Virus and Spyware Removal Guides, uninstall instructions

What is GeneralBoardSearch?

GeneralBoardSearch is designed to display advertisements and promote the address of a fake search engine by modifying certain browser settings. This app is classified as adware and a browser hijacker.

In most cases, users download and install apps of this type inadvertently and, for this reason, GeneralBoardSearch is categorized as a potentially unwanted application (PUA). Note that apps such as GeneralBoardSearch can also gather browsing data. Research shows that this app is distributed through a deceptive installer, which supposedly installs Adobe Flash Player.

What is StreamLim?

StreamLim is a browser hijacker designed to modify browser settings to promote streamlim.com (a fake search engine). Additionally, most browser hijackers have data tracking capabilities, which are used to monitor browsing activity. Due to the dubious proliferation techniques of StreamLim, it is also classified as a Potentially Unwanted Application (PUA).

What is the Proton malware?

Proton is a malicious program classified as a Remote Access Trojan (RAT). This type of malware enables remote access and control over an infected device. RATs are capable of allowing close to or user-level control over a machine. These Trojans have a wide variety of malicious capabilities, which can be used in likewise varied ways.

Proton has been observed being distributed under the guise of the "Symantec Malware Detector" anti-virus application, however, this RAT might be disguised as or bundled with other products, even legitimate sites with genuine Apple code-signing signatures (i.e. certificates). Proton malware is no way associated with NortonLifeLock Inc. (formerly known as Symantec).

What is the Ultra Tab browser hijacker?

Ultra Tab is rogue software endorsed as improving web searching and browsing in general. In fact, Ultra Tab is categorized as a browser hijacker. It operates by making modifications to browser settings to promote ultra-search1.com (a fake search engine).

Additionally, this browser hijacker has data tracking capabilities, which are employed to collect browsing-related information. Since most users install Ultra Tab inadvertently, it is also classified as a Potentially Unwanted Application (PUA).

What is "Windows has encountered a problem"?

Users often end up seeing this blue window on their computer screens (stating that Windows has encountered a problem) after executing a malicious file, which prevents them from accessing Windows by locking the screen. This happens after installation of malware programs classified as 'screen lockers'.

Research shows that this malware is capable of accessing the webcam, which allows cyber criminals to observe their victims (and anything else in view) while the infected computer is turned on.

What is ProgramInitiator?

ProgramInitiator adware feeds users with various advertisements and functions as a browser hijacker. It promotes addresses of fake search engines (z6airr.com and adjustablesample.com) by modifying certain browser settings. This adware can read various sensitive information from websites.

Note that users often download and install adware (and browser hijackers) inadvertently. For this reason apps such as ProgramInitiator are categorized as potentially unwanted applications (PUAs).

What are the fake "Your iPhone is now online and located" text messages?

"Your iPhone is now online and located" is a smishing scam. The term "smishing" is closely related to "phishing". This type of scheme is promoted via text (SMS) messages and typically attempts to extract personal information from potential victims - often, under the guise of legitimate company representatives.

In the case of the "Your iPhone is now online and located" scam, the deceptive SMS messages are disguised as security alerts from "Apple Support". The messages sent by this scam state that recipients' mobile devices have been located and are currently online.

This scheme is in no way associated with Apple Inc., and all of the information provided by it is false. The goal of "Your iPhone is now online and located" is to abuse users' trust for profit.

What is Heroes of the Storm?

This ransomware was discovered by GrujaRS. Cyber criminals behind Heroes of the Storm (or simply Crypt32) ransomware use the same name as developers of a legitimate game. In fact, the game has nothing to do with this malware.

Heroes of the Storm ransomware is designed to encrypt files and create the "!! YOUR FILES HAS BEEN ENCRYPTED !!.txt" text file (containing a ransom message) in all folders that contain encrypted files. Unlike most other ransomware-type programs, this ransomware leaves the filenames of encrypted files unchanged.

I.e., Heroes of the Storm does not append any extension or modify filenames in any other way.

What is Foxy Newtab?

Foxy Newtab hijacks browsers by changing certain settings (such as the address of a fake search engine) to tryfoxy.com and collects browsing-related information. Commonly, users download and install browser hijackers inadvertently and, therefore, they are categorized as potentially unwanted applications (PUAs).

What is Eco Search?

Eco Search is rogue software categorized as a browser hijacker. It operates by making changes to browser settings to promote ecosearch.club (a fake search engine). This browser hijacker also monitors users' browsing activity. Due to the dubious methods used to proliferate Eco Search, it is also classified as a Potentially Unwanted Application (PUA).