The problem: Seeing certain words on web pages – maybe even on your own site – with unwanted green, double-underlined contextual ads. These links point to (or are at least powered by) such sites as text-enhance.com. The problem is you don’t want these text ads, nor did you give permission for them to appear on your computer. You’ll see some places that offer to remove it if you download their software, but typically downloading and running this software is an unnecessary step.
What I found alarming at first was that I was seeing these links on multiple browsers, which at first led me to believe that the code was on my site, and not on my computer. But alas, it was just malware on my computer, installed as an add-on to multiple browsers, and quite easy to remove. There are at least 3 simple ways to remove it.
In Chrome, click on the wrench at the top right, then select Tools->Extensions and remove something called “Facetheme” or “Better Links” there. The add-on called “Facetheme” was the one on my comptuer that was directly linked to text-enhance.com. “Better Links” was a similar add-on I found on a different computer, but worked essentially the same as text enhance. Other users have reported one called “Vid Save” or “Vidsaver” as well. (In IE, go into Tools->Manage Add-Ons to remove it there. In Firefox, go into Tools->Add Ons.) While you’re in there, remove any unwanted add-ons. There’s a good chance you’ll see some you don’t recognize or want.
We found “Facetheme” in the add/remove programs section of Windows. (In XP, go into Control Panel->Add/Remove Programs.. in Windows 7 go into Control Panel->Programs & Features). The removal process seemed to work this way as well.
Run Superantispyware or other existing spyware removal
If the above techniques don’t work (though they should), and you already use Superantispyware (or a similar product), a “complete” scan of your system should locate such malware and prompt you to get rid of it.
So what is this text-enhance.com website all about? Visiting their site, we see the following message:
Text-Enhance links are designed to create meaningful relationships between advertisers and consumers. If you are seeing these links, then a web publisher has decided to offer them to you. If you would like to opt-out of seeing these links, click here.
You shouldn’t have to ask permission for someone to remove malware off of your computer that was put there without your permission in the first place. They didn’t play by the rules in putting the malware on your computer, so do we believe they will play by the rules in removing it? We suggest not using this bogus opt-out tool or trusting them at all. Reading further about their “removal tool” they state:
Remember: Our opt-out service is cookie based. This means that if you clear your cookies (or use software to “speed up your computer”, which clears cookies for you), then Text-Enhance links will show up again. To prevent this from happening, you will need to add the domain: textsrv.com to your softwares exclusion list for cookie removal.
They warn you that if you remove cookies, you’ll see their malware again, and suggest adding their domain to your exclusion list! DON’T DO THIS. This is essentially allowing them to hijack your computer and then tell you to play by their rules.
Try the removal techniques above instead of playing by their rules.
Update: Be sure to read the comments below, as several users have listed variants that worked for them.