Thursday, January 31, 2013

Know How: Giant savings Removal Guide

Giant Savings Haunts around



We need to remove Giant Savings adware because it is a malicious adware offering ill-purpose coupons. However it has its official site and claims to maximize your savings online. Here’s the screenshot of it:



One who gets Giant Savings problem cannot find an uninstall way on its site and still find no way out if one access to Control Panel.



Tricks by Giant Savings Adware



By offering competitive coupons to PC users, Giant savings virus is able to make the compromised machine exposed to wide range of virus and thus the adware survives longer to implement its task- collect valuable information and send to its maker.
To achieve the main task, Giant Savings inserts in its files and registry entries to modify security settings and end certain process to block detection and removal, thus paralyze users with non threat alerts; as soon as the browser setting is altered, the exploit is well taken advantage by the virus, hence its tracking cookie is able to be loaded to trace down your favorite and offer corresponding advertisements. The utilized exploit will also result in:
  1. Additional viruses are able to get into your computer since there is a loophole (Giant Savings pop up) opened;
  2. Users’ personal data being hooked up or other vicious security suites being downloaded;
  3. Possibility that cyber attackers take advantage of false traffic to gain money by tracing down your online habit and passwords that you’ve ever typed on the internet.
Unfortunately, people do not realize the danger at the very beginning, and come to 24/7 online computer help center for assistance when they encounter the following trouble:

  1. Firewall cannot be activated stably;
  2. Commercial pop ups are everywhere that block from surfing;
  3. Both browser and computer run slowly;
  4. Get additional Trojan, Worm, Rookit alerts.
It is noticeably that Babylon virus is always accompanied with Giant Savings. It apparently is a devil to be removed once detected. However, it is not that easy to be got rid of. It infiltrates kernel part of system, which is why programs cannot help, uninstall the browser and reinstall cannot help. So stop doing trials in vain and follow up steps hereinafter. Any trouble can be solved by 24/7 online Tee Support technicians here.

Detialed Steps to Get Rid of Giant Savings Adware



Please be noted: to remove Giant savings adware manually maybe cumbersome if the time expanse that it has been around is taken into consideration. Take reference with the video below if you are afraid of causing any irretrievable system instability because of miss understand the steps shown below.


1. Disable any suspicious startup items.
For Windows XP:

step: Click Start menu -> click Run -> type: msconfig in the search bar -> open System Configuration Utility -> Disable all possible startup items.



2. Remove add-ons:

Internet Explorer:
1) Go to Tools -> ‘Manage Add-ons’;
2) Choose ‘Search Providers’ -> choose ‘Bing’ search engine or ‘Google’ search engine and make it default;
3) Select ‘Search Results’ and click ‘Remove’ to remove it;
4) Go to ‘Tools’ -> ‘Internet Options’; select ‘General tab’ and click website, e.g. Google.com. Click OK to save changes.

Google Chrome
1) Click on ‘Customize and control’ Google Chrome icon, select ‘Settings’;
2) Choose ‘Basic Options’;
3) Change Google Chrome’s homepage to google.com or any other and click the ‘Manage Search Engines…’ button;
4) Select ‘Google’ from the list and make it your default search engine;
5) Select ‘Search Result’ from the list to remove it by clicking the ‘X’ mark.    

Mozilla Firefox
1) Click on the magnifier’s icon and select ‘Manage Search Engine…’;
2) Choose ‘Search Results’ from the list and click ‘Remove’ and OK to save changes;
3) Go to ‘Tools’ -> “Options”. Reset the startup homepage or change it to google.com under ‘General tab;  


3. Disable proxy

  1. Click on Tools on the menu bar
  2. select Internet options
  3. go to Connections tab
  4. select LAN settings at the bottom of the dialog
  5. under the Proxy sever, untick 'use a proxy server for your LAN (These settings will not apply to dial-up or VPN connections).'
  6. Click OK 

4. Show hidden files  
step: a) open Control Panel from Start menu and search for Folder Options;

 

b) under View tab to tick Show hidden files and folders and non-tick Hide protected operating system files (Recommended) and then click OK;

 




c) click on the “Start” menu and then click on the “Search programs and files” box, Search for and delete these file:
%Documents and Settings%\All Users\Application Data\[random]\
%Documents and Settings%\All Users\Application Data\[random]\[random].exe
%Documents and Settings%\All Users\Application Data\[random]\[random].mof
%AppData%[trojan name]toolbardtx.ini
%AppData%[trojan name]toolbarguid.dat
%AppData%[trojan name]toolbarlog.txt
%AppData%[trojan name]toolbarpreferences.dat
%AppData%[trojan name]toolbarversion.xml

5. Open Windows Task Manager and close all running processes.
step: Use CTRL+ALT+DEL combination to open Task Manager  

Please stop all the following processes.
random.exe

6. Delete all related files and registry values in your local hard disk C.
step: Hold down the Windows key on your keyboard and press the "R" button. Type in "regedit" and hit "Enter" to gain access to the Registry Editor.


                         

Registry:
HKEY_CLASSES_ROOT\PersonalSS.DocHostUIHandler
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1″
HKEY_LOCAL_MACHINESOFTWAREClasses[trojan name]IEHelper.DNSGuardCurVer
HKEY_LOCAL_MACHINESOFTWAREClasses[trojan name]IEHelper.DNSGuardCLSID
HKEY_LOCAL_MACHINESOFTWAREClasses[trojan name]IEHelper.DNSGuard
HKEY_LOCAL_MACHINESOFTWAREClasses[trojan name]IEHelper.DNSGuard.1
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar “[Giant savings]”

No comments:

Post a Comment