XIII is the name of a ransomware variant belonging to the Phobos ransomware family. This variant encrypts files and appends a victim's ID, xlll@imap.cc email address, and the ".XIII" extension to their filenames. For example, it renames "1.jpg" to "1.jpg.id[9ECFA84E-3274].[xlll@imap.cc].XIII", "sa
OperativeResults is a PUA (Potentially Unwanted Application) with adware and browser hijacker qualities. This app has been observed being distributed via fake Adobe Flash Player updates. Adware enables the placement of third-party graphical content on visited websites and/or different in
AssistiveConsole shows unwanted advertisements and hijacks a browser (changes its settings) to promote a fake search engine. It is uncommon for apps like AssistiveConsole to be installed on purpose. They often are promoted using deceptive methods. Apps of this kind are called potentially unwante
The purpose of this email is to deliver FormBook malware. It is disguised as a letter from BBVA (Banco Bilbao Vizcaya Argentaria), a legitimate Spanish multinational financial services company. It contains a malicious attachment (an archive file). This malicious email is written in Spanish
TopCouponSearch is a browser hijacker that modifies browsers to promote the topcouponsearch.com fake search engine. Due to the dubious techniques used to distribute browser hijackers, they are also categorized as PUAs (Potentially Unwanted Applications). With TopCouponSearch installed: new
SelectorComponent is an adware-type app with browser hijacker qualities. Software products of this type are also classified as PUAs (Potentially Unwanted Applications). Adware can enable the placement of banners, pop-ups, surveys, and other intrusive ads on visited websites and/or differ
"PROT Giveaway" is a scam promising to quintuple the amount of Prostarter (PROT) cryptocurrency users contribute to it. Instead, the contributed amount will simply be lost, and victims will receive nothing in return. The fake "PROT Giveaway" claims that users will receive fivefold the PROT
Aimnip is ransomware, a form of malware designed to encrypt files, generate a ransom note (the "Recover_UrFiles.txt" file), and rename all encrypted files. It appends a string of four random characters to filenames as their new extension. For example, Aimnip renames "1.jpg" to "1.jpg.mk4v", "2.jpg
ProductArchive is advertising-supported software that displays advertisements and hijacks a web browser (changes its settings to promote a fake search engine). Apps like ProductArchive usually are promoted/distributed using questionable methods. In such cases, users are likely to download or ins
PDFConverterWeb is a piece of browser-hijacking software promoting the pdfconverterweb.com fraudulent search engine. Additionally, due to the questionable methods used to spread browser hijackers, they are also classified as PUAs (Potentially Unwanted Applications). Browser hijackers (e.g.