Virus and Spyware Removal Guides, uninstall instructions

What is UltimateStreamSearch?

Generally, apps such as UltimateStreamSearch are distributed using dubious methods, and people often download and install them inadvertently. Therefore, these apps are classified as potentially unwanted applications (PUAs).

UltimateStreamSearch is a browser hijacker that promotes ultimatestreamsearch.com (the address of a fake search engine) by modifying browser settings. It also gathers various browsing-related information.

What is Cwkkbzomdxj ransomware?

Cwkkbzomdxj is malicious software, which is part of the Snatch ransomware family. It operates by encrypting data in order to make ransom demands for decryption tools. During the encryption process, all affected files are appended with the ".cwkkbzomdxj" extension.

For example, a file originally named "1.jpg" would appear as "1.jpg.cwkkbzomdxj", "2.jpg" as "2.jpg.cwkkbzomdxj", and so on. After this process is complete, ransom-demand messages within "HOW TO RESTORE YOUR FILES.TXT" files are dropped into compromised folders.

What is .lock?

.lock ransomware belongs to the Dharma ransomware family. It prevents victims from accessing their files by encryption, renames each encrypted file and generates a ransom message. More precisely, .lock renames files by adding the victim's ID, the datafiles@waifu.club email address, and appending ".lock" as the file extension.

For example, "1.jpg" is renamed to "1.jpg.id-C279F237.[datafiles@waifu.club].lock", "2.jpg" to "2.jpg.id-C279F237.[datafiles@waifu.club].lock", and so on. It creates the "FILES ENCRYPTED.txt" text file and displays a pop-up window, both of which contain instructions about how to contact the developers.

What is EssentialElement?

EssentialElement is a rogue app classified as adware. Additionally, it has browser hijacker characteristics. Following successful installation, EssentialElement runs intrusive advertisement campaigns and makes alterations to browser settings to promote bogus search engines.

Due to the dubious techniques used to proliferate EssentialElement, it is also classified as a Potentially Unwanted Application (PUA). Most PUAs (adware and browser hijackers included) have data tracking capabilities, which are employed to monitor users' browsing activity.

What is ActivityInput?

In most cases, users download and install apps like ActivityInput inadvertently and, therefore, they are classified as potentially unwanted applications (PUAs). Typically, they are distributed by using deceptive methods. This particular app is distributed via a deceptive installer that is designed to appear like the installer for Adobe Flash Player.

ActivityInput is designed to serve advertisements and promote a fake search engine address by modifying certain browser settings. In this way, it functions as adware and a browser hijacker. It is likely that this app is also designed to collect browsing data and other details.

What is History Removal Tool?

History Removal Tool is rogue software, supposedly capable of automatically deleting users' browsing history, however, following successful installation, it runs intrusive advertisement campaigns. I.e., delivers various dubious and possibly harmful ads.

Additionally, most adware-type programs monitor users' browsing activity, and History Removal Tool is no exception to this. Since users typically download and install adware inadvertently, these programs are also classified as Potentially Unwanted Applications (PUAs).

At the time of research, History Removal Tool was observed being promoted through deceptive sites wherein download buttons redirect to the Chrome Web Store.

What is ProSearchConverter?

ProSearchConverter is classified as a browser hijacker because it modifies browser settings, in this case changing them to prosearchconverter.com. It also collects data relating to users' internet browsing habits.

Typically, users do not download or install browser hijackers intentionally and, therefore, ProSearchConverter and any other browser hijackers are categorized as potentially unwanted applications (PUAs).

What is LeadingLibrary?

LeadingLibrary is a rogue application classified as adware and also with browser hijacker characteristics. It operates by running intrusive advertisement campaigns and making modifications to browser settings to promote fake search engines. In addition, most software of this type (adware and browser hijackers) collects browsing-related information.

Due to the dubious techniques used to proliferate LeadingLibrary, it is also classified as a Potentially Unwanted Application (PUA).

What is AdminLink?

The AdminLink application generates revenue for its developers by deploying advertisements, promoting a fake search engine, and collecting private, sensitive information. In this way, AdminLink functions as adware, a browser hijacker, and data collector.

Commonly, users download and install apps such as AdminLink unintentionally and, for this reason, they are classified as potentially unwanted applications (PUAs).

What is NIGG3R ransomware?

NIGG3R is a malicious program, which belongs to the Xorist ransomware family. Devices infected with this malware have their data encrypted and users receive ransom demands for decryption. During the encryption process, all affected files are appended with the ".NIGG3R" extension.

To elaborate on how a file would appear following encryption, a filename originally named something like "1.jpg" would appear as "1.jpg.NIGG3R", "2.jpg" as "2.jpg.NIGG3R", and so on. After this process is complete, ransom-demand messages are created in a pop-up window and "HOW TO DECRYPT FILES.txt" files, which are dropped into compromised folders.