MMDecrypt ransomware encrypts files and changes their extensions, creates two ransom messages, displays a pop-up window and changes the desktop wallpaper. It renames all encrypted files by appending the ".TRSomware" extension to filenames. For example, "1.jpg" becomes "1.jpg.TRSomware". It stores
Discovered by S!Ri, Tor+ is a malicious program classified as ransomware. This malware operates by encrypting data and demanding payment for decryption tools/software. During the encryption process, files are appended with the ".Tor+" extension. For example, "1.jpg" appears as "1.jpg.Tor+", and so
![Onestream[.]best Ads](/images/thumbnails/th-large-16513-onestream-best-ads.jpg)
onestream[.]best is a dubious website, which is usually opened by installed potentially unwanted applications (PUAs). Therefore, most people do not visit onestream[.]best (or other similar pages) intentionally. More examples of similar sites include trynotify[.]com, lulachu[.]com and redlabellondo
Buer Loader (BuerLoader) is trojan-type malicious software designed to cause chain infections (i.e., download/install additional malware). Since August 2019, it has been actively sold in underground markets. It has been observed spreading TrickBot, KPOT, Smoke Loader and Amadey malware. Due to it
When visited, dolohen[.]com opens various other untrustworthy websites. People do not commonly open dolohen[.]com intentionally. Websites of this kind are generally opened by potentially unwanted applications (PUAs) installed on browsers and/or operating systems. Redirects to this particular web
Smart Searches Now is a rogue application advertised as a tool for enhancing the browsing experience by improving web searches and accuracy of results. It operates by modifying browsers to promote a fake search engine (search.smartsearchesnow.com). Furthermore, the app monitors users' browsing ac
The HD Radio Player app is designed to provide links to popular websites offering online radio streaming services. In fact, this app is a hijacker that changes browser settings and records associated data. Few people download or install browser hijackers intentionally and, therefore, HD Radio Play
Get Video Converter Search is a browser hijacker, endorsed as a free tool for easy access to various video format conversion services. It modifies browsers to promote feed.getvideoconverter.com, a fake search engine. Additionally, it monitors users' browsing activity. Since most users install Get
FormList is advertised as an application that helps users to search by providing fast, accurate results and enhancing the browsing experience in other ways. In fact, this app is categorized as adware, since it feeds users with advertisements. Furthermore, FormList gathers various information. A
trynotify[.]com is a rogue website designed to present visitors with highly dubious content. It also generates redirects to other untrustworthy and possibly malicious sites. It shares many common features with lulachu.com, redlabellondon.com, vidconverter.co, and countless others. Most users arri