Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I setup wiziwig.tv got massive Adware installed how do I remove?


  • Please log in to reply
2 replies to this topic

#1 tedhare

tedhare

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:51 PM

Posted 18 December 2013 - 09:37 AM

Hi,

 

This is a free internet site for sports and tv. I have used it after installing some of the required software. I was tired of buffering and the video not in balance with the audio. I upgraded my service to 3MB broadband and still there is this problem so I decided to install the rest of the software which was  Windows Media Player 10 or 11, they preferred 10 but only could get 11, Real Player and the lastest version of VLC Player. Plus their FLVPlayer and it kept showing another program so I thought it was the one to install. I already had ilividplayer installed and i think HD Sports TV and other software they said was neccessary. 

 

As the second half started; I had to keep finding other pages to watch the game and they crashed quickly and by the beginning of the 4th quarter I couldn't open any provider. Then I got so many comments saying something like legal software has been installed on your computer to do malicious things to my computer; something to this extent. 

 

My pc runs slow. It takes forever for Chrome to open and Mozilla is quicker. I have deleted many unfamilar files from Programs to Control Panel to having to do this from Search. Have deleted many forms of malware with Webroot and some with Kapersky. Plus using a Registry cleaner and Super Anti-Spyware. I can't install any programs as they fail when completing the download. I cannot remove this file HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MicrosoftAntimalware so I do not know who generated it. I found a 2012 exe file of RKill after searching from a prior install. I ran it and it didn't find any malware but stopped 3 other functions and I am running Super Anti-Spyware now to try to remove them. Super Anti-Spyware is all I have and its running really slow. Any ideas? Thank you.      

 

Moderator Edit: Moved from XP forum to a more appropriate forum

Roger


Edited by rotor123, 18 December 2013 - 10:48 AM.


BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,675 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:06:51 AM

Posted 18 December 2013 - 10:55 AM

RKill is an easy to use tool that kills known processes and removes Windows Registry entries that stop a user from using their normal security applications.  These settings will remain until the computer is rebooted, for this reason you must run the security application before the computer is rebooted.  

 

When RKill is run it will display a console screen similar to the one below:
 
RKill_zps2e34d4b8.png
 
When RKill has finished running a log will be displayed showing all of the processes that were terminated by RKill.
 
At this time you need to run your security applications.  In this instance I would suggest running Malwarebytes and a online scan by ESET.
 
While RKill is running you may see a message from the malware stating that the program could not be run because it is a virus or is infected.  This is the malware trying to protect itself.  Two methods that you can try to get past this and allow RKill to run are:
 
1)  Rename Rkill so that it has a .com extension.
 
2)  Download a version that is already renamed as files that are commonly white-listed by malware. The main Rkill download page contains individual links to renamed versions.  
 
After the application has run succefully you should reboot the computer to restore the processes and Windows Registry entries. 
 
 
Please download Malwarebytes Anti-Malware.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  When the installation has finished, make sure you leave both of these checked:
 
    Update Malwarebytes' Anti-Malware
 
    Launch Malwarebytes' Anti-Malware
 
Then click on Finish.
 
3)  MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. 
 
4)  Click on perform Quick Scan, then click on the Scan button.
 
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
 
5)  The scan will now begin, this may take some time to complete so please be patient.
 
6)  When the scan is finished click on Show Results to display all objects found.
 
7)  Click OK to close the message box and continue with the removal process.
 
8)  Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
 
Make sure that every item shown in the results has a check mark in the box next to it, then click on Remove Selected.
 
9)  When removal is completed, a log will open in Notepad.
 
This log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of the log in your next post, then exit MBAM.
 
Important:  If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Reagardless if prompted to restart the computer or not, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
 
Please copy the Malwarebytes log and paste it in your next post.
 
To locate this file right click on the Start orb and choose Open Windows Explorer, then click on C: drive.
 
When the C: drive opens click on the following:  ProgramData, Malwarebytes, Malwarebytes' Anti-Malware, Logs.  
 
If there is more than one log, choose the log with the date that you ran scan that I requested.
 
 
If there are a large number of items found you can go into Settings and click on Scanner Settings to change the setting in Action for potentially unwanted programs (PUP) to Show in results list and check for removal.
 
Malwarebytessettings_zpsb9b50638.png
 
 

 

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET Online Scan in a new window.
    ESET OnlineScan

  • Click the esetonlinebtn.png button.

  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.

       

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.

       

  • Check "YES, I accept the Terms of Use."

  • Click the Start button.

  • Accept any security warnings from your browser.

  • Under scan settings, check "Scan Archives"and "Remove found threats"

  • Click Advanced settings and select the following:

     

    • Scan potentially unwanted applications

    • Scan for potentially unsafe applications

    • Enable Anti-Stealth technology

       

  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

  • When the scan completes, click List Threats

  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

  • Click the Back button.

  • Click the Finish button.

 

I would also suggest running two other scans.

 

Please download AdwCleaner and run it.

 
An image like the one below will open, click on Scan.
 
adwcleaner11_zps48314883.png
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  
 
You will receive a message telling you that all programs will be close so that the infections can be removed.  Click on Ok.
 
When cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your next post.
 
 
Please download Junkware Removal Tool.
 
Open your browser and go to Downloads, then click on the Junkware Removal Tool to install it.  
 
Click on Run to initiate the installation.
 
To avoid potential conflicts, temporarily disable your antivirus and firewall.  You will want to be offline when you do this.
 
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select Run as Administrator.
 
The tool will open and start scanning your system.
 
Please be patient as this can take a while to complete depending on your system's specifications.
 
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.  Copy and this and then post this in your topic.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 Datun Walnut

Datun Walnut

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:51 PM

Posted 19 December 2013 - 08:59 AM

Rogue Killer helps too.

 

Don't forget Hijackthis either. Be careful using it. Use the 'Scan and save a log file' option. Copy the logfile contents and go to Hijackthis.de 

Paste in the log file and press the analyze button.

 

Obviously don't take it all as gospel, but use a bit of common sense if it flags up antivirus files etc.

Check Task manager 'processor' tab. With nothing running, the processor load should be really low and not bouncing around too much. If it drops to roughly zero - you've cracked it. (IMHO)

 

Good luck

 

Neil






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users