Virus and Spyware Removal Guides, uninstall instructions

What is alertsx[.]com?

Alertsx[.]com is a rogue website that operates by loading dubious content, pushing its browser notifications, and/or redirecting visitors to other (likely unreliable or malicious) pages.

There are thousands of such sites on the Web; loopanews.com, akaiksots.com, and allactualjournal.com are just a few examples. Most users access them via redirects caused by suspect webpages, intrusive adverts, or installed PUAs (Potentially Unwanted Applications).

What is Safe Togo?

Safe Togo is a rogue browser extension that promotes the togosearching.com fraudulent search engine. Due to this behavior, it is classified as a browser hijacker. Additionally, software products within this classification are deemed to be PUAs (Potentially Unwanted Applications) as well.

What kind of application is QuickSearchMaps?

QuickSearchMaps is a browser hijacker. It hijacks a browser by changing some of its settings to quicksearchmaps.com - a fake search engine. More often than not, users download and install apps like QuickSearchMaps unintentionally. Therefore, they are categorized as potentially unwanted apps (PUAs).

What is kind of malicious software is File.decrypt?

File.decrypt is ransomware designed to encrypt (and rename) files and create the "#File.decrypt#.txt" file containing instructions on how to contact cybercriminals for file decryption. It renames files by appending the ".file.decrypt" extension to filenames, for example, it changes "1.jpg" to "1.jpg.file.decrypt", "2.jpg" to "2.jpg.file.decrypt".

What is Merlen ransomware?

Merlen is a piece of malicious software classified as ransomware. It is designed to encrypt data (render files unusable) and demand payment for the decryption.

Files are renamed with a random character string and the ".[Merlen@Keemail.Me]" extension (which consists of the cyber criminals' email address). For example, a file like "1.jpg" would appear similar to "JmIzh4uyPDvEI4.[Merlen@Keemail.Me]" after encryption. Once this process is complete, a ransom note "Read Me.TXT" - is created.

What kind of page is vianidorinotor[.]com?

Vianidorinotor[.]com asks for permission to deliver notifications that could be promoting untrustworthy pages. Additionally, it redirects visitors to other shady websites. It shares the same qualities with a lot of other pages (for example, globalprotectionspc[.]com, akaiksots[.]com, sweepstakessurvey[.]org).

What is WebSearchPDF?

WebSearchPDF is a browser hijacker that modifies browsers to promote the websearchpdf.com fake search engine. Due to the questionable methods used to distribute products of this kind, they are also considered to be PUAs (Potentially Unwanted Applications).

What kind of malware is ZAHACKED?

ZAHACKED is ransomware that encrypts files and changes their filenames. For example, it renames a file named "1.jpg" to "1.jpg.ZAHACKED", "sample.jpg" to "sample.jpg.ZAHACKED". ZAHACKED also displays a pop-up window containing instructions on how to pay for data recovery (decryption).

What is mp3fy[.]com?

Mp3fy[.]com is a rogue website designed as a YouTube converter/downloader. In other words, this site allows users to convert YouTube videos (via links) to downloadable MP3 (audio) files. This service infringes copyright laws.

Furthermore, mp3fy[.]com uses rogue advertising networks, which promote various (likely untrustworthy and malicious) sites. Using such advertising networks is a common monetization technique; hence, thousands of websites on the Internet employ it, and bigyshare.com, fastfrom.com, dramacool.ac - are but a few examples.

What is Boombye ransomware?

Boombye is a ransomware-type program, which encrypts data (renders files inaccessible) and demands ransoms for the decryption.

Affected files are appended with the ".boombye" extension. For example, a file titled "1.jpg" would appear as "1.jpg.boombye", "2.jpg" as "2.jpg.boombye", and so forth. After this process is completed, a ransom note - "_read_me_bro.txt" - is created on the desktop.