Fake anti-virus programs are still among the most common types of online scams. Criminals continue to create fake anti-virus programs like System Care Antivirus in order to fool unsuspecting computer users into buying useless security software. These fake anti-virus programs are renamed and repackaged every few weeks, a pattern that has repeated itself consistently since their first appearance nearly a decade ago. Despite its name, System Care Antivirus is not actually an anti-virus program. In fact, it is the complete opposite; System Care Antivirus is a kind of malware infection commonly known as a rogue security program. System Care Antivirus is designed to cause problems on a...

The CIBS Pol Virus is a police ransomware Trojan that belongs to the Urusay family of malware. This police ransomware Trojan is classified as a Winlocker because it blocks access to the victim's computer by displaying a full-screen message that claims to be an alert from the police. CIBS Pol Virus is a well known scam that is in no way connected to the police force. Instead, the CIBS Pol Virus is used by criminals to scam inexperienced computer users so that they will hand over their money out of fear of prosecution, jail time and severe fines. If your access to your computer is blocked by the CIBS Pol Virus, ESG security researchers strongly advise against following the steps...

MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the MyStart.Incredibar.com website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Windows Active Guard is a malware program that belongs to the FakeVimes family of fake security software. Windows Active Guard carries out a common online scam that involves pretending to be a real security program in order to convince inexperienced computer users that they must pay for an expensive 'upgrade'. Since there are no real anti-malware capabilities on Windows Active Guard and it is, in reality, a malware infection itself, ESG malware researchers strongly recommend ignoring all of Windows Active Guard's warnings and removing this bogus security program with a reliable anti-malware application. Windows Active Guard's Family of Rogue Security Programs FakeVimes malware...

ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is, a...

The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the WinWebSec family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of...

DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Zorable, otherwise known as Ads and Deals, is known to be adware/a PUP (potentially unwanted program) that may generate and show intrusive pop-up ads through the use of an associated browser extension, plug-in or add-on installed on a Web browser. The main goal of Zorable may be to market related websites and generate advertising income from increased traffic of the website and clicks on advertisements. Zorable may continuously divert PC users to sponsored websites that may be produced for advertising purposes. Zorable may show a variety of random pop-up ads involving offers, discount coupons and deals or the ones pertaining to the computer user's surfing habits to purchase a variety of products at lower price; however, if the computer user clicks on them and visits the associated Zorable websites, he may unknowingly agree to download other security infections on the PC. The Zorable...

WordsDisplay is adware/a PUP (potentially unwanted program) which may declare to offer computer users valuable song lyrics aside to YouTube videos; however, in fact, WordsDisplay may not be able to give PC users these capabilities. In truth, WordsDisplay may only give PC users a variety of non-stop advertisements with the text 'Ads by WordsDisplay' instead of desired songs lyrics. Ads by WordsDisplay may show up in multiple types involving pop-up advertisements, banner ads, in text pop-up ads, 'special' commercial offers and other discount coupon and sale deal advertisements and alerts. The WordsDisplay add-on may be integrated into every well-known Web browser incorporating Google Chrome, Internet Explorer and Mozilla Firefox. WordsDisplay may embed itself into the PC as an extra program packaged with selected free applications that PC users can download and instal from untrustworthy...

UpdaterEx is a potentially unwanted background updater that may install itself on a computer system with a download manager and connect to Info.updaterex.com for other downloads and updates. UpdaterEx may be a component of an application download and come packaged as an extra program from the ironSource Install Core mechanism. UpdaterEX is generated by ironSource. A scheduled task may be inserted into Windows Task Scheduler in order to launch the application at different scheduled times; the schedule may differ relying on the version. Upon installation, UpdaterEx may insert an unwanted add-on, plug-in or browser extension in order to send and display disturbing pop-up ads. UpdaterEx may be produced to benefit from clicks on ads.

RambleRoam is a PUP (potentially unwanted program) produced by SuperWeb LLC. RambleRoam may declare to make the PC user's Internet surfing quality better by displaying websites incorporating the associated content, website trust ratings, permit comparison shopping, give discount coupons, and adding other beneficial capabilities. RambleRoam may also be categorized as adware. The add-on of RambleRoam may insert itself into Web browsers such as Internet Explorer, Google Chrome and Mozilla Firefox. RambleRoam may spread and embed itself into the computer system using misleading software advertising techniques, one of them known as bundling. RambleRoam may be integrated into the PC as an optional application packaged with free tools that computer users download and install from suspicious download websites. Upon installation, RambleRoam may create and show various types of non-stop online...

Sliding Sales is a potentially unwanted browser extension created by Engaging Apps that may state to make the computer user's online shopping activity better by displaying discount coupons, enabling coupon shopping, and other similar capabilities. Sliding Sales may install itself into Internet Explorer, Mozilla Firefox and Google Chrome Web browsers and other popular Web browsers. Sliding Sales may spread and embed itself on a computer as an extra application bundled with selected free tools that PC users download and install from unprotected download websites. Upon installation, Sliding Sales may control a variety of software and hardware information involving the PC user's location, Internet surfing information such as search terms, websites visited and viewed, cookies, IP address, and other data. Sliding Sales may create and display numerous intrusive ads such as sponsored link,...

SuperWords is a browser extension that claims to show lyrics when computer users watch music videos on Youtube. In fact, instead of making the computer user's activity on Youtube better, SuperWords may interrupt with the computer user's work by delivering a variety of intrusive pop-up advertisements and repeatedly diverting PC users to related websites that may be designed for commercial purposes. SuperWords is categorized as a PUP (potentially unwanted program) that may incorporate the computer into a variety of third-party activities. SuperWords may propagate and install itself onto the PC as an optional program packaged with free applications that PC users download and install from unprotected download websites. The main aim of SuperWords may be to generate advertising income using affiliate marketing. After installation onto the PC, SuperWords may display annoying pop-up...

ViewThat is a free application that declares to help PC users view images that are small or blurry in a better quality and to preview some pictures without opening the website; however, ViewThat may not be that valuable as it may appear at first glance. ViewThat may be connected with third-party software and it, in fact, may lead to a variety of PC problems on a computer. Although ViewThat has its official website where computer users can download it, usually, it may install itself on the computer without the PC user's approval, or it may propagate and enter the PC as an extra program packaged with free applications. After installation, ViewThat may display a variety of non-stop pop-up advertisements and alerts on Internet Explorer, Mozilla Firefox or Google Chrome. All of the advertisements and notifications sent by ViewThat may market the partners of ViewThat and strive to...

Sw-sustain is a malware threat that installs itself on a PC when a computer user opens and clicks spam or infectious links, thus unknowingly installing Sw-sustain malware. Sw-sustain may proliferate and enter the computer as an extra application bundled with free programs that PC users download and install from insecure download websites. Sw-sustain may be connected with browser hijackers, adware, spyware and backdoor Trojans, which may also be installed into the PC together with Sw-sustain. The Sw-sustain-related malware infection may compromise a Web browser, show non-stop pop-up advertisements and messages, gather the victim's online browsing details without his approval, and open a backdoor to allow cybercrooks obtain full remote access and control over the corrupted PC.

'JW Video Player' is a tricky pop-up message which may continuously occur in a Web browser if a PC is affected by adware or a PUP (potentially unwanted program). 'JW Video Player' Pop-Up may work as a browser extension, add-on or plug-in in Web browsers including Google Chrome, Mozilla Firefox and Internet Explorer and other major Web browsers. 'JW Video Player' Pop-Up may proliferate and install itself on a computer system through the use of associated adware or PUPs as an optional application packaged with selected free programs that PC user download and install from unreliable download websites. Upon installation, 'JW Video Player' Pop-Up-related adware and PUPs may modify the default browser settings by replacing the homepage, search provider or a new tab window with an affiliated website.

The now-famous Heartbleed Internet security flaw has perpetuated into an epidemic among everyone who uses a computer to connect to the Internet around the world. In the most recent findings of Heartbleed, security researchers and experts have uncovered ways to combat the nasty flaw but in doing so web browsers are suffering a major blow as Heartbleed fixes are slowing the performance of web browser applications. Heartbleed is an Internet security flaw that has disrupted many security certificates that sites utilize for logging into SSL (OpenSSL/TLS - a security layer for many websites) secure pages, mostly for when users perform logins into accounts on a particular website. Over the course of the past few weeks, webmasters and those in charge of security of many large and small websites have scrambled to come up with the proper means of combating Heartbleed and protecting the...

Siesta is a cyber espionage campaign which affects many organizations of multiple industries. The delivered malware threat is dubbed Siesta on account of periods of dormancy to access at regular intervals with email messages attacking executives of the company. The sender's email address is spoofed to occur as if it was sent by another employee of the company. The unsolicited emails did not encompass a malware infection, but they include links which direct to a download website. The website involving the malware threat is named [malicious domain]/ [organization name]/[legitimate archive name].zip. The archive encompasses an executable file which when first looked upon seems to be a safe PDF document but when run, a genuine PDF file which may have been taken from the attacked company's website and a harmful component is downloaded. The malware threat, known as Siesta, surreptitiously...

Zusy is a Trojan that proliferates via Facebook messages by compromising account data and credentials. Zusy is distributed by sending a message to an affected PC user and posing as one of their friends with the term 'LOL' accompanied by a file coming up to be downloaded which looks like a photo named 'IMG_xxxx.zip'. The file, when downloaded, is unzipped by the computer user who clicks on it thinking it is an image file named 'IMG_xxxx.jar'. The JAR part of the file executes, downloading a malware infection called Zusy and, thus, contaminating the corrupted PC. The target computer user's Facebook account is compromised and then it is used to disperse more malware infections to friends of the PC user.

PUP.YTDToolbar is a PUP (potentially unwanted program)/adware that may affect popular Web browsers such as Internet Explorer, Mozilla Firefox or Google Chrome and others. PUP.YTDToolbar may display non-stop pop-up ads while the Web browser is opened. The main goal of PUP.YTDToolbar may be to advertise numerous unknown websites, services and offers which, in fact, are intrusive and may disrupt the computer user's online activities. PUP.YTDToolbar may forcibly redirect PC users to unreliable websites that may be commercial if they click on the pop-up ads and notifications displayed by PUP.YTDToolbar. PUP.YTDToolbar may also change the default homepage and search provider or a new tab window with a questionable website. PUP.YTDToolbar may keep track of the PC user's online habits and later transmit and use collected details for targeted advertising intentions.

TrusteDealz is an unwanted browser plug-in produced by Bit Wise Publishing, LLC. By showing discount coupon advertisements, TrusteDealz may claim to save time and money for PC users who are shopping on the Web. TrusteDealz is categorized as adware or a PUP (potentially unwanted program). The add-on of TrusteDealz may often embed itself into Web browsers such as Internet Explorer, Google Chrome, and Mozilla Firefox as an extra tool bundled with free applications downloaded from questionable download websites. The TrusteDealz browser extension may trace Internet surfing routine of the computer user and may send this data to third-parties. The browser extension of TrusteDealz may unwillingly divert PC users to associated websites including Trustedealz.com that may be created for commercial purposes. TrusteDealz may be generated to likely benefit from clicks on advertisements and raised...

SearchFoot is a potentially unwanted program (PUP) that may have been made available for Internet Explorer, Google Chrome and Mozilla Firefox Web browsers. SearchFoot may propagate and be installed as an additional program on the PC through packaged free software that computer download and install from untrustworthy download websites. Once on the PC, SearchFoot may create and display a variety of types of disturbing ads, such as interstitial and full page advertisements, search-related advertisements, in-text advertisements and links, banner and video advertisements. SearchFoot may control the PC user's Web browsing routine by recording software and hardware data involving IP address, OS, browser type, unique identifier number, entered search terms, websites visited, and other similar data.