The purpose of HandlerRotator is to display annoying advertisements and promote a fake search engine (by changing the settings of the affected web browser). It has the qualities of adware and a browser hijacker. Users rarely install such apps on purpose (knowingly). Advertisements genera
Dramacool[.]ac is an illegal streaming site. In addition to infringing/breaking copyright laws, this website also employs rogue advertising networks. It is a widespread monetization technique, used by thousands of pages on the Web; bigyshare.com, 320ytmp3.com, y2convert.net, and up-load
JustSearchMaps is a browser hijacker that modifies browsers to promote the justsearchmaps.com fake search engine. Due to the dubious methods used to distribute browser hijackers, they are also classified as PUAs (Potentially Unwanted Applications). Browser hijackers reassign browsers' home
Searchfor.cc is the address of a fake search engine that does not generate any unique results. It is very common that fake search engines are promoted through potentially unwanted applications (PUAs) that change browser's settings. In most cases, those PUAs are browser hijackers. The app that pro
Chichi is the name of ransomware designed to prevent users from accessing their files by encrypting them. It also creates a ransom note (the "Guide To Recover Your Files.txt" file) and renames files. For example, it changes "1.jpg" to "1.jpg.chichi", "sample.jpg" to "sample.jpg.chichi", and so on.
Crypter is the name of a ransomware-type program. It operates by encrypting data (locking files) and demanding payment for the decryption (access recovery). Files are appended with the ".crypter.[victim's_ID]" extension. For example, a file titled "1.jpg" would appear similar to "1.jpg.crypter.A8
Bigyshare[.]com is a file-sharing website hosting primarily illegal content as it infringes/breaks copyright laws. Additionally, this site uses rogue advertising networks for monetization purposes. Thousands of web pages employ this technique on the Internet; gospeljingle.com, ytop1.com
Globalprotectionspc[.]com is designed to ask for permission to deliver notifications and promote various scams. It is pretty similar to akaiksots[.]com, sweepstakessurvey[.]org, fresh-content[.]biz, and many other sites. As a rule, users end up on such pages through shady ads, websites or installe
UltraEngine is a piece of rogue software classified as adware. It has browser hijacker qualities as well. Due to the questionable techniques used to distribute this app, it is also categorized as a PUA (Potentially Unwanted Application). Adware can display pop-ups, coupons, banners, and
Payk is the name of ransomware that encrypts files and creates a ransom note (the "Decrypt-me.txt" text file). It also renames files by appending the paykter@gmail.com email address, a string of random characters (possibly a victim's ID), an the ".payk" extension. For instance, Payk renames a fil