Virus and Spyware Removal Guides, uninstall instructions

What is admnsrv[.]com?

When visited, admnsrv[.]com opens other untrusted websites or loads dubious content. There are many similar websites - some examples are promosrewards[.]club, 7mono[.]biz and hopsigna[.]com. 

Typically, users do not visit websites of this type intentionally - they are opened by installed potentially unwanted applications (PUAs), deceptive advertisements, or other dubious web pages.

What is the ShortcutTab browser hijacker?

ShortcutTab is a browser hijacker designed to promote advancedsearchlab.com (a fake search engine) by making modifications to browser settings and restricting/denying access to them. Additionally, this browser hijacker has data tracking capabilities, which are employed to monitor users' browsing habits.

Due to the dubious methods used to proliferate ShortcutTab, it also classified as a Potentially Unwanted Application (PUA).

What is StormKitty?

StormKitty is a stealer, clipper and keylogger written in the C# programming language. Cyber criminals can use it to steal various sensitive information, which could be misused for malicious purposes and to generate revenue. Research shows that StormKitty is not detected by a number of antivirus programs.

Therefore, it is likely that many users will be unaware that they have StormKitty installed on their computers.

What is Super PDF Convert Tab?

Super PDF Convert Tab is a piece of rogue software categorized as a browser hijacker. Following successful installation, it makes modifications to browser settings to promote super-pdf-convert.com, a bogus search engine. Most browser hijackers collect browsing-related information, and it is highly likely that Super PDF Convert Tab also has these data tracking capabilities.

Due to the dubious methods used to proliferate this browser hijacker, it is also classified as a Potentially Unwanted Application (PUA).

What is ExtendedWindow?

ExtendedWindow is classified as adware and a browser hijacker - it displays advertisements and promotes z6airr.com and adjustablesample.com (addresses of fake search engines) by changing browser settings. It can also read sensitive information from websites.

Generally, users download and install adware and browser hijackers inadvertently and, therefore, apps of this type are categorized as potentially unwanted applications (PUAs).

What is Saved (Scarab)?

Saved belongs to the family of ransomware called Scarab. There are at least two variants of this ransomware, both of which are designed to encrypt files, change filenames, and generate a ransom message.

One variant appends the ".saved" extension to the filenames of encrypted files (e.g., it would rename "1.jpg" to "1.jpg.saved", "2.jpg" to "2.jpg.saved", etc.), whilst another appends the ".save" extension (e.g., it would rename "1.jpg" to "1.jpg.save", "2.jpg" to "2.jpg.save", etc.).

One variant creates the "Инструкия.txt" text file as a ransom message, whilst the other creates "instructions.txt". Additionally, Saved ransomware prevents victims from accessing or using Task Manager by disabling it.

What is promosrewards[.]club?

promosrewards[.]club is the address of an untrusted web page, which is designed to open other pages of this kind or load dubious content. There are many websites similar to promosrewards[.]club on the internet - some examples are 7mono[.]biz, hopsigna[.]com and message-inbox[.]icu.

Typically, users do not open these sites intentionally - they are opened through deceptive ads, other dubious pages, or installed potentially unwanted applications (PUAs).

What kind of malware is E-Clipper?

E-Clipper is malicious software designed to redirect outgoing transfers from Fiat currency wallets and cryptocurrency wallets. This malware poses a serious threat to the integrity of the aforementioned wallets. Therefore, E-Clipper infections can lead to significant financial loss.

Due to the risks posed by this malicious program, it must be eliminated from operating systems immediately upon detection.

What is Checking My Email?

Checking My Email is a browser hijacker which promotes hcheckingmyemail.com, the address of a fake search engine. Research shows that Checking My Email is installed together with Hide My History. Note that apps of this type often gather browsing-related information.

Typically, users download and install browser hijackers unintentionally and, for this reason, they are classified as potentially unwanted applications (PUAs).

What is the My Mail Finder browser hijacker?

My Mail Finder is dubious software endorsed as a tool for quick access to package and mail tracking services. It is classified as a browser hijacker, since it makes modifications to browser settings to promote hmymailfinder.com, a bogus search engine. Additionally, My Mail Finder has data tracking capabilities, which are used to monitor browsing activity.

Due to the dubious methods employed to proliferate My Mail Finder, it is also classified as a Potentially Unwanted Application (PUA).