Discovered by MalwareHunterTeam, DMR64 is a malicious program categorized as ransomware. It operates by encrypting the data of infected devices and demanding ransom payments for decryption. During the encryption process, all affected files are renamed using the following pattern: "[id=victim's_ID]
MessengerDeck is software classified as adware. It is promoted as an application for easy access to Facebook Messenger on a PC desktop. In fact, it operates by running intrusive advertisement campaigns. Therefore, MessengerDeck simply delivers various unwanted and even harmful ads. Since most use
mainsiteofupgradenow[.]best is a scam website and practically identical to mainsourceofupdate[.]best. It is designed to endorse a fake Adobe Flash Player updater. Visitors to this site are warned that the aforementioned plug-in is outdated and recommends an update. Content promoted on deceptive
free-girls-vids[.]com is a dubious website, which is usually opened by browsers that have potentially unwanted applications (PUAs) installed on them. This web page redirects visitors to other untrustworthy sites or loads dubious content. It is very similar to horny-vid[.]com, rex-news1[.]club, pus
horny-vid[.]com is a rogue website. Like many other web pages of this type (such as rex-news1[.]club, pushpush[.]net, nerdailingcurv[.]com, etc.), horny-vid[.]com redirects people to various other untrustworthy sites, or loads dubious content. Visitors do not generally open this site intentionall
If visited, ultimate-captcha[.]com loads dubious content or leads to other untrustworthy websites. Many other websites have identical behavior. Some examples are rex-news1[.]club, pushpush[.]net and nerdailingcurv[.]com. In most cases, they are opened by browsers with Potentially Unwanted Applicat
mainsourceofupdate[.]best is a deceptive/scam web page, which claims that the visitor's Adobe Flash Player is outdated. It also endorses a fake Flash updater. These rogue updaters are used to proliferate a wide variety of untrustworthy and malicious content. Few users access mainsourceofupdate[
ConvertMyFile Search is a browser hijacker, which is advertised as a tool for quick access to online file format conversion services. It operates by modifying browsers to promote a fake search engine (services.convertmyfile-svc.org). The updated variant of this browser hijacker promotes search.con
Anchor_DNS is a malicious program associated with another malware infection called TrickBot. It operates as a 'backdoor', which is used on high-profile targets. Anchor_DNS communicates with Command-and-Control (C2) servers over DNS using the DNS Tunneling technique. In this way, Anchor_DNS can re
CentralHere is adware and promoted as tool that supposedly improves the browsing experience. It is claimed that this app can provide fast searches, accurate search results and similar, however, it delivers a wide variety of unwanted and harmful advertisements. Due to its dubious proliferation m