Your computer is infected with malicious software? Do you have popups on your PC?
If so, search this blog for removal instructions or find computer threats by category.

Thursday, November 27, 2014

Remove ask.couplose.com pop-up ads (Uninstall Guide)

Ask.couplose.com pop-ups usually occur on computers infected with adware and Potentially Unwanted Programs (PUPs) such as SaferSurf, TinyWallet and BlockAndSurf. Here we're going to take a closer look at PUPs that display Ask.couplose.com pop-up ads and methods on how to stop them. Such adware and pop-ups are not necessarily malicious but they may promote bogus products and services. Sometimes, such adware and PUPs display completely fake messages claiming that your Flash Player is outdated. As a result you may end up installing more adware and even malware on your computer.


A Potentially Unwanted Program, as the name implies, is likely to be a program that you don't really want running on your PC. So what does a PUP look like and how do you know if you have one installed? PUPs are most commonly associated with tool bars although they can also manifest themselves as search engines, home pages or as in this case a malicious browser extension that redirects users to ask.couplose.com and asks to install software updates. Whatever form they take, they usually have one thing in common with each other and that is to redirect your web searches to websites of their own choice. They can drive you absolutely nuts! After all, if you want to visit your favourite news website, a forum you're a member of, or you fancy buying a new pair of sneakers online, the last thing you want to be battling against is being constantly sent to ask.couplose.com to download somthing.

With that in mind, let's take a look at how you defend yourself when it comes to ask.couplose.com pop-ups. To learn how to best protect yourself it helps to have just a little general background and know how a PUP or adware installs itself on your PC. In addition to this, knowing your computer and being aware of which programs you have installed on it is beneficial too. This gives you a far better fighting chance of spotting if your computer is running differently to normal or is displaying any strange behavior or previously unseen browsers or tool bars.

How are Potentially Unwanted Programs installed?

In the majority of cases PUPs come bundled with other software programs. This is either because a successful company has given a less established company a helping hand, or because the newcomer has rather cheekily, packaged their program with another company's, without telling them.

Regardless of how your Potentially Unwanted Program was packaged, all you need to be aware of is that when you're installing an application or program, there might be an unknown quantity hiding in its shadow. To be fair, occasionally you may find this added extra genuinely useful; however, more often than not it will simply be an unwanted nuisance or distraction, ask.couplose.com pop-ups to name it.

How do I make sure I'm not also installing PUPs and adware?

Potentially Unwanted Programs and adware usually receive a nod to their existence in the End User License Agreement that you'll see displayed when you're installing an item of software. Therefore you should make sure that you read this carefully and make a note of any additional programs that are mentioned. Pay particular attention to check boxes which may need to be checked or unchecked in order to avoid also installing a PUP.

In order to stop ask.couplose.com pop-ups, please follow the steps in the removal guide below. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com



Ask.couplose.com Pop-ups Removal Guide:


1. First of all, download anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this malware. Hopefully you won't have to do that.





2. Remove ask.couplose.com pop-up related programs from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

Go to the Start Menu. Select Control PanelAdd/Remove Programs.
If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove the following:
  • SaferSurf
  • LyricsSay-1
  • TinyWallet
  • BlockAndSurf
  • HD-Plus 3.5
  • and any other recently installed application


Simply select each application and click Remove. If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.

Remove ask.couplose.com pop-up related extensions from Google Chrome:

1. Click on Chrome menu button. Go to ToolsExtensions.



2. Click on the trashcan icon to remove SaferSurf, LyricsSay-1, TinyWallet, BlockAndSurf, HD-Plus 3.5 and other extensions that you do not recognize.



If the removal option is grayed out then read how to remove extensions installed by enterprise policy.



Remove ask.couplose.com pop-up related extensions from Mozilla Firefox:

1. Open Mozilla Firefox. Go to ToolsAdd-ons.



2. Select Extensions. Click Remove button to remove SaferSurf, LyricsSay-1, TinyWallet, BlockAndSurf, HD-Plus 3.5 and other extensions that you do not recognize.



Remove ask.couplose.com pop-up related add-ons from Internet Explorer:

1. Open Internet Explorer. Go to ToolsManage Add-ons. If you have the latest version, simply click on the Settings button.



2. Select Toolbars and Extensions. Click Remove/Disable button to remove the browser add-ons listed above.

Read more

Remove "Pirated software has been detected" Virus (Ransomware Removal Guide)

This computer was automatically blocked. Reason: Pirated software has been detected. message appears on computers infected with a new variant of ransomware Trojan. It claims that certain files on your computer have been encrypted and you will get then back only if you pay the fine which is usually about $500. The good news is that this ransom Trojan doesn't actually encrypt your files. It simply modifies them by changing file extensions. What is more, it doesn't work in Safe Mode which means you can download anti-malware software in Safe Mode and remove the virus. To do so, please follow the steps in the removal guide below. But first, let's analyze the "Pirated software has been detected" Trojan in more details. If you've heard of the term Trojan Horse but you're not entirely sure what a Trojan is – and what effect one can have on your PC – we hope that this will help you learn a little more, and tell you how to protect yourself.

First of all, if your computer has been hit with this Trojan Horse, chances are it was your fault. Unlikely as it seems, the unfortunate fact is that we often play a part in infecting ourselves when it comes to malware, especially Trojans. And laying the blame at your door is exactly what Trojan Horses are all about. So that a Trojan can worm its way onto your computer you need to install its server function. And for you to install the server function, the Trojan needs to trick you into doing just that.


Once installed, it will change Windows Registry and files so that you will get the This computer was automatically blocked. Reason: Pirated software has been detected. message on every startup. Here's how the fake message reads:

Willful copyright infringement is a federal crime that carries penalties of up to five years in federal prison, a $250,000 fine, forfeiture and restitution (17 U.S.C s.506, 18 U.S.C s.2319)

As a first-time offender you are required by law to pay a fine of 500 CAD
If the fine is not paid within three days, a warrant will be issued for your arrest, which will be forwarded yo your local authorities. You will be charged, fines, convicted for up to 5 years.

How to pay a fine? There are two ways to pay a fine:

1. You can pay the fine online through BitCoin. BitCoin is available nationwide.
2. (Offline Option) You can come to your local courthouse and pay the fine at the 'Cashiers' window.

OK, so the second payment option is absolutely unrealistic. As well as the fact that your files will be lost if you won't pay the fine. And at the bottom of the messages scammers claim that this operation Stop Online Privacy-Project Global 3 is is a coordinated effort by the U.S., Canadian, European, Australian, U.K., New Zealand and other law enforcement agencies across the globe targeting computers with pirated content. It's not true of course but may also reveal what countries are targeted by scammers.

And that is precisely how this type of malware gets its name. You may recall being told the story of Helen of Troy and the Trojan horse when you were at school. Well, our modern day Trojan has more in common with Greek mythology than you might think. Think back to when the ancient Greeks penetrated the city of Troy by hiding their army in the hollow body of a giant wooden horse, presented the horse as a peace offering to their enemies, the Trojans and then attacked the city from within. This too is how today's Trojan Horses operate: they convince you that they are a legitimate program that not only has nothing wrong with them, but are also something desirable or useful.

"Pirated software has been detected." ransom Trojan is often included in spam emails as an attachment. As soon as you click to open this attachment you've allowed the Trojan to install itself on your PC. This is a favored MO of Trojan creators as the malware, unlike viruses, doesn't replicate itself – they can simply send out a mass emailing and then wait for the recipients to do their dirty work for them. Once you have executed and installed the Trojan Horse the server that it is connected to will launch its software each time you log on to your computer.

So why do Trojan Horses employ such underhand tactics? That's because the scammers know that if you knew the damage they could cause you would go out of your way to avoid them. Trojans are malicious and can really cause problems for you and your computer. They can corrupt your data and make your files and programs impossible to open or access.

The good news is that there are things you can do to protect yourself. Firstly, ensure you have a reputable (and up to date) anti-malware program. And it goes without saying that you should never open an email or click on an attachment or link if you don't recognize the sender.

If you have any questions, please leave a comment below. Last, but not least, if there's anything you think I should add or correct, please let me know. It might be a pain but the issue needs to be dealt with – and the way to do it is by not giving in, not paying up and not letting the attackers win. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com


Step 1: Removing "Pirated software has been detected" ransomware and related malware:


Before restoring your files from shadow copies, make sure this ransom Trojan is not running. You have to remove this malware permanently. Thankfully, there are a couple of anti-malware programs that will effectively detect and remove this malware from your computer.

1. Please reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key.


NOTE: Login as the same user you were previously logged in with in the normal Windows mode.

2. Then, download and install recommended anti-malware scanner. Run a full system scan and remove detected malware.





That's it! Your computer should be clean now and you can safely restore your files. Proceed to Step 2.


Step 2: Restoring files encrypted by this virus:


Method 1: The first and best method is to restore your files from a recent backup. If you have been regularly performing backups, then you should use your backups to restore your files.

Method 2: Try to restore previous versions of files using Windows folder tools. To learn more, please read Previous versions of files.

Method 3: Using the Shadow Volume Copies:

1. Download and install Shadow Explorer. Note, this tool is available with Windows XP Service Pack 2, Windows Vista, Windows 7, and Windows 8.

2. Open Shadow Explorer. From the drop down list you can select from one of the available point-in-time Shadow Copies. Select drive and the latest date that you wish to restore from.



3. Righ-click any encrypted file or entire folder and Export it. You will then be prompted as to where you would like to restore the contents of the folder to.



Hopefully, this will help you to restore all encrypted files or at least some of them.

Read more

Wednesday, November 26, 2014

How to Remove GadgetPrise Ads (Virus Removal Guide)

GadgetPrise is a new variant of BrowseFox adware. Adware, or advertising supported software, is often seen as a lesser threat than some of its malware cousins however it is undeniably still malicious software. So what are the characteristics of GadgetPrise adware? This is software that has been developed with the express purpose of displaying on-page advertising. More specifically it is advertising that is usually tailored to meet your particular requirements or match your interests. "Ads by GadgetPrise" or simply GadgetPrise Ads show up on website that not have ads at all. Needless to say, that it's not only annoying and intrusive but also unethical. So, how does it know just what those requirements or interests are? It monitors all the websites you visit and the products or services that you are viewing within those sites. And because adware runs whenever you're online, you'll never be able to escape from this rather intrusive form of Internet marketing. One more thing, those ads might not necessarily be targeted, I mean they may not match your interests. You may get fake Java update and fake Flash update ads one or two times out of ten.


GadgetPrise is usually installed by other programs, mostly PUPs. That's right, you don't need to be visiting, or even downloading from, X rated websites – all you need to be doing is reading your emails, chatting on instant messenger, checking your Facebook news feed, reading the latest news or gossip or downloading the latest season of your favorite TV show. In other words, simple online activities that almost all of us perform on a daily basis may lead you GadgetPrise ads. And if that sounds a little extreme, take a look at the facts because if a recent study is to be believed, over 90% of PCs have malware on them, whether that be a virus, a Trojan Horse, spyware, a potentially unwanted program – or adware.

Developers create adware to help them regain the costs accumulated while creating freeware – software programs available to download for free from the Internet. And while this may seem a fair exchange – after all, you're getting something for nothing and a developer has to be able to make a living somehow, things can take a rather nastier turn when a unscrupulous developer decides to sell the data he's collected about your browsing habits to a third party. And they may not have marketing in mind, but are more interested in your identity.

So how can you stop GadgetPrise adware from being installed on your computer or other Internet enabled device? Because it is normally bundled with the free software that a developer is giving away, and because adware is seen by them as a legitimate form of software (even if we don't want it!) it will often be mentioned in End User License Agreements. Therefore, next time you're downloading something and you get the Terms and Conditions and small print you need to take a few minutes to actually read it – something most of us don't do. And read it carefully as the wording is often rather ambiguous and you may find boxes that have been pre-checked that will need unchecking should you wish to avoid installing adware in conjunction with the other program.

One thing you DO need to make sure you have installed is anti-malware software. You also need to remember to make sure it is up to date so it recognizes new strains of adware. Stay one step ahead and stay safe.

To remove GadgetPrise ads, please follow the steps in the removal guide below. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com



GadgetPrise Ads Removal Guide:


1. First of all, download anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this malware. Hopefully you won't have to do that.





2. Remove GadgetPrise related programs from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

Go to the Start Menu. Select Control PanelAdd/Remove Programs.
If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove the following:
  • GadgetPrise
  • and any other recently installed application


Simply select each application and click Remove. If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.

Remove GadgetPrise related extensions from Google Chrome:

1. Click on Chrome menu button. Go to ToolsExtensions.



2. Click on the trashcan icon to remove GadgetPrise, MediaPlayerV1, HD-Plus 3.5 and other extensions that you do not recognize.

If the removal option is grayed out then read how to remove extensions installed by enterprise policy.




Remove GadgetPrise related extensions from Mozilla Firefox:

1. Open Mozilla Firefox. Go to ToolsAdd-ons.



2. Select Extensions. Click Remove button to remove GadgetPrise, MediaPlayerV1, HD-Plus 3.5 and other extensions that you do not recognize.

Remove GadgetPrise related add-ons from Internet Explorer:

1. Open Internet Explorer. Go to ToolsManage Add-ons. If you have the latest version, simply click on the Settings button.



2. Select Toolbars and Extensions. Click Remove/Disable button to remove the browser add-ons listed above.

Read more

Sunday, November 23, 2014

Remove ooov.net pop-up on startup and redirect to gamezdoka.org (Virus Removal Guide)

Ooov.net pop-ups are not only intrusive and annoying but also indicate that your computer is infected by malware. Of course, it's not the most sophisticated malware out there and won't steal your passwords, encrypt or delete files. I've got it from Far Cry download. Yours might be different but despite the source the infection is actually the same. It modifies Windows registry so that once your computer boots a CMD window shows up for a second and opens your web browser. The first think you will see is ooov.net but it works like a redirect website to gamezdoka.org for instance. Or you may be redirected to other websites.

The whole Windows registry modification looks like this:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run then it should be "CMD" running cmd.exe /c start http://ooov.net & & exit.

The good news is that it's not so difficult to remove ooov.net and gamezdoka.org pop-ups. You just need to download and use this very useful tool called Autoruns from Microsoft website. Please follow the steps in the removal guide below.

But there's one thing you should know about this infection: it comes bundled with adware and potentially unwanted programs (PUPs). In other words, if you're getting ooov.net and gamezdoka.org pop-ups on startup then your computer is probably infected by other malware as well, most likely PUPs. Let's get the first thing straight, we're not talking about man's best friend here – in fact we're talking about something that is closely related to one of man's worst enemies! The PUPs we're going to take a look at today are not our furry four legged friends, they are Potentially Unwanted Programs: a different beast entirely.

Potentially Unwanted Programs install themselves on your computer without clearly telling you that this is their intention. PUPs can be tool bars, home pages, web browsers and search engines and although that doesn't sound dangerous – in fact it sounds quite the opposite – in actual fact PUPs are incredibly annoying thanks to their nasty little habit of redirecting all of your web searches to completely different websites instead of the one you were attempting to visit. Ooov.net is a good example, isn't it? Not only that but they can also make your computer more vulnerable to online attacks from malicious software.

More often than not a PUP will be bundled or packaged with another item of software. And it doesn't matter whether this is a well known program or not, as Potentially Unwanted Programs attach themselves to software and applications of varying degrees of legitimacy. That means you could fall victim to a PUP because you downloaded a hit movie, some adult X rated content, new desktop wallpaper or even the widely used, and very reputable, program Skype. Some companies or people who offer downloads are completely aware that a PUP is packaged with their product; however others are none the wiser. As I said before I got this ooov.net pop-up after downloading Far Cry.

But it's not all doom and gloom for it is often possible to spot a Potentially Unwanted Program before it gets installed on your computer. The trick is to properly read the End User License Agreement when you're downloading something. Oftentimes PUPs that display ooov.net and gamezdoka.org pop-ups are mentioned in these (one reason that the developers of PUPs can claim they are not true malware). Malware and PUP creators know that most of us skim through License Agreements and they play on this. You need to watch out though because even when an 'added extra' is referenced the wording can be rather ambiguous or deliberately confusing. You may also come across sneaky little tricks such as awkward wording and check boxes that have already been checked in advance.

The other annoying thing is that if you do end up with a Potentially Unwanted Program on your machine, either through lack of your own diligence or due to a developer's tricky wording, the software developer will know that you've assumed your anti-virus wasn't doing its job properly. However, ask them about this and they'll just tell you that you should have read the License Agreement properly – and really, it's hard to argue with that logic!

Therefore to summarize, when you're downloading something - anything - from the Internet it really is worth your while to take just a moment or two longer and read the small print. That extra minute could save you a whole world of irritation and pain!

To stop ooov.net and gamezdoka.org from popping up on your computer, you can use Autoruns for Windows or open up Windows registry editor, search for ooov.net and delete all entries you find. You can also remove this error message by removing the start-up entry in the Windows Task Scheduler. I recommend using Autoruns. Once the problem is fixed, scan your computer with anti-malware software. Why? Because very often this adware comes bundled with PUPs and even spyware. There might be malware on your computer that you didn't notice yet. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com


Ooov.net/gamezdoka.org pop-up removal guide:

1. First of all, download recommended anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this malware. Hopefully you won't have to do that.





2. Download Autoruns for Windows and save it to your Desktop.

3. Launch autoruns.exe program (Vista/Windows 7/8 users right-click and select Run As Administrator).



4. In the top menu, click Options > Filter Options.



5. Uncheck Hide Microsft entries and click Rescan.



6. Open Longon tab. Find HKCU\Software\Microsoft\Windows\CurrentVersion\Run in the list. Then right-click CMD and select Delete.



7. Close Autoruns and reboot your computer when done.

8. Scan your computer with anti-malware software.

Read more

Friday, November 21, 2014

Remove "Powered by Coupons" pop-up ads (Virus Removal Guide)

"Powered by Coupons" pop-up ads are not only annoying and intrusive but they also indicate that your computer is infected with adware and/or potentially unwanted programs. Pop-up ads usually come in the bottom right corner and give you a list of random products, and obstruct what you are looking at. Whether you view it as a scourge of the Internet, a necessary evil that you must put up with in order to be able to download freeware, or it really doesn't bother you in the slightest, it is worth remembering that adware, or Advertising Supported Software, is not always dangerous. However, read between the lines of that last sentence and you'll probably guess at what we're getting at: adware is not always harmful - and that means that it's not always HARMLESS either!

The problem is that when you're downloading freeware, or even some paid for programs that you need to purchase, you may also be inadvertently and unwittingly downloading spyware or malware at the same time. Sometimes you can get adware that displays "Powered by Coupons" ads.


So whilst this adware might not sound like the most sinister thing out there, if you're thinking that spyware and malware sound far less desirable then you'd be right. Spyware is a software program that has been designed with the express purpose of gathering information about you; specifically your browsing habits and Internet usage. Thankfully, it can't log the keys you type (passwords, logins, credit card details and online bank account info - and hello huge security breach) and it cannot take screenshots when you're logged in. However, if does spy on you and that's more than enough to think twice before leaving this adware on your computer. Please note that it could be installed as ShopperPro or Obrona or something else. This infection is not the same for everyone. You might also notice that when your computer is infected, web browsers often downloads something from shoppingate.info and superfish.com. These websites are used to send information and receive information about possible ads "Powered by Coupons".

Malware on the other hand is a general term which covers a number of unpleasant Internet threats, including computer viruses, worms and Trojan Horses. These are all designed to do your computer, operating system, files, personal security or data serious harm. Either for financial gain, or for a hackers own sick amusement.

The other problem with adware, spyware and malware is that they often continuously run in the background which in turn has a domino effect on your PC's resources. They will slow down your processor, take up valuable memory space and can seriously affect your Internet connection - oh no! Spyware, and adware that displays elements of spyware, have a particular knock on effect as not only are they running around the clock but they're also working hard to collect and transmit all that juicy data about you.

So how do you spot if you have something unwanted installed on your computer? In the case of adware, your first inkling will probably be the proliferation of "Powered by Coupons" pop-up, pop-under and banner adverts that you suddenly start seeing displayed on your computer whenever you're online. That may well be followed with a drop in your computer's performance. The other issue is that when your operating system, hard drive and PC are under pressure, you'll also be more vulnerable to security issues.

It stands to good reason that you want to protect not only your PC but also your identity, your files and your bank account therefore you should always be clued up as to which programs you have installed on your computer. On top of that, when installing new software, always read the licensing agreement carefully so you know exactly what you're downloading along with your original freeware program or purchased software.

To remove "Powered by Coupons" ads, please follow the steps in the removal guide below. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com



"Powered by Coupons" Ads Removal Guide:


1. First of all, download anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this malware. Hopefully you won't have to do that.





2. Remove "Powered by Coupons" related programs from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

Go to the Start Menu. Select Control PanelAdd/Remove Programs.
If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove the following:
  • ShopperPro
  • Obrona
  • Coupons
  • and any other recently installed application


Simply select each application and click Remove. If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.

Remove "Powered by Coupons" related extensions from Google Chrome:

1. Click on Chrome menu button. Go to ToolsExtensions.



2. Click on the trashcan icon to remove ShopperPro, Obrona, MediaPlayerV1, HD-Plus 3.5 and other extensions that you do not recognize.

If the removal option is grayed out then read how to remove extensions installed by enterprise policy.




Remove "Powered by Coupons" related extensions from Mozilla Firefox:

1. Open Mozilla Firefox. Go to ToolsAdd-ons.



2. Select Extensions. Click Remove button to remove ShopperPro, Obrona, MediaPlayerV1, HD-Plus 3.5 and other extensions that you do not recognize.

Remove "Powered by Coupons" related add-ons from Internet Explorer:

1. Open Internet Explorer. Go to ToolsManage Add-ons. If you have the latest version, simply click on the Settings button.



2. Select Toolbars and Extensions. Click Remove/Disable button to remove the browser add-ons listed above.

Read more

Thursday, November 20, 2014

855-972-3537 Scam - Your computer may have adware/spyware virus

855-972-3537 phone number is being used by fraudulent websites, support-tech-group.com for instance, to trick you into thinking that your computer is infected with adware and spyware. It's a fake Firewall alert. DO NOT fall for this tech support scam! Your computer is not infected with the viruses mentioned in the fake warning. If you got this pop-up, please close the tab or browser and do not follow the on screen instructions. If you keep constantly getting this fake warning then your computer might be infected with adware, spyware or other malware. Please use this guide to remove 855-972-3537 tech support scam and any associated malware.

Here's how the fake security alert reads:

(1) Firewall Alert:

YOUR COMPUTER MAY HAVE ADWARE / SPYWARE VIRUS

Call 855-972-3537 immediately for assistance on how to remove potential viruses. The call is toll-free.

Possible network damages if the viruses are not removed immediately: UNKNOWN

DATA EXPOSED TO RISK:
1. Your credit card details and banking information
2. Your e-mail passwords and other account passwords
3. Your Facebook, Skype, AIM, ICQ and other chat logs
4. Your private photos, family photos and other sensitive files
5. Your web cam could be access remotely by stalkers with a VPN virus

MORE ABOUT THE VIRUS:
Seeing these pop-ups means that you may have a virus installed on your computer which puts the security of your personal data at a serious risk.
It's strongly advised that you call the number above and get your computer inspected before you continue using your internet, especially for shopping.


As you can see, it's a typical tech support scam. Scammers want to convince you into downloading they bogus malware removal software. Bogus malware scanners usually find hundreds on viruses on your computer that of course don't exist in reality. So, don't download anything and don't pay for bogus tech support service unless you want to lose $200 or $300 just before the Black Friday. I'm pretty sure you don't want this.

Such fake pop-ups are usually displayed by bogus web browser extensions, adware and PUPs (Potentially Unwanted Programs). Potentially Unwanted Programs are a type of software program which you have accidently installed on your PC, laptop or tablet. Surely that's no mean feat – how on earth do you accidently install something you don't want on your own computer? Well that is due to the rather insidious way that PUP developers deliver their 'product'. The truth is that it doesn't matter what you're downloading; it could be something you've paid good money for such as an anti-virus program (the irony!), the latest version of a software upgrade, or some freeware such as a movie or album download, PUPs do not discriminate and whatever you're downloading, you could also be installing a hidden extra in conjunction with the program you do want.

All that you really need to be aware of though is that you need to pay closer attention when you're downloading programs, files or applications online. It really doesn't matter how well known, or expensive, the item you're downloading is, it may still be bundled with a PUP. As a result, you may later get 855-972-3537 scam pop-ups.

So how can you tell if the software or file you want is packaged with a Potentially Unwanted Program? The good news is that it is fairly easy – albeit slightly tedious! Basically you need to stop skipping through the End User License Agreement (EULA) that asks you to agree to a download and take more interest in what it is you're actually installing. Look for mentions of an 'added program' and ensure that check boxes are checked or unchecked in your favor.

If you have questions, leave a comment down below. I will be more than happy to help you. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com


855-972-3537 Tech Support Scam Removal Guide:

1. First of all, download anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this malware. Hopefully you won't have to do that.





2. Remove 855-972-3537 scam pop-up related programs from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

Go to the Start Menu. Select Control PanelAdd/Remove Programs.
If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove the following:
  • Quiknowledge
  • LyricsSay-1
  • Websteroids
  • BlocckkTheAds
  • HD-Plus 3.5
  • and any other recently installed application


Simply select each application and click Remove. If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.


Remove scam pop-ups from Google Chrome:

1. Click on Chrome menu button. Go to ToolsExtensions.



2. Click on the trashcan icon to remove BlocckkTheAds, LyricsSay-1, Websteroids, Quiknowledge, HD-Plus 3.5 and other extensions that you do not recognize.



If the removal option is grayed out then read how to remove extensions installed by enterprise policy.




Remove scam pop-ups from Google Chrome:

1. Open Mozilla Firefox. Go to ToolsAdd-ons.



2. Select Extensions. Click Remove button to remove BlocckkTheAds, LyricsSay-1, Websteroids, Quiknowledge, HD-Plus 3.5 and other extensions that you do not recognize.




Remove scam pop-ups from Internet Explorer:

1. Open Internet Explorer. Go to ToolsManage Add-ons. If you have the latest version, simply click on the Settings button.



2. Select Toolbars and Extensions. Click Remove/Disable button to remove the browser add-ons listed above.

Read more