Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware not in program list to uninstall....


  • Please log in to reply
6 replies to this topic

#1 scottyh56

scottyh56

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:38 PM

Posted 23 September 2014 - 04:39 AM

It started with PepperZip (which still shows up in "All programs" at the Start menu) and now there is Dynamic Pricer too. And others probably! But none of these show up in my program list for uninstalling.

 

PepperZip seems to have its own uninstall program which I do not dare touch....

 

Since this is the Step 1 in all the solutions I see for getting rid of these things I feel a bit stuck.

 

Running Malwarebytes and rKill currently detects nothing....

 

Any pointers in the absence of being able to deal with Step 1 greatly appreciated!!!

 

Thanks

 

Scott


Edited by hamluis, 23 September 2014 - 11:41 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:38 AM

Posted 23 September 2014 - 05:29 AM

Run the uninstaller for Pepper Zip. Then use the programs below to remove adware and malware.

 

If the Pepper Zip uninstaller does not remove it or to complete the removal use Revo uninstaller Free.

Download Revo Uninstaller Freeware - Free and Full Download - Uninstall software, remove programs, solve uninstall problems

 

download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

 

 

  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

 

  • Run the ESET Online Scanner.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Use CCleaner to cleanup the caches, temporary files, cookies, etc. Pay attention while installing and UNcheck offers of toolbars...especially Yahoo.

No need to use the Registry Cleaning Tool and it has the potential to cause a problem if used.

CCleaner - PC Optimization and Cleaning - Free Download


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 scottyh56

scottyh56
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:38 PM

Posted 23 September 2014 - 06:14 AM

Thank you for that!

 

I am not sure if the PepperZip removal worked but Revo did not pick it up - however ADWcleaner cleaned some PepperZip leftovers. The report follows. I see I still have manic pop ups and I am moving onto your next step - JRT, ESET (which is my anti-virus anyway) and CCCleaner. :)

 

# AdwCleaner v3.310 - Report created 23/09/2014 at 12:02:05
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Scott - SCOTT-PCSPECIAL
# Running from : C:\Users\Scott\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Folder Deleted : C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
Folder Deleted : C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol
File Deleted : C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Applications\Torch.exe
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKCU\Software\torch
Key Deleted : HKLM\SOFTWARE\torch

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.2 (x86 en-US)

[ File : C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\hgicy7nt.default\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "Web Search");

-\\ Google Chrome v37.0.2062.120

[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
Deleted [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Deleted [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Deleted [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Deleted [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

[ File : C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://help.squarespace.com/search-results/?q={searchTerms}&Search=Search

*************************

AdwCleaner[R0].txt - [2585 octets] - [23/09/2014 11:58:38]
AdwCleaner[S0].txt - [2509 octets] - [23/09/2014 12:02:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2569 octets] ##########



#4 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:38 AM

Posted 23 September 2014 - 07:05 AM

Reset Google Chrome.

Google Chrome gives you the option to reset your browser settings in one easy click. In some cases, programs that you install can change your Chrome settings without your knowledge. You may see additional extensions and toolbars or a different search engine. Resetting your browser settings will reset the unwanted changes caused by installing other programs. However, your saved bookmarks and passwords will not be cleared or changed.

Reset your browser settings:

  1. Click the Chrome menu on the browser toolbar.
  2. Select Settings.
  3. Click Show advanced settings and find the "Reset browser settings” section.
  4. Click Reset browser settings.
  5. In the dialog that appears, click Reset. Note: When the "Help make Google Chrome better by reporting the current settings" checkbox is selected you are anonymously sending Google your Chrome settings. Reporting these settings allows us to analyze trends and work to prevent future unwanted settings changes.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 scottyh56

scottyh56
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:38 PM

Posted 23 September 2014 - 08:42 AM

Moved on to JRT which deleted a huge number of empty folders with its report finishing....

 

"Successfully deleted: [Empty Folder] C:\Users\Scott\appdata\local\{FFE9D2E5-EDA5-4FC7-9A65-74B75D9BCB51}

~~~ FireFox
Emptied folder: C:\Users\Scott\AppData\Roaming\mozilla\firefox\profiles\hgicy7nt.default\minidumps [198 files]

~~~ Chrome
Successfully deleted: [Folder] C:\Users\Scott\appdata\local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol"

 

I am currently running an ESET scan using my paid for software rather than your free link. I hope it's better - it's going to be a while but I thought I'd come back to mention that I have already reset chrome.

 

I then get onto CCcleaner.



#6 scottyh56

scottyh56
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:38 PM

Posted 23 September 2014 - 11:11 AM

The ESET scan found nothing, CCcleaner (free) did its job, but sadly the problem persists.

Am now running a full scan using EmsiSoft, not sure how long that will take...


Edited by scottyh56, 23 September 2014 - 11:17 AM.


#7 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:38 AM

Posted 23 September 2014 - 11:23 AM

Not sure but if you are seeing something in the start menu then try this:

Open CCleaner. Click on Tools and choose Startup. You will see a list of programs in that start at bootup.

You can disable all but Windows OS, Firewall and any real time security program. You can reenable if needed.

 

On the same page you will see at the top buttons to click on for browsers and tasks. Check those for unwanted startups.

 

If your browser, searches are being misdirected, changed start page or excessive ads are the problem let me know.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users