Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AdwCleaner... What NOT to Delete ???


  • This topic is locked This topic is locked
11 replies to this topic

#1 auklet

auklet

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:washington state and Ecuador
  • Local time:06:59 PM

Posted 20 August 2015 - 06:05 PM

My first post here.  I am pretty green for computer knowledge

 

 I have surveyed this web site its SEARCH window in order to prevent from posting for an assist.  One search came up with a thousand posts that matched my search words.  Perhaps I should have used less words ?   I am thinking I got matches for the word "the."  In any case, what I found initially did not match my very general question (below). Perhaps a tip on doing an effective search would be in order ?

 

AdwCleaner is easy to use, but I am not going to willy nilly "clean" all of its findings in my registry or files (relatively few files compared to a multitude in registry. Other than the scan, I did nothing else....no celaning. 

 

QUESTION 1 of 2:  May I upload the AdwCleaner log of its scan result of my computer to this site to the appropriate forum as I have seen advised in order for a review by a knowledgeable person to advise me what NOT to "clean" off my computer ?

 

Question 2 of 2:   Is it advisable to set a restore point prior to the "cleaning ?"

 

 

The above is general questioning, so the below may not be relevant at the moment, but here it is:

 

I completed the profile on this laptop at this site, but many questions were left unanswered as to specific hardware on my computer.  I did not how to find the answers. 

 

I have a very new Lenovo Flex laptop using Windows 8.1

It has an i7 Intel processor with 8 RAM

I use Chrome browser  (a poor choice when it comes to trying to prevent adware)

Until a few days ago, I used malwarebytes on this computer and have switched out for Vipre Security (not AV, which is included in Security).  Malwarebytes had six findings quarantined, and I deleted them.  Vipre Security has found nothing.

 

 

I researched issues about Lenovo bloatware and removed what was described as "threats" and much of the remaining Lenovo related bloatware along with MSFT's too (and other publishers).

 

I have an HP laptop that needs Adware removal, too, The answers to the general questions can be applied to both computers.  Very glad you are here !

 

 

 

 

 

 



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:59 PM

Posted 20 August 2015 - 06:43 PM

Creating a restore point is a reasonable thing to do.

 

Post the results of the scans using the programs below for one computer. We'll clean the second after the first...better that way as it will be less chance of confusing us.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

If you have uninstalled MBAM...reinstall

Download Malwarebytes' Anti-Malware from Here 
Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

 

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 auklet

auklet
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:washington state and Ecuador
  • Local time:06:59 PM

Posted 21 August 2015 - 08:42 AM

Thank you Buddy.

 

I have a question before getting started with the prescription you made.

 

If the answer is a pat answer that is ALWAYS the only answer because the pat answer is ALWAYS the correct one to my question, I will live with that.  

 

Would I be denied assistance if I did not do the Malwarebytes element to the prescription ?   It is a high probability (from my limited view) that it would not be needed, and I do not relish having to set up a recently uninstalled Malwarebytes (just three days ago), which is not to terrible to do, but I dread having to set up Vipre again, the application I chose to replace it.  I am using a brand new Lenovo laptop, and MBAM was good at immediately detecting the notorious Lenovo supplied PUPs and malware --seven of them.  After a few days, more with MBAM, no further detections were made.  After those few days,  I traded MBAM for Vipre which found nothing.  

 

Subsequently, my experience has been annoying with pop ups and too many ads in my way.  I fault in part Chrome with this as it is well known it tracks me and excessively interferes with me by distributing paid-for advertisements.  I otherwise like and wish to keep Chrome until I find an alternate browser.  (I have had bad experiences with IE and Firefox.)  Looking for any other malware/adware generated from Lenovo seems practical to me which is my objective now.

 

Is not including MBAM in the prescribed protocol BAD ?  Can I get assistance without using MBAM if only for the reason to avoid the installings an uninstallings ?

 

 



#4 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:59 PM

Posted 21 August 2015 - 08:59 AM

You can have both MBAM, especially the free version, and Viper installed without any conflicts. I would prefer you reinstall MBAM because of

its track record in finding and removing many of the adware programs. It really sounds like you have managed to pick up one or more adware programs

possibly from installing free programs and add-ons for Chrome.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 auklet

auklet
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:washington state and Ecuador
  • Local time:06:59 PM

Posted 21 August 2015 - 05:57 PM

As you recommended, I used malwarebytes free version. (FYI ... prior to coming to Bleeping, I tried to use the new Vipre with my Malwarebytes Premium, and I did have a scare moment which I assumed was due to a conflict of the two.  The free version of course is not real time active, and as you suggested would probably not be a conflict, but I uninstalled Vipre anyway.

 

 I have completed all scans, and their logs are in order.  

 

Question (underlined):  Apparently I describe my objective and attach my logs at the VTSM Removal Logs forum and wait for assist from someone.  At this point, all that seems relevant there for me are the last two steps in the pinned Preparation Guide ? .... since I have not run a FRST.   (Steps 7 and 8 are the last two steps and are about the theory and mechanics of posting I need to pay attention to.) 



#6 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:59 PM

Posted 21 August 2015 - 07:12 PM

These are the instructions I usually give when recommending a user start a new topic in the Malware Removal Forum.

Please follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6.

  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running FRST which will create two logs.

When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.

Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs...start the new topic anyway. Explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them. A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.

After doing this, please reply back in this thread with a link to the new topic so we can close this one.

 

DO NOT bump your new topic. Wait for a response from one of the Team Members.

 

QUESTION>>>what do you mean by logs are in order?

 

Actually, I concur with the removal of Vipre. Looking at some reviews over the years it is not one of the best....mediocre and is reported to have the highest rate of false-positives.

Two antivirus programs you might consider are Avast and Kaspersky.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 auklet

auklet
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:washington state and Ecuador
  • Local time:06:59 PM

Posted 21 August 2015 - 11:18 PM

Your briefer more specific summary of how to apply myself to the Removal forum is welcome. I actually wrote them down which is sequentially clearer for me than all the verbiage at the Guide. I had read the Guide before, and glad that I did....rather a long, run-on sentence for me.  Thanks again.  
 
YOUR QUESTION TO ME:  What do I mean my logs are in order.  ANSWER: They are complete, assembled and ready to be uploaded when it is time.
 
The exception is ESET.  What I found at your link was ESET promoting its products for Back to School !  Nothing else.  I used its search window to find Online scanning.  Then the ambigutiy started.  It, too, said because on my browser, I needed to do something differently which was to first use its utility before scanning.  But I did not get any coordinating instructions between the two.  I tried to resolve it with your guidance, which didn't work for me either.  But you have just advised, if I don't have a log, someone at the other forum will help.
 
Your Malwarebytes advice made sense that I would not have to remove Vipre, particularly if I use the free version.  Before coming to Bleeping for help, I took a chance with my long-owned MBAM Premium, and I got a scary moment I assume because the "active" MBAM did not mix with the Vipre.  So with your advice, I used the free, passive MBAM.  But not to get a scare again, I uninstalled Vipre anyway.  I have its internet security suite that includes AV.  Your comments were a stark contrast to the source I relied on for its quality against a review of its competitors.  But I mindlessly relied on that one source without further due diligence elsewhere.  The source of review could be a subsidiary of Vipre's company. 
 
 
The Internet Security includes the AV, which on another page the AV is touted the best for 2015.


#8 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:59 PM

Posted 22 August 2015 - 06:30 AM

So, are you going to start a new topic in the Malware Removal Forum or do you want to continue here? If you want to continue here you will need to

post the logs of the scans that I requested.

 

If you intend to start a new topic there is no need to scan with Eset at this time if you haven't done so.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 auklet

auklet
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:washington state and Ecuador
  • Local time:06:59 PM

Posted 22 August 2015 - 10:35 AM

Yes.. as I stated earlier, I understood the Removal site is where I am to go next, and you followed up with an excellent succinct guide as to what and how best to post.  You also stated I should start with step 6, not step 7; I am to run the FRST scan.  Thank you in your last post about your point on ESET.  And yes, from your request in an earlier post, I will gladly send you a link to my opening the new topic on the Removal forum.   I am grateful for your quickness and guidance.  Thank you !



#10 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:07:59 PM

Posted 22 August 2015 - 02:31 PM

New topic is here: http://www.bleepingcomputer.com/forums/t/587521/lenovo-imbeds-and-adware-need-removal/


Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#11 auklet

auklet
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:washington state and Ecuador
  • Local time:06:59 PM

Posted 22 August 2015 - 02:57 PM

My new topic appears to have posted and Orange Blossom posted the link on this forum before me.  The link looks accurate as mine is below. 

 

http://www.bleepingcomputer.com/forums/t/587521/lenovo-imbeds-and-adware-need-removal/

 

I did at the Removal forum include the FRST text and ADDITIONAL (FRST) text got attached.  I clicked the submit button and left the room. When I returned, I saw on the screen a "timed out message."  But I saw it had posted at the forum.  What I cannot see is my attachment ADDITIONAL.  Apparently that does not show or did it get attached ? If you don't know, I will find out eventually. 



#12 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:07:59 PM

Posted 23 August 2015 - 05:17 PM

Hello auklet,

The addition text now shows. Sometimes the forum is wonky and doesn't show the attachment, so I've played a trick so that it does show. Incidentally, I deleted the two duplicate topics you created yesterday, which is why I posted above with your topic link. I was pressed for time yesterday which is why I didn't post further then. I think you weren't aware that you made the duplicate topics. When you get a Timed Out message after posting, it's a good idea to refresh the page, or navigate to the forum or topic where you were posting to see if it posted after all. Frequently, the topic or post actually posted.

Now that you have posted a log, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users