Windows Defender detects and removes this threat.

A trojan within this family consists of a downloader component and a fake scanner component. The downloader stops certain processes, lowers security settings, changes the desktop background, and tries to download other malware like Trojan:Win32/Alureon.CT. It also blocks access to webpages from certain domains.

Windows Defender detects and removes this threat.

This family of rogue security programs pretend to scan your PC for malware, and often report lots of infections. The program will say you have to pay for it before it can fully clean your PC.

However, the program hasn't really detected any malware at all and isn't really an antivirus or antimalware scanner. It just looks like one so you'll send money to the people who made the program. Some of these programs use product names or logos that unlawfully impersonate Microsoft products.

Even if you do pay to "unlock" the app, it won't do anything because your PC isn't actually infected with all that malware it "found".

Different brands of the rogues may modify various settings on your computer, end or close programs or system services, or block access to websites.

Find out ways that malware can get on your PC.

Win32/Fifesock is a multiple component trojan family that injects code into Internet Explorer and Firefox in order to steal the user’s social networking credentials for sites such as Facebook, Twitter and Blogspot, and then uses these credentials to send spam to their contacts. It may also download and execute arbitrary files. Some variants have also been observed to install rogue security software such as Rogue:Win32/Winwebsec.

Win32/GameHack is malware that is often bundled with game applications. It commonly displays unwanted pop-up advertisements and may be present or installed as a web Browser Helper Object.

Win32/Folstart is a family of worms that spread via removable drives and modify system settings.

Windows Defender detects and removes this threat.

Win32/Wecykler is a family of worms that spread via removable drives, such as USBs, that can stop security and other processes on your PC, and log keystrokes which can then be sent to a hacker.

Microsoft security software detects and removes this threat. This is a family of malware that:

• Spreads using removable drives
• Steals sensitive information
• Downloads and executes arbitrary files

This threat might be downloaded by other malware, or it may come from an infected removable drive that you inserted into your PC.

Find out ways that malware can get on your PC.

Win32/Rongvhin is a family of malware that perpetrates click fraud. It might arrive in your PC via hack tools for the CrossFire game.

Windows Defender detects and removes this threat.

This family of trojans download and install other programs. We have seen them downloading Win32/Sefnit and Win32/Rotbrow malware.

They can get on your PC by pretending to be an installer for other, legitimate programs. They might install those programs as well as other malware.

Find out ways that malware can get on your PC.  

Windows Defender detects and removes this threat.

This trojan family can use your PC for bitcoin mining and change your web browser home page.

They can be accidently downloaded along with other files from torrent sites.

Find out ways that malware can get on your PC. 

Windows Defender Antivirus detects and removes this threat.

This trojan lets a hacker access your PC remotely. They can then browse the files in your PC, as well as download, upload, and run files. We have seen this trojan used in targeted attacks.

This threat can be downloaded by other malware.

Windows Defender detects and removes this threat.

The threat might get into your PC through spam emails or by being downloaded by other malware.

It encrypts your files and holds them for ransom; it demands that you pay to get access to your files back. It might display a message that looks like this:

It can also lower your PC's security by changing certain settings.

Read more about threats like this in our ransomware page.

Find out ways that malware can get on your PC.

Windows Defender detects and removes this threat.

The threat, also known as DarkComet, is a remote access tooll (RAT) that allows attackers to take control of your PC to perform various specific functions, such as record your information or download other malware.

This threat might have got on your PC from an installer program or other malware.

Find out ways that malware can get on your PC.   

Windows Defender detects and removes this threat.

This ransomware encrypts the files on your PC and directs you to a webpage with instructions on how to decrypt them. 

It changes the extension of the encrypted file to .chipdale.

See our Ransomware page for more information about ransomware.

Find out ways that malware can get on your PC.  

Windows Defender detects and removes this threat.

This ransomware encrypts the files on your PC and directs you to a webpage with instructions on how to unlock them. It asks you to make a payment using bitcoins.

It might be dropped by exploit kits such as Exploit:SWF/Axpergle (Angler), Exploit:JS/Neclu (Nuclear), JS/Fiexp (Fiesta), and JS/Anogre (Sweet Orange).

More information about ransomware can be found on our Ransomware page.

Find out ways that malware can get on your PC.  

Windows Defender detects and removes this threat.

This ransomware encrypts the files on your PC and directs you to a webpage with instructions on how to decrypt them.

It changes the extension of the encrypted file to .chipdale.

See our Ransomware page for more information about ransomware.

Find out ways that malware can get on your PC.