Discovered by xiaopao, _encrypted (RRansom) is a malicious program classified as ransomware. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. During the encryption process, files are appended with the "_encrypted" extension. For exampl
Evil is malware belonging to the Jigsaw ransomware family. It is designed to encrypt victims' files, modify their filenames and display a pop-up window (containing a ransom message). Evil renames files by appending the ".evil" extension. For example, "1.jpg" is renamed to "1.jpg.evil", "2.jpg" to
Cyber Search is a browser hijacker which changes certain browser settings to cybersearch.xyz, adds the "Managed by your organization" feature to Google Chrome browsers, and collects private, sensitive information. Generally, users download and install apps such as Cyber Search (browser hijackers
PDFConverterSearch4Free is rogue software categorized as a browser hijacker. It operates by making changes to browser settings to promote pdfconvertersearch4free.com (a fake search engine). Additionally, most browser hijackers have data tracking capabilities, which are employed to monitor users' b
Discovered by GrujaRS, Szymekk is a malicious program and a new variant of Cobra Locker ransomware. Following successful infiltration, this malware encrypts data and locks the device's screen in order to demand ransoms for decryption and restoration of access. During the encryption process, all a
DreamTrip software is classified as adware because it serves various advertisements. Note that there are many apps of type that are designed to serve ads and gather information. Typically, users download and install adware-type apps inadvertently and, for this reason, they are classified as potent
Discovered by malware researcher S!Ri, AnoymouS is a malicious program classified as ransomware. Systems infected with this ransomware have their data encrypted and users receive ransom demands for decryption tools. During the encryption process, all affected files are appended with the ".AnoymouS
ZaLtOn belongs to the Xorist ransomware family. It encrypts victims' files, renames them, changes the desktop wallpaper, displays a pop-up window and creates the "HOW TO DECRYPT FILES.txt" text file. ZaLtOn renames files by appending the ".ZaLtOn" extension to filenames. For example, "1.jpg" is r
ZipConvertAce is advertised as an archive manager, a program that compresses and extracts/zips and unzips files. In fact, its developers distribute it using dubious methods. Therefore, ZipConvertAce is categorized as a potentially unwanted application (PUA). Note also that the installer for ZipCon
msascuil.exe (or MSASCuiL.exe) is a legitimate file/process, which is a part of Microsoft Windows 10. This file can be found in the "C:\Program Files\Windows Defender" folder and is part of the Windows Defender user interface. The purpose of msascuil.exe is (or was) to display the Windows Defender