Your computer is infected with malicious software? Do you have popups on your PC?
If so, search this blog for removal instructions or find computer threats by category.

Monday, April 20, 2015

Remove "Ads by ActiveDeals" Malware (Uninstall Guide)

There's no two ways about it, deleting "Ads by ActiveDeals" and related malware from your PC can be a frustrating process – especially if you are not particularly technically minded. And apart from the stress and worry that being infected by malware can cause, the whole scenario can be frustrating and time consuming too. On the brighter side of things, if you have been infected by ActiveDeals ads, more commonly known as adware, don't panic because this is normally one of the easier malwares to delete.

We say normally because some variants of ActiveDeals or Active Deals adware are nastier than others and can be a bit of a pain to remove. If you have been unlucky enough to be infected by one of these, you'll have to download an adware removal program on to it. Once you've done this you will need to run the program on your computer.


How to remove ads by ActiveDeals from your computer

Initial steps
  • Firstly shut all the programs, inboxes, documents and websites that are open on your PC, except for this removal guide.
  • Open we browser and download recommend anti-malware software
How to remove adware: method one
  • Open up your PC's Windows Control Panel and select Programs > Uninstall a Program. Find the ActiveDeals adware.
  • Found the adware (or anything else you don't recognize and that the internet deems unnecessary?) Highlight it by clicking on it in the list and then hit Uninstall.
  • Reboot your computer.
  • Adware can leave components lying in wait on your PC so to make sure you've got rid of it completely, run (or install and run) a reputable anti-malware software program.
How to remove adware: method two

If you are unable to uninstall the ActiveDeals adware you are going to need to scan your PC. Do this thus:
  • Back up all your files and registry
  • Install the malware removal tool that is waiting on your hard disk
  • Run the malware removal software. Once the scan is complete the program will tell you the name of the adware – delete it!
  • Reboot your computer and then run the malware removal program once more – again to check that there are no nasty remnants of it still lurking on your computer
I wrote a more detail removal guide in case you don't know how to complete certain tasks and run anti-malware program. To remove ads by ActiveDeals from your computer, please follow the steps in the removal guide below. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com



Ads by ActiveDeals Removal Guide:


1. First of all, download anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this malware. Hopefully you won't have to do that.





2. Remove ActiveDeals related programs from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

Go to the Start Menu. Select Control PanelAdd/Remove Programs.
If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove the following:
  • ActiveDeals
  • GoSave
  • Active Discount
  • SaveNewaAppz
  • and any other recently installed application


Simply select each application and click Remove. If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.

Remove ActiveDeals related extensions from Google Chrome:

1. Click on Chrome menu button. Go to ToolsExtensions.



2. Click on the trashcan icon to remove ActiveDeals, Active Discount, MediaPlayerV1, Gosave, HD-Plus 3.5 and other extensions that you do not recognize.

If the removal option is grayed out then read how to remove extensions installed by enterprise policy.




Remove ActiveDeals related extensions from Mozilla Firefox:

1. Open Mozilla Firefox. Go to ToolsAdd-ons.



2. Select Extensions. Click Remove button to remove ActiveDeals, Active Discount, Gosave, MediaPlayerV1, HD-Plus 3.5 and other extensions that you do not recognize.

Remove ActiveDeals related add-ons from Internet Explorer:

1. Open Internet Explorer. Go to ToolsManage Add-ons. If you have the latest version, simply click on the Settings button.



2. Select Toolbars and Extensions. Click Remove/Disable button to remove the browser add-ons listed above.

Read more

How to fix C:\PROGRA~1\COMMON~1\System\SysMenu.dll error. The specified module could not be found.

Ever logged on to your PC and discovered a mysterious SysMenu.dll error message you've never seen before? If the answer to that is "yes", then, just like thousands of people worldwide, you have been infected with a PUP. PUPs – which is short for Potentially Unwanted Programs - are computer software programs that install themselves without you knowing about it and then, rather presumptuously, take it upon themselves to install new files on your PC. Some of them can cause a RunDLL C:\PROGRA~1\COMMON~1\System\SysMenu.dll error message on startup saying that the specified module could not be found.

RunDLL
There was a problem starting C:\PROGRA~1\COMMON~1\System\SysMenu.dll
The specified module could not be found.


SysMenu.dll has been detected as malware by multiple anti-virus engines (scan results). It's usually detected as Goobzo, Skodna.A8D, Win32:Adware-CDO [PUP] or simply Unwanted-Program. However, I must say that detection ratio is still pretty low, just 18 out of 57, which means that most users will not be warned about this malware when installing certain programs, mostly freeware and adware. So just how do you install something without knowing that you're doing so? Well Potentially Unwanted Programs make it their business to be pretty sneaky. They don't discriminate either; they might be packaged with a program that is totally legitimate and reputable, or with something that is a little more shady – or even illegal.

Does that mean I have to stop downloading files and programs?

Well, it would be virtually impossible to say that we should never download anything ever again. From tools that enable us to work, to instant messengers to audio and video files to fun lifestyle apps and games, there's no way we want to, or should have to, give up installing the programs we want and need on our devices. So what do you do if you don't want to run the risk of also downloading a Potentially Unwanted Program and then getting the SysMenu.dll error? The point is, you need to be careful. PUPs are sneaky but they are possible to spot if you are extra vigilant.

Installing a decent anti-malware program is clearly important – for protection against everything nasty and unwanted but there are other things you can do. One is to make sure the programs you have installed on your computer are up to date. By ensuring that everything running on your PC is the newest version you will know that they have the latest security measures in place. The same goes with making sure you also have Microsoft's latest security patches installed. This is a great line of defense in the war against all malware, not just PUPs that cause C:\PROGRA~1\COMMON~1\System\SysMenu.dll startup error.

Just as important, if not even more so, the next time you want to download a program, app or freeware or shareware file, make sure to read the End User License Agreement very carefully. PUPs will normally be mentioned in the small print as an added 'extra' so ensure that check boxes relating to these add-ons are correctly configured so that you don't download them too.

Getting rid of C:\PROGRA~1\COMMON~1\System\SysMenu.dll error

Despite their title, it's fair to say that PUPs are generally unwanted rather than only potentially unwanted but the silver lining on the PUP cloud is that the majority of them are actually fairly simple to remove from your machine. Simply go to the Windows Start Menu and delete them through the Remove or Uninstall Programs option. If you don't know what to look for, list your programs by installation date. Recently installed programs are probably the ones that cause this error. If the SysMenu.dll error message still appears on your computer, please follow the steps in the removal guide below. If you have any questions, please leave a comment below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com



SysMenu.dll Error Removal Guide:


1. First of all, download recommended anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this malware. Hopefully you won't have to do that.





2. Download Autoruns for Windows and save it to your Desktop.

3. Launch autoruns.exe program (Vista/Windows 7/8 users right-click and select Run As Administrator).



4. In the top menu, click File > Find... and type the file name SysMenu.dll, then click Find Next. Alternatively, you can scroll through the list and look for any entry related to SysMenu.dll.



5. If found, right-click on the entry and choose delete. They are usually yellow highlighted.

6. Close Autoruns and reboot your computer when done.

7. Scan your computer with anti-malware software.

Read more

How to Remove Dragon Branch Ads Malware (Uninstall Guide)

Dragon Branch has been created to display adverts "Dragon Branch Ads" to you whenever you're connected to the internet and looking at websites, is something that anyone who goes online needs to be aware of. Yes, you guessed it right! It's adware. Adware is short for advertising supported software and its reason for existing is to generate income for a software programmer. Usually because they have created a free program and the adware is covering their costs.

Dragon Branch adware is not usually considered to be as bad as the other types of malicious software, mostly because most people fall on either side of the fence when it comes down to it. A lot of people aren't bothered in the slightest by adware. After all, if you don't want to pay for your downloaded files or applications then seeing Dragon Branch Ads can seem like a small price to pay.


However, there are others who strongly resent adware's presence on their computer. The Dragon Branch ads can be distracting and annoying, and may affect your browsing experience. Even worse though, adware becomes more worrying when it spies on you, rather like the type of malware known as spyware. The adware installs a component on your PC or phone during the installation process and uses this to monitors your online activity. That means it, well someone is fully aware of everything you do when you're looking at websites.

The adware component collects your browsing data, making note of the services or goods that you look at and then sends this information back to the programmer. They are then able to show you ads by Dragon Branch that closely, or even exactly, match the things you have recently been looking at. A pretty aggressive marketing tactic, we think you'll agree. Not to mention a complete invasion of your privacy.

Other problems caused by Dragon Branch

But that's not all – although by now you may well be thinking that was already more than enough unwanted behavior, but it can also have a disastrous effect on your PC security. That's because the adware on your machine can interact negatively with other programs or apps that you have installed – including your anti-virus or anti-malware software. The adware component causes programs to run slowly or become unstable, which in turn can create security breaches that leave your system weakened and more vulnerable to attack.

How does Dragon Branch get on to your device?

Dragon Branch is most often found bundled with other programs – often free ones. However because most adware programmers don't see why you would have an issue with their marketing strategy, it is often mentioned in license agreements. That means instead of clicking through the check boxes to install your software or download your file as quickly as possible, you should make sure that you slow down and stop to read the small print.

It is important that you pay attention when downloading and installing anything however if that something is a free program such as a game or other app then you should especially take care.

If your computer is already infected and you don't know how to stop Dragon Branch ads and remove this aggressive adware from the system, please follow the steps in the removal guide below. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com



Dragon Branch Ads Removal Guide:


1. First of all, download anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this malware. Hopefully you won't have to do that.





2. Remove Dragon Branch related programs from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

Go to the Start Menu. Select Control PanelAdd/Remove Programs.
If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove the following:
  • Dragon Branch
  • GoSave
  • Active Discount
  • SaveNewaAppz
  • and any other recently installed application


Simply select each application and click Remove. If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.

Remove Dragon Branch related extensions from Google Chrome:

1. Click on Chrome menu button. Go to ToolsExtensions.



2. Click on the trashcan icon to remove Dragon Branch, Active Discount, MediaPlayerV1, Gosave, HD-Plus 3.5 and other extensions that you do not recognize.

If the removal option is grayed out then read how to remove extensions installed by enterprise policy.




Remove Dragon Branch related extensions from Mozilla Firefox:

1. Open Mozilla Firefox. Go to ToolsAdd-ons.



2. Select Extensions. Click Remove button to remove Dragon Branch, Active Discount, Gosave, MediaPlayerV1, HD-Plus 3.5 and other extensions that you do not recognize.

Remove Dragon Branch related add-ons from Internet Explorer:

1. Open Internet Explorer. Go to ToolsManage Add-ons. If you have the latest version, simply click on the Settings button.



2. Select Toolbars and Extensions. Click Remove/Disable button to remove the browser add-ons listed above.

Read more

Saturday, April 18, 2015

How to Remove "Reset Search" App on Mac

Reset Search app is part of the Install Mac adware that can display adverts and pop-ups on your computer. Were you aware that even when you're doing the most normal and mundane things that you do virtually every day you are putting you, and your computer, at serious risk of being infected by this adware?


When you're online, no matter what you're doing, you are in peril. You might be eagerly browsing vacation locations, killing time by reading celebrity gossip, updating your Facebook status or – who knows, even working! – but indulging in all these simple activities can wind up with your computer being infected. No longer are dodgy adult content websites, flashing wallpapers and illegal downloads the only places that can result in an infection, the most innocent of websites or downloads can too. And that's something we all need to be aware of.

What exactly is "Reset Search" app?

It's adware. Adware, as you may already know, is an amalgamation of the words 'advertising supported software' and although it is not the most deadly horse in the stable, it definitely is still very much a type of malware. In its simplest terms, Reset Search adware is a computer software program that displays adverts on your screen or monitor whenever you are connected to the internet. Some of these adverts are fairly easy to ignore yet others will be nightmarish pop-up adverts that won't go away no matter how many times you close them.


Reset Search is more than just an annoyance

Adware at its most aggressive form is annoying, there is no doubt about that, however many people have a problem with the fact that it also spies on you by monitoring which websites you visit. It then collects this data and sends it to the Reset Search's programmer or other third party. They are then able to customize the adverts that are being shown to you so that they more closely represent your interests. Obviously, this means you are more likely to then click on them, driving traffic – and potentially sales – to a website that is paying to use adware.

Adware is cunning!

For the most part, you won't know if Reset Search app is installing itself on your machine, so how does it get there if you are not knowingly downloading it? It (and many other types of malware) are normally downloaded and installed in conjunction with another program. What that means is that if you have just installed an upgrade to your messenger app or downloaded some audio or video files, you may well have also downloaded some adware.

Adware can also infect you in a 'drive by installation' which occurs when you visit an infected website. So you see, as mentioned above, you really can be doing almost anything online and be putting yourself in harm's way.

How do you prevent Reset Search installation?

Reference is often made to adware in software license agreements, so make sure you read those carefully when you're downloading. You should also install a good anti-adware program. Reset Search app is annoying, an invasion of your privacy and can leave your security in tatters, increasing the chance of something even worse infecting you. Protect yourself, your Mac and your sanity before it's too late.

If your computer is already infected and you don't know how to remove Reset Search app, please follow the steps in the removal guide below. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com



Reset Search App Removal Guide:


1. First of all, download anti-adware software and run a full system scan. It will detect and remove this adware from your Mac. You may then follow the manual removal instructions below to remove the leftover traces of this adware. Hopefully you won't have to do that.






2. Quit the Reset Search, Genieo, Install Mac apps, if they are running. To do so, open Activity Monitor then click the CPU tab, then click Process Name at the top of that column to sort the list alphabetically.

Look for processes InstallMac', Reset Search, Genieo. Select them, then click the Force Quit button. Quit Activity Monitor.

3. In the Finder, select Applicationsinstall.mac and put it into trash.

4. Move the following items to the trash as well. Some of them, including the Genieo application, may not be present; remove the ones that you do find.

/Applications/Genieo
/Applications/InstallMac
/Applications/Uninstall Genieo
/Applications/Uninstall IM Completer.app
~/Library/Application Support/com.genieoinnovation.Installer/
~/Library/Application Support/Genieo/
~/Library/LaunchAgents/com.genieo.completer.download.plist
~/Library/LaunchAgents/com.genieo.completer.update.plist
~/Library/LaunchAgents/com.genieo.completer.ltvbit.plist
~/Library/LaunchAgents/com.installer.completer.download.plist
~/Library/LaunchAgents/com.installer.completer.update.plist
~/Library/LaunchAgents/com.installer.completer.ltvbit.plist
/Library/LaunchAgents/com.genieoinnovation.macextension.plist
/Library/LaunchAgents/com.genieoinnovation.macextension.client.plist
/Library/LaunchAgents/com.genieo.engine.plist
/Library/LaunchAgents/com.genieo.completer.update.plist
/Library/LaunchDaemons/com.genieoinnovation.macextension.client.plist
/Library/PrivilegedHelperTools/com.genieoinnovation.macextension.client
/usr/lib/libgenkit.dylib
/usr/lib/libgenkitsa.dylib
/usr/lib/libimckit.dylib
/usr/lib/libimckitsa.dylib

5. Restart your Mac.

Read more

Friday, April 17, 2015

How to Remove HELP_RESTORE_FILES.txt Virus and Restore Encrypted Files

It's no great secret only known to tech boffins or IT experts that the more time we spend online, the more chances we have of being infected by HELP_RESTORE_FILES.txt ransom virus (ransomware) which is very similar to the CryptoLocker ransomware. As anti-virus software gets increasingly sophisticated, so to do the yin to their yang: ransomware. It's an endless cat and mouse game between good and evil – with us poor unfortunate internet uses stuck in the middle as unwilling pawns. What that really means for us is that we need to increasingly be on our guard if we are to prevent ourselves from falling victim to an infection or attack.

The problem is that with there being so many different varieties of malware that it can be hard to know what we need to do to stay safe online. Malware is created for different end purposes and has different traits and ways of operating so the best thing you can do to protect yourself is – as well as installing a great anti-virus program – to learn as much as possible about the different types. And in this instance, that is ransomware.


Ransomware is a strange one: one minute it's everywhere, the next no one is talking about it – but one thing is for sure, it will rear its ugly head again at some point in the not too distant future. So, stay safe and learn a little more about ransomware now and give yourself a better chance of avoiding it the next time it's doing the rounds.

A closer look at HELP_RESTORE_FILES.txt ransom virus

So what actually is ransomware? No prizes for guessing that it is a type of software program which has been designed to hold you – or more specifically your files or even your computer's operating system – to ransom. Your data will be kidnapped and held hostage until you cough up some of your hard earned cash for its release. HELP_RESTORE_FILES.txt and other files have been identified only by a few anti-virus engines as malicious: TROJ_CRYPTESLA.CAG, Win32:Crypt-RXH [Trj], Win32/Filecoder.EM, Trojan.Agent.ED. Once installed, it encrypts your files, changes your desktop image and displays a red encryptor window saying "Your personal files are encrypted". It installs itself for autorun at Windows startup, so you will get this message every time you turn on your computer. It also drops a few text files called HELP_RESTORE_FILES.txt with information on how to pay the ransom and restore your files. The text file reads:

All your documents, photos, databases and other important files have been encrypted
with strongest encryption RSA-2048 key, generated for this computer.

Private decryption key is stored on a secret Internet server and nobody can
decrypt your files until you pay and obtain the private key.

If you see the main encryptor red window, examine it and follow the instructions.
Otherwise, it seems that you or your antivirus deleted the encryptor program.
Now you have the last chance to decrypt your files.

Open [edited] or [edited] in your browser.
They are public gates to the secret server.
Copy and paste the following Bitcoin address in the input form on server. Avoid misprints.
[edited]
Follow the instructions on the server.

If you have problems with gates, use direct connection:
1. Download Tor Browser from [edited]
2. In the Tor Browser open the [edited]
Note that this server is available via Tor Browser only.
Retry in 1 hour if site is not reachable.
Copy and paste the following Bitcoin address in the input form on server. Avoid misprints.
[edited]
Follow the instructions on the server.

What is more, HELP_RESTORE_FILES.txt ransom virus preforms some HTTP requests and connects to TOR hidden services through Tor2Web. It even creates an alternative data stream.

Okay, I definitely want to avoid this happening to me. How do I get infected?

This is something that ransomware does actually have in common with its other malware buddies. You will either become infected by downloading an app or program that has HELP_RESTORE_FILES.txt ransomware bundled with it, if you've visited an infected website, or if you open an attachment or click on a link that has been sent via email or in a chat app in a deliberate attempt to infect you.

What will happen if I've been infected by this ransomware?

First of all you'll find that you are not able to open a specific document, program or file; they've been held to ransom. Of course, just like in the story books of our childhoods, the kidnapper will then send you a ransom letter which is just a plain text document HELP_RESTORE_FILES.txt. Rather than being written in blood or cut out of a newspaper, this ransom note will be in the form of an email or displayed on your computer's screen.

So what do you do? Try not to panic – and definitely do NOT pay any money unless you don't have a choice and those files are very very important to you. In order to retrieve at least some of your files and remove this ransom virus from your computer, please follow the steps in the removal guide below. If you backup your files regularly then there won't be any difficulties. If you don't have any backups then you can try Windows previous file version tool or Shadow Explorer. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com



Step 1: Removing ransom virus and related malware:


Before restoring your files from shadow copies, make sure HELP_RESTORE_FILES.txt virus is not running. You have to remove this malware permanently. Thankfully, there are a couple of anti-malware programs that will effectively detect and remove this malware from your computer.

1. First of all, download and install recommended anti-malware scanner. Run a full system scan and remove detected malware.




>
2. Then, download ESET Online Scanner and run a second scan to make sure there are no other malware running on your computer.

That's it! Your computer should be clean now and you can safely restore your files. Proceed to Step 2.


Step 2: Restoring files encrypted by ransom virus:


Method 1: The first and best method is to restore your files from a recent backup. If you have been regularly performing backups, then you should use your backups to restore your files.

Method 2: Try to restore previous versions of files using Windows folder tools. To learn more, please read Previous versions of files.

Method 3: Using the Shadow Volume Copies:

1. Download and install Shadow Explorer. Note, this tool is available with Windows XP Service Pack 2, Windows Vista, Windows 7, and Windows 8.

2. Open Shadow Explorer. From the drop down list you can select from one of the available point-in-time Shadow Copies. Select drive and the latest date that you wish to restore from.



3. Righ-click any encrypted file or entire folder and Export it. You will then be prompted as to where you would like to restore the contents of the folder to.



Hopefully, this will help you to restore all encrypted files or at least some of them.

Read more

Thursday, April 16, 2015

Remove "Ads by DiscountSmasher" Malware (Uninstall Guide)

If you've heard the word DiscountSmasher or Discount Smasher increasingly being used you might be asking yourself what the big deal is and why it's suddenly the buzzword of the moment. Is it something you should be concerned about? Could this program do you harm or is it simply the next big thing on the internet? Well I'm glad you're asking because it is something that can have a knock on effect on anyone who uses the internet – which, let's face it, is pretty much all of us!

What is DiscountSmasher?

DiscountSmasher or Discount Smasher is a computer software program that has been created with the intention of displaying advertising on your computer's screen with a little "Ads by DiscountSmasher" caption. Actually, scratch that as it's not just desktops and laptops that are affected by this adware; tablets and smartphones are also in the firing line too. The type of DiscountSmasher adverts you see vary from pop-up windows or banners to smaller, less intrusive ads that nestle in among the other content on a website.


How does DiscountSmasher affect you? Does it cause problems?

Although most people agree that DiscountSmasher is not the worst thing to have installed upon your computer, it is still malware. And that's because simply displaying online adverts is not the only thing it does. If you've been infected with a nasty strain of adware you will be driven nuts by the amount of Discount Smasher pop-up adverts that you are bombarded with. Even closing them has no effect - click that little 'x' in the corner of the window and they'll simply pop right back up again.

Worse still, these pop-ups are rarely for something useful – in fact many people would label them downright offensive. For example if you are unlucky enough to be infected by the same adware that I was you'll be subjected to X rated manga cartoon images!

And that's not all; Adware also slows your CPU and your internet connection down. That's because your computer is now struggling to cope with the additional amount of energy it must expend while the adware is running on your machine and loading malicious executable files from C:\Program Files (x86)\DiscountSmasher folder. Your internet, meanwhile, is being used by the adware to constantly relay data that it collects about your browsing habits. This is so that the adware's programmer can customize the ads by DiscountSmasher you see and send you ads for products or services that you have recently been looking at. Yes, adware spies on you too!

Anything else you ask? Well, yes, in fact there is. It can also negatively interact with other programs or apps you have installed on your computer or phone. This can cause these programs to crash when you try and open them and may disable some of their functionality. And if the adware is interacting in this manner with your anti-virus software, then you could be in big trouble.

Finally (yes, there's more!) DiscountSmasher can even install a new tool bar, browser or home page and will redirect all of your searches to websites that the programmer wants you to visit. Adware: it's not turning out to be an innocent marketing tool after all, is it?

If your computer is already infected and you don't know how to stop ads by DiscountSmasher and remove this aggressive malware from the system, please follow the steps in the removal guide below. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com



Ads by DiscountSmasher Removal Guide:


1. First of all, download anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this malware. Hopefully you won't have to do that.





2. Remove DiscountSmasher related programs from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

Go to the Start Menu. Select Control PanelAdd/Remove Programs.
If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove the following:
  • DiscountSmasher
  • GoSave
  • Active Discount
  • SaveNewaAppz
  • and any other recently installed application


Simply select each application and click Remove. If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.

Remove DiscountSmasher related extensions from Google Chrome:

1. Click on Chrome menu button. Go to ToolsExtensions.



2. Click on the trashcan icon to remove DiscountSmasher, Active Discount, MediaPlayerV1, Gosave, HD-Plus 3.5 and other extensions that you do not recognize.

If the removal option is grayed out then read how to remove extensions installed by enterprise policy.




Remove DiscountSmasher related extensions from Mozilla Firefox:

1. Open Mozilla Firefox. Go to ToolsAdd-ons.



2. Select Extensions. Click Remove button to remove DiscountSmasher, Active Discount, Gosave, MediaPlayerV1, HD-Plus 3.5 and other extensions that you do not recognize.

Remove DiscountSmasher related add-ons from Internet Explorer:

1. Open Internet Explorer. Go to ToolsManage Add-ons. If you have the latest version, simply click on the Settings button.



2. Select Toolbars and Extensions. Click Remove/Disable button to remove the browser add-ons listed above.

Read more

Tuesday, April 14, 2015

How to Remove "Ads by GreatDeals" Malware (Uninstall Guide)

Let's not beat around the bush here, I would bet my bottom dollar that you have heard of "Ads by GreatDeals" malware – in fact it's highly likely that you've been infected with it as well. But what actually is GreatDeals, and how does it affect your computer? I always say that the best way to protect yourself from an enemy is to know exactly how they operate.

What is GreatDeals or Great Deals?

It's commonly known as adware which is a computer program which falls under the malware (or malicious software) label. It installs a tracking component on your PC or laptop. As we spend more time online on different devices, adware that targets handheld devices is becoming increasingly common. The tracking component monitors which websites you have been browsing and the products that you look at within the website's pages. It sends this information back to the programmer who can then make the decision about which ads by GreatDeals to show you based on your perceived recent interests. So that's the first thing we know about adware – that it is quite an aggressive marketing tactic, but that's not all because this adware can cause you some problems too.


The problems caused by GreatDeals

As mentioned above, it can cause quite a few issues for you – and for your computer. One of the most noticeable ones is caused by the tracking component. Because it is constantly working away behind the scenes, it is eating up your computer or laptop’s resources. Resources that are best put to use while you work or spend your hard earned leisure time online. Using up resources will cause your device to run more slowly than usual. The component may interact unfavourably with other programs that you have installed and can stop them from performing to their full capability or keep crashing. Creating conflicts between the programs you have on your machine can also result in an instable IT environment and leave you vulnerable to breaches of security. Finally, because this nasty component uses your own Internet connection to send the data it has collected about you back to the programmer, you will probably find that websites are frustratingly slow to load. You might not even be able to use the Internet at all as it might simply crash every time you try and open it.

How do you lower the chances of being infected by GreatDeals ads?
  1. Don't panic because thankfully there are a few steps you can take to protect yourself from ads by GreatDeals. Below we list a handful of the easiest to implement and things that you should be aware of.
  2. Don't even think about going online without having an anti-malware program on your PC.
  3. Not sure you trust a website 100%? Don't download files or software from it. Use the developer's site wherever possible.
  4. Browser telling you pop-up blockers are available? Use them.
  5. Ensure all software and apps are up to date – that way their security will be too.
If your computer is already infected and you don't know how to stop "Ads by GreatDeals" and remove this aggressive malware from the system, please follow the steps in the removal guide below. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com



Ads by GreatDeals Removal Guide:


1. First of all, download anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this malware. Hopefully you won't have to do that.





2. Remove GreatDeals related programs from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

Go to the Start Menu. Select Control PanelAdd/Remove Programs.
If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove the following:
  • GreatDeals
  • GoSave
  • Active Discount
  • SaveNewaAppz
  • and any other recently installed application


Simply select each application and click Remove. If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.

Remove GreatDeals related extensions from Google Chrome:

1. Click on Chrome menu button. Go to ToolsExtensions.



2. Click on the trashcan icon to remove GreatDeals, Active Discount, MediaPlayerV1, Gosave, HD-Plus 3.5 and other extensions that you do not recognize.

If the removal option is grayed out then read how to remove extensions installed by enterprise policy.




Remove GreatDeals related extensions from Mozilla Firefox:

1. Open Mozilla Firefox. Go to ToolsAdd-ons.



2. Select Extensions. Click Remove button to remove GreatDeals, Active Discount, Gosave, MediaPlayerV1, HD-Plus 3.5 and other extensions that you do not recognize.

Remove GreatDeals related add-ons from Internet Explorer:

1. Open Internet Explorer. Go to ToolsManage Add-ons. If you have the latest version, simply click on the Settings button.



2. Select Toolbars and Extensions. Click Remove/Disable button to remove the browser add-ons listed above.

Read more