Remove Free Up Memory trojan

Also Known As: Free Up Memory advertising fraud software
Type: Trojan
Distribution: Low
Damage level: Medium

Free Up Memory virus removal guide

What is Free Up Memory?

Free Up Memory, as its name suggests, is supposed to free up computer memory in order to allow the system to perform various tasks more effectively (faster). However, this software is used to perform ad fraud. To trick people into installing it, its developers disguise it as a regular, legitimate program. This malicious ad fraud tool is categorized as trojan and can be controlled remotely. For this reason we strongly recommend not to use (install) Free Up Memory and remove/uninstall it if it is already installed on the operating system.

Free Up Memory malware

Ad fraud is illegal activity, it is done by creating fake (fraudulent) ad traffic and using it to generate revenue in a deceptive way. This type of fraud allows cyber criminals to generate income when advertisers pay for a number of impressions and clicks on their ads. SEO fraud is a type of fraud where various pages are being made to appear popular (much-visited) so advertisers would pay higher prices for placing their advertisements on them. In such cases advertisers get scammed because they pay more money for ads that other people may never see. Another ad fraud type is called "stacking" (or "stuffing"). It is performed when some website that contains many ads (these ads might even be displayed on top of each other) is visited and all displayed ads register one impression. One more way to perform it is to spoof domains. Fraudsters impersonate various (usually popular) websites (addresses) to trick advertisers into paying money for placing ads on pages that actually have low or not traffic at all. Click fraud is a type of fraud when fraudsters use infected systems and add them to botnets or use systems that are infected with other trojans. Either way, they use systems/computers of other people to visit various websites or/and click on various links (URLs). It is unknown what form of ad fraud Free Up Memory tool is used to perform, however, people who have computers infected with this trojan-type programs unknowingly become a part of illegal activities. If there is a reason to believe that there is a program of this type (or this particular tool) installed on the operating system, it should be removed immediately.

Threat Summary:
Name Free Up Memory advertising fraud software
Threat Type Trojan, Ad Fraud Tool
Detection Names (memory-cleaner[.]com) Full List Of Detections (VirusTotal)
Payload Ad Fraud trojan disguised as Free Up Memory program (extension).
Symptoms Trojans are designed to stealthily infiltrate victim's computer and remain silent thus no particular symptoms are clearly visible on an infected machine.
Distribution methods Chrome Web Store, malicious websites (pop-up windows), infected email attachments, social engineering, software cracks.
Damage Victim's computer added to a botnet, controlled remotely to perform illegal activities related to ad fraud.
Removal

To eliminate Free Up Memory advertising fraud software our malware researchers recommend scanning your computer with Spyhunter.
▼ Download Spyhunter
Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.

Typically, all malware involved in this type of fraud is classified as a trojan. It is because infected systems are being controlled by cyber criminals remotely. As a rule, people do not download and install programs of this type on purpose. In this case fraudsters try to trick people into installing Free Up Memory by disguising it as a tool that reduces processor and memory usage automatically.

How did Free Up Memory infiltrate my computer?

It is known that this tool can be downloaded from Chrome Store, however, it does not mean that it is legitimate. However, cyber criminals (and fraudsters) proliferate malware using other ways too. One of them is spam campaigns (emails). They send emails that contain attached files. Once opened, these files download and install malicious software. Attached files usually are Microsoft Office or PDF documents, archive files like RAR, ZIP, executable files (like .exe), JavaScript files, etc. Another way to get a computer infected with malware is through malicious programs called a trojans. Trojans are programs that, if installed, download and install other malicious programs. Unreliable software download sources such as untrustworthy, unofficial websites (freeware download websites, free file hosting pages), Peer-to-Peer networks (like torrent clients, eMule and so on), third party downloaders and other channels of this type can be used to spread malicious programs too. Typically, malicious files are disguised as regular, legitimate files. When people download and open them, they cause install malware by themselves. One more way to spread malicious programs is through fake software updating tools. These tools, if used, usually download and install malware instead of updates. In other cases they exploit bugs, flaws of already installed (and outdated) software. Software cracking tools supposed to allow people to bypass paid activations of software or operating systems. However, instead of activating them they install malware.

How to avoid installation of malware?

To keep computers safe, we recommend not to open attachments (or web links) that are presented in emails received from unknown, suspicious addresses. Quite often they are attached to emails that are irrelevant, presented as legitimate and official. Download software (and files) from official, trustworthy websites. We do not recommend to use unreliable channels such as torrents, eMule (or other Peer-to-Peer networks), questionable websites and other similar tools/sources for that. Installed software and operating system should be updated and activated using tools or implemented functions that are designed by official developers only. Besides, various 'cracking' tools are illegal. One more way to prevent computer infections is to regularly scan the operating system with a reputable anti-spyware or anti-virus software and remove detected threats on time (immediately). If you believe that your computer is already infected, we recommend running a scan with Spyhunter for Windows to automatically eliminate infiltrated malware.

 Free Up Memory on Chrome Web Store:

free up memory tool on chrome web store

Free Up Memory download site asks for various permissions:

free up memory tool asking for permissions

Deceptive page (pop-up window) encourages visitors to download and install Free Up Memory tool:

free up memory tool is promoted using deceptive pop-ups

Instant automatic removal of Free Up Memory advertising fraud software: Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Spyhunter is a professional automatic malware removal tool that is recommended to get rid of Free Up Memory advertising fraud software. Download it by clicking the button below:
▼ DOWNLOAD Spyhunter By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.

Quick menu:

How to remove malware manually?

Manual malware removal is a complicated task, usually it's better to let antivirus or anti-malware programs do it automatically. To remove this malware we recommend using  Spyhunter for Windows. If you wish to remove malware manually, the first step is to identify the name of the malware that you are trying to remove. Here's an example of a suspicious program running on user's computer:

malicious process running on user's computer sample

If you checked the list of programs running on your computer, for example using task manager and identified a program that looks suspicious you should continue with these steps:

manual malware removal step 1 Download a program called Autoruns. This program shows auto-start applications, Registry and file system locations:

screenshot of autoruns application

manual malware removal step 2Restart your computer into Safe Mode:

Windows XP and Windows 7 users: Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer start process, press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, and then select Safe Mode with Networking from the list.

Safe Mode with Networking

Video showing how to start Windows 7 in "Safe Mode with Networking":

Windows 8 users: Start Windows 8 is Safe Mode with Networking - Go to Windows 8 Start Screen, type Advanced, in the search results select Settings. Click Advanced startup options, in the opened "General PC Settings" window, select Advanced startup. Click the "Restart now" button. Your computer will now restart into the "Advanced Startup options menu". Click the "Troubleshoot" button, and then click the "Advanced options" button. In the advanced option screen, click "Startup settings". Click the "Restart" button. Your PC will restart into the Startup Settings screen. Press F5 to boot in Safe Mode with Networking.

Windows 8 Safe Mode with networking

Video showing how to start Windows 8 in "Safe Mode with Networking":

Windows 10 users: Click the Windows logo and select the Power icon. In the opened menu click "Restart" while holding "Shift" button on your keyboard. In the "choose an option" window click on the "Troubleshoot", next select "Advanced options". In the advanced options menu select "Startup Settings" and click on the "Restart" button. In the following window you should click the "F5" button on your keyboard. This will restart your operating system in safe mode with networking.

windows 10 safe mode with networking

Video showing how to start Windows 10 in "Safe Mode with Networking":

 

manual malware removal step 3Extract the downloaded archive and run Autoruns.exe file.

extract autoruns.zip and run autoruns.exe

manual malware removal step 4In the Autoruns application click "Options" at the top and uncheck "Hide Empty Locations" and "Hide Windows Entries" options. After this procedure click the "Refresh" icon.

Click 'Options' at the top and uncheck 'Hide Empty Locations' and 'Hide Windows Entries' options

manual malware removal step 5Check the list provided by Autoruns application and locate the malware file that you want to eliminate.

You should write down it full path and name. Note that some malware hides their process names under legitimate Windows process names. At this stage it's very important to avoid removing system files. After you locate he suspicious program you want to remove right click your mouse over it's name and choose "Delete"

locate the malware file you want to remove

After removing the malware through Autoruns application (this ensures that the malware won't run automatically on the next system startup) you should search for the malware name on your computer. Be sure to enable hidden files and folders before proceeding. If you find the file of the malware be sure to remove it.

searching for malware file on your computer

Reboot your computer in normal mode. Following these steps should help remove any malware from your computer. Note that manual threat removal requires advanced computer skills, it's recommended to leave malware removal to antivirus and anti-malware programs. These steps might not work with advanced malware infections. As always it's better to avoid getting infected that try to remove malware afterwards. To keep your computer safe be sure to install latest operating system updates and use antivirus software.

To be sure your computer is free of malware infections we recommend scanning it with Spyhunter for Windows.

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

Malware activity

Global virus and spyware activity level today:

Medium threat activity
Medium

Increased attack rate of infections detected within the last 24 hours.

QR Code
Free Up Memory advertising fraud software QR code
A QR code (Quick Response Code) is a machine-readable code which stores URLs and other information. This code can be read using a camera on a smartphone or a tablet. Scan this QR code to have an easy access removal guide of Free Up Memory advertising fraud software on your mobile device.
We Recommend:

Get rid of Free Up Memory advertising fraud software today:

▼ REMOVE IT NOW with Spyhunter

Platform: Windows

Editors' Rating for Spyhunter:
Editors ratingOutstanding!

[Back to Top]

Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Spyhunter.