Sunday, June 15, 2014

SaveForYou Is Not Virus, Then How to Remove the Adware When Anti-virus Program Fails?





OUTLINE
  • What SaveForYou really is?
  • The working mechanism of SaveForYou
  • Troubles caused by SaveForYou
  • Attention
  • Learn the way to remove SaveForYou
  • Final


SaveForYou – Correct Identification


Not a few people still consider ads like SaveForYou that pop up a lot without being removed by conventional way is virus. As a matter of fact, it is just an adware, you can also call it as advertising platform or PUP.



SaveForYou Working Mechanism 


It gives favorable terms for online operators to advertise on its platform and help them get exposed to as many PC users as possible. Should any deal is made through saveforyou platform, the operators give it the agreed portion of interest. To access as many PC users as possible, the quickest way is to modify DNS and intercept traffic. Appearing as a browser add-on/BHO, SaveForYou adware manages to do so without being picked up as malicious item.



SaveForYou Harassed Computer

  1. Several advertising boxes open up randomly on a browser to ruin surfing experience.
  2. SaveForYou slows down the overall PC performance as well as page-loading speed.
  3. Additional web applications might install on the target browser without permission and knowledge and take up the limited internal resource.

Though SaveForYou is not technique a virus, there are something that one should be noted and step up the removal. Practices show that virus nowadays are prone to attack web applications, especially the loosely programmed ones, to capitalize BHO and JS techniques in assistance with identity and information theft, take Win32: Somoto-J for example. 

Besides, getting additional items, web applications particularly, its huge cache will occupy the CPU to hinder the full play by critical sections like security defense. All these should keep us stay alert and speed up the removal in an attempt to stop any possible harms.



Thread to Help Remove SaveForYou


A. Reset browsers.


Internet Explorer: Tools menu > Internet Options > Advanced tab > Restore Defaults button > OK.



Mozilla Firefox:  Firefox button > Help > Troubleshooting information > ‘Reset Firefox’ button.


Google Chrome:‘Customize and Control Google Chrome’ menu > ‘Options’ > ‘Under the Hood’ > ‘Reset to Defaults’ button.

 
Opera: Show hidden files and folders (see Step C) > navigate to "C:\Users\user_name\AppData\Roaming\Opera\Opera\" > remove Operapref.ini.


Safari: Safari menu > ‘Reset Safari’ > tick all given options > ‘Reset’ button.




B. Access Task Manager to remove the items with the path directing to SaveForYou.

Windows
Ctrl+Alt+Del/Ctrl+Shift+Esc > access Task Manager > View > select columns > tick "PID" and "Path name" > go to open up System Information > end the process with path name directing to SaveForYou's path or the path that doesn't belong to system.
select Colunms to tick PID and Path Name to find out the services and processes related to
SaveForYou



Mac OS X
Applications > Utilities > Activity Monitor > click open the suspected processes > "Open ports and files" > end the process with path name directing to SaveForYou's path.
search for and open up Activity Monitor on Mac to stop the ads by SaveForYou from popping up




C. Show hidden files and folders.





Windows 7/XP/Vista
‘Control Panel’ > 'user accounts and family safety' > 'Folder Options’ > View tab > tick ‘Show hidden files and folders' and non-tick 'Hide protected operating system files (Recommended)’ > ‘OK’.

Windows 8
Start screen > Windows Explorer > View tab > tick ‘File name extensions’ and ‘Hidden items’ options > OK button.

a.when done, remove the given items:
C:\Users\[user name]\AppData\Local\Temp\
C:\WINDOWS\Temp
C:\Documents and Settings\[user name]\Local Settings\Temp
C:\Documents and Settings\[user name]\Local Settings\Temporary Internet File

b. navigate to the following directories and remove the items generated on and after the date when SaveForYou was firstly detected:
C:\Windows
%SystemDriver%\
C:\Program Files\
C:\windows\system32\
C:\users\user\appdata\local\
C:\Users\[your username]\Documents\
c:\users\[username]\appdata\locallow\



Mac OS X
Finder > Utilities folder > Terminal > copy and paste "defaults write com.apple.Finder AppleShowAllFiles YES" > return key > copy and paste the "killall Finder" > return key.

a. remove temp files and folders:

Finder > Utilities folder > terminal:
  1. type
    cd ~/Library/Logs
    sudo rm -rf ~/Library/Logs/*
    and press Return button.

  2. type
    rm -rf ~/Library/Safari/Downloads.plist
    cd ~/Library/Caches
    sudo rm -rf ~/Library/Caches/*
    and press Return button.

b. access the following locations to remove the items generated on and after the date when SaveForYou was firstly detected:
Library/Internet Plug-Ins/ 
Home folder/Library/Internet Plug-Ins/ 
Applications
Dock
Display


What offered above is the removal thread as it is impossible to offer the exact items to remove due to the OS installed and the website/ads victims clicked on. Besides, what else install on the target machine can be random. Follow the thread combined with certain level of computer skills and knowledge will be sufficient enough to remove SaveForYou. Finally, don’t forget to remove the subsequently-installed items after removing SaveForYou so that the chance of its re-image could be eradicated unless carelessness is again applied when surfing online.
get expert help in removing SaveForYou




No comments: