Windows Problems Help Center

Monday, November 17, 2014

Guide to Remove Step by Step

We have valuable patient information lost due to some kind of unknown infection. All .doc files were changed from xy.doc to I tried removing only extension addon, but that isn't the problem solver. I tried to HEX compare files that were backed up and those encrypted and i see many repeatable patterns through encrypted file.

Information about is a dangerous malware which can be classified as ransomware. Once your computer is infected with this ransomware, it could  change all the .doc files to Which is similar to CryptoWall 2.0,  your files have been encrypted and you are asked to pay money to get the files back. This virus can spread through the link in spam email or attachment with the zip file.  If you click on the links or attachment, you will get this virus on your computer.

It asks you to send 1 bitcoin to a wallet and afterwards they will send you the decode method. However, you'd better not believe in it, there is no guarantee. It is recommended to remove immediately from your computer. It is highly suggested to download and install a powerful and legitimate anti-spyware like Spyhunter to scan and protect your computer.

Instructions to Get Rid of

Method 1:  Manual Deletion

Boot up the infected computer, press F8 at the very beginning, choose “Safe Mode with Networking” and press Enter to get in safe mode with networking.

Step 1Open Windows Task Manager and close all running processes.
( Methods to open Task Manager: Press CTRL+ALT+DEL or CTRL+SHIFT+ESC or Press the Start button->click on the Run option->Type in taskmgr and press OK.)

Step 2 : Go to the Registry Editor and remove all the infection registry entries listed here:

(Steps: Hit Win+R keys and then type regedit in Run box to search)

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main "Start Page" = "http://www.<random>.com/?type=hp&ts=<timestamp>&from=tugs&uid=<hard drive id>"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search "CustomizeSearch" = "http://www.<random>.com/web/?type=ds&ts=<timestamp>&from=tugs&uid=<hard drive id>&q={searchTerms}"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search "SearchAssistant" = "http://www.<random>.com/web/?type=ds&ts=<timestamp>&from=tugs&uid=<hard drive id>&q={searchTerms}"

Step 3: All the infection associated files listed below need to be removed:

C:\Program Files\<random>

Method  2: Automatic Removal with SpyHunter

SpyHunter is a world-famous real-time malware protection and removal tool, which is designed to detect , remove and protect your PC from the latest malware attacks, such as Trojans, worms, rootkits, rogue viruses, browser hijacker, ransomware, adware, key-loggers, and so forth. To keep SpyHunter Anti-malware on your computer is an important way to protect your computer in a good condition. Please find the instruction as follow.

Boot up the infected computer, press F8 at the very beginning, choose “Safe Mode with Networking” and press Enter to get in safe mode with networking.

Step 1: Press the following button to download SpyHunter.

Step 2: Save it into your computer and click on the Run choice to install it step by step.

Step 3: Click Finish then you can use it to scan your computer to find out potential threats by pressing Scan computer now!

Step 4: Tick Select all and then Remove to delete all threats.

Guide to download RegCure Pro to optimize PC 

If you are still worried about the left over of and want to clean all the unwanted registry entries,  it is recommended to use RegCure Pro.

A: At first, boot your computer into Safe Mode with Networking.

To perform this procedure, please restart your computer and keep pressing F8 key until Windows Advanced Options menu shows up, then using arrow key to select “Safe Mode with Networking” from the list and press ENTER to get into that mode.

safe mode with networking

B: Follow the below guide to continue.

Step 1. Install and launch RegCure Pro on your PC.

Step 2.  Select "Yes" to download and install RegCure Pro.


Step 3. Click "Next" to continue.

Step 4. RegCure Pro will open automatically on your screen.

RegCure Pro

 Step 5. RegCure Pro is scanning your PC for error.

 RegCure Pro2

Step 6. After scanning, choose the issues you want to fix. 


Note: Manual removal refers to key parts of computer system. Any error step may lead to system crash. If you don’t have sufficient expertise in dealing with the manual removal. Install Spyhunter can be your better choice, because it is capable of auto-detecting and removing viruses. You can also Download RegCure Pro to help you optimize the computer.

No comments:

Post a Comment