36 total posts
(Page 1 of 2)
Some things you can do
Get your antivirus program up to date and boot into Safe Mode. Note that some viruses can hide themselves from your antivirus program in normal mode, so you really need to scan in Safe Mode. To get into Safe Mode when you first power up, hit F8 about once a second until you get the menu and select Safe Mode. Then run a full system scan.
Microsoft has suggestions and offerings at
MS forum moderator Keith has some suggestions along this line at
If that fixes it, fine. If not, use System Restore to go back to a date prior to the beginning of the problem. To run System Restore, click Start -> Programs -> Accessories -> System Tools -> System Restore. Click the box that says Show more restore points.
You can check for corrupted system files. Open an administrator command prompt and run SFC if the above doesn't help. Click START, then type CMD in the search box, right-click CMD.EXE and click Run as administrator. Then from the command prompt type sfc /scannow.
Finally if all else fails, you can check the rather cryptic system event log. To do that click Start -> Control Panel -> Administrative Tools -> Event Viewer. Once in Event Viewer click on the system log and scroll through the entries looking for those flagged "error" to see if you can find hints as to where the problem could be.
When you get your system back in good working order, I urge you to back your system up to an external hard drive and make regular periodic updates to it.
I hope this helps. Good luck.
Thank you very much for your time and efforts - but nothing worked. Again, I'm not real techno, but I've fixed some similar things before on my own, even. I tried about everything you listed, and different things came up like "File locked - cannot scan" (I knew i should have written them all down) - and other things that basically said something is going on here and this venue ain't gonna fix it. I tried the system recovery method about 5 times, constantly going to preceding dates too. The last one you suggested re. cryptic events showed a whole bunch of things - but I had no clue what to do with them. Dangit. I've got Windows XP.
"An unspecified errror ocurred during System Restore"
That's what it said after each time I rebooted after multiple tries of System Restore: "An unspecified errror ocurred during System Restore"
What AV are you using? Some disable sysrem restore.
AV is AVG FREE 2013.
I have not had any problems for years. Then this morning, I forgot where I was (NOT porn... seriously) and I think it was an Adobe Update box came up, I clicked Install - and so I think this thing piggybacked on with that. I don't know.
I recommend you back up your data, then...
...restore to factory to factory settings. If you can boot to Safe Mode or Safe Mode with Command Prompt, you can copy your data to a flash drive or external hard drive. If you can't do that, you'll need to get a Ubuntu disc or UBCD (Ultimate Boot CD) disc to save your data. Then you'll need to restore to factory settings or reinstall Windows.
Adobe Flash updater did it to me
I have the same problem. It happened when I got a message to update Flash!
Did you try..
Did you try any of the methods and scanners suggested in this set of instructions? It may help.
Best of luck..
That's what I used.
I'm sure you know why I installed Sweetpacks.
I sure do! And it wasn't because you loved loved loved it!
restore your system after Sweetpacks attack
It worked by restoring my system to an earlier date before accidentally dowloading the sweetpacks, which appeared to be a message from Pandora to update.
if you a pc/windows XP, follow Here:
same issue here too
i had the same issues with this. if it helps at all, i will tell you what i know.
there was a pop up to update Flash. while i kept X'ing the window out, i inadvertently clicked no instead one time, and it started to download tons and many games and programs. i now realize this was in fact, not a real Flash update.
i ran avg free and malware bytes. avg found nothing and malware bytes found 3 files that were quarantined... (pup files i think they were.) in poking around to see what i could find, vafplayer extensions were everywhere from a to z.
the address for vafplayer i had was: c:\programdata\microsoft\windows\startmenu\programs\vafplayer\vafplaer.lnk but i could not delete, copy, cut or paste it.
the so called "uninstall" program, is unfortunately another part of it... the file name IS uninstall. it is NOT an uninstall program at all. don't run it. there was no way to delete or uninstall any file; it would just dump you into an endless loop.
from windows, (i am using win the system restore doesn't complete, stating system files and settings were not changed. details: an unspecified error occurred during system restore (0x800700b7) you can try system restore again and choose a different restore point. if you continue to see this error, you can try an advanced recovery method.... and just the option to close the box.
get your system in safe mode. it was there where i could run system restore and chose to restore the one 3 weeks prior to all crap being installed. at the end of the system restore it gave the same error as above, but when it rebooted in windows again, it said system restored successfully.
i really hope someone can figure out what this vafplayer and the linked 'uninstall' is. good luck to those with this too.
system restore to rid sweetpack virus
I tried all my malware programs, removed Sweetpack from the add/remove section, and it remained there. I used system restore going back a week and it removed the virus it for both IE and Firefox but it remained on Chrome. I uninstalled Chrome and reinstalled it and now the virus is gone on Chrome as well I believe i got the virus when I downloaded VLC player, but not certain.
uninstall Sweetpacks toolbar (Windows 7 64 bit)
Go to control panel, select programs and features, then click on the "installed on" column to sort by date installed. You should see the various problem programs installed on the same date. Select each one and click uninstall. That solved my problem. You may also need to select the toolbars in you browser and remove those that you don't want.
FAKE Adobe Flash Player Updates | Sweetpacks | Removal, etc
From this thread thus far:
• Adobe Flash updater did it to me: - I have the same problem. It happened when I got a message to update Flash!
• AV is - Then this morning, I forgot where I was (NOT porn... seriously) and I think it was an Adobe Update box came up, I clicked Install - and so I think this thing piggybacked on with that. I don't know.
• same issue here too - there was a pop up to update Flash. while i kept X'ing the window out, i inadvertently clicked no instead one time, and it started to download tons and many games and programs. i now realize this was in fact, not a real Flash update.
* * * * * * * * * * * * * * * * * * * * * * * * * * * *
For those who thought Adobe was the responsible party. For those who (first) thought Adobe was responsible, but realized (too late) they weren't. And for those...... where neither was the case.
To serve as a friendly warning for now and in the future:
• How Fake Adobe Flash Updates Put Your Security At Risk
.... Which prompts us to warn you:
...Watch out for fake Adobe Flash Player updates!
Fake Adobe Flash Player update pop-ups are some of the oldest tricks in the book. And internet users still fall for them. In reality, Adobe Flash Player is a legitimate functionality used for video applications, games (many of the Facebook games are using Flash Player), web players (such as Youtube), banners/advertisements and even entire websites. Thus, it is important to have Adobe Flash Player updated at all times. However, cybercrooks often leverage its importance and popularity and create malware disguised as Adobe Flash Player updates.
• Fake Flash player on DropBox
...Fake Flash updates are leveraged as a very popular trick amongst attackers to fool users into downloading and installing malware. This week we found a three websites distributing Win32.Sanity.N malware disguised as Flash updates
• Malware you can "live with", but shouldn't
..... ZeroAccess often gets installed on the users' computer by the users themselves, who are tricked into believing they are installing a legitimate piece of software such as Adobe's Flash Player. The thusly delivered downloader downloads the ZeroAccess malware and immediately starts hogging the CPU's resources.
....... "Since this is a rootkit, there are no toolbars/extensions/BHO's added to the browser. There are also no modified proxy settings or modified hosts files. What is interesting about this rootkit sample is that the redirects do not happen every time. The action will occur about once every three attempts." points out Webroot's Richard Melick. "The number of redirects caps out around 4-5 and then everything will seem normal until a restart of the browser.
• Fake Adobe Flash Update Installs Ransomware, Performs Click Fraud
....... Adobe Flash is one of the most widely distributed products on the Internet. Because of its popularity and global install base, it is often a target of cybercriminals. Cybercriminals are using social engineering methods to distribute their malware through fake Flash update sites, often compelling unsuspecting users, who may be in need of a software update, to unknowingly install malware.
[Screenshot: Fake Adobe Flash update page]
⇒ You may find the tools and procedures mentioned at this site helpful when trying to remove Sweetpacks.
⇒ Personally, I feel the best way to avoid installing a "fake" update is to have Flash Player set to "notify" you when an update is available. Then go to Adobe's site and download it from there. The same holds true for their Reader.
Forewarned is Forearmed!
I GOT the sweet packs crap from CNET!!!!
Used to use this site for software. Tried downloading a "roladex" type program. I was immediately infected with Sweetpacks.
IRONIC that there is a CNET threat on removing it when their site is spreading it.
Same here. I got it when I went to get software on download.com. Sucks is right!
Me too -Also!! C-net Download.com
got it on 2 pc yesterday. Downloading a iso - img file converter that turned out not to work. AND each time the download halted for a long time, and the install on the program halted for a long time... on 2 separate PCs. After which the weird Bing page and ads popped up. Updaters were installed, Windows explorer forgot how to drag and drop. Revo Uninstaller tried to eliminate all my Microsoft Office 2010 .ink files as part of cleaning the mess up. I declined that action.
I know it came from C-net
We apologize for the inconvenience here.
We have created a support ticket for you so we may gather more information about your particular experience in order to re-test this offer in the same environment. You will get an email from us (specifically, from firstname.lastname@example.org) in the next few minutes; please reply to that email with the requested information, and we will escalate the issue to our Product Management Team for investigation.
You may contact our support team directly by filling out the following form:
This form, and our FAQ section, is accessible via the "Download Help Center" link at the very bottom (in the "footer") of every Download.com page, and via the "Help Center" link in the "More" column at the bottom of all other CNET web pages.
In future, you do have a couple of options to download without using the CNET Download.com Installer - you can either click the Direct Download Link for Installer Enabled items, or, if you have a CNET account, completely disable the Installer for the whole site.
Read more about those options here:
For more detailed information on the CNET Download.com Installer, please visit the following resource:
CNET Customer Help
Sorry Jen but this failed for me as well.
I opted out, unchecked, re-checked and SweetPacks still was found to install when the Download.com installer was used.
-> I read that there is some "promotion" going on with download.com and SweetPacks so for now why not just admit there is this promotion and avoid folk flaming you about this?
Got Sweetpacks from CNet dl too
I got Sweetpacks when I downloaded a browser from CNET...just a few mins ago. I never do the default download, always go through all the options and carefully opt out of special treats like Shortcuts, toolbars, etc. I carefully check I opt out of each option I do not want before I hit the 'Next' button. Always. As I type, I am getting the Winpatrol warning messages of the updaters, registry changes, etc that sweetpacks wants to make. I'm off to see if I can get rid of it.
I JUST got the sweetpacks curse...
I checked EVERYTHING off, denied installs, and I even made sure to uncheck the little check boxes at the end that tried to install the AVG toolbar and change my search.
YET, it STILL installed Sweetpacks EVERYWHERE, and I've been wrestling with it for well over a damn hour.
I said DENIED. It installed anyway. CNET, you are truly beginning to suck with all this crap you're increasingly pulling.
How to uninstall Sweetpacks
Go to the control panel and and click uninstall a program find sweetpacks and double click sweetpacks or sweet IM.
If it asks for permission to do something allow it to. Afterwards do the same for things you didn't download or look fishy (Sweetpacks Updater, Sweetpacks toolbar) . Afterwards change the homepages of your web browsers if sweetpacks changed them.
This failed for me.
I had to use Grif's advice, ADWCLEANER as well as change the home pages.
This one looks pretty invasive. Can't imagine why download.com had anything to do with them.
sweet packs toolbar etc. is a HIGHJACKER software/adware . it attacks firefox,chrome, internet explorer ! it is a HIDDEN FILE , edit your registry . start /run or search type in reg edit , top left use edit , click find , search for the word - sweetim or sweet - !! deleted all files or delete browser and reinstall or find another option besides these 3 !!
PERION is the parent company -- http://www.perion.com/ .. check all ie7,8,9,10,11 files . BEWARE OF JAVA AND ADOBE UPDATES IF YOUR CURRENT !!
I went into my internet options..and change my browser to google also I opened the sweetpacks homepage and looked on bottom right says uninstall..so theres a couple diffrent ways..good luck..but im not a techie but id stay away from booting your comp insafe mode..yikes
Cnet should be ashamed...
First let me simply say that CNET allowing highly infective malware to be downloaded with a software load, regardless of whether one missed one of the "tiny" check boxes or the "faded" decline box is slippery at best (and I am extremely careful so am still wondering how I got this piece of absolute garbage). Anyway to get rid of it is a multi-step process.
It starts with not going to their site to uninstall it....(a real joke).
But if should show up in Revo Uninstaller ...use advanced mode to get rid of it.
The next step is regedit and do a search for both SweetIM and Sweetpacks. Delete all references you find.
Lastly.....and if you have multiple browsers on your system it will "DO it to all" you will need to reset your home page and check extensions and add-ons....plus.....the old about:config routine and get rid of references there. For those of you that are fairly computer savvy the above are the basics.....but....(fortunately it does not appear to be anything more than just a redirector) there are specific routines, perhaps below but definitely on the net with browser by browser instructions plus your system.
One caution when done.....run Malwarebyte (full scan), HitmanPro, and your antivirus program. These will pick up little "pups" left behind by this malware.
As for CNET, that I have used for years, I sincerely hope they start being a little more responsible....if not there are many other download sites plus the original authors.
Good luck all.....
I was infected with these cooties. Took time for all to ...
show their germs.
A few weeks ago I downloaded three photo imaging programs from a well-known site. I installed just one. It took over my browsers ( Firefox and Chrome) and tried to get me to ok changes to my registry files. It took hour and days to get rid of SweetPacks plus browser hijackers. I had add-ons loaded but was able to delete them. SP and another toolbar hijacker were hard to get rid of but I did. These exploits even go into IE, which I rarely use.
I ran MalwareBytes, another whose three-word title I forget, Windows one thing (I suffered a brain illness five years ago which took away short-term memory), and all found files scattered around.
Though I thought all cooties were gone, I still get WinPatrol warnings of files wanting to be changed, which I deny. A system restore did help some but occasionally I get warnings about another program whose name escapes me (I'm on the iPad Mini not Windows laptop) right now.
I'll post tomorrow with an update and info on other programs I ran to find files.
What ticked me off the most was I went to known download sites, not some fly-by-night infector site. They should have tested it before offering it.
I read through this thread and it seems very familiar. I too was asked to update & install Flash, which I did. I now know not to do that.
I too got the Pup.Sweetpacks virus. Cleaned & deleted it with Malawarebytes -- and went to control panel again and there were two files 1) Sweetpacks Updater service, which I uninstalled and 2) IE toolbar 4.8 by Sweetpacks. Now #2 won't uninstall.
I get this message: The feature sweetpacks you are trying to use is on a network resource that is unavailable.
So I want to know what should I do to get rid of #2. It looks like it's on the IE Toolbar. I don't use IE at all, because it's the main culprit for attracting viruses.
Second question: There is another progr in control panel I can't seem to remove: ASPCA We-care.com.
Help is appreciated.
No More CNET Downloading For Me
I, too, got SweetPacks from CNET. I managed to get this several months ago, probably by not being completely aware, but I got it when I was downloading a reminder program (like a calendar), which ended up sucking anyway. I uninstalled the program, SweetPacks, SweetIm, and everything else that was installed; I reset my (three) internet browsers' settings and ran Malwarebytes numerous times until it came up clean. I edited my registry and manually removed all traces of SweetPacks and SweetIm. Note, this was at least three months ago. My computer has gotten slower and slower on startup and shutdown, but only outside of Windows (and yes, I've cleaned up my startup programs). Today, I discovered there were NEW SweetPack registry entries! The thing is not dead! I suspected as much, considering how slow my computer has been running, but I can't find where it's been hiding, grr. I followed the guide here: http://malwaretips.com/blogs/remove-sweetpacks-toolbar/, but once again everything is showing up clear, and my computer is still starting up and shutting down like molasses. CNET should be put in front of a firing squad.
Back to Computer Help forum
(Page 1 of 2)