• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 207
  • Last Modified:

i need help getting rid of the winfixer virus

My laptop has been infected with the winfixer and errorsafe viruses.  I have run the norton scan and upon completion it tells me that I have errorsafe and winfixer and tells me to delete the following file  C:\WINDOWS\Downloaded Program Files\UWA6P_0001_N91M1807NetInstaller.exe   However I cannot find this file anywhere.  Also every time I open internet explorer, I am directed to the page  http://iesecurepage.com/.  pleas help me.
0
davdawg765
Asked:
davdawg765
  • 5
  • 3
  • 3
  • +2
3 Solutions
 
Elite_BigfootCommented:
Hello,

Errorsafe:
1)http://www.spywareremove.com/removeErrorSafe.html
also include a software to completly remove the spyware

Winfixer:
1)http://www.spywaredb.com/remove-winfixer/

2)http://www.free-web-browsers.com/support/remove-winfixer.shtml
both errosafe and winfixer removeable
0
 
Elite_BigfootCommented:
Also to unregister the dll's - http://www.mac-net.com/295484.page
0
 
davdawg765Author Commented:
what do you mean when you say unregister dlls?
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
Elite_BigfootCommented:
Read http://www.spywaredb.com/remove-winfixer/

One of the phases to completly remove Winxfixer spyware require you to un-register few dll's.
To do so just view http://www.mac-net.com/295484.page, it will explain you how to easily do it.
0
 
war1Commented:
Greetings, davdawg765 !

You can follow the manual method to remove Winfixer and ErrorSafe as propose by Elite_Bigfoot, or use the free tool SmitFraudFix to remove the adware.  Follow the directions in this link very carefully.
http://www.geekstogo.com/forum/index.php?showtopic=109268
OR
http://siri.geekstogo.com/SmitfraudFix.zip 

Best wishes!
0
 
davdawg765Author Commented:
For now I am downloading spyhunter and spyscanner per elite_bigfoot's advice.  hopefully that works
0
 
davdawg765Author Commented:
since i dont want to buy spyhunter, i am now trying smitfraudfix
0
 
davdawg765Author Commented:
when i am booting up in safe mofe, how do I find/Double-click smitfraudfix.cmd?
 
0
 
war1Commented:
Did you download SmitFraudfix and extract all the files.  Smitfradfix.cmd should be one of the extracted file.
0
 
davdawg765Author Commented:
ok, so i used smitfraudfix and now i can set my homepage to anything.  however when i run norton antivirus scan it still says that winfixer and errorsafe are in my system in the same place as before.
0
 
war1Commented:
For the homepage problem, go to Internet Explorer > Tools > Internet Options > General tab > set your homepage there.

If no joy, you need perform a registry edit. Backup your registry first.

1.      Click Start, and then click Run.
2.      In the Open box, type regedit, and then click OK.
3.      In Registry Editor, locate the following subkey, if it exists:
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel
4.      If the ResetWebSettings value or the HomePage value exists in this key, right-click the values, and then click Delete.

Note You may also want to verify any Web site information contained in the Default_Page_URL value and the Start Page value in the following registry keys:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main

HKEY_ LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main

HKEY_USERS\Default\Software\Microsoft\Internet Explorer\Main
5.      On the Edit menu, click Delete, and then click Yes to confirm the deletion.
0
 
rpggamergirlCommented:
You need to show all the files in that folder first by unregistering occache.dll.
By default explorer will not show all files in that folder.


Start > Run > type

regsvr32 /u occache.dll

Click OK
then go to C:\WINDOWS\Downloaded Program Files
and manually delete the file --> UWA6P_0001_N91M1807NetInstaller.exe  
When you finish deleting the file go back to:
Start > Run
Paste in this command(to register the occache.dll back)

regsvr32 occache.dll

And Click OK


2.  Or use Killbox: to delete the file.
Download Pocket Killbox.
http://www.atribune.org/downloads/KillBox.exe
*Select the "Delete on Reboot" option.
*Select "Single File"
*Copy the file names below to the clipboard by highlighting them and pressing Control-C:

C:\WINDOWS\Downloaded Program Files\UWA6P_0001_N91M1807NetInstaller.exe  

*Return to Killbox, go to the File menu, and choose "Paste from Clipboard".
*Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.
*If the computer doesn't restart, just restart manually.
0
 
Computer101Commented:
Forced accept.

Computer101
EE Admin
0

Featured Post

[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

  • 5
  • 3
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now