Virus and Spyware Removal Guides, uninstall instructions

What is ExpertModuleSearch?

The ExpertModuleSearch application is part of the AdLoad adware family. Research shows that it is distributed and installed through a fake Adobe Flash Player installer. ExpertModuleSearch is not the only unwanted app that is installed through this installer - another app named Safe Finder is also installed.

ExpertModuleSearch operates as a browser hijacker and promotes fake search engines by changing browser settings. Furthermore, apps of this type often record browsing data.

What is PDFConverterSearchTool?

PDFConverterSearchTool is a browser hijacker. This piece of rogue software operates by making modifications to browser settings to promote pdfconvertersearchtool.com (a fake search engine). PDFConverterSearchTool also has data tracking capabilities, which are used to monitor users' browsing habits.

Due to the dubious tactics used to distribute browser hijackers, they are also classified as Potentially Unwanted Applications (PUAs).

What is OnlineSportsSearch?

OnlineSportsSearch is rogue software categorized as a browser hijacker. Following successful infiltration, it makes alterations to browser settings to promote onlinesportssearch.com (a bogus search engine). Additionally, most browser hijackers have data tracking capabilities, which are employed to collect browsing-related information.

Due to the dubious techniques used to proliferate OnlineSportsSearch, it is also classified as a Potentially Unwanted Application (PUA).

What is Dulgtv ransomware?

Dulgtv belongs to the Snatch ransomware family. Typically, malware of this type is designed to encrypt victims' files, rename them, and generate a ransom message. Dulgtv appends the ".dulgtv" extension to the filenames of encrypted files. For example, "1.jpg" is renamed to "1.jpg.dulgtv", "2.jpg" to "2.jpg.dulgtv", and so on.

It creates a ransom message within the "HOW TO RESTORE YOUR FILES.TXT" text file in all folders that contain encrypted files.

What kind of malware is Caterpillar?

Caterpillar is malicious software and part of the Voidcrypt ransomware group. This malware operates by encrypting files and demanding payment for decryption tools. During the encryption process, all affected files are renamed following this pattern: original filename, cyber criminals' email address, unique ID assigned to the victims and the ".Caterpillar" extension.

For example, a file originally named "1.jpg" would appear as something similar to "1.jpg.[AdminDecrpt@zohomail.com][SQPT9Z0GEV65BW4].Caterpillar" following encryption. Once this process is complete, ransom messages in "!INFO.HTA" files are dropped into compromised folders.

What is ConsumerSurvey?

ConsumerSurvey is a potentially unwanted application (PUA) that is designed to function as a browser hijacker and adware. More precisely, this app changes certain browser settings to the address of a fake search engine and serves advertisements.

ConsumerSurvey can also read private, sensitive information. These apps are classified as PUAs because users often download and install them inadvertently. This particular app is distributed via a deceptive installer disguised as the installer for Adobe Flash Player.

What is InputBalance?

InputBalance functions as adware, browser hijacker and a data collector - it serves advertisements, promotes a fake search engine, and gathers private, sensitive information. Commonly, users download and install these apps inadvertently. InputBalance is distributed by using a fake installer disguised as the installer for Adobe Flash Player.

What is Cat ransomware?

Cat is a malicious program and part of the VoidCrypt ransomware family. It is designed to encrypt data and demand payment for decryption tools.

During the encryption process, all affected files are renamed following this pattern: original filename, cyber criminals' email address, unique ID assigned to the victims and the ".Cat" extension (not to be confused with the legitimate .CAT extensions of Windows Catalog Files and Advanced Disk Catalog Databases).

For example, a file originally named "1.jpg" would appear as something similar to "1.jpg.[whilingo@gmail.com][FEI6GRTY782XP0S].Cat" after encryption. Once this process is complete, ransom messages within "!INFO.HTA" files are dropped into compromised folders.

What is RelevantKnowledge?

RelevantKnowledge is advertised as a tool that people can use to express their opinions about various products and services by participating in online research, however, this app is classified as adware and serves advertisements.

Commonly, users download and install adware inadvertently and, therefore, apps of this type are categorized as potentially unwanted applications (PUAs).

What is ARASUF ransomware?

ARASUF is malicious software belonging to the VoidCrypt ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools.

During the encryption process, all compromised files are renamed following this pattern: original filename, cyber criminals' email address, unique ID assigned to the victims, and the ".ARASUF" extension. For example, a file originally titled "1.jpg" would appear as "1.jpg.[ARASUF@tutanota.com][SQPT9Z0GEV65BW4].ARASUF" following encryption.

Once this process is complete, ransom-demand messages within "!INFO.HTA" files are dropped into affected folders.