I’ve been posting for some time now here at www.freefixer.com/b/, but I’m not entirely happy with the results. Often the blog posts rank pretty bad in the Google search results.
So, I’m going to keep posting as usual, but I will put some of the posts over at freefixer.blogspot.com, to see if the content ranks differently.
I was actually searching for another adware, but ran into the SaveClicker adware instead. When I found SaveClicker, it was bundled with a free download manager. Here’s the info it displays in the installer.
“Just install the add-on on your browser, surf the web and get specials offers (special coupons, discounts and sales)”
Obviously SaveClicker is adware. Here’s how the SaveClicker ad looks like:
SaveClicker can easily be uninstalled by selected in the SaveClicker files in FreeFixer, or by using the entry in the Programs and Features dialog:
How did you get SaveClicker on your computer? Please share by posting a comment.
CNet’s Download.com site recently started bundling a new adware called AutZi. Basically it will show ads and change some browser settings:
AutZi adds itself into Internet Explorer and Mozilla Firefox as shown in the screenshots below:
Removing AutZi is pretty straightforward. You can just select the AtuZibho.dll file and the AtuZi Firefox extension in FreeFixer:
Here’s a step-by-step removal video that shows how to uninstall AtuZi with FreeFixer:
There’s also an entry in the Program and Features dialog which allows you to uninstall AtuZi:
Please let me know if this helped you remove AtuZi by posting a comment.
Are you seeing ads labeled Ads by OnlineBrowserAdvertising while you browse the web?
Then you have adware installed on your machine. Here’s a removal guide that shows how to remove the ads from Internet Explorer and Mozilla Firefox with help of the FreeFixer removal tool:
Did this help you to remove the OnlineBrowserAdvertising ads?
Played around with another download this morning. This time a bunch of new files and settings appeared. The first notable change was a new process and scheduled task called SW-Booster.exe appearing:
SW-Booster.exe is detected under names such as “a variant of Win32/TrojanDownloader.Agent.AFD” and “PUP.Optional.MultiPlug.A”
Two new Firefox extensions also appeared, Y**tubeAdBlocker and saVee aNete 5.14:
I’ve verified that FreeFixer removed these completely. There are also entries in the Programs and Features dialog.
Please let me know if this helped you remove the SW-Booster malware by posting a comment.
Update 2014-11-21: Seems to be a variant around called SoftwareBooster.exe:
Played around with an adware called SaveNet this evening. The screenshot below explains what types of ads SaveNet will show:
Basically you’ll see SaveNet coupons while you browse the web.
If you have SaveNet on your machine, you may also see a file called SN.Booster.exe in the Task Manager. SN.Booster.exe will also run as a service:
You’ll also see a Browser Helper Object and a Mozilla Firefox extension when scanning your computer with FreeFixer. The nasty thing about SaveNet is that it will use some sort of semi-random names displayed in Mozilla, Internet Explorer and the Programs and Features dialog. I’ve seen names such as:
- saVe neut
- ssave net
- saveE! neot
- save. net
- Save net
- savve noeT
- saVVE Net
- saVe neut
- ssave net
- saveE! neot
- savve noeT
- SN.Sustainer 1.80
What names did you see? Please share by posting a comment.
Luckily it’s pretty easy to remove SaveNet with FreeFixer. Just select the SaveNet files and click Fix and the problem will be gone. You might need to restart your machine to complete the removal.
So, what does the anti-virus programs say about SaveNet? Here’s the detections for SN.Booster.exe:
- Avast Win32:Agent-ASOC [Adw] 20140419
- ESET-NOD32 Win32/TrojanDownloader.Agent.AFD 20140419
- Qihoo-360 Win32/Trojan.Downloader.ec6 20140419
- TotalDefense Win32/Tnega.VeAcWa 20140419
- Kingsoft Win32.Troj.Generic.a.(kcloud) 20140419
- F-Prot W32/Trojan2.OBQW 20140419
- Commtouch W32/Trojan.ZIUW-3330 20140419
- Fortinet W32/Agent.AFD!tr.dldr 20140418
- Bkav W32.SauseiLTAR.Trojan 20140418
- Comodo TrojWare.Win32.TrojanDownloader.Agent.AFD 20140419
- Jiangmin TrojanDownloader.Adload.vxu 20140419
- CAT-QuickHeal TrojanDownloader.Adload.dsd.cw4 20140418
- VBA32 TrojanDownloader.Adload 20140418
- AhnLab-V3 Trojan/Win32.Agent 20140419
- TheHacker Trojan/Downloader.Agent.afd 20140419
- ViRobot Trojan.Win32.S.Agent.729600.B 20140419
- VIPRE Trojan.Win32.Generic!BT 20140419
- NANO-Antivirus Trojan.Win32.Agent.cojdgu 20140419
- Baidu-International Trojan.Win32.Agent.50 20140418
- Symantec Trojan.Gen.2 20140419
- ByteHero Trojan.Exception.gen.101 20140419
- DrWeb Trojan.DownLoad3.30962 20140419
- Agnitum Trojan.DL.Adload!sfG54tBszYg 20140418
- Ad-Aware Trojan.Agent.WDCR.C 20140419
- BitDefender Trojan.Agent.WDCR.C 20140419
- F-Secure Trojan.Agent.WDCR.C 20140419
- GData Trojan.Agent.WDCR.C 20140419
- MicroWorld-eScan Trojan.Agent.WDCR.C 20140419
- nProtect Trojan.Agent.WDCR.C 20140418
- Kaspersky Trojan-Downloader.Win32.Adload.dyhq 20140419
- Emsisoft Trojan-Downloader.Win32.Adload (A) 20140419
- Ikarus Trojan-Downloader.Adload 20140419
- K7AntiVirus Trojan-Downloader ( 0048ec4f1 ) 20140418
- K7GW Trojan-Downloader ( 0048ec4f1 ) 20140418
- TrendMicro TROJ_DLOADER.ADFK 20140419
- TrendMicro-HouseCall TROJ_DLOADER.ADFK 20140419
- Sophos Troj/Agent-AFFX 20140419
- Panda Trj/WLT.A 20140419
- AntiVir TR/Downloader.A.988 20140419
- Norman Suspicious_Gen4.FKQEC 20140419
- McAfee RDN/Downloader.a!oi 20140419
- McAfee-GW-Edition RDN/Downloader.a!oi 20140419
- Malwarebytes PUP.Optional.MultiPlug.A 20140419
- AVG Downloader.Generic13.BRBQ 20140419
There are entries to uninstall SaveNet in the Programs and Features dialog. In my case, they appear as SN-Booster, SN-Sustainer, SNT and Y**tubeAdBlocker. What names did SaveNet use on your computer?
Did this help you remove SaveNet? Please let me know by posting a comment.
Is your browser starting with istart.webssearches.com as the start page?
No problem, just check the istart.webssearches.com items in FreeFixer and it will be removed from Firefox and Internet Explorer:
There is also an entry for webssearches.com in the Programs and Features dialog in the Windows Control Panel. I have not tried it. If you do, please let me know if that removed webssearches.com completely.
Please let me know if you found this useful when removing istart.webssearches.com by posting a comment. Any idea how you got istart.webssearches.com on your machine?
Found a new adware called TowerTilt while testing a free download. This is how it will appear when it adds itself in Firefox:
Removing TowerTilt from Firefox and Internet Explorer with help from FreeFixer is pretty straightforward. Just check the TowerTiltBho.dll file and the Firefox extension in FreeFixer:
I haven’t tried it, but TowerTilt also has an uninstall entry in the Windows Control Panel:
Please let me know if this helped you remove TowerTilt by posting a comment. Do you know how you got TowerTilt on your computer?
Found another adware called PriceMeter. Here’s the info displayed in a few of the installers:
However, PriceMeter would not install, not when testing it on a 64-bit Windows 8.1 machine, nor on my old 32-bit Windows XP system. Since it refused to install, I could not examine how to uninstall it, but usually these adware programs have an entry in Add/Remove programs dialog, accessible from the Windows Contol Panel, which allows you to uninstall it. I’m pretty sure FreeFixer also can remove it completely.
Did you know more about uninstalling PriceMeter, please share by posting a comment.