Mostheatdr is a group of deceptive sites promoting various scams. Web pages belonging to this group have been observed promoting the "Dear Safari User, You Are Today's Lucky Visitor" scheme, however, they might also run other scams. Typically, people access these deceptive sites via redirects c
Heodo is a malicious program and another version of Emotet. Cyber criminals behind Heodo can use it to perform many malicious tasks. For example, to download and execute/install additional malware, steal various personal/sensitive information, and others. Therefore, if Heodo is installed on the op
R44s is a new variant of Ranion ransomware. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools/software. When this ransomware encrypts, all affected files are appended with the ".r44s" extension. For example, a file originally named
Twisted Search, also known as TwistedSearch, is software promoted as supposedly improving web searches. In fact, it operates by making alterations to browser settings to promote feed.twistedsearch.com, a fake search engine. Therefore, it is classified as a browser hijacker. Furthermore, it has da
Booster Search (also known as BoosterSearch) is an application designed to improve the browsing experience. In fact, this is a browser hijacker which promotes feed.boostersearch.com (the address of a fake search engine) by modifying browser settings and gathering various information. In most case
DECP belongs to the Matrix ransomware family. This ransomware renames files by replacing filenames with the deccrypasia@yahoo.com email address, a random string of characters and the ".DECP" extension. For example, it renames a file named "1.jpg" to "[deccrypasia@yahoo.com].aiRtzELK-qb6kitil.DECP"
bekapro[.]xyz is a scam website that makes deceptive claims to trick visitors into downloading and installing an untrusted or possibly malicious piece of software. The site states that users' devices have been compromised by viruses and advises them to remove the threats using a specific applica
Best Classified Ads Promos is categorized as adware, since it runs intrusive advertisement campaigns. This app delivers unwanted, deceptive and even dangerous ads. Furthermore, it has data tracking capabilities, which are employed to monitor users' browsing activity. Best Classified Ads Promos ha
RekenSom is a ransomware-type program that was discovered by dnwls0719. Unlike most programs of this type, RekenSom not only encrypts files but also deletes some of them. It renames all encrypted files by using the "Encrypted[a_number_of_dashes].som" pattern (for example, it renames "1.jpg" to "E
TaskBrowser supposedly improves the browsing experience, however, this adware-type application feeds users with ads and gathers information. In most cases, users download and install adware inadvertently. Therefore, apps of this type are categorized as potentially unwanted applications (PUAs).