Investmentstar[.]org is a rogue site aiming to trick visitors into allowing its browser notifications. It can also redirect users to other untrustworthy/harmful websites. Pages like investmentstar[.]org are typically pushed by others that use rogue advertising networks. The content display
It is a deceptive virus notification displayed by an untrustworthy website. The purpose of this page is to trick users into believing that their computers are infected and installing Avira antivirus (legitimate security software). Scammers (affiliates) behind it seek to collect illegitimate commis
CreateApplication is an adware-type app with browser hijacker abilities. Since most users download/install software products of this kind inadvertently, they are also classified as PUAs (Potentially Unwanted Applications). Adware is designed to display intrusive ads (e.g., pop-ups, surve
Vgkf is the name of ransomware that belongs to the Djvu ransomware family. It encrypts files and modifies filenames (appends the ".vgkf" extension). For example, it Vgkf renames "image.jpg" to "image.jpg.vgkf", "document.txt" to "document.txt.vgkf". It also creates the "_readme.txt" file, a ransom
Admin Locker is ransomware designed to encrypt files (make them inaccessible), change extensions of all encrypted files and create the "!!!Recovery File.txt" file (a ransom note). The extension that Admin Locker appends to filenames depends on the ransomware variant. It can append ".admin1", ".adm
Goodcaptchastyle[.]top is designed to trick visitors into clicking the "Allow" button in a pop-up displayed by a browser. Also, it can redirect visitors to other shady websites. Usually, websites like goodcaptchastyle[.]top are promoted by websites that use rogue advertising networks. Good
Krestinaful.com is a fake search engine promoted by various browser-hijacking applications. Two of the apps promoting krestinaful.com are called Settings and Options. Browser hijackers promote fake search engines by changing the web browser's settings. Apps of this type often are promoted and dist
Scammers are using a fake Google application to steal CoinBase login credentials. They use malicious installers to inject modified Chrome browser or similar software that changes the Google Chrome shortcut target. When users try to access a legitimate CoinBase page, they get redirected to a fake o
SafeTravel is a program that shows advertisements. For this reason, it is categorized as advertising-supported software (adware). Pretty often, adware developers promote and distribute their software using questionable methods. Thus, users often download and install adware unintentionally.
Pure Dark is an application that hijacks a web browser by changing some of its settings to ggfpa.com - an address redirecting visitors to questionable websites. In some cases, Pure Dark hijacks a browser without changing any settings. Pure Dark can change the homepage, new tab page, and de