[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Malware

Posted on 2014-08-02
18
Medium Priority
?
1,042 Views
Last Modified: 2014-08-13
My OS is win 7 prof 64 bit and somehow the following program got onboard : Secure Fast PC Optimizer and it always wants to scan my pc.  I was trying to uninstall it from the control panel but I do not see it listed under Programs, nor can I see a directory in Program Files.  My anti virus, Avast did not seem to catch this program.  How do I get this malware uninstalled and deleted for good from my pc.  Thank u for your advice.
0
Comment
Question by:jegajothy
  • 7
  • 4
  • 2
  • +2
17 Comments
 
LVL 24

Accepted Solution

by:
aadih earned 428 total points
ID: 40236333
The best way is to restore your PC to a time before this pest got installed. The preferred approach is to boot up in safe mode with command prompt and type rstrui.exe to restore.

If you cannot do that, please scan your computer with MalwareBytes AntiMalware (free).
0
 
LVL 39

Assisted Solution

by:BillDL
BillDL earned 144 total points
ID: 40236404
Can you positively identify ALL of the installed programs on your computer?
Start button > Control Panel > Programs >:
"Uninstall a program" option if you are in the default view.
"Programs and Features" option if you are in Classic View.

It's always better to first look and see whether the offending program might be listed there under a different name from how it appears as the running program, but if it is adware or malware it often will deliberately not be listed there.

Are you absolutely sure that the program is actually named "Secure Fast PC Optimizer"?  That is possibly just the wording that appears somewhere in the program window that keeps appearing.  There are loads of similar sounding programs, for example:

http://www.pchealthcure.com/SecurePCOptimizer.php
where you will see that they repeatedly use the words "Secure PC Optimizer" in the description.  That one should appear with that name in the uninstallable programs list though.

Programs like these often install other junk or adware, so even if you found a method to uninstall the one you are seeing, there could be other unwanted programs left.

You could try AdwCleaner downloadable from either bleepingcomputer.com or from the autor's website:
http://www.bleepingcomputer.com/download/adwcleaner/
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
0
 
LVL 24

Expert Comment

by:aadih
ID: 40236424
If the pest's alias is recognized, use Revo Uninstaller (free) to uninstall.
0
Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

 
LVL 18

Assisted Solution

by:web_tracker
web_tracker earned 144 total points
ID: 40236951
Two helpful tools that I use to remove applications that do not show their presence in "programs and features" are JRT (junk removal tool) http://www.bleepingcomputer.com/download/junkware-removal-tool/ and adwcleaner http://www.bleepingcomputer.com/download/adwcleaner/
As well I would run malwarebytes.
0
 

Author Comment

by:jegajothy
ID: 40255805
Thank u to all the Gurus and Experts for your suggestions and inputs.  I have tried virtually all the suggestions one by one, but nothing has worked to get rid of the Win 32/Caphaw malware, it is still there and it keeps popping up from time to time.  I am now running malwarebytes Chameleon, with a normal scan and also a custom scan, but still it has not been able to detect this malware and remove it.   I have also researched on the internet and tried their suggestions, and still no luck so far.   Please let me know if there is anything else I should be trying.   Thank u for all your suggestions.
0
 

Author Comment

by:jegajothy
ID: 40255822
In response to BillDL, I have checked the Control panel, and confirm that the program is not listed in any variations of the name.  I now have Revo Uninstaller, prepared to do a thorough uninstall.  But I have to find the name of the Program first.  I tried looking at the windows explorer and it is not listed anywhere.
0
 
LVL 88

Assisted Solution

by:rindi
rindi earned 284 total points
ID: 40255916
Just as a reminder, you must run malwarebytes with the PC started up in normal mode, and not with it booted in safe mode. Malwarebytes is designed to run in normal mode and a lot of malware can't be found if it is run in safe mode, as the malware has to be active during the scan.
0
 
LVL 24

Assisted Solution

by:aadih
aadih earned 428 total points
ID: 40255928
Please take a look at your browser toolbars and addons. Remove all toolbars and disable addons.

Try also scanning your PC with AdwCleaner:

http://www.bleepingcomputer.com/download/adwcleaner/ >
0
 

Author Comment

by:jegajothy
ID: 40255966
in response to aadih (40255928), i followed your advise and did that too, but no luck so far.  thank u for your suggestion.
0
 

Author Comment

by:jegajothy
ID: 40255976
In response to rindi,I ran malware in the normal mode but it did not find this particular win32/caphaw malware. Thank u for your suggestion.
0
 
LVL 24

Assisted Solution

by:aadih
aadih earned 428 total points
ID: 40255982
I believe, you are better off saving your important files and data and doing a clean install of Windows 7.

A tutorial here:

http://www.sevenforums.com/tutorials/1649-clean-install-windows-7-a.html >
0
 

Author Comment

by:jegajothy
ID: 40256452
thank u for your response Aadih, as I have so much stuff on my pc, it will put me back in terms of productivity for a very long time.  Maybe, I will go in for a Microsoft paid support if my interim efforts fail and also until my pension checks get in.  Thank u again for your suggestions.
0
 
LVL 18

Expert Comment

by:web_tracker
ID: 40256520
did you use revo uninstaller to unistall Secure Fast PC Optimizer ?  As that was the original name of the program you mentioned in your original post. But if Revo unistaller does not see this application, it may have gone by some other name.
0
 

Author Comment

by:jegajothy
ID: 40256781
In response to web tracker, I am afraid the application has gone by another name, and i cannot figure out what it is despite going over many times .  I wonder when the program displays the malware, like in the attached snapshot, is it possible to find out to load the Task Manager to find out what service or process it is running though i could not see what application was running.  Thank u again for your inputs.
win32-caphaw-screen-shot.JPG
0
 
LVL 88

Assisted Solution

by:rindi
rindi earned 284 total points
ID: 40256821
Do you really need all that "stuff" to be productive? I usually find that at least 90% of the installed software isn't really needed. I really only need a handful of software to be actually installed on a PC. For most software there is also a good free alternative within PortableApps. Most of my software I use on Windows PC's are PortableApps. For example there is LibreOffice, a better "Office" than m$ Office, or the "Gimp", a software that can be compared to Photoshop, or the foxit reader, which is better than the adobe reader, and there are many more.

With PortableApps you have the advantage that you can, if you want to, put all those apps on a USB stick, and then you can carry them around and use your favorite apps on any Windows PC that allows you to run things from USB sticks. Another Advantage is that the PortableApps launcher handles all updates, and with it you can also list apps that are available for download, and you don't have to do much installation.

http://portableapps.com
0
 

Author Closing Comment

by:jegajothy
ID: 40257283
Thank u everyone for your suggestions.
0
 
LVL 39

Expert Comment

by:BillDL
ID: 40257870
Thank you jegajothy
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes Administrators rights are not enough. These cases call for the SYSTEM account. The process in this article outlines the steps required to execute commands using the SYSTEM account.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question