Deman is a malicious program belonging to the Everbe ransomware family. This malware operates by encrypting the data of infected systems so that ransom demands can be made for decryption. During the encryption process, the filename extensions of all affected files have "deman" added to them. For
qlopx.xyz is the address of a fake search engine promoted through a potentially unwanted application (PUA), a browser hijacker called SApp+ (or Smash App+). It is possible that other apps also promote qlopx.xyz. Generally, apps of this type promote the addresses of fake search engines by changing
Discovered by malware researcher Raby, Anon is a malicious program classified as ransomware. Systems infected with this malware suffer data encryption and users receive ransom demands for decryption. During the encryption process, all affected files are appended with the ".anon000" extension. For
MuchLove is a ransomware-type infection based on HiddenTear. It renames all encrypted files by appending the ".encrypted" extension to filenames. For example, it renames "1.jpg" to "1.jpg.encrypted", and so on. MuchLove also creates a ransom message within the "READ_IT.txt" file, which can be foun
Rezm is a ransomware-type program that belongs to the Djvu family. It encrypts files that are stored on the infected computer, renames them and creates a ransom message. This ransomware renames all files by appending the ".rezm" extension to filenames. For example, Rezm renames a file named "1.jp
Dewar is a malicious program belonging to the Phobos ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption. During the encryption process, all affected files are renamed according to the following pattern: original filename,
Speed Test Guide is a browser hijacker and endorsed as a free tool capable of internet speed testing, access to previous tests and speed improvement tips, etc. In fact, Speed Test Guide operates by altering browser settings to promote a fake search engine (speedtest-guide.com). Furthermore, it ha
The PDF Opener browser hijacker promotes pdfsrch.com, the address of a fake search engine. Like most apps of this type, PDF Opener achieves this by changing browser settings. Furthermore, browser hijackers usually gather details relating to users' browsing habits. These apps are categorized as po
Discovered by Jirehlov, Sorena is malicious software categorized as ransomware. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption. During the encryption process, all affected files are renamed with the following pattern: original filename,
Kiss is a part of Phobos, a family of ransomware-type malicious programs. It changes filenames of all encrypted files, displays a ransom message and creates another in a text file. Kiss renames files by adding the victim's ID, 2katrin@tuta.io email address and appending the ".kiss" extension to fi