Page 1 of 2 12 LastLast
Results 1 to 15 of 24
  1. #1
    3 Star Lounger
    Join Date
    Jan 2010
    Location
    Michigan
    Posts
    384
    Thanks
    1
    Thanked 4 Times in 4 Posts

    How do we get rid of this malware?

    A friend of mine has a Windows 7 PC.

    He reads our newspaper online.

    This issue below occurs when he uses his primary browser (Chrome)

    All of a sudden, whenever he goes to the newspaper site, he gets errors/pop-ups, mostly by
    PChelpandsupport.biz

    It warns of errors and wants him to call a certain number.

    This is clearly a scam.

    I have had him run his Norton A-V and Malwarebytes. It finds things , but the situation keeps occurring.

    When I google this, I find lots of information, but it seems each such informative site wants him to d/l some removal tool or the other. Suggestions?

    I am thinking of having him install adwarecleaner and ccleaner. Those are programs I use and trust.

    Any other suggestions?

    Mel

  2. #2
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,485
    Thanks
    283
    Thanked 573 Times in 477 Posts
    Malwarebytes, Adwcleaner and JRT, ensure that each of them removes all found items. Follow up by resetting Chrome to defaults.

  3. #3
    3 Star Lounger
    Join Date
    Jan 2010
    Location
    Michigan
    Posts
    384
    Thanks
    1
    Thanked 4 Times in 4 Posts
    What is JRT?

    Mel

  4. #4
    3 Star Lounger
    Join Date
    Jan 2010
    Location
    Michigan
    Posts
    384
    Thanks
    1
    Thanked 4 Times in 4 Posts
    Sart:

    OK, I found JRT. I assume it is the Junkware Removal Tool. I see they also mention Adware Cleaner. Question: this was on the Bleeping Computer site. Is it safe to d/l those programs from this site?

    Mel

  5. #5
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,485
    Thanks
    283
    Thanked 573 Times in 477 Posts
    That's the right one, Bleeping is as trustworthy as the author's own site (it's where most of the downloads come directly from anyway).

  6. The Following User Says Thank You to satrow For This Useful Post:

    miztrniceguy (2015-05-25)

  7. #6
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,168
    Thanks
    47
    Thanked 978 Times in 908 Posts
    Those pop-ups seem to be part of malware. This page has details and removal instructions.
    http://malwaretips.com/blogs/pchelpa...t-biz-removal/

    cheers, Paul

  8. #7
    2 Star Lounger
    Join Date
    Mar 2011
    Location
    Australia
    Posts
    124
    Thanks
    0
    Thanked 0 Times in 0 Posts
    My Win 7 system also recently had malware (which I originally thought was a virus), where I was suffering from frequent pop-up's.
    The in-home technician that I booked came and mentioned that 'Rkill' is a effective removal tool for malware, which is a free download.

  9. #8
    jwoods
    Guest
    Quote Originally Posted by Robko View Post
    My Win 7 system also recently had malware (which I originally thought was a virus), where I was suffering from frequent pop-up's.
    The in-home technician that I booked came and mentioned that 'Rkill' is a effective removal tool for malware, which is a free download.
    It will kill 32 and 64-bit processes, but it doesn't remove anything...

    http://www.bleepingcomputer.com/foru...o-the-program/

  10. #9
    5 Star Lounger
    Join Date
    Mar 2010
    Location
    east coast
    Posts
    701
    Thanks
    89
    Thanked 8 Times in 8 Posts
    dont use chrome

    my experience with it is poor to terrible
    slower than a snail swimming in molasses
    and sucks up so many cycles to serve ads
    and take your personal info you agreed to in the TOS
    buggier than a georgia swamp in the summer
    and hangs up on so many sites because of its erroneous design



    Quote Originally Posted by compiler View Post
    A friend of mine has a Windows 7 PC.

    He reads our newspaper online.

    This issue below occurs when he uses his primary browser (Chrome)

    All of a sudden, whenever he goes to the newspaper site, he gets errors/pop-ups, mostly by
    PChelpandsupport.biz

    It warns of errors and wants him to call a certain number.

    This is clearly a scam.

    I have had him run his Norton A-V and Malwarebytes. It finds things , but the situation keeps occurring.

    When I google this, I find lots of information, but it seems each such informative site wants him to d/l some removal tool or the other. Suggestions?

    I am thinking of having him install adwarecleaner and ccleaner. Those are programs I use and trust.

    Any other suggestions?

    Mel

  11. #10
    Lounger bcoop's Avatar
    Join Date
    Jan 2011
    Posts
    30
    Thanks
    10
    Thanked 0 Times in 0 Posts
    After running Malwarebytes and AV program, if I still get the little bugger bothering me when I restart my computer, I check out the start-up files. Found one in there with a slightly different name that evaded the cleaning.

  12. #11
    Super Moderator
    Join Date
    Aug 2012
    Location
    Durham UK
    Posts
    6,606
    Thanks
    147
    Thanked 869 Times in 831 Posts
    Did you run AdwCleaner and JRT as well ?

  13. #12
    Lounger bcoop's Avatar
    Join Date
    Jan 2011
    Posts
    30
    Thanks
    10
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Sudo15 View Post
    Did you run AdwCleaner and JRT as well ?
    I run Malwarebytes and an antivirus Sudo15. I also run adblockplus which keeps those curiosity inducing ads away. I seldom get a virus or the like. But my computer is for personal use and I'm probably not as active online as those who are in the "computer business", or business that uses computers.

    Startup is just another place I've learned to look if something unwanted keeps popping up.

  14. #13
    Star Lounger Wiley's Avatar
    Join Date
    Mar 2013
    Location
    St. Louis, MO
    Posts
    72
    Thanks
    1
    Thanked 8 Times in 8 Posts
    one of my cllients had a virus that kept changing it's name and restarting. i'd kill the job and delete the file and it would restart in about 15 seconds with a different name. the virus hid itself in the prefetch folder.

    i would delete all the files in the prefetch folder (not the folder, just the files) then reboot, the system will rebuild the contents of the prefetch, it will be a little slower on the initial boot up but only the first time.

  15. #14
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,485
    Thanks
    283
    Thanked 573 Times in 477 Posts
    AdwCleaner and JRT are specific Adware/crapware tools rather than the generic antivirus/antimalware type of programs, being designed and frequently updated to specifically target certain types of software 'infections' that are ignored by others. With some problems, even all of the above won't fix certain problems, commonly, browsers also need resetting individually to remove browser/home page/search redirects and unauthorised changes.

    Root/Boot-kits are other types of infections that require specialist tools.

    Rkill is another type of specific tool, designed to kill running processes that are preventing the running of legitimate AV/AM tools.

    Removing a .pf prefetch link file doesn't remove the infection from the drive.

  16. #15
    Star Lounger Wiley's Avatar
    Join Date
    Mar 2013
    Location
    St. Louis, MO
    Posts
    72
    Thanks
    1
    Thanked 8 Times in 8 Posts
    it was an .exe file hidden in the prefetch

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •