MuchLove is a ransomware-type infection based on HiddenTear. It renames all encrypted files by appending the ".encrypted" extension to filenames. For example, it renames "1.jpg" to "1.jpg.encrypted", and so on. MuchLove also creates a ransom message within the "READ_IT.txt" file, which can be foun
Rezm is a ransomware-type program that belongs to the Djvu family. It encrypts files that are stored on the infected computer, renames them and creates a ransom message. This ransomware renames all files by appending the ".rezm" extension to filenames. For example, Rezm renames a file named "1.jp
Dewar is a malicious program belonging to the Phobos ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption. During the encryption process, all affected files are renamed according to the following pattern: original filename,
Speed Test Guide is a browser hijacker and endorsed as a free tool capable of internet speed testing, access to previous tests and speed improvement tips, etc. In fact, Speed Test Guide operates by altering browser settings to promote a fake search engine (speedtest-guide.com). Furthermore, it ha
The PDF Opener browser hijacker promotes pdfsrch.com, the address of a fake search engine. Like most apps of this type, PDF Opener achieves this by changing browser settings. Furthermore, browser hijackers usually gather details relating to users' browsing habits. These apps are categorized as po
Discovered by Jirehlov, Sorena is malicious software categorized as ransomware. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption. During the encryption process, all affected files are renamed with the following pattern: original filename,
Kiss is a part of Phobos, a family of ransomware-type malicious programs. It changes filenames of all encrypted files, displays a ransom message and creates another in a text file. Kiss renames files by adding the victim's ID, 2katrin@tuta.io email address and appending the ".kiss" extension to fi
World Events Today is a rogue application classified as a browser hijacker and a Potentially Unwanted Application (PUA). It is advertised as a tool capable of providing easy access to the latest news. As a browser hijacker, World Events Today operates by modifying browsers to promote the search.hw
Search By OpenFile is a browser hijacker, a potentially unwanted application (PUA) designed to improve the browsing experience. In fact, this app promotes openfile-home.live and search.openfile-api.live (fake search engines) by changing browser settings. It also promotes openfile.live and gathers
Discovered by dnwls0719, Rails is malicious software belonging to a ransomware family called Ouroboros. This malware operates by encrypting data and demanding payment for decryption tools/software. During the encryption process, all affected files are renamed according to the following pattern: o