Virus and Spyware Removal Guides, uninstall instructions

What is rabsirolcalat[.]info?

rabsirolcalat[.]info is a rogue website that shares similarities with knowwoow.com, tinhowsinutha.pro, feenotifyfriends.info, and dozens of others. It causes unwanted redirects to other rogue websites and delivers dubious content.

Users often visit websites such as rabsirolcalat[.]info inadvertently - they are redirected by potentially unwanted applications (PUAs) or intrusive advertisements displayed on other untrustworthy sites. PUAs are notorious for infiltrating computers without users' consent.

Unwanted redirects are not the only problem caused by unwanted apps - they also deliver intrusive advertisements and gather information.

What is Shipment Tracker?

Shipment Tracker is a deceptive application that supposedly allows users to track their package delivery statuses.

Judging on appearance alone, this app may seem legitimate and useful, however, Shipment Tracker is categorized as a potentially unwanted application (PUA) and a browser hijacker, since it usually infiltrates systems without permission, promotes a fake search engine (search.hshipmenttracker.co), and records various information.

What is HxTsr.exe?

HxTsr.exe (Hidden Executable To Sync Remote Servers) is a legitimate file that can be found in Microsoft Windows Operating Systems. This file/process is part of Microsoft Outlook, a MS Office product, however, its name might be used by cyber criminals to disguise their malicious programs. Therefore, a file with this name could be detected as a threat by virus detection engines.

What is secoh-qad.exe?

secoh-qad.exe is a file associated with KMSPico, a tool that activates Windows Operating Systems and Microsoft Office suites, thereby illegally bypassing software activation free of charge. If this tool is used when installed anti-virus software is enabled, the security software will detect the secoh-qad.exe file as a threat.

This is not the only file that might be detected as a threat when the KMSPico tool is launched. Since this tool is illegal, we advise against using it.

What is gatonsenropha[.]info?

gatonsenropha[.]info is yet another rogue website designed to redirect visitors to other untrustworthy websites and deliver dubious content. It is virtually identical to knowwoow.com, tinhowsinutha.pro, androponhowrow.info, and dozens of other sites.

Many users visit gatonsenropha[.]info inadvertently - they are redirected by potentially unwanted applications (PUAs) or intrusive ads delivered by other rogue sites. Be aware that PUAs typically infiltrate computers without users' permission. As well as causing redirects, they deliver intrusive advertisements and gather data relating to browsing activity.

What kind of application is YourTemplateFinder?

Developed by Mindspark Interactive Network Inc, YourTemplateFinder (also known as Your Template Finder) is a rogue browser toolbar claiming to provide a feature allowing users to find templates for coupons, flyers, resumes, labels, etc.

Although this functionality may seem legitimate and useful, be aware that YourTemplateFinder is categorized as a redirect virus or browser hijacker. This application employs a deceptive software marketing method called 'bundling' to install on Internet browsers without users' permission.

Bundling allows developers to distribute their applications together with other software, and therefore, most users inadvertently install YourTemplateFinder during download of free software from freeware download websites.

What is Koobface?

Koobface is high-risk trojan/worm that stealthily infiltrates computers and performs a number of malicious tasks.

This virus is distributed in various ways, including social engineering (spam email campaigns, private messaging in social networks), malicious websites, unofficial software download websites, fake software updaters, and so on. This malware can cause significant damage.

What is hp.myway.com?

GardeningEnthusiast is a browser app that supposedly provides users with hundreds of free gardening hints and tips. It is just one of many apps created by Mindspark Interactive Network Inc. In fact, GardeningEnthusiast is a potentially unwanted application (PUA), a browser hijacker.

Typically, people download and install apps of this type unintentionally. Once installed, they promote dubious (fake) search engines by changing browser settings. In this case, GardeningEnthusiast promotes the hp.myway.com search engine.

What is "Managing Director Email Virus"?

"Managing Director Email Virus" is a scam that cyber criminals proliferate using a spam campaign. They send emails to many people hoping that a percentage of them will open the attached files. The attachment is an MS Office Word (.doc) file that uses an RTF (Rich Text Format) exploit.

In summary, this document downloads and installs HawkEye, a keystroke logger. Having this malicious program installed can cause serious problems, Therefore, do not open the attachment included in the "Managing Director Email Virus" email.

What is Virus-encoder?

Virus-encoder (also known as GetCrypt) is the name of ransomware-type program that is designed by cyber criminals. They use programs of this type to encrypt files stored on people's computers and to keep them encrypted (locked) unless a decryption tool is purchased (ransom is paid).

Virus-encoder was discovered by GrujaRS, this ransomware mimics another program of this type which is called Cerber. It creates a text file (ransom note) named "# DECRYPT MY FILES #.txt" and renames all encrypted files by adding an extension that contains four random letters.

For example, if a file is named "1.jpg", then Virus-encoder will change it to "1.jpg.ELSH" and so on. This ransomware also changes its victim's desktop wallpaper. Once installed, it also runs a malicious process in the Task Manager, it is named "Tky If Dos".