Jump to content

How do I remove 'Hotcleaner.com' from my computer?


Go to solution Solved by MKDB,

Recommended Posts

This morning when I logged in to my Windows PC and opened up the Chrome browser I saw a 'Privacy Test Updated Successfully' tab pop up. Turns out it is the 'Hotcleaner.com/privacy-test-updated.html'. I ran Malwarebytes (I have the premium version) but it did not remove this virus. How do I get rid of this Hotcleaner virus? URGENT ..... Please help!!!

image.thumb.png.f86bf557796613d5ba28a5735ef32ad5.png

Link to post
Share on other sites

  • Solution

Hello  @sonuj2  and  :welcome:

 

My name is MKDB and I will assist you.

 

 

Let's keep these principles as we proceed. Make sure to read the entire post below first.

  • Please follow the steps in the given order and post back the log files.
  • Please attach all log files into your post.
  • Before we start, please make sure that you have an external backup, not connected to this system, of all private data.
  • Only run the tools I guide you to. Please don't run any other scans, download, install or uninstall any programs while I'm working with you.
  • As English is not my native language, please do not use slang or idioms. It may be hard for me to understand.
  • If you do not respond within 4 days, your topic will be closed.
  • Cracked or hacked or pirated programs are not only illegal, but also will make a computer a malware victim. Having such programs installed, is the easiest way to get infected. It is the leading cause of ransomware encryptions. It is at times also a big source of current trojan infections. If you are running any kin of illegal software on your system, please uninstall them now, before we start the cleaning procedure.

 

 

  • Open Google Chrome.
  • Typ chrome://extensions in the adress bar and press Enter.
  • Activate developer mode in the upper right corner.
  • Search for the extension  Privacy Test( ID: pdabfienifkbhoihedcgeogidfmibmhp )  and click on Remove.
  • Confirm with another click on Remove.
  • Close Google Chrome.

 

Let me know if that was helpful.

 

 

Link to post
Share on other sites

Hello MKDB,

I activated the 'Developer Mode' per your suggestion and removed the 'Privacy Test' extension as it now popped up in the extensions. Once I clicked on 'Remove' it went away and I did not see the Privacy Test box again to click on 'Remove'. Am I missing something or that was the end of it? Please do let me know.

And do I 'deactivate' the developer mode now

Thanks again for your instant help!

 

Link to post
Share on other sites

@sonuj2

Yes, you can de-activate the developer mode now.

Close Chrome, reboot your system and start Chrome again.

Let me know if you still see Privacy Test or if it's really gone.

 

We can have a closer look on your whole system if you like. I do recommend this, but it's up to you.

Link to post
Share on other sites

I shutdown my laptop and started it again. I looked at the extensions, in 'Developer Mode', and I do not see 'Privacy Test' in there. Looks like I am all good for now.

I would like to take you up on your offer to take a look at my whole system. What do I have to do? Please do let me know. I have to go out and run some errands now but if you send me a response with things you need me to do, I will do those and if I have any questions I will let you know. Do I send me a message when I am ready to do a whole system look up? Please let me know. And thanks again for all your help so far.

Shekhar

  • Like 1
Link to post
Share on other sites

@sonuj2

Thanks for your feedback regarding this chrome extension. Indeed, it seems that it is gone.

It's almost 10 p.m. here in Germany. It's time for me to go to bed as I have to get up early.

 

In order to get an overview of the whole system, I would like you to run a scan with Farbar Recovery Scan Tool (FRST).

It is a powerfull tool that can help to detect and remove malware.

 

 

Please download the suitable version of Farbar Recovery Scan Tool (FRST) and save it to your desktop: 32bit | 64bit

  • Right click on the FRST icon and rename it to FRST64english
  • Double-click to run it.
  • If you receive any warning about the download, it is a false positive and you can ignore it. Click on More info to get the Run anyway option.
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • FRST will create two logs (FRST.txt + Addition.txt) in the same directory the tool is run.
  • Please attach these logfiles to your next reply.

 

Link to post
Share on other sites

@sonuj2

Well done. Your logfiles look good to me. 😉

 

I recommend on final check.

 

I would like you to run a tool named SecurityCheck to inquire about the current security update status of some applications.

  • Download SecurityCheck by glax24: https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe
  • If Microsoft SmartScreen blocks the download, click through to save the file
  • This tool is safe.   Smartscreen is overly sensitive.
  • If SmartScreen blocks the file from running click on More info and Run anyway
  • Right-click  with your mouse on the Securitycheck.exe  and select "Run as administrator"  and reply YES to allow to run & go forward
  • Wait for the scan to finish. It will open a text file named SecurityCheck.txt Close the file.  Attach it with your next reply.
  • You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt
Link to post
Share on other sites

@sonuj2

That's a false positive by Windows Defender.

 

You can try to disable Windows Defender for the time of downloading and running SecurityCheck:

https://support.microsoft.com/en-us/windows/turn-off-defender-antivirus-protection-in-windows-security-99e6004f-c54c-8509-773c-a4d776b77960

Link to post
Share on other sites

@sonuj2

If you can't run SecurityCheck, that's not that bad.

 

 

Thank you for your cooperation. You can use KpRm to remove FRST and other tools.

 

Please download KpRm by kernel-panik and save it to your desktop.

  • Right-click kprm_(version).exe and select Run as Administrator.
  • Read and accept the disclaimer.
  • When the tool opens, select Delete Tools under Actions.
  • Under Delete Quarantines select Delete Now, then click Run.
  • Once complete, click OK.
  • A log may open in Notepad titled kprm-(date).txt.  I do not need it. Just close Notepad if it shows up.

 

A few final recommendations can be found here:

https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/

 

Further reading if you like to keep up on the malware threat scene:

Malwarebytes Blog  https://blog.malwarebytes.com/

 

Hopefully, we've been able to assist you with correcting your system issues.

Thank you for using Malwarebytes.

 

Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection.

Thank you.

 

As this topic seems to be solved, I do not follow it any longer.

Take care!

Link to post
Share on other sites

  • Root Admin

We're glad that we were able to assist you.

The following information will help you to keep your computer and data safer as well as improve your overall privacy

  1. Recommend using a Password Manager for all websites, etc. that require a password. Never use the same password on more than one site.
    https://www.howtogeek.com/780233/best-password-manager/
  2. Make sure you're backing up your files https://forums.malwarebytes.com/topic/136226-backup-software/
  3. Keep all software up to date - PatchMyPC - https://patchmypc.com/home-updater#download     https://patchmypc.com/about-us
  4. Keep your Operating System up to date and current at all times - https://support.microsoft.com/en-us/windows/windows-update-faq-8a903416-6f45-0718-f5c7-375e92dddeb2
  5. Further tips to help protect your computer data and improve your privacy: https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/ 
  6. Please consider installing the following Content Blockers for your Web browsers if you haven't done so already. This will help improve overall security

Malwarebytes Browser Guard

uBlock Origin

 

Cybersecurity basics & protection
Everything you need to know about cybercrime
https://www.malwarebytes.com/cybersecurity

 

Further reading if you'd like to keep up on the malware threat scene: Malwarebytes Blog  https://blog.malwarebytes.com/

Hopefully, we've been able to assist you with correcting your system issues.

Thank you for using Malwarebytes. Please tell your friends and family if they too need assistance with malware removal

 

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following to help you better protect your computer and privacy Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.