Motion belongs to the Xorist ransomware family. It encrypts files and appends the ".motion" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.motion", "2.jpg" to "2.jpg.motion", and so on. Motion also creates the "HOW TO DECRYPT FILES.txt" file in all folders and displays a pop-up
Video Search is rogue software endorsed as a tool for quick searching of multiple video-hosting platforms (e.g., YouTube, Vimeo, Facebook, Google Video, and Bing Videos) straight from the browser. In fact, Video Search is classified as adware, since it runs intrusive advertisement campaigns. I.e.
Screenshot Tool and Editor is advertised as a tool for taking screenshots of entire websites, capturing web page elements, and editing the screenshots (e.g., adding text). What is not advertised is that Screenshot Tool and Editor functions as adware, and thus generates unwanted advertisements. Ad
CryptoLocker-v3 is a malicious program belonging to the CryptoLocker ransomware family. It is designed to encrypt data and demand ransoms for decryption tools. During the encryption process, files are appended with the ".ecc" extension. For example, a file originally named something like "1.jpg" w
clickmp3[.]com offers download of videos from YouTube. Note that using websites such as clickmp3[.]com or third-party apps to download videos is against YouTube's Terms of Service. clickmp3[.]com also uses rogue advertising networks: the site contains dubious ads and opens other untrusted pages.
Discovered by 0x4143, Resgateseup is malicious software classified as ransomware. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools. Typically, ransomware renames affected files, however, the filenames of files encrypted by Resgatese
InitialDevice changes browser settings, generates advertisements, and might also gather certain information. In this way, InitialDevice functions both as adware and as a browser hijacker. Typically, users download and install apps such as InitialDevice inadvertently and, therefore, they are cla
"Spin The Wheel" is a scam promoted on various deceptive websites. There are several variants of this scam. In general, the scheme claims users have the chance to win a prize. Note that "Spin The Wheel" is in no way associated with Home Depot, Amazon, Apple, or other companies it mentions. Additi
URSA ransomware encrypts files and creates two ransom messages in "RECOVER_YOUR_FILES.HTML" and "RECOVER_YOUR_FILES.TXT" files, which it places in folders that contain encrypted files. Note that, unlike most ransomware, URSA does not rename any of the encrypted files. Screenshot of files encr
SearchConverterInc is rogue software classified as a browser hijacker. It operates by making changes to browser settings to promote searchconverterinc.com (a fake search engine). Additionally, SearchConverterInc monitors users' browsing habits. Due to the dubious methods used to proliferate brows