Page 1 of 2 12 LastLast
Results 1 to 15 of 20
  1. #1
    5 Star Lounger
    Join Date
    Sep 2002
    Location
    Naples, Florida, USA
    Posts
    1,079
    Thanks
    25
    Thanked 2 Times in 2 Posts

    Sweetpacks experience and question

    Just went through a very unpleasant and time-consuming experience. Although I'm always sure to un-check or skip or otherwise NOT download any programs offered by any free downloads (always first verified by this Lounge or Google or CNet), somehow I ended up with hijacked browsers and a computer filled with malware, compliments of some adware called Sweetpacks. I am absolutely stunned that this happened when I thought all "proceed with caution" steps were being followed! It's taken 2 hours so far to correct something totally unintended. Yikes and grrrr.

    To get rid of it, followed most of instructions on this helpful article (http://malwaretips.com/blogs/remove-sweetpacks-toolbar/), but went from browser fixes straight to Malware Bytes Antimalware without downloading either of the removal programs suggested. It found and removed 38 PUP instances in various locations. They are all gone now. Each browser is now back to what it was.

    Question: Do I have to do anything else? I'm about to do an image backup and want to ensure I'm not imaging anything I don't want ever again!

    Thanks for any advice.

    Linda
    Last edited by IreneLinda; 2013-09-27 at 10:19. Reason: typo

  2. Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    Silver Lounger
    Join Date
    Oct 2012
    Posts
    2,111
    Thanks
    12
    Thanked 242 Times in 235 Posts
    That looks pretty thorough. These days one always has to select Custom install for freeware and shareware and update-ware (Ashampoo and GOM) and uncheck these "other" programs and even then sometimes one is presented with Cancel/Accept buttons in the lower right but also a Decline button in the lower left (or somewhere seemingly disassociated) and the wording indicates one must still click on the Decline button and not the Accept button or one gets the leech programs anyway even though they are unchecked.
    Sent from Windows ME thru Opera 10.63...just before they crashe

  4. #3
    5 Star Lounger
    Join Date
    Sep 2002
    Location
    Naples, Florida, USA
    Posts
    1,079
    Thanks
    25
    Thanked 2 Times in 2 Posts
    Thanks so much for your prompt reply. Love your expression "leech" program!

    Had been avoiding "custom" install as I thought one needed to be a "tech type" to handle anything like that. Now, however, I will always choose Custom to ensure this doesn't happen again - well, or at least try to ensure that it doesn't!

    Off to image ... following earlier Lounge advice, of course!

    Linda

  5. #4
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Northern California
    Posts
    186
    Thanks
    8
    Thanked 42 Times in 36 Posts
    Quote Originally Posted by IreneLinda View Post
    Had been avoiding "custom" install as I thought one needed to be a "tech type" to handle anything like that.
    Linda,

    I agree with F.U.N. Nowadays one should never choose "automatic" or "express" install. Even vendors who should know better--like antivirus companies and Oracle's Java installer/updater--routinely bundle in junkware that pays kickback money. I can't tell you how many customers I come across who have Sweetpacks, Search Conduit, or the Ask toolbar, and they have no idea how they got it.

    Typically, selecting "custom" just preselects the same options "express" would do, with the difference being it pauses to allow you to review each selection before continuing. If you're not tech-savvy enough or don't understand what each option does, just accept the preselected default and continue. (And if you were to accept every default, you'd just end up with the same thing "express" would have done anyway.)

    But by having the installation routine pause at each selection screen, it gives you the chance to spot something you may be able to tell you don't want. So just accept the defaults for most of the screens and uncheck the boxes for what you can tell is junkware.

  6. #5
    5 Star Lounger
    Join Date
    Sep 2002
    Location
    Naples, Florida, USA
    Posts
    1,079
    Thanks
    25
    Thanked 2 Times in 2 Posts
    Excellent advice, dg. I will henceforth choose custom install every time. Your instructions removed my anxiety. Thank you!

    Linda

    P.S. It seems curious and short-sighted of these vendors to bundle their software in so sneakily. The only reaction it generates in me - and I would assume most consumers - is fury and a determination to never use any of their software - ever!

  7. #6
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,625
    Thanks
    161
    Thanked 931 Times in 852 Posts
    Just as a side note, an up to date Image could have gotten you back to the point prior to this "infestation" in about 10 minutes. When you restore from an Image, the drive is formatted prior to the restoration. This wipes out all traces of the problem and restores the disk to the exact moment the Image was created. It is quicker to restore if the Image is up to date with all recent changes.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  8. #7
    5 Star Lounger
    Join Date
    Sep 2002
    Location
    Naples, Florida, USA
    Posts
    1,079
    Thanks
    25
    Thanked 2 Times in 2 Posts
    Sheesh, I know. You're right. And I still haven't got that mid September image done. Had been trying to clean out email before doing so, but now realize it's better to just get the image done and worry about "cleaning out" later. So, I will.

    Linda

  9. #8
    Bronze Lounger DrWho's Avatar
    Join Date
    Dec 2009
    Location
    Central Florida
    Posts
    1,231
    Thanks
    15
    Thanked 163 Times in 126 Posts
    It's pretty hard to just say "I'll never install anything from companies that include "Bloatware" with their programs".... when we have to depend on so many of those programs.
    Like "Shockwave" wants to include 'Norton' something with every install. But all you have to do is READ, READ, READ, and uncheck what you don't want.

    I caution my customers, to read every word, of every little window that pops up, when they are downloading something. Even the best companies may want to give you something you really don't want.
    Toolbars are one of the worse! I won't accept any toolbars, even from my AV company.

    When cleaning up a customers PC, I've taken out over a dozen Toolbars.

    An IT friend sent me a neat little Temp file remover. In one day, it can take out 3-5megs of temp files from my PC.... and I try to keep a really Clean PC. I ran it on a customer's PC the other day and it took out over 100meg of just temp files.
    If you're interested in trying it out, you can download it here:
    https://app.box.com/s/0zbeqnvl4bzfe9d4qyox

    A clean PC is a happy PC. Eh?

    The Doctor
    Experience is truly the best teacher.

    Backup! Backup! Backup! GHOST Rocks!

  10. #9
    5 Star Lounger
    Join Date
    Sep 2002
    Location
    Naples, Florida, USA
    Posts
    1,079
    Thanks
    25
    Thanked 2 Times in 2 Posts
    Good advice - and too often we download when in a hurry and don't read as carefully as we should! Think the "stealth" installers know that and perhaps make it easy to mistakenly download unwanted stuff. Buyer - or, in this case, downloader - beware.

    Will try your temp file remover as your Super Disk Cleaner works wonderfully. Thanks for the link. Would it be something to use instead of or in addition to CCleaner?

    Linda

    P.S. Image done! It's true that it becomes more comfortable each time. Heck, today I didn't even hold my breath!

  11. #10
    New Lounger
    Join Date
    Oct 2013
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Sweet invasion

    I think you may have skipped an important step. Be sure you do a search and delete ALL references to sweetim in your registry either with regedit or some third party program like the one mentioned in your post. Worth half an hour of your life.

    The oxen are slow, but the earth is patient !

  12. #11
    2 Star Lounger
    Join Date
    Feb 2010
    Location
    U.K.
    Posts
    106
    Thanks
    0
    Thanked 17 Times in 13 Posts
    Quote Originally Posted by IreneLinda View Post
    (always first verified by this Lounge or Google or CNet)
    CNet/Download.com went rogue about a year or so ago.
    Some software was clean but some was either polluted or required the acceptance of a "download manager" to supervise the download and installation.

    Recently I have seen that some software is now delivered clean,
    but I will search for alternatives (e.g. Softpedia) before I consider risking a download from CNet.
    I certainly would not have trust in anything that they verify.

  13. #12
    New Lounger
    Join Date
    Dec 2009
    Location
    Bangor, ME
    Posts
    11
    Thanks
    0
    Thanked 1 Time in 1 Post
    Quote Originally Posted by alan.b View Post
    CNet/Download.com went rogue about a year or so ago.
    Some software was clean but some was either polluted or required the acceptance of a "download manager" to supervise the download and installation.

    Recently I have seen that some software is now delivered clean,
    but I will search for alternatives (e.g. Softpedia) before I consider risking a download from CNet.
    I certainly would not have trust in anything that they verify.
    I noticed the same thing about Cnet awhile back. Very frustrating until I noticed that under the green Cnet download rectangle, there is a link named "Direct Download Link".
    That is the link to click on, not the green Cnet rectangle.

  14. #13
    5 Star Lounger
    Join Date
    Sep 2002
    Location
    Naples, Florida, USA
    Posts
    1,079
    Thanks
    25
    Thanked 2 Times in 2 Posts
    Quote Originally Posted by Max Arvidson View Post
    I think you may have skipped an important step. Be sure you do a search and delete ALL references to sweetim in your registry either with regedit or some third party program like the one mentioned in your post. Worth half an hour of your life.
    Aha! I found another Sweetpacks.exe file - in Temp folder - using Ultra File Search. Then opened regedit to double check, but had no clue what to do there!

    Am I okay with just what I've done or should I check with regedit as well? If the latter, could you tell me how I find Sweetpacks entries in it?

    Thanks again,

    Linda

  15. #14
    New Lounger
    Join Date
    Oct 2013
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Yes Linda sorry about delay.
    Make sure you have up to date restore point or image and a recovery disc. Read Fred Langa (windows secrets) as much as you get your hands on) on this topic and everything else computers.

    Open regedit
    First export a copy of your register to a safe directory.
    Then
    - click on edit - click on find - type in "sweetim" (without quotes) - Hit enter - Hit Delete.
    Press F3 to find next occurrence of sweetim and repeat deleting until end of file.

  16. #15
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,625
    Thanks
    161
    Thanked 931 Times in 852 Posts
    Linda,

    I found that CCleaner registry cleaner does a really good job of cleaning out leftover stuff of uninstalled apps. It might also find many if not most of these sweetim things. I would check that before running regedit. I used to use regedit regularly, but CCleaner (if used judiciously) can cut down the amount of work you have to do with regedit.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •