Virus and Spyware Removal Guides, uninstall instructions

What is catstart.com?

Cat Start is a rogue program that falsely claims to allow users to customize their homepage designs. On initial inspection, Cat Start may seem legitimate and useful, however, this program is categorized as a browser hijacker and a potentially unwanted program (PUP).

There are three main reasons for these negative associations: 1) stealth installation without users' consent; 2) modification of web browser options, and; 3) information tracking.

What is Tastylock?

First discovered by malware security researcher, Michael Gillespie, Tastylock is a new variant of high-risk ransomware called CryptoMix. Once infiltrated, Tastylock encrypts most stored data and renames encrypted files using the "[32_random_letters_and_digits].tastylock" pattern.

For example, "sample.jpg" might be renamed to a filename such as "0B53467149CA2EA59789CA9F4CE70D65.tastylock". From this point, files become unusable and indistinguishable. Following successful encryption, Tastylock generates a text file ("_HELP_INSTRUCTION.TXT") and places a copy in every existing folder.

What is newtab.review?

Identical to newtab.today, newtab.review is a fake Internet search engine that falsely claims to enhance users' browsing experience by generating improved results and providing quick access to various popular websites.

On initial inspection, newtab.review may appear legitimate and useful, however, criminals promote this site using rogue downloaders/installers that modify web browser options without permission. Furthermore, newtab.review continually records various information (mostly relating to Internet browsing habits).

What is Dangerous?

Discovered by Michael Gillespie, Dangerous is a ransomware-type virus that stealthily infiltrates the system and encrypts most stored data.

During encryption, Dangerous appends filenames with the ".wtf" extension. For example, "sample.jpg" is renamed to "sample.jpg.wtf". From this point, files become unusable. Following successful encryption, Dangerous places a copy of the "HOWTODECRYPTFILES.html" file in all existing folders.

What is GenoCheats?

First discovered by MalwareHunterTeam, GenoCheats is a ransomware-type virus based on Hidden Tear. 

At time of research, GenoCheats was distributed as a 'crack' for Adobe Photoshop and Minecraft. Immediately after infiltration, GenoCheats encrypts most stored data using AES cryptography and appends filenames with the ".encrypted" extension (e.g., "sample.jpg" is renamed to "sample.jpg.encrypted").

From this point, files become unusable. Once files are encrypted, GenoCheats changes the desktop wallpaper and creates a "READ_IT.txt" file, placing it on the desktop.

What is 3dshape-tab.com?

3D Shape is a deceptive application that falsely claims to provide unique homepage designs. Judging on appearance alone, 3D Shape may seem legitimate and useful, however, this app typically infiltrates systems without permission.

Furthermore, it modifies web browser options and records various sensitive data. For these reasons, 3D Shape is categorized as a potentially unwanted program (PUP) and a browser hijacker.

What is search.yourfreeonlineforms.com?

Your Free Online Forms is a deceptive application that supposedly provides users with various printable forms. By offering this functionality, Your Free Online Forms attempts to give the impression of legitimacy, however, it is categorized as a potentially unwanted program (PUP) and a browser hijacker.

There are three main reasons for these negative associations: 1) installation without users' consent; 2) promotion of a fake Internet search engine, and; 3) information tracking.

What is File-Locker?

File-Locker is a ransomware-type virus based on Hidden Tear. Immediately after infiltration, File-Locker encrypts most stored data using the AES encryption algorithm and appends filenames with the ".locked" extension (e.g., "sample.jpg" is renamed to "sample.jpg.locked").

From this point, compromised data becomes unusable. Following successful encryption, File-Locker generates a text file ("Warning!!!!!!.txt") and places it on the desktop.

What is triangles-move.com?

Triangles Move is presented as a legitimate application that supposedly allows users to customize their homepage appearance. Initially, Triangles Move may seem legitimate and useful, however, this app is known for infiltrating systems without permission.

Furthermore, it promotes a fake Internet search engine and continually gathers sensitive data. For these reasons, Triangles Move is categorized as a browser hijacker and a potentially unwanted program (PUP).

What is chromesearch.club?

Identical to chromesearch.today, chromesearch.club is a fake Internet search engine that falsely claims to enhance users' browsing experience by generating improved results. chromesearch.club's appearance barely differs from Google, Bing, Yahoo, and other legitimate search engines.

Therefore, many users believe that chromesearch.club is also legitimate, however, this website is promoted using rogue downloaders/installers that modify web browser settings without permission. Furthermore, chromesearch.club continually records various data (mostly relating to Internet browsing habits).