CoronaCrypt ransomware is designed to encrypt files, modify filenames, display a ransom message and create the "How_To_Restore_Your_Files.txt" text file (another ransom message). It renames files by adding its name, u.contact@aol.com email address, victim's ID, and appending the ".Encrypted" exten
This malware belongs to the Dharma ransomware family. Like most malicious programs of this type, Dtbc is designed to encrypt data, rename encrypted files and provide instructions about how to contact the developers. It renames encrypted files by adding the victim's ID, databack2@protonmail.com ema
Search Pro is a rogue application endorsed as supposedly capable of providing reliable search results, popular search trends and other web-search related features. In fact, this app is categorized as a browser hijacker, due to the modifications it makes to browsers to promote hsearchpro.com (a bog
EmailCheckNow is software classified as a browser hijacker. It is advertised as an easy access tool for email accounts. In fact, EmailCheckNow operates by making modifications to browser settings to promote emailchecknow.com (a fake search engine). Most browser hijackers have data tracking capabi
click-to-watch[.]live is a rogue website sharing many similarities with bestdealfor21.life, cvazirouse.com, esmo.pro, mediamodern.biz and thousands of others. When accessed, these sites present visitors with dubious content and/or redirect them to other dubious/malicious web pages. Few users ente
bestdealfor21[.]life is a rogue website. Visitors to it are presented with dubious content and/or are redirected to other untrusted/malicious sites. Users seldom access bestdealfor21[.]life or similar web pages intentionally - they are redirected to them by intrusive advertisement campaigns or Pot
ConvertPDFEasy is a typical browser hijacker: it changes certain browser settings to promote a fake search engine (in this case, convertpdfeasy.com) and collects browsing-related data. Note that browser hijackers are categorized as potentially unwanted applications (PUAs), since users often downlo
cvazirouse[.]com is very similar to theweathersiren[.]com, mediamodern[.]biz, keysdigita[.]com and many other rogue websites. These pages should not be visited, since they load dubious content and promote (open) other web pages of this kind. Typically, users do not visit websites such as cvazirou
esmo[.]pro displays dubious content and opens various bogus web pages. It operates in a similar manner to many other sites including, for example, theweathersiren[.]com, mediamodern[.]biz and keysdigita[.]com. Websites of this type are often opened by browsers when potentially unwanted applicatio
"This document protected by CloudFlare" is a deceptive message displayed by various malicious documents. Cloudflare is a legitimate web-infrastructure and website-security company, which is in no way associated with this scam message. "This document protected by CloudFlare" attempts to convince u