Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hey Bleeping Computer! My grandma got the motherload of rogue crapware.


  • Please log in to reply
3 replies to this topic

#1 WillTheHoopsGuy

WillTheHoopsGuy

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:16 AM

Posted 23 November 2014 - 01:35 AM

Hey Bleeping Computer folks!

My grandma got the "get infected by 1, get 5 free" deal at the local Malware Surplus Store, so Tech Support (i.e. me) is stopping by tomorrow to fix things.

I was able to run a quick MalwareBytes scan yesterday and take a cursory look at what was causing the problems, and I narrowed it down to six rogue junkware things.
 

  1. Spyware Clear
  2. PCTechHotline
  3. OptimizeYourPC
  4. Open Software Updater
  5. PCFixSpeed
  6. Wajom Internet Crapifier "Enhancer"
     

MBAM wasn't able to remove them, but that's what I was expecting.

 

I have an intermediate knowledge base when it comes to removing malware, so I'm not a total rook.

I just wanted to know if anyone knew anything about these particular malwares or had any approaches for how to remove them. I'm not at her house right now, so I won't be able to provide logs right away.

P.S. It's a Vista box; as soon as it gets clean, I'm throwing Win 7 on it. Grandma would kill me if I made her use Metro UI, lol.

Thanks for all your help,
Will



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:16 PM

Posted 23 November 2014 - 06:06 AM

Hi Will -

 

We can try the hard one first if you like ............ If Wajam is not listed in Programs and Features, try this -

If you are using Windows XP, Windows Vista or Windows 7, the easiest way is to Download the Windows Wajam uninstaller and follow the steps to remove Wajam.

Wajam claims this uninstaller removes the entire Wajam app (or so they say).

We can try other methods later if this will not work .

 

Now onto known programs -

Please download RKill by Grinler to desktop and run it.
 * A black DOS box will appear for a short time and then disappear.
 * This is normal and indicates the tool ran successfully.
 * At most the tool will usually run for about 2 minutes
 Please Copy and Paste the small log back here.

Do not reboot your computer until you complete the next step.

 NOW :

  • Download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
  • * Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button (only once)
  • AdwCleaner will begin...be patient as the scan may take some time to complete.(You will watch the Green bar move across).
  • After the scan has finished, click on the Report button only once for accuracy.
  • A report (AdwCleaner[R0].txt) will open in Notepad for your review.
  • Check the listed removals and see if you are OK with them.
  • If you have questions, post the Report log back here.

 Next

  • Click on the Clean button only once for accuracy
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK finally to allow AdwCleaner to Restart the computer and complete the removal process.
  • After rebooting, a log report (AdwCleaner[S0].txt) will open automatically.
    Copy and Paste the contents of that log in your next reply.

Note: With most Adware / Junkware / PUPs it is strongly recommended to deal with it like a legitimate program and uninstall from Programs and Features or Add/Remove Programs in the Control Panel. In many cases, using the uninstaller of the adware not only removes the adware more effectively, but it also restores any changed configuration. After uninstallation, then you can run specialized tools like AdwCleaner to fix any remaining entries they may find.

 

 

You mentioned Malwarebytes Anti-Malware installed, so please Update it, and run a scan.

Post any logs produced to see what is being removed.

 

 

 

Run a free scan with  ESET Online Scanner.

  • For Internet Explorer users only, hold down Control  (Ctrl) and click on This Link to open ESET OnlineScan in a new window.
  • Click the ESET Online button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu. to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.

    Temporarily Disable your Antivirus if requested

    Under scan settings, check "Scan Archives and Remove Threats"

  • Click Advanced settings and select the following:
    Scan potentially unwanted applications
     Scan for potentially unsafe applications
     Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer.
  • Please be patient as this will take some time (2 hours is not unusual for a first scan).
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.

 

 

Now -

Please download Temp File Cleaner by Old Timer
Usage Instructions:

1.Download TFC from the download link above and save the file on your desktop.
2.Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
3.Double-click on the TFC icon.
4.When the program opens, click on the Start button.  TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
5.When done, press OK > Exit, and reboot your computer and finish the cleanup.

6. No log is produced or expected.............

 

Thank You -



#3 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:16 PM

Posted 28 November 2014 - 05:27 AM

Hi Will -

You posted this about a week ago.

 

Will you still be needing help ??

 

Regards -



#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:16 PM

Posted 06 December 2014 - 03:58 AM

Hello -

 

Please start a New Topic now if you wish for help, as we are always willing to help.

I have taken this off my Watch List but please PM me if you wish to continue.

 

Thanks -






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users