Zorgo is a malicious ransomware-type program based on HiddenTear. It is designed to encrypt the data of infected systems in order to demand payment for decryption. During the encryption process, all affected files are appended with the ".zorgo" extension. For example, a file originally named some
InteractivePremium is a rogue application classified as adware. It runs intrusive advertisement campaigns. Additionally, it has browser hijacker characteristics. InteractivePremium modifies browsers to promote bogus search engines. This app promotes Safe Finder via akamaihd.net. Most adware typ
GalaxySpin is rogue software categorized as a browser hijacker. It operates by making alterations to browser settings to promote galaxyspin.com (a fake search engine). Additionally, as is common to browser hijackers, GalaxySpin can track browsing-related data. Since most users install GalaxySpin i
Part of the Dharma ransomware family, TRAMP prevents victims from accessing their files by encryption, changes filenames, creates ransom messages and displays another message in a pop-up window. TRAMP renames encrypted files by adding the victim's ID and clevercrypt@aol.com email address, and appe
ServiceBuilder supposedly improves the browsing experience and is useful in various other ways, however, this app serves advertisements, gathers information (including private, sensitive details) and promotes Safe Finder (by opening it via akamaihd.net). In most cases, people download and insta
NetEmpireSearch is rogue software. This application is classified as adware and possesses browser hijacker characteristics. It operates by delivering intrusive ad campaigns and modifying browsers to promote fake search engines. Additionally, most adware and browser hijackers monitor users' brows
CompleteReady is one of many applications that supposedly improve the browsing experience, include features, and are useful in various ways. In fact, CompleteReady is a potentially unwanted application (PUA), an adware-type application that serves advertisements. Additionally, it promotes Safe
Discovered by dnwls0719, Qewe is malicious software belonging to the Djvu ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools/software. When this ransomware encrypts, all affected files are appended with the ".qewe"
Discovered by dnwls0719, Builder is a variant of Hakbit ransomware. This ransomware encrypts files, appends its extension to the filenames and creates ransom messages. Builder modifies encrypted files by appending the ".builder" extension to filenames. For example, it changes "1.jpg" to "1.jpg.bu
Tracker Package is a typical browser hijacker: it promotes a fake search engine (trackerpackage1tab.com) by changing browser settings and collects browsing data. Apps of this type are categorized as potentially unwanted applications (PUAs), since users often download and install them inadvertently