Virus and Spyware Removal Guides, uninstall instructions

What is ExtendedWindow?

ExtendedWindow is classified as adware and a browser hijacker - it displays advertisements and promotes z6airr.com and adjustablesample.com (addresses of fake search engines) by changing browser settings. It can also read sensitive information from websites.

Generally, users download and install adware and browser hijackers inadvertently and, therefore, apps of this type are categorized as potentially unwanted applications (PUAs).

What is Saved (Scarab)?

Saved belongs to the family of ransomware called Scarab. There are at least two variants of this ransomware, both of which are designed to encrypt files, change filenames, and generate a ransom message.

One variant appends the ".saved" extension to the filenames of encrypted files (e.g., it would rename "1.jpg" to "1.jpg.saved", "2.jpg" to "2.jpg.saved", etc.), whilst another appends the ".save" extension (e.g., it would rename "1.jpg" to "1.jpg.save", "2.jpg" to "2.jpg.save", etc.).

One variant creates the "Инструкия.txt" text file as a ransom message, whilst the other creates "instructions.txt". Additionally, Saved ransomware prevents victims from accessing or using Task Manager by disabling it.

What is promosrewards[.]club?

promosrewards[.]club is the address of an untrusted web page, which is designed to open other pages of this kind or load dubious content. There are many websites similar to promosrewards[.]club on the internet - some examples are 7mono[.]biz, hopsigna[.]com and message-inbox[.]icu.

Typically, users do not open these sites intentionally - they are opened through deceptive ads, other dubious pages, or installed potentially unwanted applications (PUAs).

What kind of malware is E-Clipper?

E-Clipper is malicious software designed to redirect outgoing transfers from Fiat currency wallets and cryptocurrency wallets. This malware poses a serious threat to the integrity of the aforementioned wallets. Therefore, E-Clipper infections can lead to significant financial loss.

Due to the risks posed by this malicious program, it must be eliminated from operating systems immediately upon detection.

What is Checking My Email?

Checking My Email is a browser hijacker which promotes hcheckingmyemail.com, the address of a fake search engine. Research shows that Checking My Email is installed together with Hide My History. Note that apps of this type often gather browsing-related information.

Typically, users download and install browser hijackers unintentionally and, for this reason, they are classified as potentially unwanted applications (PUAs).

What is the My Mail Finder browser hijacker?

My Mail Finder is dubious software endorsed as a tool for quick access to package and mail tracking services. It is classified as a browser hijacker, since it makes modifications to browser settings to promote hmymailfinder.com, a bogus search engine. Additionally, My Mail Finder has data tracking capabilities, which are used to monitor browsing activity.

Due to the dubious methods employed to proliferate My Mail Finder, it is also classified as a Potentially Unwanted Application (PUA).

What is Pants ransomware?

Pants ransomware belongs to the GlobeImposter family and is designed to encrypt files, rename them, and create HTML files (ransom messages) in all folders that contain encrypted files. This ransomware renames files by appending the ".pants" extension to filenames. For example, it would rename "1.jpg" to "1.jpg.pants", "2.jpg" to "2.jpg.pants", and so on.

What is unfurlable[.]com?

Sharing many similarities with the-best-casino-bonus.com, hopsigna.com, message-inbox.icu and countless others, unfurlable[.]com is a rogue website. It operates by presenting visitors with dubious content and/or by redirecting them to other dubious and possibly malicious pages.

Few visitors to unfurlable[.]com (and sites akin to it) access this web page intentionally - most are redirected to it by intrusive advertisements or Potentially Unwanted Applications (PUAs). These apps do not need explicit user consent to be installed onto devices. PUAs cause redirects, run intrusive ad campaigns and collect information relating to browsing.

What is the My Converter Tab browser hijacker?

My Converter Tab is a rogue application endorsed as a tool for quick access to file format conversion services. It it classified as a browser hijacker, due to the modifications it makes to browsers to promote hmyconverter.co (a fake search engine). My Converter Tab is highly likely to monitor browsing activity, as this is typical behavior of browser hijackers.

Additionally, due to the dubious methods used to proliferate My Converter Tab, it is classified as a Potentially Unwanted Application (PUA).

What is 7mono[.]biz?

7mono[.]biz is virtually identical to hopsigna[.]com, message-inbox[.]icu, broindifferd[.]club and many other rogue, untrusted websites. Typically, they open other pages of this kind or load dubious content.

Note that users do not often visit sites such as 7mono[.]biz intentionally - they are opened through untrusted advertisements, dubious web pages or by installed potentially unwanted applications (PUAs).