guardapl[.]com is a deceptive website designed to run scams (it has been observed promoting several). One variant makes false claims that the visitor's mobile device has been infected and, another, that the internet connection might be vulnerable. Both versions use these fake claims to promote d
The Unit Conversion Tab browser hijacker assigns certain browser settings to unitconversiontab.com, the address of a fake search engine. Commonly, browser hijackers also gather various information. Since users tend to download and install these apps inadvertently, they are categorized as potential
SmartSignalSearch is designed to serve advertisements and promote the address of a fake search engine by changing browser settings. This app functions as adware and a browser hijacker. Typically, users download and install apps like SmartSignalSearch inadvertently. Therefore, they are categoriz
"Your Windows 10 is infected with 5 viruses!" is a sentence from a fake virus alert message suggesting that the user's operating system is infected with viruses. Typically, these notifications appear on deceptive websites designed by scammers who seek to trick visitors into downloading and install
FireBird is a Remote Access Tool (or alternatively, when used in a malicious capacity, it is termed a Remote Access Trojan) or 'RAT'. On initial inspection, this may seem to be a legitimate piece of software, however, its list of capabilities/features (e.g. anti-detection, functionality without i
pushpush[.]net is a rogue site, similar to glagolinius.com, androidrecaptcha.info, tatilyerlerim.com, secretvideos2020.com and many others. It operates by presenting visitors with dubious content and generating redirects to other untrustworthy, even malicious web pages. Visitors to pushpush[.]net
Happychoose is a part of the GlobeImposter ransomware family. Typically, software of this type encrypts files, changes filenames and creates ransom messages. Happychoose renames files by appending the ".happychoose" extension to filenames. For example, it changes "1.jpg" to "1.jpg.happychoose", a
Discovered by Michael Gillespie, Jope is one of many ransomware-type programs belonging to the Djvu family. It encrypts victims' files, adds a new extension to filenames and creates a ransom message. Jope renames encrypted files by appending the ".jope" extension to filenames. For example, it ren
SearchYA is one of many potentially unwanted applications (PUAs) that are categorized as browser hijackers. SearchYA supposedly improves the browsing experience, however, it actually promotes the feed.search-ya.com fake search engine (by changing browser settings) and collects information relating
SearchSystem is an adware-type app that runs intrusive advertisement campaigns. The ads it delivers are unwanted, deceptive and possibly even malicious. This application also has characteristics commonly attributed to browser hijackers, such as browser modification and fake search engine promoti