Virus and Spyware Removal Guides, uninstall instructions

What is Pxj?

Pxj ransomware was discovered by dnwls0719. Typically, software of this type is designed to encrypt files, change their filenames and create (and/or display) a ransom message.

Pxj renames encrypted files by appending the ".pxj" extension to filenames (e.g., "1.jpg" becomes "1.jpg.pjx", and so on) and creates a text file named "LOOK.txt". Pxj drops this ransom message onto the victim's desktop.

What is Online Templates?

Online Templates is advertised as an app that allows people to quickly access popular templates. In fact, this app is categorized as a browser hijacker. Applications of this type promote fake search engines by changing browser settings - online Templates promotes search.onlinetemplatestab.com in this way.

They also gather browsing-related information. People commonly download and install browser hijackers inadvertently. Therefore, they are also known as potentially unwanted applications (PUAs). Note that Online Templates is installed together with another PUA called Encrypted Search.

What is Private Tab?

The Private Tab application is advertised as a tool that deletes browsing history and other data when people launch their browsers. In fact, this app is a browser hijacker: it promotes a fake search engine (privatetab.org) and collects various data.

Browser hijackers are classified as potentially unwanted applications (PUAs), since people often often download and install them inadvertently.

What is fast-push[.]com?

fast-push[.]com is one of many untrustworthy websites designed to open a number of other sites of this kind or load dubious content. It is similar to mediatop[.]me, alldaystream[.]club, 0sntp7dnrr[.]com and many others. These sites are generally opened by browsers with potentially unwanted applications (PUAs) installed on them.

I.e., people do not visit them intentionally. Note that most PUAs gather browsing-related information and display various advertisements.

What is My Video Converter?

My Video Converter is an application designed to deliver a quick access to websites that offer video conversion services. In fact, this is a potentially unwanted application (PUA), a browser hijacker.

My Video Converter promotes search.hfilevideoconverter.com (the address of a fake search engine) by changing browser settings and collecting various data. This app is distributed together with another PUA called Encrypted Search. Browser hijackers are classified as PUAs, since people tend to download and install them inadvertently.

What is supposercality[.]pro?

supposercality[.]pro is rogue web page sharing many similarities with mediatop.me, alldaystream.club, mbsimedia.com and thousands of others. Visitors to it are presented with dubious content and/or redirected to other untrusted or malicious sites.

Most users enter supposercality[.]pro unintentionally - they are redirected by intrusive ads or Potentially Unwanted Applications (PUAs) already installed on the system. Note that these apps can infiltrate devices without express permission. PUAs operate by generating redirects, delivering intrusive advertisement campaigns and monitoring browsing activity.

What is pushlat[.]com?

pushlat[.]com is a rogue website sharing similarities with mediatop.me, alldaystream.club, 0sntp7dnrr.com and countless others. It operates by presenting visitors with dubious and/or deceptive content, and also redirects them to other untrusted and malicious sites.

Few users access pushlat[.]com and other, similar sites intentionally. Most people are redirected to them by intrusive ads or Potentially Unwanted Applications (PUAs) infiltrated into systems. These apps do not need express user consent to be installed onto devices. PUAs cause redirects, deliver intrusive advertisement campaigns and track browsing-related information.

What is MARRACRYPT?

MARRACRYPT is a new variant of HERMES ransomware and was discovered by dnwls0719. MARRACRYPT renames encrypted files by adding the email address of the cyber criminals who designed it and appending the ".MARRA" extension to filenames.

For example, it renames a file named "1.jpg" to "1.jpg[newpatek@cock.li].MARRA", and so on. This ransomware also creates the "MARRACRYPT_INFORMATION.HTML" file, a ransom message containing instructions about how to contact the developers and some other details.

What is search.trustnokogiri.com?

Identical to search.pingclash.com, search.cateorg.com, search.plasticumbrella.com, and many others, search.trustnokogiri.com is a fake Internet search engine that supposedly generates improved search results, thereby enhancing the Internet browsing experience.

Judging on appearance alone, this site may seem very similar to Google, Bing, Yahoo, and other legitimate search engines.

Therefore, many users believe that search.trustnokogiri.com is also legitimate. In fact, developers promote this site via rogue app downloaders/installers designed to modify web browser options without users' consent. Furthermore, search.trustnokogiri.com continually records information relating to web browsing activity.

What is mediatop[.]me?

mediatop[.]me is a rogue website similar to alldaystream.club, 0sntp7dnrr.com, mbsimedia.com, soonersupor.pro and many others. Visitors to the site are redirected to other untrusted or malicious web pages and/or presented with highly dubious content.

Most users access mediatop[.]me inadvertently, either via redirects caused by intrusive advertisements, or it is force-opened by Potentially Unwanted Applications (PUAs) already installed onto the system.

These apps do not need express user permission to infiltrate devices. Following successful installation, however, they cause redirects, deliver intrusive advertisement campaigns and monitor browsing activity.