Virus and Spyware Removal Guides, uninstall instructions

What is Spinyon?

Spinyon is rogue software within the browser hijacker category. Following successful infiltration, it modifies browser settings and promotes feed.spinyon.com, a bogus search engine. As is common to browser hijackers, Spinyon monitors browsing activity. Additionally, due to its dubious proliferation methods, Spinyon is also classified as a Potentially Unwanted Application (PUA).

What is SearchConverter?

SearchConverter supposedly improves the browsing experience, however, this app is classified as a browser hijacker. SearchConverter changes certain browser settings to feed.search-converter.com, the address of a fake search engine. It might also be capable of accessing and recording various information.

Browser hijackers are categorized as potentially unwanted applications (PUAs), since users often download and install them accidentally.

What is SearchWizard?

SearchWizard is software, categorized as a browser hijacker. Following successful installation, it modifies browser settings to promote feed.search-wizard.com (a fake search engine).

Additionally, SearchWizard monitors users' browsing habits. Since most users download/install this browser hijacker unintentionally, it is also classified as a Potentially Unwanted Application (PUA).

What is SearchOpedia?

SearchOpedia is advertised as an app supposedly designed to improve the browsing experience, however, it promotes a fake search engine (the feed.search-opedia.com) by modifying browser settings. Note that most browser hijackers change settings and also gather various data.

Commonly, users do not download or install apps such as SearchOpedia intentionally. Therefore, all browser hijackers are categorized as potentially unwanted applications (PUAs).

What is promodayz[.]com?

promodayz[.]com is a rogue website similar to checkandgo.info, overiesarticu.info, pushpush.net and thousands of others. It operates by promoting dubious content and/or by redirecting visitors to other untrusted or malicious web pages. Most users enter promodayz[.]com inadvertently - they are redirected to it by intrusive ads or by Potentially Unwanted Applications (PUAs).

Note that these apps do not require express permission to be installed onto devices. PUAs cause redirects, deliver intrusive advertisement campaigns, and record browsing-related data.

What is SentinelOne Labs?

Discovered by Ghost of Kevin Beaumont Esq, SentinelOne Labs is a new variant of MBR Locker ransomware. Note that SentinelOne is the name of a legitimate cyber security company, which is not associated with this ransomware in any way.

SentinelOne Labs compromises the computer's Master Boot Record (MBR) and launches a malicious BIOS demanding a ransom payment in return for restored access to the operating system.

What is Quick Radio Search?

Quick Radio Search is a browser hijacker which promotes search.quickradiosearch.com, a fake search engine. Like most apps of this type, it promotes this address by changing certain browser settings and preventing users from undoing the modifications.

People often download and install browser hijackers inadvertently and, for this reason, they are categorized as potentially unwanted applications (PUAs).

What is Michael (Balaclava)?

Michael (Balaclava) is malicious software and a new variant of Balaclava ransomware. This malware operates by encrypting the data of infected systems and demands payment for decryption. During the encryption process, files are appended with the ".michael" extension.

For example, a file originally named something like "1.jpg" would appear as "1.jpg.michael" following encryption. After this process is complete, a ransom message ("HOW_TO_RECOVERY_FILES.txt") is dropped into every affected folder.

What is Sfile2?

Discovered by Amigo-A, Sfile2 is malicious software categorized as ransomware. After successful infiltration, this malware encrypts data and demands payment for decryption. During the encryption process, the names of all compromised files are appended with the ".sfile2" extension.

For example, a file named something like "1.jpg" would appear as "1.jpg.sfile2" after encryption. After this process, a ransom message ("!!_FILES_ENCRYPTED_.txt") is dropped into every affected folder.

What is pushsix[.]xyz?

pushsix[.]xyz is a scam website targeting iPhone users. This scheme claims that visitors' mobile devices are infected with fake viruses. These deceptive claims are used to trick people into downloading/installing the promoted software, however, content promoted using such highly dubious methods is often untrusted and can even be malicious.

For example, Potentially Unwanted Applications (PUAs) including adware, browser hijackers, fake anti-virus tools and even malware (Trojans, ransomware, etc.). Few users access pushsix[.]xyz or similar sites intentionally - most are redirected to them by intrusive ads or PUAs.