Windows 10: How to remove en.softonic malware that appears on desktop periodically

Page 2 of 2 FirstFirst 12
  1.    20 Feb 2018 #11

    hput3 said: View Post
    A kind of malware has somehow gotten onto my win 10 PC. What I get is a small advertisment that pops up in the bottom right on my desktop... When I turn it off (clicking the corner X). It comes back again some time later but with different content.

    I haven't timed it but seems lake maybe a 1/2 hr.

    I've googled extensively but all the instructions I've found, tell you to use the windows uninstaller to uninstall softonic. And maybe some manual clean up after the uninstall. But there is nothing installed with `softonic' in its name and even when the ad is running there is no process running with softonic in its name.

    All the google hits appear to assume the windows uninstaller will know about softonic. Even the manual parts of some of the hits appear to assume you have been successful in unintalling it.

    The instructions also suggest several free malware removal products and claim any of them will remove it.
    `Zema Anti-malware', `MalwareBytes' and `AdwCleaner'

    I tried all those listed in one of the instruction sets, ran the scan but none of them found whatever is running the little softonic pop up ad.

    This type of malware apparently falls into a category called a `PUP'.

    I never found in the google hits what expected would be there somewhere. A list of steps to remove something like this by hand.

    Can anyone here advise me?
    Hello!

    This small advertisements that pop up in the bottom right on your desktop are called a web notifications. You have probably given accidentally permission to our website softonic.com to send you these kind of notifications. Depending on the browser you use you can easily disable them.

    You haven't installed softonic (as there is no such thing) and from your description, this isn't malware either.

    So, here's how you can disable the notifications:
    Google Chrome (laptop)

    To disable Chrome notifications, copy this address chrome://settings/content/notifications and paste it in your browser. This way, you’ll go straight to the “Notifications” section of Chrome Settings.



    If you want to stop receiving permission requests for notifications, disable the “Ask before sending (recommended)” option to “Block all.”
    Want to block notifications for a specific website? You’ll see that you’ve got two options: “Block” and “Allow.” Under “Allow,” look for the web page you want to stop receiving notifications for, click on the three vertical dots beside it and then select “Block.” It’s that easy!
    Google Chrome (cell phone)

    Go to “Settings” (by tapping on the three vertical dots in the top right). Press “Web page settings” and then “Notifications.”
    If you want to stop receiving permission requests for notifications, disable the “Ask before allowing websites to send notifications (recommended)” option to “Blocked.”
    Want to disable specific notifications? Below, you’ll have two options: allowed and blocked notifications. Select one that is allowed and then the “Notifications” option to block it. Easy peasy.
    Mozilla Firefox (laptop)

    To disable notifications on Firefox, copy this address aboutreferences#content and paste it in your browser to access the “Content” section of Firefox Options. Here you’ll see the “Notifications” subsection.
    If you want to stop receiving so many permission requests for notifications and notifications themselves, enable the “Do not disturb me” option.
    Want to block notifications for a specific web page? Click on “Select.” A list with all the notifications you’ve allowed or blocked to date will show up. Look for the website you no longer want to receive notifications from and select “Remove site.”
    When you go to that page again, it will once again ask for permission to send you notifications (unless you’ve enabled the “Do not disturb me” option). Select that you don’t want to receive notifications. Case closed.
    Unfortunately, there’s no easier way to block specific notifications on Firefox.
    Mozilla Firefox (cell phone)

    For now, there’s only one very basic way to disable notifications for this version of Firefox. You must go to the page that you want to disable notifications for and click on the Control Center (the green lock to the left of the URL).


    Then select “Edit site settings.” Tap the white square to “check” it and then press “Clear.” This way, the website will stop sending you notifications unless you go back and give it permission.
    Apple Safari

    To stop receiving notifications for a web page, go to “Preferences” and then click on “Notifications.” Look for the website on the list and select “Block.”
    If you want to stop receiving permission requests for notifications, don’t leave the “Notifications” section; simply uncheck the box “Allow websites to ask for permission to send push notifications.”

    If none of these solutions work please send us a short email at support@support.softonic.com and we'll help you.
      My ComputerSystem Spec


  2. Posts : 10,916
    Windows 10 Pro and Windows 10 Pro Insider
       20 Feb 2018 #12

    No one can "accidentally" give you permission. Granting permission is a specific action someone takes, knowingly and intentionally.
    I think the real question is why should we have to go through all of that to remove something we didn't ask for in the first place? It is Malware and unethical for you to embed it to begin with.
      My ComputersSystem Spec

  3.    20 Feb 2018 #13

    essenbe said: View Post
    No one can "accidentally" give you permission. Granting permission is a specific action someone takes, knowingly and intentionally.
    I think the real question is why should we have to go through all of that to remove something we didn't ask for in the first place? It is Malware and unethical for you to embed it to begin with.
    In order for a user to receive web notification, the user has to opt-in for them. There is no way for any website to sign up a user without his permission. If you have any concerns about the topic please let us know.
      My ComputerSystem Spec

  4.    20 Feb 2018 #14

    torre said: View Post
    No, it does not affect files. After you click Next, there is an option to scan for affected programs. However, it may not remove any other malware you may have, just the PUP.
    I did finally do restore to a point well back (Feb 6). Had a heck of a time with it. Failed several times. finally followed advice I saw googling that said do it from Safe Mode. So ended up making a restore from well before (7-8 days roughly)... the ad appeared.... Breathed a sigh of relief, only to see the damn thing pop up after about 1/2 hr or 45 min.
    I believe this ad is a bit smarter than I am. If it were installed in a normal place, that `restore' should have handled it.
    I'm pretty sure now that I acquired it by installing winamp ( uninstalled several days ago)... I checked online to see what sources winamp is available from. They all appear to be softonic related. Remember my malware says `en.softonic.com' on it.

    So to summarize; I uninstalled the application I suspect the malware came with (winamp) then made a restore to well before winamp was installed. But my ad survived all that. It must be stashing itself out of the line of fire of a restore.

    NOTE: New information that may help solve this:
    I may have solved this... time will tell: I've noticed a `settings' Icon on the ad. Haven't wanted to click it for fear of further infecting things. I finally did click the settings icon on the en.softonic.com ad, it opened a`settings' area of my chrome browser to something where you can set which sites to block and which to deny. I added softonic.com to the `denied' sites. Turned the ad off manually and am now waiting to see if it still comes back
      My ComputerSystem Spec

  5.    20 Feb 2018 #15

    Softonic said: View Post
    Hello!

    [...]

    So, here's how you can disable the notifications:
    Google Chrome (laptop)
    To disable Chrome notifications, copy this address chrome://settings/content/notifications and paste it in your browser. This way, you’ll go straight to the “Notifications” section of Chrome Settings.
    If you want to stop receiving permission requests for notifications, disable the “Ask before sending (recommended)” option to “Block all.”
    Want to block notifications for a specific website? You’ll see that you’ve got two options: “Block” and “Allow.” Under “Allow,” look for the web page you want to stop receiving notifications for, click on the three vertical dots beside it and then select “Block.” It’s that easy!

    [...]

    Thank you sir for thoroughly explaining this... I already added another post since you posted this excellent response. I didn't look thorougly for responses... and missed it entirely ... please ignore the post I just minutes ago sent in.

    I found the proper way to do this by braving up and clicking on the `settings' button icon on the en.softonic.com ad (Or notification as you call them). I had feared clicking it thinking it might further infect things... but once I clicked the icon it opened chrome to the proper place you explained in your post, and I saw softonic listed in the `allow' sites area.

    Now I understand what and how has happened I have made the proper settings to prevent it.

    Thanks again for your very informative and helpful post. I guess I can quit huffing and puffing now . . . .

    One question: I noticed several sites in the `block' area that looke like this:

    example.com:443

    I can see it blocks the site on port 443 but then can I assume that leaves other ports a site can use, is that correct? Can you fill me on why 443 specifically is blocked.. is that the only port such things are allowed on?
      My ComputerSystem Spec


  6. Posts : 7,654
    10 Home x64 (1803) (10 Pro on 2nd pc)
       20 Feb 2018 #16

    hput3 said: View Post
    ...I can see it blocks the site on port 443 but then can I assume that leaves other ports a site can use, is that correct? Can you fill me on why 443 specifically is blocked.. is that the only port such things are allowed on?
    This may help explain that...

    TCP port 443 is the standard TCP port that is used for website which use SSL. When you go to a website which uses the https at the beginning you are connecting to port 443.
    http://itknowledgeexchange.techtarge...ake-use-of-it/
      My ComputersSystem Spec


 
Page 2 of 2 FirstFirst 12

Related Threads
This has happened only after I applied the 1703 update: I insert a USB drive. I click on the 'Safely Remove' icon in the notification area. I click 'Eject'. No 'Safe to remove' message appears. This behavior never varies, even if I don't read or...
My PC suddenly installed upgrade/update and then completed (it said "we've got some features to be excited about" etc ...), Does it due to the latest version of windows 100.10586? I'm not sure what upgrade that havs been installed, I looked into...
Yeah, Right softonic... in Chillout Room
4466744667 Defiantly :sarc:
Solved How do I remove this malware? (Software Bundler) in AntiVirus, Firewalls and System Security
Oh god... What have I downloaded... There is a malware on my computer that BitDefender and Windows Defender are trying to remove, but they won't go. In C:\Windows\Temp there are temporary files that are detected as malware, but I can't delete them....
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 18:30.
Find Us