BNFD belongs to the Matrix ransomware family. It prevents victims from accessing/using their files by encrypting them and creates a ransom message (within the "BNFD_README.rtf" file) with instructions about how to contact the developers regarding decryption of files. BNFD also renames files by re
Osx Uninstaller is untrusted software, endorsed as a tool to optimize and carry out effective application uninstall processes, however, due to the dubious techniques used to proliferate Osx Uninstaller, it is classified as a Potentially Unwanted Application (PUA). Software within this classific
Like most browser hijackers, after installation DirectStreamSearch changes certain browser settings to the address of a fake search engine. In this case, it assigns them to directstreamsearch.com. It is very likely that DirectStreamSearch will also collect information relating to users' browsing a
Discovered by malware researcher S!Ri, Ahmed Minegames is ransomware-type program. This ransomware encrypts data and displays a pop-up window, demanding a password to decrypt files. Typically, malicious programs of this type rename the compromised files, however, this is not the case with Ahmed Mi
.docm ransomware is designed to encrypt files, modify their filenames, create the "README_RECOVERY.txt" text file and change the desktop wallpaper. It renames encrypted files by appending the ".docm" extension, which is a legitimate file extension used in Microsoft Word. For example, "1.jpg" is r
Jdyi is a malicious program belonging to the Djvu ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption tools/keys. During the encryption process, all affected files are appended with the ".jdyi" extension. For example, a
As its name suggests, Secure Driver Updater scans the operating system for outdated, old drivers and updates them. Developers distribute this program using dubious methods and, therefore, users who install Secure Driver Updater onto their computers often do so inadvertently. Therefore, this softwa
Discovered by S!Ri, Bondy is ransomware designed to encrypt files, append its extension to the filenames of all affected files, and create a ransom message (within the "HELP_DECRYPT_YOUR_FILES.txt" text file) in all folders that contain encrypted files. It renames files by appending the ".bondy"
Generally, users do not open undertain[.]work or similar web pages intentionally - they are opened by browsers with potentially unwanted applications (PUAs) installed on them. These rogue apps are classified as PUAs because most users download and install them inadvertently. In addition to promoti
swindoors[.]work is a rogue website designed to present visitors with dubious content and/or redirect them to other untrusted/malicious pages. Few users access this site intentionally - most are redirected to it by intrusive ads or by Potentially Unwanted Applications (PUAs) already installed on t