Your computer is infected with malicious software? Do you have popups on your PC?
If so, search this blog for removal instructions or find computer threats by category.

Wednesday, April 9, 2014

How to Remove ConstaSurf (Uninstall Guide)

ConstaSurf is an adware application that installs as a browser plugin across all the browsers and places ads randomly on pages or hyperlinks random words. Whenever you click somewhere on the web page, it will open popup windows as well with ads by ConstaSurf. It's not a virus as some users may describe but we could say it's a web browser related malware. Getting your computer hijacked by malware is both worrying and potentially dangerous but the sad fact is that it can happen to anyone, no matter how careful you think you're being when you're using the Internet. However, there are a number of steps we can take to lessen the risk, one of them being having reputable and up to date anti-malware software installed on your PC. This will give you a much better fighting chance in the war against viruses, malware, adware and Potentially Unwanted Programs – PUPs - before they do no good. But there are other things you can do to safeguard your system, just in case something does slip through the net. This guide will walk you through removing ConstaSurf and associated malware from your computer.

ConstaSurf ads

Viruses and malicious software (malware) are household names but how many of us know much about these so-called adware and Potentially Unwanted Programs? These are, normally unwanted, applications which install themselves on your system in a few different ways. Mostly it's when you're downloading free software; the latest season of Mad Men, the new Katy Perry album or some software that helps you read Chinese characters. Naturally we need, or want, any number of downloads whether for work or for pleasure, so what do we do if we don't want to stop downloading but we do want to protect our computers?

As mentioned above, using a good anti-malware program is your first line of defense – if you're not sure which one to go for, simply ask a friend who's a bit more technical, check in online forums or ask a local PC dealer. A decent anti-malware should be able to catch ConstaSurf before it installs itself on your PC. Although there is a slight problem in that as PUPs aren't considered viruses, many antiviruses do fail to pick up on them. And with annoying habits such as taking over your browser and replacing your normal toolbar with one of its own choosing or constantly redirecting you to new search engines and displaying pop-up ads, it's probably fair to say that ConstaSurf adware is not something you want on your machine.

Of course, the next question is how do lower your chances of being infected by ConstaSurf if your antivirus program may allow it to slip through the cracks? The good news is there are a number of things you can do yourself: firstly, don't download programs if you don't trust the website 100% - and don't download software from third party sites, always go straight to the publisher. And secondly, always read the End User License Agreement carefully when you're installing or downloading software. Yes, we know it can be a pain and you just want to get to your download, and no one can accuse EULAs of being interesting, but this is where adware creators will have hidden any mention of 'added extras'. Often you will find that the box saying you want to install these add-ons has already been checked for you. The rule: you don't want it? Uncheck that box before clicking 'OK'. However, if you are reading this then your your computer is probably already infected. To remove the adware program and any associated PUPs from your computer, please follow the steps in the removal guide below. If you have any questions, please leave a comment below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com


ConstaSurf removal instructions:

1. First of all, download recommended anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this infection. Hopefully you won't have to do that.





2. Remove ConstaSurf program from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

Go to the Start Menu. Select Control PanelAdd/Remove Programs.
If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove the following ConstaSurf.



If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.


Remove ConstaSurf from Google Chrome:

1. Click on Chrome menu button. Go to ToolsExtensions.



2. Click on the trashcan icon to remove the ConstaSurf extension.


Remove ConstaSurf from Mozilla Firefox:

1. Open Mozilla Firefox. Go to ToolsAdd-ons.



2. Select Extensions. Click Remove button to the ConstaSurf extension.


Remove ConstaSurf from Internet Explorer:

1. Open Internet Explorer. Go to ToolsManage Add-ons. If you have the latest version, simply click on the Settings button.



2. Select Toolbars and Extensions. Click Remove/Disable button to remove the ConstaSurf browser add-on.


Associated ConstaSurf Files:
  • C:\Documents and Settings\All Users\Application Data\ConstaSurf
  • C:\Documents and Settings\All Users\Application Data\ConstaSurf\IE\common.dll
Read more

Windows Internet Guard Removal Guide

Whether you think you may have been infected by a rogue antivirus program or you're just curious as to what they are, read on as this short article takes a close look at this particularly sneaky variety of malicious software. This page contains removal instructions for the Windows Internet Guard computer infection. Please use this guide to remove Windows Internet Guard and any associated malware.

What is Windows Internet Guard?

It's a malicious program that tries to trick you into downloading and sometimes paying for, it in order to remove viruses and threats that are completely fabricated. Fabricated by whom though? Fabricated by the makers of the rogue antivirus software, I'm sorry to say!

Windows Internet Guard malware screenshot

So as you can probably already tell from the very nature of its existence, rogue antivirus software is a very real online threat and one that you should take seriously. Unfortunately, however, rogue antivirus programs are increasingly becoming a big problem for both individual computer users at home and for businesses of all sizes. And being infected by one can not only leave us feeling duped, but we can end up out of pocket too.

How does Windows Internet Guard get on my computer in the first place?

To be honest there are a number of ways that this rogue antivirus software finds its way onto your PC however the most common one is via fraudulent pop-up windows and fake alerts that try to convince you that your machine has been infected. These alerts play on your insecurities and on your desire to protect your computer and your data. They will attempt to frighten you into downloading their software that will – supposedly - detect and delete the virus. And let's not lose sight of the fact that this is a fake virus. You can see where this is going!

Anything else I should look out for?

Quite honestly, yes. Pop-up windows are not the only way you can get infected by rogue antivirus software. Some other known ways include fake browser plug-ins and infected browser toolbars, fake online malware scanning websites and drive-by-downloads.

How do I protect myself against Windows Internet Guard?

So first and foremost, it is crucial that you bear in mind that these are fake warnings. But how can you tell? Especially when Windows Internet Guard pop-up windows have been designed to look like a genuine product? The key is to download a reputable, genuine antivirus software program to protect your computer. Take a good look at the logo, the design and the wording of this program and familiarize yourself with it. This is important as it will enable you to tell the difference if and when you are the victim of a spam pop-up alert.

You should also make sure your real antivirus software is kept up to date with the latest patches and that you run it frequently. A good antivirus will be able to spot any imposters. It is also important to note that a reputable antivirus publisher will never ask you for your credit card details before it performs its detect and delete procedure.

Good luck and stay safe out there!

Written by Michael Kaur, http://deletemalware.blogspot.com


Method 1: Windows Internet Guard removal using an activation key:

1. Open Windows Internet Guard scanner window. Click the "question mark button" (top right hand corner of the scanner window) and select "Register".



You should now see the registration form.

Enter one of the registration keys given below and click Register to activate this rogue security program. Don't worry, this is completely legal since it's not genuine software.

0W000-000B0-00T00-E0021 ← (new key)
0W000-000B0-00T00-E0001
0W000-000B0-00T00-E0002
0W000-000B0-00T00-E0003



Once this is done, you are free to install recommended anti-malware software and remove this malware from your computer.

2. Download recommended anti-malware software and run a full system scan to completely remove this rogue program and related malware from your computer.






Method 2: Windows Internet Guard removal instructions (Safe Mode with Command Prompt):

1. Reboot your computer in "Safe Mode with Command Prompt". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Command Prompt" and press Enter key.



2. Login as the same user you were previously logged in with in the normal Windows mode. When done, the Windows Command Prompt will open and you will see a screen similar to the one below.

3. Once the Command Prompt appears type in explorer and hit Enter.



4. The Windows desktop will now appear. When the desktop appears you can then close the Command Prompt window by clicking on the X.

5. Write the text in bold below to Notepad.

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GuardSoftware" =-

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="explorer.exe"




6. Save file as fixshell.reg to your Desktop. NOTE: (Save as type: All files)



7. Double-click on fixshell.reg to run it. Click Yes for Registry Editor prompt window. Click OK.



NOTE: if you can't create the file as explained or you get an error, you can download the shellfix.reg file on a clean computer and burn it on to a CD or save it to a USB drive so that you can transfer the file to the infected computer. Then insert your CD or USB drive and double-click on the shellfix.reg and allow the data to be merged when you are prompted. Once the data has been merged, you can press the OK button and remove the removable media from your computer.

8. Please reboot your computer into the Normal Windows Mode and login as the infected user.

9. Now that you are at your normal Windows desktop, download recommended anti-malware software and run a full system scan. It will detect and remove this infection from your computer.






Method 3: Windows Internet Guard removal instructions (System Restore):

1. Reboot your computer in "Safe Mode with Command Prompt". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Command Prompt" and press Enter key.



2. Login as the same user you were previously logged in with in the normal Windows mode. When done, the Windows Command Prompt will open and you will see a screen similar to the one below.

3. Once the Command Prompt appears type in explorer and hit Enter.



4. The Windows desktop will now appear. When the desktop appears you can then close the Command Prompt window by clicking on the X.

5. Once in there, go to Start menu and search for "system restore". Or you can browse into the Windows Restore folder and run System Restore utility from there:

Win XP: C:\windows\system32\restore\rstrui.exe double-click or press Enter
Win Vista/7/8: C:\windows\system32\rstrui.exe double-click or press Enter

6. Select Restore to an earlier time or Restore system files... and continue until you get into the System Restore utility.



7. Select a restore point from well before the Windows Internet Guard appeared, two weeks should be enough.

8. Restore it. Please note, it can take a long time, so be patient.

9. Once restored, restart your computer and hopefully this time you will be able to login (Start Windows normally).

10. At this point, download recommended anti-malware software and run a full system scan to remove this malware from your computer.






Associated Windows Internet Guard Files:
  • C:\Documents and Settings\[User]\Application Data\guard-[random].exe (Windows XP)
  • C:\Users\[User]\AppData\Roaming\guard-[random].exe (Windows 7/8)
Associated Windows Internet Guard Keys:
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "GuardSoftware"
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell"="C:\Users\[User]\AppData\Roaming\guard-[random].exe"
Read more

Tuesday, April 8, 2014

Remove gyt.coreopt.net pop-up virus (Uninstall Guide)

Gyt.coreopt.net pop-up ads appear due adware or PUP installed on your computer. Adware and PUPs have affected many of us, even if we don't realize exactly what they are. PUPs are annoying programs or items that have been downloaded onto your computer without you knowing about it or expressly saying so. Generally speaking PUPs are potentially unwanted because they don't harm you in any way, but you often just plain don't need them. That's annoying in itself but when they can really drive you to the edge of crazy is when they bombard you with pop-up adverts or apps that break your concentration and distract you from what it is you're actually doing. Gyt.coreopt.net ads can appear in a new window or in a new tab. To stop the pop-ups and remove adware from your computer, please follow the steps in the removal guide below.

gyt.coreopt.net pop-up

So we've established that it's great (actually, necessary) to have an up to date anti-malware program installed – prevention is always better than cure, after all. The problem with PUPs and adware is that the majority of anti-virus programs are not all that great at spotting them, leaving you still vulnerable to such infections like this one.

But why? What's the problem and why is your all-singing, all-dancing security software failing to identify PUPs and adware? The problem is that from an anti-viruses' view point a Potentially Unwanted Program is exactly that: it's possibly unwanted - but that doesn't mean that it's a dangerous virus or piece of malware. Your PUP really is just an alternative home page or browser extension meaning that it has a genuine use. But at the same time it can display ads that are really annoying and redirect you to very misleading websites.

Just because you or I prefer to stick with Google or Firefox or Bing, there are actually people out there who like, or at least aren't bothered by, the fact that when they Google their nearest hair salon, they are swiftly redirected to a different search engine or they suddenly get pop-up ads from gyt.coreopt.net. Little do they realize that this search engine will have often been populated with Google's results anyway – but that's neither here or there! Besides, most users think that pop-ups are not dangerous, you just close them and that's it but they can promote dodgy products and trick you into downloading them. Some ads may claim that your computer is infected or that someone is spying on you.

There are yet others who can live with the annoyance of pop-up adverts simply because it means that they get free desktop wallpapers. It's all about the trade off.

And it's exactly this grey area that makes it so difficult for your anti-virus software to search and destroy when it comes to adware and PUPs. My advice would be to remove all adware and potentially unwanted programs that can cause those pop-ups from your computer. Very often, such programs come bundled with more sophisticated adware and sometimes even spyware that can monitor your browsing activity. I've listed a few programs that are known to cause those pop-ups on infected computers, PassShow, KeyPlayer. I will update the list when possible. Please note that there are more than one adware and PUP program that can display gyt.coreopt.net. If you have any questions, please leave a comment below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com


A guide to removing gyt.coreopt.net pop-ups:

1. First of all, download anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this malware. Hopefully you won't have to do that.





2. Remove gyt.coreopt.net related programs from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

Go to the Start Menu. Select Control PanelAdd/Remove Programs.
If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove the following:
  • Quiknowledge
  • LyricsSay-1
  • Websteroids
  • BlocckkTheAds
  • HD-Plus 3.5
  • and any other recently installed application


Simply select each application and click Remove. If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.


Remove gyt.coreopt.net pop-ups from Google Chrome:

1. Click on Chrome menu button. Go to ToolsExtensions.



2. Click on the trashcan icon to remove BlocckkTheAds, LyricsSay-1, Websteroids, Quiknowledge, HD-Plus 3.5 and other extensions that you do not recognize.



If the removal option is grayed out then read how to remove extensions installed by enterprise policy.




Remove gyt.coreopt.net pop-ups from Mozilla Firefox:

1. Open Mozilla Firefox. Go to ToolsAdd-ons.



2. Select Extensions. Click Remove button to remove BlocckkTheAds, LyricsSay-1, Websteroids, Quiknowledge, HD-Plus 3.5 and other extensions that you do not recognize.




Remove gyt.coreopt.net pop-ups from Internet Explorer:

1. Open Internet Explorer. Go to ToolsManage Add-ons. If you have the latest version, simply click on the Settings button.



2. Select Toolbars and Extensions. Click Remove/Disable button to remove the browser add-ons listed above.

Read more

What is cacaoweb.exe and how to remove it?

Cacaoweb.exe - by CACAOWEB PTY LTD.


What is cacaoweb.exe?


Cacaoweb.exe is a part of Cacaoweb program that is classified as adware and PUP by multiple anti-virus engines, for example Heur.Suspicious and Trojan.DownLoader5.50849. It's not a virus but it can display ads on your computer. It can also download additional components in the background without your permission. This program even adds a firewall exception for the main executable file cacaoweb.exe. This file runs automatically every time Windows starts. To do so, it modifies Windows registry. This file has a valid digital signature. Some variants of this program also installs browser extensions that can be used to collect information about your browsing habits and inject ads into any web page. What is more, it usually comes bundled with other adware and even spyware. Needless to say, this program is not essential for Windows and may cause problems. It can make your web browser run slower or even crash occasionally. I recommend you to remove cacaoweb.exe and related malware from your computer. Scan your computer with recommended anti-malware software.







File name: cacaoweb.exe
Publisher: CACAOWEB PTY LTD
File Location Windows XP: C:\Program Files\cacaoweb\
File Location Windows 7: C:\Users\[User]\AppData\Roaming\cacaoweb\
Startup file: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run → 'cacaoweb'

Read more

Monday, April 7, 2014

PassShow Virus Removal Guide

PassShow is an adware virus that displays ads on infected computers. Ads are labeled "Ads by PassShow". It also install a web browser extension by that name, for example PassShow 1.150. This extension ads a blue circle with a key in it in password fields. It basically shows you the password you just typed in but honestly this can be done without third party add-ons and most sites have already implemented such feature, so you don't need PassShow for that. You probably don't need me to tell you how annoying it is when you're happily surfing the Internet and suddenly you spot annoying ads that you've never seen before. You may have even logged off one evening only to log back in the following morning and find that apparently out of nowhere a brand new home page has mysteriously appeared. If you don't know what I'm talking about then consider yourself lucky. But if you do know exactly what I'm talking about then along with countless other people you've become a victim of an adware program. To remove it from your computer, please follow the steps in the removal guide below.

ads by PassShow

It's certainly happened to me before and like the vast majority of other PassShow victims, I am pretty sure that it's not just me who finds such programs really irritating! Why do I have underlined words on each web page? Why has my home page or search engine changed? I didn't ask for PassShow, did I? Or did I?! Well, no not directly, but read on and we'll take a look at where these adware and Potentially Unwanted Programs came from and what you can do to stop them harassing you in the future.

PsUP.exe and PassShow155.exe are the main executable files of this program. They have been detected as malware by more then ten anti-virus engines: Win32:Agent-ASMU [PUP], Gen:Variant.Adware.Graftor.126142, Adware.Win32.AD150.A, Adware-AddLyrics!4FFC4E4CF1E1, Adware:Win32/AddLyrics. Certain DLL files have been detected as TROJ_GEN.F47V1221 mostly because they can download and install additional programs on your computer without your knowledge.

More often than not PassShow gains access to your PC system when you're downloading another piece of software. A lot of the time, the creators of the program you DO want don't even realize that their software has been bundled with another program. And that's how it manages to inhabit a rather gray area: the publishers of a Potentially Unwanted Program are aware that you probably wouldn't download their software by choice so they take sneaky measures to ensure you download it. The point? Check the License Agreement carefully when you're downloading! PassShow has been found to be bundled with 3rd party software, including Search Protect by Conduit, MyPC Backup, Connect DLC 5 Toolbar.

PUPs are not really malware and they're not viruses but what angers many people is that we already have a browser, home page or toolbar that we're perfectly happy with. That begs the question, why would you want to change? Sure if PassShow promised an enhanced browsing experience you might be tempted to switch but chances are, people who create such viruses are not going to be able to match the big boys, Google or Firefox, for example when it comes to functionality and usability. And that's what makes PUPs potentially unwanted – no one can say for sure that you definitely DON'T want them – you just probably don't. Here are a few tips to help keep you PUP-free.
  • Ensure the software and security patches on your computer are up to date. This is normally automatic but it's worth checking manually
  • Give the funny or X rated videos a miss and avoid downloading wallpapers and emoticons – these are hotbeds of PUPs!
  • Only download programs from sites you trust and don’t download from third party sites
If you have any questions, please leave a comment below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com


PassShow removal instructions:

1. First of all, download recommended anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this infection. Hopefully you won't have to do that.





2. Remove PassShow program from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

Go to the Start Menu. Select Control PanelAdd/Remove Programs.
If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove the following:
  • PassShow
  • Show-Password


If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.


Remove PassShow from Google Chrome:

1. Click on Chrome menu button. Go to ToolsExtensions.



2. Click on the trashcan icon to remove the PassShow extension.


Remove PassShow from Mozilla Firefox:

1. Open Mozilla Firefox. Go to ToolsAdd-ons.



2. Select Extensions. Click Remove button to the PassShow extension.


Remove PassShow from Internet Explorer:

1. Open Internet Explorer. Go to ToolsManage Add-ons. If you have the latest version, simply click on the Settings button.



2. Select Toolbars and Extensions. Click Remove/Disable button to remove the PassShow browser add-on.


Associated PassShow Files:
  • C:\Program Files\Passshow\PsUP.exe
  • C:\Documents and Settings\All Users\Application Data\PassShow\IE\common.dll
Read more

Remove KeyPlayer Ads (Uninstall Guide)

KeyPlayer is an adware program that can show you ads labeled "Ads by KeyPlayer" on any webpage. It usually underlines certain words on a web page and then displays a pop-up advertisement. It may also display ads in pop-up windows and when you put your mouse pointer over an image in a webpage. Needless to say, this can be very annoying. Some of the ads it displays might be misleading and redirect you to dodgy sites. If you only know one thing about adware and potentially unwanted programs, you're probably aware that they usually find their way onto your computer by coming packaged as a bundle with some software or a program that you do want. This guide will walk you through removing KeyPlayer from your computer and web browsers.

Ads by KeyPlayer

But what are you to do, if as an innocent user, you need to download some software and you trust the company that created it but you're not crazy about the thought of also installing adware onto your PC? One thing you can try is layering yourself with an additional coat of protection by using an anti-malware program. It prevents whatever you are downloading from changing anything on your computer. Instead it tells you exactly what the software wishes to do and then gives you the option of either moving it out of the sandbox and onto your PC or halting the installation altogether. It would be a really great addition to your antivirus program because most AV engines do not detect potentially unwanted programs because they are not malware per say. However, they are still dangerous and may cause problems.

You should also ensure that your machine is fully up to date and has Microsoft's latest security patches installed as this will offer very good protection against adware or malicious software that could be installed by a 'drive by'. Also extremely important is making sure that you have the latest version of the software produced by other companies that you use. After all, most of us don't just use Windows on our PCs – how many of us use Apple software (iTunes for example) or programs by Adobe (Dreamweaver) and Oracle (Java) too? In fact many IT gurus suggest that to be as safe as possible, anyone with Java on their machine should uninstall it completely as this is prone to attack by exploitive software. If you really must use it make sure that, again, you only have one version on your PC and that it's the absolute latest one. Please note that scammers tend to distribute adware and PUPs in very misleading ways, for example, you can get a pop-up claiming that your Flash Player or Java is out of date. The installer they want to download will install KeyPlayer and similar adware on your computer, not only Flasf player or Java.

How to get rid of this adware? Generally speaking you should be able to do this via the Windows Control Panel. One of the few good things about adware and PUPs is that they are usually pretty easy to uninstall. In this case, the program should be listed as Key Player. But remember, since it comes bundled with other program, it could be listed under a different name. To remove the adware and related malware please use recommended anti-malware program which is very good at catching and eliminating adware and Potentially Unwanted Programs that are not classed as vriuses and therefore sneak through your anti-viruses' normal check. Adware and PUPs such as KeyPlayer can also fool anti-viruses by creating shortcuts on a your desktop to trick the anti-virus into thinking that it's something that you downloaded intentionally. This is another cunning PUP trick: obviously the really nasty viruses don't make themselves quite so easy to find on your machine!

Whilst it's fair to say adware and PUPs are not malicious, they can be a real nuisance. They can also leave your PC vulnerable to attack by something a lot more serious. Stay one step ahead by watching what you download and by always reading software license agreements carefully. To remove it from your computer, please follow the steps in the removal guide below. If you have any questions, please leave a comment below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com


KeyPlayer removal instructions:

1. First of all, download recommended anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this infection. Hopefully you won't have to do that.





2. Remove Key Player program from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

Go to the Start Menu. Select Control PanelAdd/Remove Programs.
If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove the following Key Player.



If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.


Remove KeyPlayer from Google Chrome:

1. Click on Chrome menu button. Go to ToolsExtensions.



2. Click on the trashcan icon to remove the KeyPlayer extension.


Remove KeyPlayer from Mozilla Firefox:

1. Open Mozilla Firefox. Go to ToolsAdd-ons.



2. Select Extensions. Click Remove button to the KeyPlayer extension.


Remove KeyPlayer from Internet Explorer:

1. Open Internet Explorer. Go to ToolsManage Add-ons. If you have the latest version, simply click on the Settings button.



2. Select Toolbars and Extensions. Click Remove/Disable button to remove the KeyPlayer browser add-on.


Associated KeyPlayer Files:
  • C:\Documents and Settings\All Users\Application Data\KeyPlayer
  • C:\Documents and Settings\All Users\Application Data\KeyPlayer\IE\common.dll
Read more