Please print out or copy this page to
Notepad in order to assist you when carrying out the following instructions.
====================================================================================================
SpyHunter
SpyHunter was up until recently, considered to be rogueware (
See Here)
Quote:
|
While there are still unresolved allegations that SpyHunter transmits the Windows Product ID from users' PCs (1), we can no longer classify this application as "rogue/suspect." Nonetheless, SpyHunter -- at least in its current state -- cannot be recommended because of its mediocre performance as an anti-spyware scanner. Testing indicates that it does not recognize some well-known spyware installations and has difficulty removing critical spyware/adware files even from those it does recognize
|
We recommend its removal as there are plenty of good, free, tried and true programs out there that can be used.
====================================================================================================
Add/Remove Programs
Click > Start > Control Panel > Add / Remove Programs and uninstall the following programs:
Spyhunter
J2SE Runtime Environment 4.2 Update 3
====================================================================================================
Rebooting in Safe Mode
Next, reboot your computer in SafeMode :
• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, press
F8.
• Instead of Windows loading as normal, a menu should appear
• Select the first option, to run
Windows in Safe Mode.
====================================================================================================
HiJackThis! Fixes
Open Hijack This and click on
Scan. Check the following entries
(make sure you do not miss any)
O2 - BHO: (no name) - {212F935E-B7E0-4982-98E9-0C24E28B6426} - (no file)
O2 - BHO: (no name) - {3F4F46DA-13D9-47FD-BD20-986C709B1227} - (no file)
O2 - BHO: (no name) - {67F51F64-38CF-401D-935D-D8A272994037} - (no file)
O2 - BHO: (no name) - {9AB0E039-35D6-4A46-8F1A-28C41BE88303} - (no file)
O2 - BHO: (no name) - {A37D9569-49D8-4D0B-A24B-247824DA9B22} - (no file)
O2 - BHO: (no name) - {E5D7C2C4-18A7-484C-A637-7245A76177AE} - (no file)
O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
Please remember to close all other windows, including browsers then click Fix checked.
====================================================================================================
Deleting Files and Folders
Delete the following Files indicated in
RED and Folders indicated in
BLUE if they still exist.
C:\Program Files\Enigma Software Group
====================================================================================================
Tools
Smitfraud Fix
Open the SmitfraudFix Folder, then double-click
smitfraudfix.cmd file to start the tool.
Select option
#2 - Clean by typing
2 and press
Enter.
Wait for the tool to complete and disk cleanup to finish.
You will be prompted : "
Registry cleaning - Do you want to clean the registry?" answer
Yes by typing
Y and hit
Enter.
The tool will also check if wininet.dll is infected. If a clean version is found, you will be prompted to replace wininet.dll. Answer
Yes to the question "
Replace infected file?" by typing
Y and hit
Enter.
A reboot may be needed to finish the cleaning process, if you computer does not restart automatically please do it yourself manually.
Reboot in Normal Mode.
The tool will create a log named
rapport.txt in the root of your drive, eg: Local Disk C:
(C:rapport.txt) or partition where your operating system is installed. Please post that log along with all others requested in your next reply.
CleanUp!
Open
Cleanup! by double-clicking the icon on your desktop (or from Start > All Programs). Set the program up as follows:
Click
Options
Move the slider button down to
Custom CleanUp!
Check the following:
- Empty Recycle Bins
- Delete Cookies
- Delete Prefetch files
- Cleanup! All Users
Uncheck the following :
- Scan local drives for temporary files
Click
OK, Press the
CleanUp! button to start the program and reboot when prompted.
Clearing Cookies for Mozilla Firefox
Open Mozilla Firefox and click
Tools and then go down and click
Options
When the window opens up click on the
Cookies tab and click
Clear Cookies Now
====================================================================================================
Customize Desktop
Next go to Control Panel click Display>Desktop>Customize Desktop>Web> Now,
Uncheck Everything and
delete if present:
• "Security Info"
• "Warning Message"
• "Security Desktop"
• "Warning Homepage"
• "Desktop Uninstall"
Also make sure the
'Lock desktop items' box is unticked. Click OK, and then Click Apply, then OK.
====================================================================================================
Tools
SmitfraudFix
Open the SmitfraudFix folder and double-click
smitfraudfix.cmd
Select option
#3 - Delete Trusted zone by typing
3 and press
Enter
Note, if you use
SpywareBlaster and/or
IE-SPYAD, it will be necessary to re-install the protection both afford. For SpywareBlaster, run the program and re-protect all items. For IE-SPYAD, run the batch file and reinstall the protection.
====================================================================================================
Online Virus/Spyware Scan
Kaspersky Online Scanner
Establish an internet connection & perform an online scan with Internet Explorer at
Kaspersky Online Scanner
Answer Yes, when prompted to install an ActiveX component.
- The program will then begin downloading the latest definition files.
- Once the files have been downloaded click on NEXT
- Locate the Scan Settings button & configure to:
- Scan using the following Anti-Virus database:
- Scan Options:
- Scan Archives
- Scan Mail Bases
- Click OK & have it scan My Computer
- Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
- Click the Save as Text button to save the file to your desktop so that you may post it in your next reply
* Turn off the real time scanner of any existing antivirus program while performing the online scan
====================================================================================================
Tools
HiJackThis!
Please run a new HiJackThis! Scan and post the results with your next reply
====================================================================================================
Summary: Please make sure you have completed all of the steps above and include the following in your next post
New HiJackThis! Log
Kaserpsky Log