Bella is a rogue program, which is used for malicious purposes. For example, to steal passwords, execute various commands, transfer malicious files, and perform other dubious actions. This malware functions as a Remote Administration Trojan (RAT), and thus cyber criminals can perform certain act
ConvertMySearch is rogue software classified as a browser hijacker. It operates by making modifications to browser settings to promote a fake search engine. ConvertMySearch promotes convertmysearch.com in this way. Additionally, this browser hijacker has data tracking capabilities, which are emplo
dheje[.]xyz is one of many deceptive websites designed to trick users into downloading and installing a potentially unwanted application (PUA). Like most pages of this type, dheje[.]xyz claims that the device is infected with viruses and encourages users to remove them with a specific applicati
Hhmgzyl is malicious software belonging to the Snatch ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption. During the encryption process, files are appended with the ".hhmgzyl" extension. For example, a file originally na
Emilisub is a part of the Xorist ransomware family. It renames all encrypted files by appending its extension. It also displays a ransom message in a pop-up window and creates the "HOW TO DECRYPT FILES.txt" file (another ransom message) in all folders that contain encrypted files. An example of h
"Windows Error Code: DLL011150" refers to a technical support scam run on various deceptive websites. This scheme claims that it is a "virus alert" from Microsoft, informing users that their devices have been supposedly blocked due to suspicious activity detected on them. All of the information p
thefaceduck[.]com and similar web pages display dubious content or open other untrusted sites. In most cases, users do not visit these sites intentionally - they are opened by installed potentially unwanted applications (PUAs), through clicked deceptive advertisements, or other untrusted websites.
This is a typical technical support scam website, which is designed to trick visitors into calling the provided number and then paying for supposedly legitimate (and unnecessary) remote technical support. Generally, people do not visit these web pages intentionally - they are opened through other
Cl is malware belonging to the family of ransomware called Dharma. It is designed to encrypt files, rename them and provide victims with instructions about how to contact the developers (cyber criminals). Cl renames files by adding the victim's ID, cl_crypt@aol.com email address, and appending the
FrequencySkill is an adware-type application that shares traits with browser hijackers. Following successful installation, this app runs intrusive advertisement campaigns (i.e. delivers various ads), makes modifications to browser settings and promotes fake search engines. FrequencySkill promot