Programs

Skipperse.in Pop-Ups

Skipperse.in is one of the domains used by PC Experts, a company known for offering questionable online technical support services that are being promoted via shady techniques. The Skipperse.in domain may also be used to host misleading pop-ups that contain fake and alarming information. One of the Skipperse.in pop-ups that our experts have come across alarms users that numerous virus infections have been detected on their computer, and they need to contact a certified computer technician to resolve the issue. Naturally, The Skipperse.in also provides the user with a phone number they can use to get in touch with the technician they need – 1-866-777-6120. Remember that the information presented by the Skipperse.in pop-ups is fake, and calling the promoted number won't get you in touch with a certified computer technician! Instead, you may become involved in an online scam whose goal...

Posted on August 31, 2015 in Adware

Widthie

Widthie is a dubious web browser extension that may often be installed without the user's permission. The browser extension doesn't seem to exhibit any malicious behavior, and its only purpose is to display the width of the page that the user is browsing at the moment. The width is measured using pixels, and Widthie users can see the width of the page they are viewing at the moment by taking a look at the Widthie bar found right beneath the bookmarks toolbar on Google Chrome. Although the Widthie browser extension isn't known to exhibit malicious behavior, the fact that it may be installed without your knowledge or permission is a good enough reason to remove it. User reviews published on Widthie's Google Chrome extension page state that many people were surprised to find this Chrome extension installed. It serves no useful purpose, and its presence is completely unnecessary, so...

Posted on August 31, 2015 in Adware

Shield Plus Cleaner Utility

The Shield PC Cleaning Utility, also seen as Shield Plus Cleaner, from Shield Apps, is another addition to their clean up gamma of applications that are arguably useful. The Shield PC Cleaning Utility claims to offer comprehensive tools for disk clean up, Internet privacy and defrag module as well as startup program management. Computer experts note that the Shield Plus Cleaner program offers the essential tools for OS maintenance that are present in all modern versions of Windows. Moreover, all versions of the Shield PC Cleaning Utility rely on the support of advertisers and users will be provided with sponsored commercials in their Internet browser. The Shield PC Cleaning Utility has four separate categories to inform users of problems with their PC - System related issues; Com and ActiveX; User-related issues and Junk files. Shield PC Cleaning Utility may feature urgent...

Posted on August 31, 2015 in Potentially Unwanted Programs

Updater.Safeplugin-update.org Pop-Ups

The name of the Updater.Safeplugin-update.org domain may encourage PC users to trust its content and convince them to install a supposedly safe update to their Adobe Flash Player software. However, you should know that the Updater.Safeplugin-update.org domain that is registered at the 184.154.16.170 IP address is linked to cyber threats like Bofra and Slugin . The threats mentioned before can steal your emails and apply unwanted system changes that allow hackers to connect to your PC remotely. Security experts add that Adobe Systems Inc. do not use third-party services to supply their users with updates, and you should not install the program promoted on Updater.Safeplugin-update.org. The adware linked to Updater.Safeplugin-update.org may have arrived on your PC as a browser add-on embedded with a free program setup. The Updater.Safeplugin-update.org adware may change your homepage...

Posted on August 31, 2015 in Adware

Up2date.Inlineupdatelive.net Pop-Ups

The Up2date.Inlineupdatelive.net domain is used by adware developers to spread software like A1 PC Cleaner and Quiz Games under the pretense of being a new 'Flash Player update'. The Up2date.Inlineupdatelive.net pop-up windows may appear every you turn on your PC and open your Internet browser and feature the Adobe Flash Player logo but should not be trusted. The legitimate software from Adobe Systems Inc. has built-in update managers that ensure safe patches, and you will not see pop-ups in your browser. Moreover, the Up2date.Inlineupdatelive.net domain that is registered at the 184.154.16.170 IP address is connected to threats like Chir and Virut , and you are not advised to download the advertised software. The adware application that generates pop-ups by Up2date.Inlineupdatelive.net in your browser may have been installed on your computer as a browser plug-in that was...

Posted on August 31, 2015 in Adware

Bingo Master Ads

The Bingo Master browser extension that Web surfers may see in their browsers, after installing a freeware bundle, is adware. The Bingo Master adware-powered extension may share its name with a PC game from 2000 published by eGames, but it is not safe and may present you with links to harmful websites. The Bingo Master adware can affect all major Web browser and uses tracking cookies, DOM storage data and information like your Internet history to determine what type of ads would be attractive to you. The only goal of the Bingo Master adware is to show numerous ads and earn pay-per-click revenue from your efforts to close its ads. The Bingo Master adware may use JavaScript and ActionScript3 to place transparent layers over the pages you preview to redirect you to sponsored content and open new tabs with marketing offers in your browser. The Bingo Master adware may use banners and...

Posted on August 31, 2015 in Adware

Backdoor:MSIL/Sisbot.C

The Backdoor:MSIL/Sisbot.C malware is classified by security investigators as a backdoor trojan that may be offered to you as an update to your Internet browser on low-quality software distribution platforms and spam mail. Security investigators reveal that the Backdoor:MSIL/Sisbot.C trojan may corrupt your browser and take advantage of the ports it uses to communicate with its 'Command and Control' servers and execute tasks. Moreover, the Backdoor:MSIL/Sisbot.C trojan may download and install malware like VirLock and Padvia that can damage your system severely. The Backdoor:MSIL/Sisbot.C trojan could be used by its operators for DDoS attacks at networks and servers. The Backdoor:MSIL/Sisbot.C trojan can affect all Windows versions as early as Windows NT4.0 and secure its communications with the built-in Microsoft-CryptoAPI. The modus operandi of the Backdoor:MSIL/Sisbot.C is very...

Posted on August 31, 2015 in Backdoors

TrojanDownloader:MSIL/Winpud.A

TrojanDownloader:MSIL/Winpud.A falls in the category of trojans that are coded to download other malware when they infiltrate computers successfully. The Winpud trojan downloader is reported to make TCP connections to the IP address 78.47.33.6 via port 80 and attempt to download malware like VaultCrypt and Klone . The malware mentioned before may encrypt your files and compromise the safety of your network and should not be taken lightly. Malware researchers note report that the Winpud trojan downloader is distributed via spam mail mainly. However, there are many cases where TrojanDownloader:MSIL/Winpud.A arrives on systems as a free program downloaded from suspicious software centers. The Winpud trojan downloader is written for 32 bit Windows systems to infect as many computers as possible because 64-bit systems can run 32-bit programs too. The Winpud trojan downloader is a threat...

Posted on August 31, 2015 in Trojans

SpringFiles

The SpringFiles download manager is signed by Via Advertising Group Ltd. The SpringFiles software is promoted on Spring-Files.com as the tool that can 'Get any file you want amazingly fast.' The SpringFiles download manager is a modified version of the GoforFiles application and might slow down your computer. As stated above the SpringFiles application does not have a valid digital signature but it will modify your Windows Firewall settings to enable its communications with the Internet that will be using the insecure HTTP protocol. Additionally, the free nature of the SpringFiles application does not include freedom from ads, and you will be subjected to a constant stream of advertising content being loaded in your Web browser. The SpringFiles software is deemed as a Potentially Unwanted Program (PUP) with adware capabilities that may not live up to your expectations and may...

Posted on August 31, 2015 in Adware