Virus and Spyware Removal Guides, uninstall instructions

What is GeneralChannelSearch?

GeneralChannelSearch is an adware-type application with browser hijacker characteristics. Following successful infiltration, it runs intrusive advertisement campaigns and modifies browser settings to promote fake search engines. In addition, most adware and browser hijackers collect browsing-related information.

Due to the dubious techniques used to proliferate GeneralChannelSearch, it is classified as a Potentially Unwanted Application (PUA) as well. One of the dubious methods employed in GeneralChannelSearch distribution is proliferation through fake Adobe Flash Player updates.

Bogus software updaters/installers are used to spread PUAs and also malware (e.g. ransomware, Trojans, etc.).

What is GuideRecord?

GuideRecord serves advertisements, modifies browser settings and possibly collects browsing details (and other) data. Therefore, this app functions as adware and as a browser hijacker. People mostly download and install apps such as GuideRecord inadvertently and, therefore, they are classified as potentially unwanted applications (PUAs).

Note that GuideRecord is distributed by disguising its installer as the installer for Adobe Flash Player.

What is CleanParameter?

CleanParameter is an adware-type app with browser hijacker characteristics. It operates by running intrusive advertisement campaigns and making modifications to browser settings to promote fake search engines.

In addition, most adware-type apps and browser hijackers collect browsing-related information, and it is likely that CleanParameter does so as well.

Due to the dubious methods employed in CleanParameter distribution, it is classified as a Potentially Unwanted Application (PUA). One of the techniques used for this app is proliferation via fake Adobe Flash Player updates. Bogus updaters/installers are used to spread unwanted software and also malware (e.g. Trojans, ransomware, etc.).

What is TrustedAnalog?

TrustedAnalog is classified as adware because it serves advertisements. It also functions as a browser hijacker - it promotes a fake search engine by changing certain browser settings. People do not often download and install apps such as TrustedAnalog intentionally and, for this reason, they are classified as potentially unwanted applications (PUAs).

To trick users into installing TrustedAnalog, developers use a fake/deceptive installer disguised as the installer for Adobe Flash Player.

What is IncognitoSearchHome?

IncognitoSearchHome is rogue software designed to make alterations to browser settings to promote incognitosearchhome.com (a fake search engine). Due to this, it is classified as a browser hijacker. In addition, most browser hijackers monitor users' browsing habits, and this is likely to be the case with IncognitoSearchHome.

Since most users download/install programs of this type unintentionally, they are also classified as Potentially Unwanted Applications (PUAs).

What kind of malware is Pump ransomware?

Pump is a malicious program classified as ransomware. Systems infected with this malware have their data encrypted, hence the affected files are renamed and become inaccessible. This malicious program makes ransom demands for decryption tools/software.

During the encryption process, files are appended with the ".pump" extension. For example, a file originally named something like "1.jpg" would appear as "1.jpg.pump", "2.jpg" as "2.jpg.pump", and so on, following encryption. After this process is complete ransom messages within "README.txt" files are dropped into compromised folders.

What is Tail Finder?

Tail Finder is a browser hijacker that changes certain browser settings to tailsearch.com - the main purpose of this app is to promote this fake search engine.

Additionally, Tail Finder collects browsing data. Note that browser hijackers are categorized as potentially unwanted applications (PUAs), since, in most cases, users download and install them inadvertently.

What is Walmart attempted delivery email scam?

Generally, scammers behind these emails attempt trick recipients into providing personal information (e.g., login credentials, credit card details).

This particular email is disguised as a message from Walmart regarding a shipment of five iPhone 12 Pro Max smartphones. Its main purpose is to trick recipients into entering their login credentials onto a deceptive website, most likely a fake Walmart website.

What is ios-protect-defence[.]com?

Ios-protect-defence[.]com is a deceptive website that promotes various scams. At the time of research, this web page promoted a scheme targeting iPhone users, however, it is possible that users of other Apple devices could likewise inadvertently enter the site. The scam claims that visitors' mobile devices are infected and urges them to download/install the endorsed app.

Typically, schemes of this kind promote various potentially unwanted applications (e.g. fake anti-viruses, adware, browser hijackers, etc.) and some might even promote malware (e.g. Trojans, ransomware, etc.). Most users access deceptive web pages via mistyped URLs, redirects caused by intrusive ads or by Potentially Unwanted Applications (PUAs).

This software does not require explicit consent to be installed onto systems, and thus users may be unaware of its presence.

What is FedEx Freight email virus?

Malspam emails are messages that cyber criminals send to deliver malware. Typically, the emails are disguised as official messages from legitimate companies and organizations and contain a malicious attachment or download link for a malicious file. Recipients who open files downloaded via such emails often infect their computers with malware.

This particular email is disguised as a message from FedEx and used to deliver a Remote Administration Tool (RAT) called Remcos.