Tab Recovery (also known as Tab Recovery - Save & Organize Your Tabs) is a browser hijacker that assigns certain browsers settings to tabrecovery.com and explormatrix.com. Therefore, it is classified as a potentially unwanted application (PUA). It promotes one fake and one dubious search engin
Discovered by MalwareHunterTeam, Ada Covid is ransomware designed to prevent victims from accessing their files by encryption. As with many ransomware programs, it renames all encrypted files and creates/displays ransom messages. Ada Covid renames files by appending the ".pdf" extension to filenam
CoViper is yet another Coronavirus/COVID-19-themed malware infection, most likely proliferated as a file related to the pandemic. It operates by rewriting the system Master Boot Record (MBR). It does not delete the original, but rather creates a backup and replaces it with a custom MBR. Typically
ShkolotaCrypt ransomware was discovered by GrujaRS. Malware of this type encrypts files, modifies filenames and creates and/or displays ransom messages. This ransomware renames encrypted files by appending the ".crypted" extension to filenames. For example, it would rename "1.jpg" to "1.jpg.crypt
InteractiveSpeed serves advertisements, collects various information (including sensitive data) and promotes Safe Finder via akamaihd.net. This app is classified as a potentially unwanted application (PUA) and adware. Typically, people download and install apps of this type inadvertently.
ScanMyReg is one of many system optimization tools that supposedly fix various errors and improve computer performance in other ways. In fact, developers distribute these apps through the set-ups of other programs by including them as "additional offers". Typically, people download and install th
Discovered by dnwls0719, MSPLT is a malicious program belonging to the Dharma ransomware family. Systems infected with this malware suffer data encryption and users receive ransom demands for decryption tools/software. When this ransomware encrypts, all affected files are renamed with the followi
bmps.xyz is the web address of a fake search engine, which promoted by applications named Nismo AP and SApp+. These two applications are classified as browser hijackers. Like most browser hijackers, Nismo AP and SApp+ promote bmps.xyz by changing browsers settings. Commonly, apps of this type als
Discovered by CollabVM, NMoreira (Boot) is a ransomware-type program that operates by encrypting data and demanding ransom payments for decryption tools/software. During the encryption process, all affected files are appended with the ".NMoreira" extension. For example, a file named something lik
"IOS VPN profile" is a scam run on deceptive websites. This scheme claims that users' internet connections may not be secure and advises them to download/install a promoted VPN application. Software endorsed using such dubious tactics is typically nonfunctional, untrusted or even malicious. Som