Discovered by GrujaRS, Qensvlcbymk is a malicious program belonging to the Snatch ransomware family. Qensvlcbymk ransomware operates by encrypting data and demanding payment for decryption. During the encryption process, all compromised files are appended with the ".qensvlcbymk" extension. For ex
As its name suggests, PC Win Booster is software designed to improve computer performance. In fact, this app is distributed by including it into the set-ups of other programs. Programs distributed in this way are categorized as potentially unwanted applications (PUAs). These rogue apps have a dubi
zpredir1[.]com is a rogue website sharing many similarities with biz-4u.com, thenickelpress.com, behavingsoping.club and countless others. These sites operate by presenting visitors with dubious content and/or redirecting them to other untrusted or even malicious web pages. Few visitors access zp
Eking belongs to the Phobos ransomware family. It encrypts files, renames them, and generates a number of ransom messages. Eking renames files by adding the victim's ID, decphob@tuta.io email address, and appending the ".eking" extension to filenames. For example, it renames "1.jpg" to "1.jpg.id[
Weather Online Now is advertised as an app providing the latest forecast updates. In fact, this is a browser hijacker that promotes a fake search engine (weatheronlinenow.com) by changing browser settings. Additionally, it might collect information relating to users' browsing activity. Typically,
Bunitu is a Trojan, which turns infected computers into proxies for remote clients. It can reduce network traffic and be used to reroute IP addresses of infected computers and misuse them for malicious purposes. If there is any reason to believe that your computer is infected with this proxy Troja
Discovered by GrujaRS, MR.ROBOT is a malicious program classified as ransomware. Systems infected with this malware have their files encrypted and users receive ransom demands for decryption tools. During the encryption process, MR.ROBOT ransomware renames files by appending them with an extensio
Free Driver Maps browser hijacker promotes freedrivermapstab.com and searchnewfdm.com (addresses of fake search engines) by modifying certain browser settings. This app supposedly provides access to interactive maps, directions, news, weather and email provider websites. Commonly, apps of this ty
Koti is malicious software, which is part of the Djvu ransomware family. It is designed to encrypt the files of infected systems in order to make ransom demands. When this ransomware encrypts, all affected files are appended with the ".koti" extension. For example, a file originally named somethin
ZoNiSoNaL is a part of the Xorist ransomware family. It encrypts files and renames them by appending the ".ZoNiSoNaL" extension. For example, "1.jpg" becomes "1.jpg.ZoNiSoNaL", "2.jpg" becomes "2.jpg.ZoNiSoNaL", and so on. ZoNiSoNaL drops the "HOW TO DECRYPT FILES.txt" file containing a ransom me