Virus and Spyware Removal Guides, uninstall instructions

What is MyNewsFree?

MyNewsFree is rogue software classified as a browser hijacker. Following successful installation, it makes alterations to browser settings to promote search.mynewsfree.com (a bogus search engine). Most browser hijackers have data tracking capabilities, which are employed to monitor users' browsing habits.

Due to the dubious tactics used to proliferate MyNewsFree, it is also classified as a Potentially Unwanted Application (PUA).

What is the Easy Print Recipes browser hijacker?

Easy Print Recipes is a rogue application endorsed as a tool for easy access to popular recipe websites. It also creates a widget providing printable recipes. In fact, following successful infiltration, Easy Print Recipes makes modifications to browser settings to promote heasyprintrecipes.com (a fake search engine).

Furthermore, this app monitors browsing activity. Since most users download/install Easy Print Recipes unintentionally, it is classified as a Potentially Unwanted Application (PUA). Easy Print Recipes is often distributed with another PUA called Hide My History.

What is MusicStreamSearch?

MusicStreamSearch is a potentially unwanted application (PUA), a browser hijacker which changes certain browser settings to the address of a fake search engine - in this case, feed.musicstreamsearch.com or portal.musicstreamsearch.com.

These apps often gather details relating to users' browsing habits and are categorized as PUAs, since people often download and install them inadvertently.

What is SearchConvertor?

The SearchConvertor browser hijacker changes certain browser settings to feed.searchconvertor.com or portal.searchconvertor.com (addresses of fake search engines). Commonly, apps of this type collect browsing-related, and other, information.

Generally, users download and install browser hijackers inadvertently and, for this reason, they are categorized as potentially unwanted applications (PUAs).

What is Txt (JobCrypter)?

Discovered by Ravi, Txt (JobCrypter) is malware and a ransomware-type program. Following successful infiltration, Txt (JobCrypter) encrypts data in order to demand payment for decryption. During the encryption process, files are appended with the ".txt" extension.

For example, a file originally named something like "1.jpg" would appear as "1.jpg.txt" and "2.jpg" as "2.jpg.txt", and so on. Additionally, this ransomware inserts a ransom-demand message into all of the affected files.

What is iTunes (FlyStudio)?

iTunes (FlyStudio) ransomware was discovered by GrujaRS. Typically, malware of this type encrypts files, modifies the filenames and generates a ransom message. iTunes (FlyStudio) renames encrypted files by appending the ".itunes" extension to filenames.

For example, it would change a file named "1.jpg" to "1.jpg.itunes", "2.jpg" to "2.jpg.itunes", and so on. It also generates a text file (the ransom message) named "itunes-DECRYPT----[random-number].txt".

What kind of malware is DarkSide?

DarkSide was discovered by MalwareHunterTeam. Malware of this type makes files inaccessible to victims by encryption, modifies filenames, and generates ransom messages. DarkSide renames encrypted files by appending the victim's ID as an extension.

For example, it would rename "1.jpg" to "1.jpg.d0ac7d95", "2.jpg" to "2.jpg.d0ac7d95", and so on. It drops the "README.[victim's_ID].TXT" file (the ransom message) in every folder that contains encrypted data.

What is SkillInitiator?

SkillInitiator is an adware-type application with browser hijacker traits. It operates by delivering intrusive advertisements, making modifications to browser settings and promoting fake search engines. SkillInitiator promotes z6airr.com in this manner, however, on Google Chrome browsers, it promotes search.dominantmethod.com.

Additionally, most adware and browser hijackers have data tracking capabilities, which are employed to monitor browsing activity and collect sensitive information extracted from it. Therefore, it is highly likely that SkillInitiator has this functionality as well. Due to the dubious techniques used to proliferate this app, it is classified as a Potentially Unwanted Application (PUA).

One of the methods used to proliferate SkillInitiator is via fake Adobe Flash Player updates. Note that bogus software updaters/installers also spread malware (e.g. Trojans, ransomware, etc.).

What is FIXI?

Discovered by xiaopao and belonging to the Scarab ransomware family, FIXI ransomware is designed to encrypt files, rename them and create the "HOW TO DECRYPT FILES.TXT" text file (a ransom message) in all folders that contain encrypted files. It renames files by replacing their filenames with a string of random characters and appending the ".FIXI" extension to them.

For example, it would rename a file called "1.jpg" to "2g000000002OwQYLw49dTSM2LH8grKRi.FIXI", "2.jpg" to "2g000000004BwGUOw56cTSM2LH8grCDo.FIXI", etc. Additionally, this ransomware disables Task Manager (preventing access).

What is HDConverterSearch?

HDConverterSearch is dubious software endorsed as a tool capable of improving web searches. In fact, it operates by making alterations to browser settings to promote hdconvertersearch.com (a bogus search engine). Therefore, HDConverterSearch is categorized as a browser hijacker.

Additionally, it possesses data tracking capabilities, which are used to collect information relating to browsing activity. Since most users install HDConverterSearch inadvertently, it is also classified as a Potentially Unwanted Application (PUA).