×

Notice: this is a preview of the original feed. Please, read our copyright notice. If you are the copyright holder of this feed click here.

feed

Tags: blogspot remove somoto.com instruction malici malware comput uninstall toolbar software mountain view

Malware Removal Instructions
From network security to phishing and malicious software. Whatever problem you have, we're here to help you solve it!...

by Admin, Mountain View (geolocate), published: Fri 27 Mar 2015 08:25:00 PM CET.

Favicon How to Remove "Ads by Ad Browser" Malware (Uninstall Guide)
16 Mar 2015, 9:15 pm
Just in case you've been getting "Ads by Ad Browser" recently and you don't know hot to remove them, hopefully this article will clear up the mystery for you! Adware is all over the Internet these days and is a type of software that has been designed to display adverts on your computer. If that sounds like not such a big deal and you're wondering what all the fuss is about, you might also be interested to know that Ad Browser adware also monitors which websites you visit, and the goods or services that you look at when you are on those websites.

Why does it do this? It is so that it is able to tailor make the Ad Browser ads that you see to meet your requirements or match your interests. And if you're still thinking that this doesn't sound particularly bad – in fact it may even seem quite handy – don't forget that this means that an anonymous third party is watching what you are doing whenever you are connected to the Internet.


And that's not all because so that it, or more accurately the adware's programmer, can see what sites you browse, the Ad Browser installs a tracking component onto your PC. And it is precisely this component that can cause you issues. For a start it is using your Internet connection to relay the data it collects on you back to the programmer and that slows down your connection to the point that it might even cause your browser to keep on crashing. The component is also working away behind the scenes of your computer and that in turn can slow your CPU right down too.

In addition to this, as if that wasn't enough to contend with, advertising supported software often makes it easier for other types of malware to infect your computer – namely spyware, which is similar to the tracking component but takes its monitoring activity to a whole new level.

So the big question is – how do you protect yourself from Ad Browser and stop it from installing itself on your PC?

The good news is that there are a number of things you can do to try and avoid the menace of adware. Here are some of the main ones:
  • Install (and run regularly) good anti-malware software
  • Do not download software or applications from third party websites – download directly from the publisher wherever possible
  • Don't open files or click on links in emails or instant messages if you don't recognize the sender
  • If you are downloading something ensure you read the License Agreement properly so you know just what it is you are installing
  • Install pop-up blockers and a firewall
  • If you encounter any pop-up windows – including Ad Browser ads – to close them click the little red 'x' in the corner of the pop-up. 'OK' or 'Close' buttons can be rigged so that if you click on them they trigger another installation – such as more adware or another type of malware
If it's already to late and your computer is infected then please follow the steps in the removal guide below to remove Ad Browser adware. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com



Ad Browser Ads Removal Guide:


1. First of all, download anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this malware. Hopefully you won't have to do that.





2. Remove Ad Browser related programs from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

Go to the Start Menu. Select Control PanelAdd/Remove Programs.
If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove the following:
  • Ad Browser
  • GoSave
  • deals4me
  • SaveNewaAppz
  • and any other recently installed application


Simply select each application and click Remove. If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.

Remove Ad Browser related extensions from Google Chrome:

1. Click on Chrome menu button. Go to ToolsExtensions.



2. Click on the trashcan icon to remove Ad Browser 1.0.1, MediaPlayerV1, Gosave, HD-Plus 3.5 and other extensions that you do not recognize.

If the removal option is grayed out then read how to remove extensions installed by enterprise policy.




Remove Ad Browser related extensions from Mozilla Firefox:

1. Open Mozilla Firefox. Go to ToolsAdd-ons.



2. Select Extensions. Click Remove button to remove Ad Browser 1.0.1, Gosave, MediaPlayerV1, HD-Plus 3.5 and other extensions that you do not recognize.

Remove Ad Browser related add-ons from Internet Explorer:

1. Open Internet Explorer. Go to ToolsManage Add-ons. If you have the latest version, simply click on the Settings button.



2. Select Toolbars and Extensions. Click Remove/Disable button to remove the browser add-ons listed above.

Share this post


Favicon Remove megacode@alphamail10.com Ransom Virus and Restore Encrypted Files
16 Mar 2015, 8:44 pm
There are a number of different ransomware strains doing the rounds at any given time - you may well have heard of the vicious megacode@alphamail10.com or just megacode ransom virus one in particular - however most types of this thoroughly unpleasant malware work in the same way. Most people these days have heard of many of the different types of malware, including Trojan Horses, Spyware, Adware and Potentially Unwanted Programs but one form of malicious software that only seems to get flagged up on our radars every so often, and therefore doesn't get quite the same amount of publicity is ransomware. But that is not to say that you should not be fully aware of the risks or the dangers associated with this particularly vicious attacker.

Ransomware can also be known as cryptoware, a cryptovirus, a cryptoworm or a cryprotrojan - all of which sound equally menacing and unpleasant, we are sure you will agree! So what is megacode@alphamail10.com ransomware, how does it disseminate itself, what effect can it have on your computer - and quite possibly your sanity - and how do you avoid being infected by it for a start?

How does megacode@alphamail10.com ransom virus infect your PC?

It is spread via attachments in emails, by programs that have been infected by it, and also by websites that have been compromised. What this means for you is that being very careful about what messages you open, what programs you download and what websites you visit is now more crucial than ever before.

What is the point of ransomware?

Ransomware, as the name suggests, has one main reason for being - and that is to extort money from you, using one of a number of different tactics, namely being by holding your files to ransom. In this case, cyber criminals simply leave a text note saying that your need to contact them via email megacode@alphamail10.com. It might not be the same for everyone. I'm pretty sure cyber criminals have more than one email address but for now let's say it's a megacode virus. By the way, it's not so well coded as for example CryptoWall 3.0 or CryptoLocker but ir does encrypt your files and it's not a joke. Actually, it reminds me of the fud@india.com ransomware.

How does it operate?

If you've been attacked by megacode@alphamail10.com virus you will soon realize that you are unable to access any, or even all, of your files or documents. You will attempt to do so only to receive a ransom letter in the form of an text file that is asking for (or demanding, to be more accurate) a sum of money. In return for this ransom, the cyber criminal tells you that they will send you a key that will enable you to unlock your file.

They will normally also try and scare you into paying quickly by telling you that if you don't submit to their demands by a specified deadline that they will destroy the key - therefore eliminating any chance of you from ever being able to open your file and access its data again.

And that's not all because to dial the fear factor up to eleven, your file's 'kidnapper' may even try and convince you that you are about to become a person of interest in a police or federal inquiry. You will be told that, after investigation, you have been found either visiting websites or downloading programs of an illegal nature. And, what do you know, you will of course be given the chance to escape legal action by paying another fine!

As mentioned above, be careful what you download and which sites you visit - and backup your data on a regular basis. That way, if you do fall victim to megacode@alphamail10.com you can ignore their demands, wipe your disk drive and start over. Or you can remove this ransom virus from your computer and restore at least some of your files using Shadow Explorer. To do so, please follow the steps in the removal guide below. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com



Step 1: Removing megacode@alphamail10.com virus and related malware:


Before restoring your files from shadow copies, make sure megacode@alphamail10.com ransomware is not running. You have to remove this malware permanently. Thankfully, there are a couple of anti-malware programs that will effectively detect and remove this malware from your computer.

1. First of all, download and install recommended anti-malware scanner. Run a full system scan and remove detected malware.





Important! If you can't download or run it, please restart your computer in Safe Mode with Networking or Safe Mode and try again.

2. Then, download ESET Online Scanner and run a second scan to make sure there are no other malware running on your computer.

That's it! Your computer should be clean now and you can safely restore your files. Proceed to Step 2.


Step 2: Restoring files encrypted by megacode@alphamail10.com virus:


Method 1: The first and best method is to restore your files from a recent backup. If you have been regularly performing backups, then you should use your backups to restore your files.

Method 2: Try to restore previous versions of files using Windows folder tools. To learn more, please read Previous versions of files.

Method 3: Using the Shadow Volume Copies:

1. Download and install Shadow Explorer. Note, this tool is available with Windows XP Service Pack 2, Windows Vista, Windows 7, and Windows 8.

2. Open Shadow Explorer. From the drop down list you can select from one of the available point-in-time Shadow Copies. Select drive and the latest date that you wish to restore from.



3. Righ-click any encrypted file or entire folder and Export it. You will then be prompted as to where you would like to restore the contents of the folder to.



Hopefully, this will help you to restore all encrypted files or at least some of them.

Share this post


Favicon How to Remove Special Box Ads Malware (Uninstall Guide)
15 Mar 2015, 9:26 pm
One thing that many people seem to be divided on is whether Special Box is actually a type of malicious software. Some people see it as an innocent and unavoidable aspect of using the Internet while others hold firm the belief that it is a proper form of malware. The fact is that most experts are in agreement that adware, or advertising supported software to give it its true title, is actually malicious software. Part of the reason for this is the way in which it is downloaded on to your computer, and part of it is due to the fact that it can track your every move when you're connected to the Internet and of course display Special Box ads on pretty much every website you visit. Besides, it's from the same family as BrowseFox malware.

Special Box ads, in whatever shape or form they comes in, can be somewhat intrusive. In fact it can be increasingly difficult to escape advertising. In this day and age we are under constant attack by marketers and brands all trying to get us to spend our hard earned dollar on their products or services. And as we all spend increasing amounts of time online, of course, the Internet is no refuge from the barrage.


However, online advertising can vary wildly; from adverts that hold a genuine interest – perhaps you're seeing adverts on the websites you visit for a camera that you have just been looking at (more on how that happens shortly) – or maybe you are seeing pop-up adverts for a manga style gaming website that you have zero interest in.

Going back to the Special Box adverts that are very similar to products you have recently been browsing for a moment: how does the Internet KNOW which adverts to show you? How does the website you're reading the news on know that a couple of hours before you were looking at cameras? That's all down to the tracking component that Special Box adware installs on your computer when you download the adware. This component monitors which websites you visit, looks at the pages or products you are looking at within that site, and sends the data back to the adware's developer – who then makes sure you only see adverts for products that you have a high likelihood of clicking on.

However, returning again to the pop-up style adverts that we also mentioned, if you're seeing Special Box ads it is a fair indication that you have the true malware style of advertising supported software on your computer. As well as the aforementioned gaming sites, these adverts can also be for porn, gambling or crazy weight loss methods. And the worst thing about these ads is that they simply won't go away. The pop-up windows will return time and time again, no matter how many times you click on them – leaving you tearing your hair out in frustration and wondering just what is going on with your computer.

The other major issue with pop-up ads and this type of adware is that you are also being made vulnerable to threats of an even more serious nature. Special Box can negatively impact on other programs running on your PC, weakening your computer's defense and increasing the chances of you being infected by even nastier types of malware. It constantly runs in the background as a utilSpecialBox.exe program and checks for updates. It can download and install other malware on your computer as well. To remove Special Box ads from your computer, please follow the steps in the removal guide below. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com



Special Box Ads Removal Guide:


1. First of all, download anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this malware. Hopefully you won't have to do that.





2. Remove Round World related programs from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

Go to the Start Menu. Select Control PanelAdd/Remove Programs.
If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove the following:
  • Special Box
  • GoSave
  • deals4me
  • SaveNewaAppz
  • and any other recently installed application


Simply select each application and click Remove. If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.

Remove Special Box related extensions from Google Chrome:

1. Click on Chrome menu button. Go to ToolsExtensions.



2. Click on the trashcan icon to remove Special Box 1.0.1, MediaPlayerV1, Gosave, HD-Plus 3.5 and other extensions that you do not recognize.

If the removal option is grayed out then read how to remove extensions installed by enterprise policy.




Remove Special Box related extensions from Mozilla Firefox:

1. Open Mozilla Firefox. Go to ToolsAdd-ons.



2. Select Extensions. Click Remove button to remove Special Box 1.0.1, Gosave, MediaPlayerV1, HD-Plus 3.5 and other extensions that you do not recognize.

Remove Special Box related add-ons from Internet Explorer:

1. Open Internet Explorer. Go to ToolsManage Add-ons. If you have the latest version, simply click on the Settings button.



2. Select Toolbars and Extensions. Click Remove/Disable button to remove the browser add-ons listed above.

Share this post


Favicon Remove Jorikestnoski.com Ad Malware (Uninstall Guide)
15 Mar 2015, 8:53 pm
Jorikestnoski.com is an ad-riddled webpage being spammed through popular web services like Steam or Spotify. It's an adware issue, so these services have nothing to do with it. Jorikestnoski.com can pop-up on your computer when it's infected with adware as well. It can be tempting to dismiss adware as something that won't be a problem. After all, you know you don't download pirated software, you don't visit websites of a disreputable nature and you're pretty sure your anti-virus is more than capable of protecting you. Well, take a look at the figures and you might be surprised because according to malware experts, in excess of 90% of PC users have some type of malicious software installed on their computer at any given time. That's a frighteningly huge amount.


As well as being irritating, many people take issue with jorikestnoski.com for the fact that the adverts that you see on websites are often almost exact matches for products you have been looking at online. And that's because it installs a tracking component on your PC which monitors which websites you are looking at. This data is then relayed to the adware developer who uses it to tailor the adverts to your recent searches. It's not a pleasant thought that some unknown third party is watching your every move and knows exactly which websites you are visiting – no matter how innocuous they may be. If you've been recently searching for a car then it will display ads for best car deals, etc. You get the idea. Sometimes, jorikestnoski.com pop-up ads can be completely random. One way or another, it's a threat and has to be removed from your computer.

Because it normally comes bundled with another program you need to make sure you read T's & C's carefully when downloading. The adware will normally be mentioned in the small print so make sure that you don't just skip through this but read it in full. Yes it's boring, yes you just want to get to your download, but it beats being infected by this nuisance! To remove this malware from your computer, please follow the steps in the removal guide below. Most of the time, it comes bundled with other potentially unwanted programs and browser hijackers and you certainly don't want to miss those too. If you have questions, leave a down comment below. I will be more than happy to help you. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com


Jorikestnoski.com Ad Malware Removal Guide:

1. First of all, download recommended anti-malware software and run a full system scan. It will detect and remove this infection from your computer.





NOTE: If you are using Internet Explorer and can't download anti-malware software because "Your current security settings do not allow this file to be downloaded" then please reset IE security settings and try again.

2. Download and run TDSSKiller. Press the button Start scan for the utility to start scanning.



3. Wait for the scan and disinfection process to be over. Then click Continue. Please reboot your computer after the disinfection is over.



4. Open the Run Command (press Windows key + R) and type inetcpl.cpl, then go to the last tab (Advanced) at the top and use both reset buttons. Check the box to delete all settings on the second reset.

Share this post


Favicon Encrypted Files (.ecc extension) Malware Removal Guide
14 Mar 2015, 8:55 pm
If most of your files are encrypted and have a .ecc extension, for example work.docx.ecc, then your computer is almost certainly infected with TeslaCrypt ransomware. Obviously, encrypted files cannot be opened by the standard program. They must be decrypted first but the problem is that you need to purchase your private key using TeslaCrypt service in order to do so. You don't have to be a techie whizz kid to know that cyber criminals, malware users and hackers are increasingly upping the ante in their attempts to defraud, scam, phish and extort computer users – such as you and me – out of our hard earned money.

There are more than enough different types of malicious software out there to keep us on our toes, but one of the most unpleasant ones is ransomware which seems to rear its ugly head in fits and starts, rather than being a constant on the malware landscape. However just because it appears to come and go is not reason to ignore it for ransomware is something that can cause untold stress, both on you and on your bank account, if you are not careful.

What exactly is TeslaCrypt ransomware?

The name probably gives it away, or at least holds a clue as to what this particular Internet based menace can do and how it operates. To cut a long story short, ransomware infests your computer, kidnaps one or more of your files, changes file extension to .ecc, holds them hostage – and then, as a natural conclusion, demands a ransom from you to let them go free.


How does it infect my PC?

As with most types of computer virus or malware, ransomware infects you via email carrying an infected attachment or link. It can also disseminate itself through other programs or it may employ a technique called a drive-by installation – this is when you visit a website that has been compromised.

You may notice that something is amiss on your computer when you suddenly find that you can't access a particular file or document, when you receive a ransom note – i.e. an email - or you are shown a screen or pop-up window alerting you. Usually these emails or alerts will appear to have been sent by a reputable organization such as the FBI or other national law enforcement agency. This of course would have the majority of us shocked into stunned silence (or possibly letting slip a few choice curse words!)

But what am I "guilty" of?

The email or warning will tell you that you have infringed some sort of serious law: maybe you've been "caught" looking at some dubious x-rated content or downloading pirated software or movies, for example.

Then, still pretending that a genuine federal or law agency were behind the message, you will then be shown how much you are being penalized and the amount of the fine you need to pay to atone for your "wrongdoing". But don't worry, this untoward third party will make it nice and easy for you to pay – this will either be by using an (untraceable) pre-paid card or Bitcoins, the digital currency.

Should I pay the fine?

No. Do not encourage these online scammers; no reputable law enforcement agency uses these tactics. If you have a recent backup, wipe your hard disk and reinstall your files. If you don't, try Shadow Explorer program or search your computer for previous versions of files. If you are lucky enough you may find files that were not encrypted and renamed to .ecc. But before restoring your files, please remove the ransomware and related malware files from your computer. Otherwise, you will simply waste your time. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com


Step 1: Removing TeslaCrypt and related malware:


Before restoring your files from shadow copies, make sure TeslaCrypt is not running. You have to remove this malware permanently. Thankfully, there are a couple of anti-malware programs that will effectively detect and remove this malware from your computer.

1. First of all, download and install recommended anti-malware scanner. Run a full system scan and remove detected malware.





Important! If you can't download or run it, please restart your computer in Safe Mode with Networking or Safe Mode and try again.

2. Then, download ESET Online Scanner and run a second scan to make sure there are no other malware running on your computer.

That's it! Your computer should be clean now and you can safely restore your files. Proceed to Step 2.


Step 2: Restoring files encrypted by TeslaCrypt virus:


Method 1: The first and best method is to restore your files from a recent backup. If you have been regularly performing backups, then you should use your backups to restore your files.

Method 2: Try to restore previous versions of files using Windows folder tools. To learn more, please read Previous versions of files.

Method 3: Using the Shadow Volume Copies:

1. Download and install Shadow Explorer. Note, this tool is available with Windows XP Service Pack 2, Windows Vista, Windows 7, and Windows 8.

2. Open Shadow Explorer. From the drop down list you can select from one of the available point-in-time Shadow Copies. Select drive and the latest date that you wish to restore from.



3. Righ-click any encrypted file or entire folder and Export it. You will then be prompted as to where you would like to restore the contents of the folder to.



Hopefully, this will help you to restore all encrypted files or at least some of them.

Share this post

© 2015 Frêney, S.r.l. - V.A.T. ID IT03001860166