Virus and Spyware Removal Guides, uninstall instructions

What is BinarySignSearch?

BinarySignSearch is a rogue application classified as adware and possessing browser hijacker traits. This app operates by delivering intrusive ad campaigns and making alterations to browser settings to promote fake search engines. Most adware-type apps and browser hijackers have data tracking capabilities, which are employed to monitor users' browsing activity.

It is highly likely that BinarySignSearch has such capabilities as well. Since most users download/install this piece of software unintentionally, it is classified as a Potentially Unwanted Application (PUA). One of the dubious methods used to distribute BinarySignSearch is via fake Adobe Flash Player updates.

Bogus updaters/installers also proliferate malware (e.g. Trojans, ransomware, etc.).

What is Alpha865qqz ransomware?

Alpha865qqz is malicious software mimicking GlobeImposter ransomware, however, it actually belongs to the Maoloa ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools/software.

During the encryption process, all affected files are appended with the ".Globeimposter-Alpha865qqz" extension. For example, a file originally named "1.jpg" would appear as "1.jpg.Globeimposter-Alpha865qqz" following encryption. After this process is complete, ransom messages within "HOW TO BACK YOUR FILES.exe" files are dropped into every compromised folder.

What is the Abrasive PUA?

Abrasive is endorsed as a tool for running operating system diagnostics and fixing various issues. It is supposedly capable of improving device operation speed and removing registry errors. Due to the dubious methods used to proliferate this app, Abrasive is classified as a Potentially Unwanted Application (PUA).

What is the SMedia browser hijacker?

SMedia is rogue software that operates by making modifications to browsers to promote smedia.xyz (a fake search engine). Therefore, it is categorized as a browser hijacker. Like most software within this category, SMedia has data tracking capabilities, which are used to monitor users' browsing activity.

Since users typically download/install SMedia unintentionally, it is also classified as a Potentially Unwanted Application (PUA).

What is the HAT ransomware?

HAT is a malicious program, which is part of the Dharma ransomware family. It operates by encrypting data and demanding ransoms for decryption. During the encryption process, the filenames of the affected files are renamed according to this pattern: original filename, unique ID assigned to the victims, cyber criminals' email address and the ".HAT" extension.

For example, a file like "1.jpg" would appear as something similar to "1.jpg.id-1E857D00.[Zagrec@protonmail.com].HAT" following encryption. Once this process is complete, ransom messages are created in a pop-up window and the "FILES ENCRYPTED.txt" text file.

What is ConverterzSearch browser hijacker?

ConverterzSearch is rogue software classified as a browser hijacker. Following successful infiltration, it operates by making modifications to browsers to promote a fake search engine (converterz-search.com). Additionally, as with most browser hijackers, ConverterzSearch monitors users' browsing activity.

Due to the dubious techniques used to proliferate ConverterzSearch, it is also classified as a Potentially Unwanted Application (PUA).

What is Kuus ransomware?

Kuus is a malicious program belonging to the Djvu ransomware family. It is designed to encrypt data and demand payment for decryption tools/software. During the encryption process, all compromised files are appended with the .kuus extension. For example, "1.jpg" would appear as "1.jpg.kuus", and so on.

After this process is complete, a ransom message within a text file ("_readme.txt") is created.

What is Better Converter Pro?

Better Converter Pro is a browser hijacker, endorsed as a free file conversion tool. It is supposedly capable of converting up to thirty file formats and practically any file into a PDF document. In fact, it makes changes to browser settings to promote search.betterconverterprotab.com (a fake search engine).

Better Converter Pro also monitors users' browsing habits and gathers their private data. Therefore, it is classified as a Potentially Unwanted Application (PUA). Note that this browser hijacker is often distributed together with another PUA called Hide My Searches.

What is the SearchGamez browser hijacker?

SearchGamez is rogue software classified as a browser hijacker. Following successful infiltration, it makes modifications to browser settings to promote search-gamez.com (a fake search engine). Furthermore, search-gamez.com tracks users' browsing activity.

Due to the dubious methods used to proliferate this browser hijacker, it is also classified as a Potentially Unwanted Application (PUA).

What is the "Sincere apologies for this delay" email?

"Sincere apologies for this delay" is a spam campaign proliferating the TrickBot trojan. The term "spam campaign" defines a large-scale operation, during which thousands of deceptive emails are sent. The "Sincere apologies for this delay" messages concern an unspecified proposal to a likewise indeterminate process.

Recipients are asked to review the attached document and provide corrections to proceed, however, rather than containing such information, the attachment infects systems with TrickBot.