A little while ago I posted about problems I had with the bizcoaching virus/malware. Got a lot of help here and got it cleared out of my computer (I think). I was still having problems so I did a closer check of my system. Turns out I had several other problem files, including Playtopus, mPlayer, and uninstall helper. I checked the dates and all of the files were loaded on my computer at the same day. I uninstalled every one of them and went through several iterations of removing all traces of them from the system using multiple software packages.

Turns out they were all installed at the same time as a program called Yahoo toolbar. Apparently they piggybacked on that. Don't recall ever installing that program, but that's the way it is. That's the only thing I haven't been able to uninstall. Any help with that?

Sorry, I didn't get it from a link here which I originally thought, apologies to all.

I'm sure I'm going to confuse you even further with this. Most if not all attempts at removing those pesky files I had to do in safe mode, even had to get into the system registry to either delete them or change the value.

As a side note, I completely erase my hard drive once in a while to start fresh, chaps my *** that things are put into my computer without my knowledge or consent and to make it easier on myself I went with the complete erase method.

Some files change there name so they're much harder to detect, I hate that BS.....

As a side note, I completely erase my hard drive once in a while to start fresh.....

I've done that too, but was told it's like shaving an onion and you're killing your computer.

A little while ago I posted about problems I had with the bizcoaching virus/malware. Got a lot of help here and got it cleared out of my computer (I think). I was still having problems so I did a closer check of my system. Turns out I had several other problem files, including Playtopus, mPlayer, and uninstall helper. I checked the dates and all of the files were loaded on my computer at the same day. I uninstalled every one of them and went through several iterations of removing all traces of them from the system using multiple software packages.

Turns out they were all installed at the same time as a program called Yahoo toolbar. Apparently they piggybacked on that. Don't recall ever installing that program, but that's the way it is. That's the only thing I haven't been able to uninstall. Any help with that?

Sorry, I didn't get it from a link here which I originally thought, apologies to all.

I have used **** cleaner
h t tp://www.piriform.com/ccleaner

install and go to tools

the last time my FIL brought me his lap top (free software)

Hope it works

You may want to use this also http://housecall.trendmicro.com/ do a complete scan.

JMHO, yahoo is malware.
Another good malware program is MalwareBytes. It is free.
As GRUMPA mentioned, safe mode is the best way to find and remove malware. Nearly all malware and antivirus programs will work in safe mode.
You didn't mention what AntiVirus you are running, but some are malware/viruses themselves.

Turns out they were all installed at the same time as a program called Yahoo toolbar. Apparently they piggybacked on that. Don't recall ever installing that program, but that's the way it is.
It is frequently the case that you will be advised (automatically) to upgrade or update a piece of legitimate software that you are using. Examples of that might be Adobe Flash, or Adobe Reader, but there are many other possibilities.

When the 'new' files have finished downloading, you are (usually) asked if you want to proceed with the install ... and there is often a block already checked to install 'something else' at the same time.

That something else could be the Yahoo Toolbar, or it might be an entirely new browser like Google Chrome.
You don't need 'the addition' to complete the upgrade/update, so just uncheck the box(es).
The possibilities are endless, and you just have to look the window over carefully before clicking on Continue (or whatever).


That's the only thing I haven't been able to uninstall. Any help with that?
I use Internet Explorer, so what I see is (probably) only 'similar' to what you see.
But, under a menu item such as Tools (or something similar) you should have the ability to disable any toolbar that is active on your browser. Once disabled, you may even be able to uninstall it.

CM

+1 on Montana Charlie's point about the "checked box" to install the toolbar or
Google Chrome. Read every page closely during an update.

That is probably where you got the Yahoo toolbar.

Bill

Thanks CM I'll try that. Maybe that is why it wouldn't uninstall.

Worst case I'll just delete Firefox completely and reinstall it.

See if there isn't a way to list the "browser helper objects" on Firfox. These
are often useful tools like pdf readers or pic viewers, but this is where these
PITA toolbars often are installed and can be turned off at least, if not uninstalled.

There may also be a setting to lock out new browser helpers without your
approval.

Bill

For help with uninstalling most anything, Google is your friend.
Go to https://www.google.com/ type in the search box ? how to uninstall ------ (use name of object in place of hyphens). pick a result, follow directions.

Ccleaner has the startup folder and the uninstall utility , look in extensions and turn off there on your browser and there should be an option to shut it down , I have seen yahoo install itself as the search engine several times after updating different programs , did not ask to install itself it just did , all toolbars are not needed and usually contain malware same as free screensavers spybot will rid your system of a lot of the junk and malwarebytes also .

Some malware can extremely hard to kill.

I caught a nasty browser infection once which I just couldn't get rid off. Even the most effecient malware and virus killers couldn't nail it. They would find the offending .exe file alright and delete it, but as soon as the PC was rebooted, a hidden parasite file would poop out a new .exe file. I finally gave up on removing the file and instead opened the .exe file in a hex editor and scrambled the content enough to corrupt the file.

The parasite mother file is still present on my PC, but her spawn is dead! Only the hollow corpse remains and prevents her from spawning a new...:twisted:

I've done that too, but was told it's like shaving an onion and you're killing your computer.

As a computer professional I can assure you this is incorrect. There are a finite number of writes with the USB keys and the new solid state hard drives but with the platter based HD's this really isn't a problem.

You have to watch the install screens very carefully. Companies get paid by the # of installs. My favorite was the 'infected' pop-up that routed all your software to a dead end, nothing would run. And then there was the email 'love bug' that the IT manager opened and infected the corporate system.

I used to work in IT... We all hated that stealth install junk. There have been some good ideas mentioned here... The three best ones that have always helped me (and I've had to fix some real bad ones too) are as listed above:
oneokie = malwarebytes (get it from download.com)
tryNto = using Google to find specific info on killing something you didn't ask to have installed
GRUMPA = using "safe mode" to weaken malware enough to permit de-installation/removal

Another one I didn't see mentioned is "HijackThis" This creates a small textfile that will show everything that is auto-loaded into your system. Making one of these "report files" when your system is running great gives you a "I know it worked good with this start-up" report. I usually run a new report every month or two and store them in a backup directory to compare to what is showing up AFTER the computer gets stupid on me. It's for those folks that want a PRO-active approach and not just a RE-active one (kinda like folks that check their fan belts, oil, trans fluid and battery before being stuck on the side of the road).

I got malware bad, it comes 8 times on email& ect, what should I do. Thanks- Joe

I got malware bad, it comes 8 times on email& ect, what should I do. Thanks- Joe
Hire an expert to sanitize your machine, then pay him extra to tell you what you should stop doing.

CM

MC gives good advice here, if I really knew what I was doing I wouldn't have been begging for help here. I'm just bright enough to follow basic directions. It might be helpful to be able to identify what virus/malware your computer has. If its a Win machine go to the start button, click on control panel, and then on Programs/Uninstall program. Don't know how to make a list of the items there but if a program isn't one that you recognize from a known manufacturer its probably junk.

JMHO, yahoo is malware.
Another good malware program is MalwareBytes. It is free.
As GRUMPA mentioned, safe mode is the best way to find and remove malware. Nearly all malware and antivirus programs will work in safe mode.
You didn't mention what AntiVirus you are running, but some are malware/viruses themselves.

Good advise here. If you don't boot in safe mode, the problem will just reload itself if you are online.

One of the best things you can do is to check "custom install" when you do install something, so that it will give you the opportunity to uncheck things like "Install the ASK toolbar" and "Make whatever.com my home page." If you did a quick install, there's where things get installed because as noted earlier, the tickboxes are checked by default and unless you choose custom install, it dumps it right on in there and says nothing about it.

Nothing beats a good backup/recovery strategy. Windows does a fairly decent job with system restore, but if a virus gets in the Master Boot Record of your drive, system restore won't get rid of it. I have seen viruses that are polymorphic, stealth, memory resident live happily through the format C:\ and reinstall, there's the virus. Ugh..

I have had to go to debug mode and overwrite the first 200cyls of the drive which takes away the MBR, the Partition Table, the File Allocation Table, then shut the machine down and start from zero. What happens when you do that, it takes all references to hexidecimal address off the drive. It's like going down the street and yanking all the mailboxes out so there's no house numbers anymore. The virus at this point is in memory, even booting off a boot disc it is still in memory, but it can't negotiate where to write itself to upon shutdown because you removed all the addresses it used, and it is finally killed once and for all by this method. This is also extreme, but so was the virus. Safe mode is good, but some of these things are beyond known practical methods of removing them.

Norton Ghost is what I use for backup. After I get an install up and configured with all the apps and tweaks I like, I shut down and boot to a utilities/tool disc and "ghost" that C: partition as a file and save it on other drives and other PCs in my network. Then, if I get a virus or suspicious activity that I want to get rid of, I simply export bookmarks and save them, then overwrite the C: partition with the saved ghost image. Hoobah.. Back to where it was when it won the pole in qualifying... Hope this helps!

OK, I'm going to ask another dumb question. How do you boot into safe mode on a laptop? Pressing the F8 key at startup just freezes everything. The ESC key takes me to a startup menu but safe mode is not one of the options listed.

Same thing happened to me!! I spent the better part of a couple hours clearing that junk out too! Mine all was installed when I installed Internet Explorer 10 all that BS was piggybacked onto it!! If you installed 10 thats where it probably came from! If you did install this program you had to give permission to install all the other programs too! They snuck them in by asking you to install 10 then kept asking for permission to continue installation! I don't like Internet explorer and use Google Chrome most times. Some program require Internet Explorer thats why its still on my machine or it would be gone!!


A little while ago I posted about problems I had with the bizcoaching virus/malware. Got a lot of help here and got it cleared out of my computer (I think). I was still having problems so I did a closer check of my system. Turns out I had several other problem files, including Playtopus, mPlayer, and uninstall helper. I checked the dates and all of the files were loaded on my computer at the same day. I uninstalled every one of them and went through several iterations of removing all traces of them from the system using multiple software packages.

Turns out they were all installed at the same time as a program called Yahoo toolbar. Apparently they piggybacked on that. Don't recall ever installing that program, but that's the way it is. That's the only thing I haven't been able to uninstall. Any help with that?

Sorry, I didn't get it from a link here which I originally thought, apologies to all.

OK, I'm going to ask another dumb question. How do you boot into safe mode on a laptop? Pressing the F8 key at startup just freezes everything. The ESC key takes me to a startup menu but safe mode is not one of the options listed.

See if this helps: http://www.howtogeek.com/howto/windows-vista/force-windows-to-boot-into-safe-mode-without-using-the-f8-key/

OK, I'm going to ask another dumb question. How do you boot into safe mode on a laptop?

Keith,

One quick way to make it give you the "Safe Mode" option is to kill it... If you hold down the power button and it shuts down gracefully, then it will start up normally the next time. If you kill the power while the Operating System is running, then the next boot up will stop for 30 seconds and give you the option of starting normally or going to Safe Mode. Use the up-down arrows to select, then hit Enter...

On a laptop, you may need to disconnect the power supply AND pull the battery while it's running to accomplish the rude shutdown....

Oh, and msconfig looks good, too!!!

I gave up on Internet Exploder a loooong time ago. I use Firefox and have been playing with Chrome. I'll try the power button kill later on, thanks for tip.

Best spot I've found for malware/virus removal. The thread gets updated frequently as new infections and methods are found.

http://forums.majorgeeks.com/showthread.php?t=35407

I am aware that I don't have any geek cred on this board but I can assure you that the only way to give your machine a clean bill of health is a fresh install from a known good source. Once you have gotten rid of all the junk you can find you can be reasonably certain that there is malware you didn't find as some authors are more stealthy than others.

This next part is anecdotal. My grandparents were doing the snow bird thing and got infected while they were away. $250 to a "pro" and they were still infected. They got back, I nuked their system, and after restoring their files they have been trouble free.

I am aware that I don't have any geek cred on this board but I can assure you that the only way to give your machine a clean bill of health is a fresh install from a known good source. Once you have gotten rid of all the junk you can find you can be reasonably certain that there is malware you didn't find as some authors are more stealthy than others.

This next part is anecdotal. My grandparents were doing the snow bird thing and got infected while they were away. $250 to a "pro" and they were still infected. They got back, I nuked their system, and after restoring their files they have been trouble free.

This is the easiest, quickest and most effective way. When friends/family have me do one of theirs I backup their important files to my UNIX file server, nuke the system, reload the OS. While the OS is reloading I run antivirus on the backed up files and remove anything nasty. Then restore their files.

Sounds like an opportunity to total your computer if you don't know for SURE
exactly what you are doing.

Power tools - build a house or cut off your fingers. . . . . . .

Bill

Bill, with the OS and system requirements listed, that app has to be at least 15yrs old. Windows 98, Windows ME with IE5, NT4 are all dinosaurs now. LOL where'd you dig that one up at? :)

Not making fun, just laughing cause I haven't seen Windows ME or 16mb typed in a sentence in so long hell I still had HAIR the last time I saw that!

Haven't seen Avast mentioned. I like it, small memory foot print, and best of all, there is a FREE version.

All second-hand from my geek friends:

1. Google is NEVER your friend.

2. Avoid anything Microsoft higher than IE 7 and XP

3. "Cleaners" are rarely what they seem. Most of them are data gatherers.

That said, they tell me that, since I'm not willing to learn Linux, (I'm still on XP), to trust Malwarebytes and Spybot, and run Firefox with Ghostery, Google Sharing, HTTPS-Everywhere andAdblockPlus, and pay for and run McAfee. That last costs money, but with that setup, so far I've been clean and green for four years.

Spybot has a good shredder, BTW.

Add Yahoo! to that list...

Just got to pass this solution along: Just call NSA for a backup @ 1-Got-Your-Stuff, $99 or $199 for conservatives (don't try to fool us - WE KNOW who you are.

Just got to pass this solution along: Just call NSA for a backup @ 1-Got-Your-Stuff, $99 or $199 for conservatives (don't try to fool us - WE KNOW who you are.

Hilarious!

As others already mentioned sometimes it's worth the time to just go ahead and reinstall Windows. After that you just have to be careful, and tell others that use your pc in the house to be careful, and not to get click happy installing anything. Toolbars and other little things tend to get installed when installing other free programs. Of course back up anything you need to another computer or something first.

Honestly....I don't run antivirus anymore. Not a stand alone program anyway. Microsoft has Security Essentials these days, just their in house antivirus. I run that and SpyBot. Terrible name I know, sounds like malware itself but it's not.

I would argue that a compromised machine is always worth a fresh install. Apart from that I'm with kull 100%