ENCRYPTED_RSA is a malicious program belonging to the CryptoLocker ransomware family. It operates by encrypting the data of infected systems and demanding payment for decryption tools/software. Additionally, it attempts to delete volume shadow copies. Volume Shadow Copy is a Windows service that
DesuCrypt (also known as Insane) was discovered by S!Ri. This is a malicious program categorized as ransomware. Unlike most programs of this type, however, DesuCrypt does not encrypt any files - it damages them (rendering them unusable) and changes filenames by appending the ".desucrypt" extension
Top APP is a potentially unwanted application (PUA), a browser hijacker. Typically, apps of this type promote the addresses of fake search engines by changing certain browser settings. Research shows that this PUA does not in fact change the settings, however, it detects when users search (by ent
Quick Converter is a browser hijacker, which operates by modifying browser settings to promote a fake search engine (feed.quick-converter.com). Additionally, it has data tracking capabilities, which are employed to monitor users' browsing activity and gather sensitive information inferred from it.
Finding Forms Pro promotes the address of a fake search engine (search.hformshere.com) by changing browser settings and collecting browsing-related data. Apps of this type are categorized as potentially unwanted applications (PUAs) and browser hijackers. In most cases, people download and install
Discovered by dnwls0719, doctor666 is a part of the Snatch ransomware family. This ransomware encrypts victims' files and renames them by appending the ".egmwv" extension to filenames. For example, it renames "1.jpg" to "1.jpg.egmwv", and so on. Furthermore, doctor666 creates a ransom message wit
Protected Search is a browser hijacker, which is advertised as a tool for enhancing the browsing experience by improving web searches. In fact, it modifies browsers to promote feed.protected-search.com (a fake search engine). As with most software within this classification, Protected Search has d
This untrusted website tricks visitors into downloading and using a fake Adobe Flash Player installer, which installs a potentially unwanted application (PUA). Typically, these fake installers install browser hijackers or adware, however, they might also infiltrate Trojans, ransomware or other m
Flight Tab Pro is a browser hijacker endorsed as a tool for easy access to global flight-tracking services. It operates by modifying browser settings to promote a fake search engine (flighttabpro.com). Furthermore, this app has data-tracking capabilities, which are employed to monitor users' brows
DynoAppSearch is a potentially unwanted application (PUA), a browser hijacker. It promotes dynoappsearch.com (a fake search engine) by changing browser settings and gathers information relating to users' browsing activity. In most cases, people download and install apps of this type inadvertently.