Malware Categories: Trojan

Getmyfiledownload.com is a malicious website that spreads browser hijackers. It pretends to offer the files that people are looking for and it advertises on file hosting sites, which enables it to trick people into downloading and installing malicious software. If you find Getmyfiledownload.com open on your screen, don’t interact with it – just close it. … Continued

Glupteba is a trojan that attacks Windows PCs and can infect them with a variety of other malicious programs: miners, data stealers, etc. Indeed, a Glupteba infection should be taken seriously, as it can not just mess with your computer, but let cybercriminals hack your online accounts. So, if Glupteba was detected on your machine … Continued

Gootloader is a malware distribution technique that spreads trojans and other malicious programs. Gootloader shows fake forum pages. These forum posts share links to malicious Zip archives that can download and install dangerous malware. Gootloader’s webpages appear in web search results, mostly on Google, and can appear very believable. How Gootloader works: Threat type Trojan, phishing. How … Continued

Hacktool:win32/keygen is a definition used by antivirus programs to warn users about potential threats. Hacktool:win32/keygen is used to assist in activating software for free (steal/pirate it). But that’s not why antivirus programs detect it. The real problem is malware being bundled with Hacktool:win32/keygen files and causing problems in the long run. Hacktool:win32/keygen: Classification Keygen, hacktool, … Continued

Hallmark.gif[1].exe is another trojan disguised as electronic card in order to attract people and make them install the malware voluntarily. Hallmark.gif[1].exe trojan comes with spam email that invites potential victim to visit a website and check an e-card sent by someone. Clicking the link provided on the spam email triggers the download of the trojan. … Continued

HTML:Script-inf is a malicious script designation used by antivirus programs. The “HTML:Script-inf” name is mostly used by the Avast and AVG programs. A warning about HTML:Script-inf or just Script-inf means that a website was blocked that had a suspicious script on it. Malicious scripts can be used to distribute malware and can occasionally infect even legitimate websites, … Continued

Cryptocurrencies are great, but mining is very hard work not generally fit for home computers. Idle Buddy promises to mine cryptocurrency for you on your device while it’s not in use, but that ends up with the computer running incredibly slowly while using most of its CPU for Idle Buddy. If you try to uninstall it, … Continued

IDP.ALEXA.51 is a label for malware. It’s used by antivirus tools (AVG, Avast) to label software that might be dangerous. You can remove malicious programs with antivirus tools. If you suspect that the IDP.ALEXA.51 is mistaken, you can double-check with other antivirus programs or ask your antivirus program’s support. Sometimes, the IDP.ALEXA.51 flag turns out to be … Continued

IDP.ARES.Generic is a malware detection name used by Avast and AVG for malicious files. If you see a pop-up with a warning that IDP.ARES.Generic was detected on your computer, it’s possible that your antivirus program just stopped some malware. It is also possible that a safe file was falsely detected. You might need the AVG/Avast … Continued

IDP.Generic is a label for unrecognized malware. It is used by antivirus programs, specifically AVG and Avast, to identify items whose behavior is unusual and potentially dangerous. “IDP” in IDP.Generic stands for Identity Protection. If your antivirus identifies a certain item as IDP.Generic, that means that the file was detected according to this particular component (Identity Protection). Sometimes … Continued

JasperLoader is malware that spreads other malware, both into your PC, and from it to others. The malware sneaked into your PC can vary in its severity, but in theory could include miners, spyware, adware, even ransomware. The Trojan can also hijack the infected computer to complete tasks for cybercriminals, such as sending infected emails … Continued

JS.Downloader is a detection Trojans based on Javascript, that is a language that is run in browsers and used to make page more interactive. The language might be used for harmfull purposes as well. Such Trojans have been known for years but keep infecting tons of online users to this day. The most obvious sign … Continued

JSMiner is a family of trojan viruses that can come by different names, such as JS:Miner-A, JS:Miner-C, JS:Miner-E and so on. The letter JS stands for JavaScript, because this malware is using this programming language to infect computers. There are more than just one version of this infection and it can be distributed in various … Continued

Kilim is a Trojan virus that can cause serious problems to computer system. The program easily gets access to your personal data that can later be used for malicious purposes and it can expose your computer to other threats. The Trojan infiltrates into random computers without users’ knowledge, usually when the one clicks on some … Continued

Kpot is an info-stealing trojan. It spreads in malicious email spam and malicious websites. Once Kpot is on a computer, it extracts saved credentials, payment methods, and other information from browsers and other apps. It then sends that information to malicious actors. After removing Kpot, it’s advised to change your passwords and to watch your bank … Continued

Recently the new variant of the malicious trojan called LokiBot was noticed by some cyber enthusiasts ,  , quickly spreading not only in Androids like it used to a year ago (), but also in Windows OS as well. While it acts slightly different on these two platforms Lokibot is equally dangerous for both. (Learn … Continued

Macro virus is a form of computer parasites that attaches itself to various documents and files instead of programs. Word documents, pdf’s or spreadsheets are used as all these programs have capability to run scripts or “macros”. The viruses are either written in , that is used by Microsoft programs (Word, Excel, etc), Javascript (for … Continued

MassMiner malware is a new crypto-currency mining infection, and security researchers learned of its existence at the beginning of May, 2018. We have discussed many crypto-currency related scams and cyber attacks. One of the more interesting articles investigated the possibility of crypto-mining malware slowly replacing ransomware. Besides this new crypto-malware dubbed MassMiner, we have also … Continued

The Mebroot Trojan is the first new trojan found in the wild, which modifies the MBR (Main Boot Record). This trojan is usually installed via drive-by downloads, reportedly from gfeptwe.com. Once inside, this parasite detects the active boot partition and infects the MBR. The original MBR is copied to sector 62 of the hard disk. … Continued

Microsoft Office Activation technical support scam (also referred to as a pop-up) has been named after the dialog box it pops up. The pop-up window is named Microsoft Office Activation Wizard. This tech support scam revolves around the topic of the activation of the Microsoft Office Package, which encompasses such programs as Excel, OneNote, Outlook, … Continued

MSASCuiL is a program for displaying the Windows Defender notification icon. If you can verify that it’s the real Windows process, then that’s what it is. However, cybercriminals have stolen the names of genuine Windows processes before, and MSASCuiL is no exception. If you have MSASCuiL malware, then that should be removed as quickly as … Continued

Necurs is a trojan that is used by cyber criminals to open a back door of an infected computer for a remote user to take over it. It will also turn off existing computer security programs leaving your PC unprotected and easy to harm by more infections. Symptoms of the infection that can be seen … Continued

NetGroove infection is a tabbed browser based on Cromium. It is a freeware tool, created by RCPSoft company. While this browsing application seems legitimate and the company even encourages its clients to inform them of any bugs, we have our suspicions that this tool is not as reliable as it appears. First of all, the … Continued

Network Control, sometimes called Network Control Solution Center, is a Trojan that pretends to be a legitimate security application. It states that remote administrator named Adam1 has changed some system files of Windows OS. This ransomaware is promoted mostly through the use of fake online scanners and other bogus websites which state that your computer … Continued

Nivdort – the name of big trojan family known for collecting various information infected computers. There are more than a dozen of names on this trojan family, such as TrojanSpy:Win32/Nivdort.BE, TrojanSpy:Win32/Nivdort.BN, TrojanSpy:Win32/Nivdort.BU, TrojanSpy:Win32/Nivdort.BV, TrojanSpy:Win32/Nivdort.CC, TrojanSpy:Win32/Nivdort.CD, TrojanSpy:Win32/Nivdort.V, TrojanSpy:Win32/Nivdort.W, TrojanSpy:Win32/Nivdort.Y and TrojanSpy:Win32/Nivdort.Z. Usually trojans from Nivdort family travels attached to spam emails. Those letters are developed to look like valid messages … Continued

Have you noticed that your computer suddenly started to run significantly slower, even though you haven’t made any significant changes? The true reason behind that might be a crypto miner, which has successfully infected your computer and now is mining some cryptocurrency while using your electricity and computer resources. It wouldn’t be that bad if … Continued

Usually, OInstall.exe is a legitimate Microsoft Office installer. However, a modified version of OInstall.exe is used by pirates who want MS Office for free. It is often detected by antivirus programs as malware. Whether the pirated version of OInstall.exe is dangerous is not certain, but that is a real risk: truly dangerous malware is often brought … Continued

Inside of the free software bundles you can actually find the whole bucket of cyber bugaboos, starting from all kinds of adwares and ending with crypto-malwares, asking for ransom payments. You can also find there viruses, named as screen lockers. This type of malware, as the title indicates, locks the screen of the compromised computer, … Continued

A Poweliks infection is listed as a Trojan virus that can infiltrate a number of other malicious applications present onto your computer. Usually it travels via exploit kits that lurk on hacked websites, so it’s really difficult not to encounter this Trojan – you never know which website can be infected. Poweliks targets the following versions of … Continued

McAfee Labs by Intel Security detect Proteus malware as W97M/Proteus trojan. Though, it was first detected on the 28th of November, 2016, by the researchers from Fortinet as MSIL/Proteus.A!tr. Written in .NET, this trojan has been named, a new all-in-one botnet. Since it bears a number of the following malicious functionalities: it operates as a … Continued

Pw.exe is the executable file of huge Fake antispywares’ family that has been noticed in the middle of November trying to rip users off. Its campaign is based on telling that computer is infected with malware and then offering to purchase removal program which is always named differently. In fact, this scam has 27 different … Continued

PWS:Win32/Zbot is the name for one of Trojan families. It has been generated by black market kits called Zeus. PWS-Zbot can get inside a computer distributing it in spam e-mail. It might also infiltrate using auto run capabilities of removable media. One more way to be infected with PWS-Zbot Trojan is while browsing compromised or … Continued

QueueAlgorithm is a malicious app that causes browser redirects and ad spam. QueueAlgorithm is adware and it infects Macs by tricking victims into downloading it by pretending to be safe and legitimate software. When deleted, QueueAlgorithm may return after a few hours or days. That happens because not all of its files were deleted – … Continued

Quick Searcher belongs to the same category of disturbing online threats like Soft Cores Miner. However, this article will focus on a miner which is distributed through an extension for Google Chrome browser. This strategy is not unheard of, but it is one of the novelties we are yet to fully examine. Just recently, we … Continued

QuilMiner acts as a Trojan Horse with capabilities of using the system resources for the purpose of mining digital currencies. For instance, it mines Ethereum, Dash, Bitcoin and Monero. This is done without the user’s consent and does not result in any financial benefit for the victim. QuilMiner performs its on PCs with Nvidia, AMD … Continued

Rimod trojan (aka Trojan:Win32/Rimod ) is a group of PC parasites that perform specific actions to ones PC. All parasites from this group modify PC security settings to disable or minimize protection and limit the possibility of detection and removal. This makes these trojans quite dangerous and such parasites should be removed from ones PC. … Continued

Search.rpidity.com is a one more annoying browser hijacker that attacks random computer systems. It affects your search results as you get redirected to Search.rpidity.com after you type something into Google or Yahoo search engines. It can modify your browser setting no matter if you use Internet Explorer, Google Chrome or Mozilla Firefox. Usually, it even … Continued

Securedisk.exe CPU Miner Trojan is an infection with a very specific purpose: to slither into operating systems and secretly mine various types of cryptocurrencies. It pretends to be a legitimate version of LaCie Private-Public encoding software. However, it actually is a Trojan, hidden behind a legitimate name. This miner is bound to generate a scheduled … Continued

Select Region (Please Select Region to Continue) is a screen-locker, which displays two messages. First one requites users to enter specific information about their device: some of it is already generated, like the name of a device, type of a operating system, while other info can be modified. After users will click the button “Next”, … Continued

You have definitely heard of cryptocurrencies before. It is a very profitable niche and everyone tries to jump into this train of money right now. Unfortunately, some individuals explore deceptive ways to earn virtual money and regular users become victims. In this case, we are talking about Shadowsocks Trojan virus. It was designed with a … Continued

Detected in 2012 by Forcepoint (former Websense), Seculert and Kaspersky, Shamoon malware, aka Disttrack, has returned. On the 17th of November, 2016, at 20:45 local time Shamoon attacked a Saudi oil company Aramco. 30,000 computers have been affected. Shamoon, in the previous and in the recent attacks, has aimed at deleting the data from hard … Continued

SilentFade is a trojan that was used to hack social media accounts. Rather than stealing the accounts, the cybercriminals behind SilentFade used them to display ads, paying for the advertising with money stolen from the account owners. Although SilentFade has had its wings clipped, it appears to still be spreading online and infecting Windows computers. … Continued