ToolIndexer is advertising-supported software that generates advertisements and hijacks a web browser to promote a fake search engine. Typically, apps like ToolIndexer are promoted/distributed using questionable methods to trick users into downloading/installing them. Advertisements gene
Windows-protector[.]com is a deceptive website designed to display a fake security alert. It also asks for permission to show browser notifications. It is very similar to protectnscan[.]com, webdefencesurvey[.]com, rewardsltd[.]com, and many other pages. These pages rarely get opened by users on p
It is an email scam (fake sextortion email) claiming that scammers have hacked into a computer and recorded an intimate video. The purpose of this email is to trick recipients into believing that the supposedly recorded video will be sent to their contacts if they do not pay a particular sum of mo
Time Time is ransomware designed to encrypt files, append the ".timetime" extension to filenames, and create two ransom notes: "@__RECOVER_YOUR_FILES__@.txt" and "@__RECOVER_YOUR_FILES__@.exe". An example of how Time Time alters filenames: it renames "1.jpg" to "1.jpg.timetime", "document.txt" to
SmartCheck displays advertisements and makes changes in the web browser's settings. This app has the qualities of adware and a browser hijacker. Users rarely download and install such apps intentionally. Thus, SmartCheck and similar apps are called potentially unwanted applications (PUAs).
Miia is part of the Djvu family. It blocks access to files by encrypting them and generates a ransom note (the "_readme.txt" file) to provide instructions on how to pay for data recovery. It also appends the ".miia" extension to filenames. For example, it renames "1.jpg" to "1.jpg.miia", "image.pn
DisableNotifications is a browser hijacker designed to promote disablenotifications.xyz (a fake search engine). It does that by changing the web browser's settings. A big part of browser-hijacking apps is promoted and distributed using questionable methods. Thus, apps of this type rarely get downl
KOK8 is the name of ransomware designed to encrypt files, modify filenames of encrypted files and provide a ransom note (create the "#KOK8_README#.rtf" file on a desktop). KOK8 replaces filenames with the kok8@protonmail.com email address, a string of random characters and the ".KOK" extension. F
It is a scam that promotes questionable software (supposedly a spam blocker). Websites promoting applications using scare tactics cannot be trusted. Usually, these pages get opened through other shady websites, deceptive ads, or installed potentially unwanted applications (PUAs). Pop-ups d
AKO is ransomware that encrypts files and modifies their filenames by appending the ".AKO" extension. For example, it renames "1.jpg" to "1.jpg.AKO", "document.txt" to "document.txt.AKO". AKO generates two ransom notes: "AkoReadMe.html" and "AkoReadMe.txt". This ransomware is part of the MedusaLoc