Robux ransomware encrypts files (and modifies their filenames), changes the desktop wallpaper, and creates the "read_it.txt" file (a ransom note). It renames files by appending a random extension containing four characters. For example, it renames "1.jpg" to "1.jpg.5z5j", "2.jpg" to "2.jpeg.al1d".
Нер is a malicious program belonging to the Xorist ransomware family. It is designed to encrypt data (lock files) to demand files for the decryption. Affected files are renamed: on systems that have the Cyrillic alphabet, they are appended with a ".нер" extension; on those that do not have this al
"Your email account has been reported for spam abuse" is the name of a phishing spam campaign. These scam emails claim that unless recipients verify their email accounts - they will be terminated. It must be emphasized that these letters are fake, and none of their claims are true. This spam mail
DiscoveryHandler is designed to display annoying advertisements and promote a fake search engine. It has the qualities of both advertising-supported software and a browser hijacker. Users download and install apps like DiscoveryHandler unknowingly. For this reason, they fall into the category of
PathNetwork is a rogue app classified as adware. It has browser hijacker qualities as well. Due to the dubious techniques used to distribute PathNetwork, it is also categorized as a PUA (Potentially Unwanted Application). Adware delivers various pop-ups, banners, coupons, surveys, full-p
Stax is malware that belongs to a family of ransomware called Djvu. The purpose of Stax ransomware is to encrypt files and keep them inaccessible until a ransom is paid. It appends the ".stax" extension to the filenames of encrypted files (for example, it renames "1.jpg" to "1.jpg.stax", "2.jpg" t
OfficialDesign is an application categorized as adware. It also has browser hijacker abilities. Since most users inadvertently download/install apps of this kind, they are considered to be PUAs (Potentially Unwanted Applications). Adware can display pop-ups, coupons, banners, surveys, fu
ChangingSystem generates advertisements and hijacks a web browser to prompt users to use a fake search engine. A big part of apps of this type is distributed using questionable, deceptive methods to trick users into downloading and installing them. For this reason, they are categorized as potent
Desktopshieldprotection[.]com is a rogue website sharing similarities with myfreshspot.com, re*.biz, news-gemara.cc, ngecauuksehi.xyz, and thousands of others. It is designed to load dubious content and/or redirect visitors to different (likely unreliable or malicious) pages. Sites of this type a
Hospitalhelper is a ransomware-type program. It is designed to encrypt data (render files unusable) and demand payment for the decryption. Affected files are appended with the ".hospitalhelper.[victim's_ID]" extension. For example, a file initially titled "1.jpg" would appear similar to "1.jpg.ho