border colors is the name of a browser extension that supposedly puts border colors on layouts of websites. Our team discovered this app while inspecting various deceptive pages (it is promoted on several shady pages). During the examination, we found that border colors shows annoying advertisemen
Protectionsurveys[.]online is a rogue webpage that our research team discovered while inspecting dubious sites. It is designed to promote deceptive content, push spam browser notifications, and redirect visitors to different (likely untrustworthy/harmful) websites. Users typically enter these page
While examining posto[.]click, our team found that this page runs the "McAfee - Your PC is infected with 5 viruses!" scam and wants to deliver its notifications. It uses deceptive marketing to trick visitors into purchasing legitimate computer security software. We discovered posto[.]click while i
After examining this website, we concluded that it is a fake crypto giveaway scam page that offers to send cryptocurrency to a specified wallet and get twice as much back. Scammers behind this scam impersonate Elon Musk (use a fake Twitter page) to d deceive users. It is a complete scam that shoul
Chromnius is a rogue browser based on the Chromium open-source project. Our research team discovered this piece of software while inspecting suspicious software-promoting websites. After installing this application on our test machine, we determined that it operates as adware and has qualities th
Tuis is one of the ransomware variants belonging to the Djvu family. Cybercriminals use it to encrypt files. Tuis not only encrypt files but also appends the ".tuis" extension to filenames and creates a ransom note (the "_readme.txt" file). We discovered this ransomware while checking the VirusTot
Tury is one of the Djvu ransomware variants. It encrypts files and appends its extension to filenames. We discovered Tury inspecting malware samples submitted to the VirusTotal site. It appends the ".tury" extension to filenames and drops the "_readme.txt" file (a ransom note) on the desktop. An
ArchievesOriginal is an application that generates intrusive advertisements. It is an advertising-supported app (adware). Our team discovered ArchievesOriginal while examining websites claiming that some of the installed software is outdated. Like most advertising-supported apps, ArchievesOrigin
While checking out suspicious websites, our research team discovered the allcontrolpc[.]com rogue page. It runs scams, promotes spam browser notifications, and causes redirects to different (likely unreliable/harmful) sites. Allcontrolpc[.]com and pages akin to it are typically entered via redire
Searchpoweronline.com is both the name of a browser hijacker and the URL of a fake search engine. This software makes modifications to browsers in order to promote illegitimate search engines. Furthermore, the Searchpoweronline.com browser hijacker likely spies on users' browsing activity.