S
shai
I tried to remove it with microsoft antispywar but it
comes back. what shell i do?
comes back. what shell i do?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
A
AndyManchesta
Hello shai,
You will have to use a few programs to kill this,download
these and run them all in safe mode,Also use MSAS in safe
mode.
Download SmitRem:
------------------
http://castlecops.com/zx/flrman1/smitRem.zip
Save the file to your desktop.
Unzip smitRem.zip to extract the two files it contains.
Do not do anything with it yet. You will run the
RunThis.bat file later in safe mode.
Download Ccleaner:
-----------------
Install to remove temp and unused files
http://download.ccleaner.com/download121bino.asp
Download Ewido Security Suite:
------------------------------
http://www.ewido.net/en/download/
Install ewido.
During the installation, under "Additional Options"
uncheck "Install background guard" and "Install scan via
context menu".
Launch ewido
It will prompt you to update click the OK button and it
will go to the main screen
On the left side of the main screen click update
Click on Start and let it update.
DO NOT run a scan yet. You will do that later in safe
mode.
Now copy these instructions to notepad and save them to
your desktop. You will need them to refer to in safe mode.
Once you have all the above downloads then boot into safe
mode (Reboot and keep tapping F8 then choose safe mode
from the list)
Once in safe mode open the smitRem folder, then double
click the RunThis.bat file to start the tool. Follow the
prompts on screen.Wait for the tool to complete and disk
cleanup to finish.
Run Ewido:
Click on scanner
Choose to do a complete scan
Click the Start Scan button to start the scan.
During the scan it will prompt you to clean files, click
OK
When the scan is finished, look at the bottom of the
screen and click the Save report button.
Save the report to your desktop
Start Ccleaner and click Run Cleaner also use the issues
button and fix and faults detected
* Go to Control Panel > Internet Options. Click on the
Programs tab then click the "Reset Web Settings" button.
Click Apply then OK.
* Next go to Control Panel > Display. Click on
the "Desktop" tab then click the "Customize Desktop"
button. Click on the "Web" tab. Under "Web Pages" you
might see an entry checked called something
like "Security info" or similar. If it is there, select
that entry and click the "Delete" button. Click OK then
Apply and OK.(Dont worry if it doesnt exist)
Restart back into Windows normally now.
Run A online virus scan here
http://www.pandasoftware.com/activescan/
When the scan is finished, anything that it cannot clean
have it delete it. Make a note of the file location of
anything that cannot be deleted so you can delete it
yourself- Save the results from the scan!
If your clean turn off system restore & reboot then re-
enable it again incase you have restore points saved
since you got infected.
Let me know if you have problems or need help with
anything.
Regards
Andy
You will have to use a few programs to kill this,download
these and run them all in safe mode,Also use MSAS in safe
mode.
Download SmitRem:
------------------
http://castlecops.com/zx/flrman1/smitRem.zip
Save the file to your desktop.
Unzip smitRem.zip to extract the two files it contains.
Do not do anything with it yet. You will run the
RunThis.bat file later in safe mode.
Download Ccleaner:
-----------------
Install to remove temp and unused files
http://download.ccleaner.com/download121bino.asp
Download Ewido Security Suite:
------------------------------
http://www.ewido.net/en/download/
Install ewido.
During the installation, under "Additional Options"
uncheck "Install background guard" and "Install scan via
context menu".
Launch ewido
It will prompt you to update click the OK button and it
will go to the main screen
On the left side of the main screen click update
Click on Start and let it update.
DO NOT run a scan yet. You will do that later in safe
mode.
Now copy these instructions to notepad and save them to
your desktop. You will need them to refer to in safe mode.
Once you have all the above downloads then boot into safe
mode (Reboot and keep tapping F8 then choose safe mode
from the list)
Once in safe mode open the smitRem folder, then double
click the RunThis.bat file to start the tool. Follow the
prompts on screen.Wait for the tool to complete and disk
cleanup to finish.
Run Ewido:
Click on scanner
Choose to do a complete scan
Click the Start Scan button to start the scan.
During the scan it will prompt you to clean files, click
OK
When the scan is finished, look at the bottom of the
screen and click the Save report button.
Save the report to your desktop
Start Ccleaner and click Run Cleaner also use the issues
button and fix and faults detected
* Go to Control Panel > Internet Options. Click on the
Programs tab then click the "Reset Web Settings" button.
Click Apply then OK.
* Next go to Control Panel > Display. Click on
the "Desktop" tab then click the "Customize Desktop"
button. Click on the "Web" tab. Under "Web Pages" you
might see an entry checked called something
like "Security info" or similar. If it is there, select
that entry and click the "Delete" button. Click OK then
Apply and OK.(Dont worry if it doesnt exist)
Restart back into Windows normally now.
Run A online virus scan here
http://www.pandasoftware.com/activescan/
When the scan is finished, anything that it cannot clean
have it delete it. Make a note of the file location of
anything that cannot be deleted so you can delete it
yourself- Save the results from the scan!
If your clean turn off system restore & reboot then re-
enable it again incase you have restore points saved
since you got infected.
Let me know if you have problems or need help with
anything.
Regards
Andy