Overclock.net banner
1 - 17 of 17 Posts

·
Registered
Joined
·
439 Posts
Discussion Starter · #1 ·
My pc had a clean install of windows 7 pro a week ago.

Was on the net using firefox and when updating java this damn pc health kit got installed somehow.

I always use the custom option and uncheck everything bundled with stuff when installing but didnt see anything about pc heath kit.

Im pretty sure its that same old anoying malware prog that tells u your pc is infected and wants money to fix it.

I remember it was a pain to remove on a buddies system years ago.

Tried a sys restore , failed.

Any way to remedy this besides windows reinstall?

Thanks
 

·
Registered
Joined
·
4,409 Posts
Malwarebytes can likely remove it or Superantispyware.

Alternatively if you like doing it the hands on way a lot of these malwares are cookie cutter variants that can be removed relatively easily. BUsy at work, but if you would like to do it that way, I can write up a quick check to tell let you know how.
 

·
Registered
Joined
·
439 Posts
Discussion Starter · #3 ·
Its crazy, I avoid downloading on the net unless its a known source or a tested torrent but with this... all I did was update java through firefox and now without my knowing have

Pc health kit
IMinent
And Sendori installed on my machine.

AVG doesnt pick up on it, system restore failed and removing through the control panel just causes uninstaller to freeze.

I feel like an @$$ for even allowing this crap to get installed, just dont understand how it happened with a java update
 

·
Registered
Joined
·
4,409 Posts
Eh, changed my mind, I'm gonna write it up anyway
smile.gif


Like I was saying, a lot of these malware are cookie cutter, they take the same core virus, change the GUI and a bit of code so that it can slip by updated virus definitions because its something new. Why write something new if you can modify it and make it work again? Anyways, due to this fact its a lot of the rogue AV malware stores itself in the same locations. I am not familiar with the specific one you refer to but this is what I would check first if I were working on it and wanted to remove it the hands on way.

Go into your C:\Users\youruseraccountname\appdata\local\ & C:\Users\youruseraccountname\appdata\Roaming\ & C:\Progam Data\

In these three directories you are likely to find executables with random characters for names (8-10 characters normally) that were created at the time you got the infection on your PC.

If you dont find anything in these locations press Windows+R to launch the run window and type msconfig. Go under the Startup tab and remove any malicious entries and entries you just dont want. These are all programs that run on startup and you can remove whatever you like from being on startup that you see here.

IF msconfig wont launch, boot into safemode and then do everything above. Doing the above steps will get you to the point where you can scan be assured you are removing the virus.

OH I forgot to mention, if you cannot scan or delete the files in the above directories, you will need to do everything i said in safemode. Also, when/if you delete the files you should do Shift+Delete to permanently delete them so they don't just sit in your recycling bin for ages
tongue.gif


Everything I've said here is pretty quick and dirty and low risk but should be plenty effective. I'll watch the thread throughout the day if you have any questions or trouble with it.

Edit: If I get enough free time here today I'll do some research on the specific things you've named and see what I can find.
 

·
It's a me
Joined
·
2,889 Posts
Go into safe mode and try uninstalling it there. If that doesn't work, try revo-uninstaller from normal mode. If that still doesn't work, run Combofix and Malwarebytes from safe mode. Otherwise, you're probably going to have to reinstall. Also, make sure you don't have an infected flash drive or portable device.
 

·
Registered
Joined
·
439 Posts
Discussion Starter · #7 ·
When hitting alt ctrl del durring frozen uninstaller it stated iminent was uninstalled, it then let me uninstall the others but only after reboot.

Does these seem like malware or another threat or just bundled bs that comes with java?

Is there a good freeware program I can use to make sure everythings clean?

Thanks again
 

·
Registered
Joined
·
4,409 Posts
Quote:
Originally Posted by Jayjr1105 View Post

Go into safe mode and try uninstalling it there. If that doesn't work, try revo-uninstaller from normal mode. If that still doesn't work, run Combofix and Malwarebytes from safe mode. Otherwise, you're probably going to have to reinstall. Also, make sure you don't have an infected flash drive or portable device.
Combofix is a great tool as well but reinstalling is unnecessary for the malware on his computer. These aren't the hardcore viruses of old, most rogue AVs are no more then 5-6 files in the appdata directories and occasionally Program Data.

EDIT:
Quote:
Originally Posted by deezdrama View Post

When hitting alt ctrl del durring frozen uninstaller it stated iminent was uninstalled, it then let me uninstall the others but only after reboot.

Does these seem like malware or another threat or just bundled bs that comes with java?

Is there a good freeware program I can use to make sure everythings clean?

Thanks again
I'd scan it with Malwarebytes even though they say they are gone. A quick google shoes IMinent & Sendori are often viruses.
 

·
Registered
Joined
·
439 Posts
Discussion Starter · #9 ·
Going to try some of the suggestions.

Ive also noticed my firefox homepage was switched to yahoo, I reset it to default but when I search something it still shows up with yahoo results.

After exiting firefox and reopening... it now wont search or bring up any results.

What the bleep.

Could this crap really of came from a java update???

Or was I tricked into installing a bundled malware java update?
 

·
It's a me
Joined
·
2,889 Posts
Quote:
Originally Posted by deezdrama View Post

Going to try some of the suggestions.

Ive also noticed my firefox homepage was switched to yahoo, I reset it to default but when I search something it still shows up with yahoo results.

After exiting firefox and reopening... it now wont search or bring up any results.

What the bleep.

Could this crap really of came from a java update???

Or was I tricked into installing a bundled malware java update?
From now on get programs and updates from ninite.com You'll thank me later
wink.gif
 

·
Registered
Joined
·
439 Posts
Discussion Starter · #11 ·
Quote:
Originally Posted by Jayjr1105 View Post

From now on get programs and updates from ninite.com You'll thank me later
wink.gif
Ninite....ill have to remember that.

I cant find my appdata folder or an option to show hidden folders, but there wasnt anything suspicious in startup.

I had a left over program file from iminent that I deleted.

Downloaded malwarebytes am and updated/scanned.....says im clean.

Guess ill just have to uninstall dl firefox again as its not working.

Big middle finger up to java and trying to transform machines with their forced bundles of crapware.

Anyone feel like updating their java?
thumb.gif
 

·
Registered
Joined
·
4,409 Posts
Quote:
Originally Posted by deezdrama View Post

Ninite....ill have to remember that.

I cant find my appdata folder or an option to show hidden folders, but there wasnt anything suspicious in startup.

I had a left over program file from iminent that I deleted.

Downloaded malwarebytes am and updated/scanned.....says im clean.

Guess ill just have to uninstall dl firefox again as its not working.

Big middle finger up to java and trying to transform machines with their forced bundles of crapware.

Anyone feel like updating their java?
thumb.gif
Sorry about that, I forgot to mention that its a hidden folder. To show hidden folders and files on Windows 7 you go into a Windows Explorer (Windows+E) window and press Alt. This will bring up the menu bar where you go to Tools and then down to Folder Options. That brings up the FOlder Options window where you go to View and then you would select "Show Hidden Files, foldes, and drives" as well as deselect "Hide empty drives in the Computer folder", "Hide extensions for known file types", and "Hide protected operating system files". This will allow you to see every file and its file extension as well.

As for Firefox, I would reinstall it yes. let us know though if your issue persists as its probably a Firefox profile issue if it does. That aside, sounds like you are good to go. Just keep an eye on things over the next couple days and you should be good
smile.gif
 

·
Registered
Joined
·
439 Posts
Discussion Starter · #14 ·
Wth....

Went to youtube and it asks to update flashplayer....
Click custom install and uncheck 3 items...toolbar ect.
Then it says some optimizer program must be installed and theres noway around it (clicking next confirms the optimizer install) I canceled it

I just downloaded flash about a week ago after a clean windows install and it didnt want to install any crap like this.
 

·
It's a me
Joined
·
2,889 Posts
Quote:
Originally Posted by deezdrama View Post

Wth....

Went to youtube and it asks to update flashplayer....
Click custom install and uncheck 3 items...toolbar ect.
Then it says some optimizer program must be installed and theres noway around it (clicking next confirms the optimizer install) I canceled it

I just downloaded flash about a week ago after a clean windows install and it didnt want to install any crap like this.
Like I said, use ninite.com man. Unfortunately ninite has removed flash but it autoinstalls everything and you get no toolbars or any bloatware.

Edit: I have an old ninite Flash and Java installer you can still use though..

here

Almost forgot, make sure all browsers are closed when you run the file
 

·
Registered
Joined
·
4,409 Posts
Very odd. It almost sounds like your installer request is getting hijacked. If you still have trouble after trying his installers, read the instructions and then download combofix and run it in safemode.
 

·
Registered
Joined
·
1 Posts
While surfing down the internet, there is no big deal to adopt plenty of noxious viruses. These viruses can be hidden in various of unexpected and odd places, thats why they are called noxious and unpredictable viruses. From my own experience I can tell that I had dealt with many of the malware programs, during the time I have learnt plenty of ways how to solve these kind of issues. First of all, I would suggest you cleaning your computer from all uncertain programs, secondly, try to use this guide: http://2-spyware.com/remove-pc-health-kit.html
This guide helps in most cases.

By the way, if you have any questions for me you can text me on Twitter @CarmeloL7 anytime!
smile.gif
i will text you back with pleasure
 
1 - 17 of 17 Posts
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top