Friday
2019-12-10, 17:03
The following instructions have been created to help you to get rid of "PU.TB.PCRepairKit" manually.
Use this guide at your own risk; software should usually be better suited to remove malware, since it is able to look deeper.
If this guide was helpful to you, please consider donating towards this site (http://www.safer-networking.org/index.php?page=donate).
Threat Details:
Categories:
pups
Description:
PU.TB.PCRepairKit is a Registry Cleaner application that finds computer performance and registry problems. In order to remove these problems you have to buy the application.
Removal Instructions:
Files:
Please use Windows Explorer or another file manager of your choice to locate and delete these files.
The file at "<$COMMONPROGRAMS>\TweakBit\PCRepairKit\TweakBit PCRepairKit.lnk".
The file at "<$COMMONPROGRAMS>\TweakBit\PCRepairKit\Uninstall PCRepairKit.lnk".
The file at "<$DESKTOP>\TweakBit PCRepairKit.lnk".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\ATPopupsHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\ATUpdatersHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\AxBrowsers.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\BrowserCareHelper.Agent.x32.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\BrowserCareHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\CFAHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\CommonForms.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\CommonForms.Routine.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\CommonForms.Site.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\Data\compromised_passwords.txt".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\Data\database.dat".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\Data\main.ini".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\Data\security_db.dat".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\DebugHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\DiskCleanerHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\DiskWipeHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\Downloader.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\DuplicateFileFinder.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\DuplicateFileFinderHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\FileShredder.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\GoogleAnalyticsHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\InternetOptimizer.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\InternetOptimizerHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\Localizer.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\MalwareDetectionHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\MalwareHeuristicHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\PCRepairKit.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\PCRepairKit.url".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\rdboot32.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\RegistryCleanerHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\RegistryDefrag.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\RegistryDefragHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\ReportHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\RescueCenter.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\RescueCenterForm.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\RescueCenterHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\SendDebugLog.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\SpywareCheckerHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\SystemInformationHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\TaskSchedulerHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\TweakManager.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\TweakManagerHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\unins000.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\VolumesHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\WizardHelper.dll".
Make sure you set your file manager to display hidden and system files. If PU.TB.PCRepairKit uses rootkit technologies, use the rootkit scanner integrated into Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd) 2.x or our Total Commander anti-rootkit plugins (http://forums.spybot.info/downloads.php?id=3).
You will have to use a global search for files without a name specified. Be extra careful, because just the name might not be enough to identify files!
Important: There are more files that cannot be safely described in simple words. Please use Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd) to remove them.
Folders:
Please use Windows Explorer or another file manager of your choice to locate and delete these folders.
The directory at "<$COMMONPROGRAMS>\TweakBit\PCRepairKit".
The directory at "<$PROGRAMFILES>\TweakBit\PCRepairKit\Data".
The directory at "<$PROGRAMFILES>\TweakBit\PCRepairKit\Lang".
The directory at "<$PROGRAMFILES>\TweakBit\PCRepairKit".
Make sure you set your file manager to display hidden and system files. If PU.TB.PCRepairKit uses rootkit technologies, use our RootAlyzer (http://forums.spybot.info/downloads.php?id=8) or our Total Commander anti-rootkit plugins (http://forums.spybot.info/downloads.php?id=3).
You will have to use a global search for files without a name specified. Be extra careful, because just the name might not be enough to identify folders!
Registry:
You can use regedit.exe (included in Windows) to locate and delete these registry entries.
Delete the registry key "{3A3310BE-83DD-4E80-AC51-E8DCA30FFEDB}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{5AEA8CFE-B238-4D0A-9362-D55F38ECB795}_is1" at "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\".
Delete the registry key "{93469602-4134-4012-A6BC-FD34B37A0C36}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{F2C6F7D1-ED32-49E5-9919-C51E9E2FD453}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "BCAgentCOM32.BCAgent32" at "HKEY_CLASSES_ROOT".
Delete the registry key "PCRepairKit" at "HKEY_LOCAL_MACHINE\SOFTWARE\TweakBit\".
Delete the registry key "TweakBit" at "HKEY_LOCAL_MACHINE\SOFTWARE\".
If PU.TB.PCRepairKit uses rootkit technologies, use our RegAlyzer (http://www.safer-networking.org/index.php?page=regalyzer), RootAlyzer (http://forums.spybot.info/downloads.php?id=8) or our Total Commander anti-rootkit plugins (http://forums.spybot.info/downloads.php?id=3).
Final Words:
If neither Spybot-S&D nor self help did resolve the issue or you would prefer one on one help,
Please read these instructions (http://forums.spybot.info/showthread.php?t=288) before requesting assistance,
Then start your own thread in the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) where a volunteer analyst will advise you as soon as available.
Use this guide at your own risk; software should usually be better suited to remove malware, since it is able to look deeper.
If this guide was helpful to you, please consider donating towards this site (http://www.safer-networking.org/index.php?page=donate).
Threat Details:
Categories:
pups
Description:
PU.TB.PCRepairKit is a Registry Cleaner application that finds computer performance and registry problems. In order to remove these problems you have to buy the application.
Removal Instructions:
Files:
Please use Windows Explorer or another file manager of your choice to locate and delete these files.
The file at "<$COMMONPROGRAMS>\TweakBit\PCRepairKit\TweakBit PCRepairKit.lnk".
The file at "<$COMMONPROGRAMS>\TweakBit\PCRepairKit\Uninstall PCRepairKit.lnk".
The file at "<$DESKTOP>\TweakBit PCRepairKit.lnk".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\ATPopupsHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\ATUpdatersHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\AxBrowsers.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\BrowserCareHelper.Agent.x32.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\BrowserCareHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\CFAHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\CommonForms.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\CommonForms.Routine.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\CommonForms.Site.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\Data\compromised_passwords.txt".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\Data\database.dat".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\Data\main.ini".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\Data\security_db.dat".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\DebugHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\DiskCleanerHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\DiskWipeHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\Downloader.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\DuplicateFileFinder.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\DuplicateFileFinderHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\FileShredder.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\GoogleAnalyticsHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\InternetOptimizer.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\InternetOptimizerHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\Localizer.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\MalwareDetectionHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\MalwareHeuristicHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\PCRepairKit.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\PCRepairKit.url".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\rdboot32.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\RegistryCleanerHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\RegistryDefrag.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\RegistryDefragHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\ReportHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\RescueCenter.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\RescueCenterForm.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\RescueCenterHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\SendDebugLog.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\SpywareCheckerHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\SystemInformationHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\TaskSchedulerHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\TweakManager.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\TweakManagerHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\unins000.exe".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\VolumesHelper.dll".
The file at "<$PROGRAMFILES>\TweakBit\PCRepairKit\WizardHelper.dll".
Make sure you set your file manager to display hidden and system files. If PU.TB.PCRepairKit uses rootkit technologies, use the rootkit scanner integrated into Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd) 2.x or our Total Commander anti-rootkit plugins (http://forums.spybot.info/downloads.php?id=3).
You will have to use a global search for files without a name specified. Be extra careful, because just the name might not be enough to identify files!
Important: There are more files that cannot be safely described in simple words. Please use Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd) to remove them.
Folders:
Please use Windows Explorer or another file manager of your choice to locate and delete these folders.
The directory at "<$COMMONPROGRAMS>\TweakBit\PCRepairKit".
The directory at "<$PROGRAMFILES>\TweakBit\PCRepairKit\Data".
The directory at "<$PROGRAMFILES>\TweakBit\PCRepairKit\Lang".
The directory at "<$PROGRAMFILES>\TweakBit\PCRepairKit".
Make sure you set your file manager to display hidden and system files. If PU.TB.PCRepairKit uses rootkit technologies, use our RootAlyzer (http://forums.spybot.info/downloads.php?id=8) or our Total Commander anti-rootkit plugins (http://forums.spybot.info/downloads.php?id=3).
You will have to use a global search for files without a name specified. Be extra careful, because just the name might not be enough to identify folders!
Registry:
You can use regedit.exe (included in Windows) to locate and delete these registry entries.
Delete the registry key "{3A3310BE-83DD-4E80-AC51-E8DCA30FFEDB}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{5AEA8CFE-B238-4D0A-9362-D55F38ECB795}_is1" at "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\".
Delete the registry key "{93469602-4134-4012-A6BC-FD34B37A0C36}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{F2C6F7D1-ED32-49E5-9919-C51E9E2FD453}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "BCAgentCOM32.BCAgent32" at "HKEY_CLASSES_ROOT".
Delete the registry key "PCRepairKit" at "HKEY_LOCAL_MACHINE\SOFTWARE\TweakBit\".
Delete the registry key "TweakBit" at "HKEY_LOCAL_MACHINE\SOFTWARE\".
If PU.TB.PCRepairKit uses rootkit technologies, use our RegAlyzer (http://www.safer-networking.org/index.php?page=regalyzer), RootAlyzer (http://forums.spybot.info/downloads.php?id=8) or our Total Commander anti-rootkit plugins (http://forums.spybot.info/downloads.php?id=3).
Final Words:
If neither Spybot-S&D nor self help did resolve the issue or you would prefer one on one help,
Please read these instructions (http://forums.spybot.info/showthread.php?t=288) before requesting assistance,
Then start your own thread in the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) where a volunteer analyst will advise you as soon as available.