SpyHunter is a malicious program that needs to be removed (and not 'suggested as a fix'). How do I go about uninstalling, and blocking the effects of this program? In that same thought, how do I re-enable the programs that Spyhunter has blocked?
spyhunter4
#1
Posted 16 January 2014 - 07:59 PM
SpyHunter is a malicious program that needs to be removed (and not 'suggested as a fix'). How do I go about uninstalling, and blocking the effects of this program? In that same thought, how do I re-enable the programs that Spyhunter has blocked?
#2
Posted 17 January 2014 - 12:22 AM
Please tell me where SpyHunter was recommended on this site. I have never seen it recommended.I used one of the programs recommended here on this site, called SpyHunter.
What you are experiencing was likely aided by the infection you had in June of 2013 that never got completely removed. You abandoned the topic before it could be completely removed.
Can you boot into Windows normally?
If not, can you boot into Safe Mode with Networking?
#3
Posted 17 January 2014 - 12:37 AM
Since the reformat, my task manager doesn't work correctly, but since I don't use it very often, I haven't considered it to be a problem. However, because it doesn't allow me to properly access it, I cannot view the actual tasks and operations that might be running, nor do I have the ability to end them. (attached pic of current task manager). The task manager issue is unrelated to Arestocrat or SpyHunter. I only bring it up to show that I cannot be sure what programs are running in the background.
#4
Posted 17 January 2014 - 12:39 AM
#5
Posted 17 January 2014 - 12:47 AM
#6
Posted 17 January 2014 - 12:54 AM
#7
Posted 17 January 2014 - 01:03 AM
#8
Posted 17 January 2014 - 02:01 AM
#9
Posted 17 January 2014 - 02:26 AM
Attached Files
#10
Posted 17 January 2014 - 10:48 AM
The only remnant of SpyHunter is a driver file that is missing but the system is trying to load it. We will remove that.
SpyHunter is a Rouge Antivirus / AntiSpyware program. Once it gets on the computer it runs and alerts you to all kinds of threats. Then it tells you that the only way to clean them is to pay a fee or buy the program. But they were all false positives and not threats to begin with.
That's why I said that I've never seen it recommended here. I've seen it removed plenty of times, but never recommended.
Other than that driver the OTL scan doesn't show anything. After the OTL fix we will scan all users and get an adware scan.
Once we are sure the system is clean we'll look at the taskmanager issue.
IMPORTANT:Change your browser(s) to download any tools to the desktop.
Follow the directions here
For FireFox check the dot beside "Always ask me where to save files."
For Chrome, check the box beside "Ask where to save each file before downloading"
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
Step-1.
OTL Fix
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot.
1. Please copy all of the text in the quote box:
:COMMANDS
[createrestorepoint]
:OTL
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
:FILES
C:\Program Files\Enigma Software Group
:COMMANDS
[emptytemp]
Warning: This fix is relevant for this system and no other. If you are not this user, do not follow these directions as they could damage the workings of your system.
1. Please re-open on your desktop.
2. Paste the text inside the textbox.
3. Click the button.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the button.
8. A report will open. Please ]Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).
Step-2.
OTL Scan
Please re-open on the desktop.
- At the top of the console, click the box beside Scan All Users and Include 64bit Scans
- Make sure the Output box at the top is set to Standard Output.
- Click the box beside LOP Check and Purity Check
- Click the button. Do not change any settings unless otherwise told to do so.
- Let the scan run uninterrupted.
- When the scan completes please post the OTL log.
Step-3.
AdwCleaner by Xplode
Download AdwCleaner. Click here and then click the Download Now @ BleepingComputer button. Save the file to the desktop.
NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.
Close all open windows and browsers.
- Run AdwCleaner
- Click the Scan button and wait for the scan to finish.
- After the Scan has finished the window may or may not show what it found and above the progress bar you will see Pending. Please uncheck elements you don't want to remove. Do not delete anything at this time.
- Click the Report button to get the log. Post it in your next reply.
- Close the program.
Step-4.
Things For Your Next Post:
1. The OTL fixes log
2. The new OTL.txt log
3. The AdwCleaner[R0].txt log
#11
Posted 18 January 2014 - 01:12 AM
In your first response, you accused me of 'abandoning the topic', claiming that my current problems were somehow linked to that. Yet, when I explained that I reformatted soon after, and by the time I got back to the post it was locked up, and pointless at that stage to re-open it.
"What you are experiencing was likely aided by the infection you had in June of 2013 that never got completely removed. You abandoned the topic before it could be completely removed."
This is what you asked me to do:
"Would you post the OTL fixes log? And the original OTL.txt log and Extras.txt log."
No where in that does it say a thing about copy/paste... instead, it asks me to get you the information, which I did.
" In the future please don't attach logs unless I ask you to. Just copy and paste them into your posts. It makes them easier to research."
"A report will open. Copy and Paste that report in your next reply."
"Please copy the contents of this file and paste it into your reply. To do that:
◦On the .txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
◦Right-click inside the forum post window then click Paste.This will paste the contents of the .txt file in the in the post window."
"Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The OTL fixes log
2. The new OTL.txt log
3. The AdwCleaner[R0].txt log "
I already acknowledged my mistake (more than once) for associating it with THIS site, apologized for the mistake. Apparently, that wasn't enough and you had to remind me again.. Would you bathing in my children's blood absolve me of this?!? Or can you learn to drop it once both sides come to an agreement?
"That's why I said that I've never seen it recommended here. I've seen it removed plenty of times, but never recommended."
"SpyHunter is a Rouge Antivirus / AntiSpyware program. Once it gets on the computer it runs and alerts you to all kinds of threats. Then it tells you that the only way to clean them is to pay a fee or buy the program. But they were all false positives and not threats to begin with."
Rouge is a color.. Rogue is the word you were looking for. And yes, I'm well aware of negative effects of SpyHunter.. hence, why I was alarmed that anyone had recommended it in the first place. But since I admitted my mistake, apologized, and attempted to move past it; somehow, you seem fixated on wagging your finger about it. If this is the kind of 'help' you prefer to dish out, then maybe you are in the wrong line of work. Please put me in contact with someone that isn't such a rectal oriface.
#12
Posted 18 January 2014 - 12:16 PM
I said that your problems were likely a result of the first infection because you entitled the first topic "Arestocrat strikes again" and the first sentence in this new topis was "I was recently hit again with the Arestocrat virus;...".In your first response, you accused me of 'abandoning the topic', claiming that my current problems were somehow linked to that. Yet, when I explained that I reformatted soon after, and by the time I got back to the post it was locked up, and pointless at that stage to re-open it.
The person helping you in that first topic was Essexboy. In his signature is this:
"Post that are not replied to after 4 days will be closed, PM me to reactivate"
So I'm sorry, again, but you did abandon that topic.
You are correct. I normally cover that in an opening post. In this case I didn't know what kind of system we were dealing with here or even if it was booting properly so I wanted to get that info. first."Would you post the OTL fixes log? And the original OTL.txt log and Extras.txt log."
No where in that does it say a thing about copy/paste... instead, it asks me to get you the information, which I did.
But if you had looked under the "Virus, Spyware, Malware Removal" forum link you would have seen a highlighted link entitled "BEGIN HERE: Malware and Spyware Cleaning Guide".
In that guide there are steps to download OTL, run the scan and how to copy and paste it here. It even has pictures.
The instructions I post are used for everyone. Not just you. I have used abbreviated instructions in the past. But a lot of the users would reply saying that they got a screen that I didn't tell them about or telling me that they didn't understand what they were supposed to do. So I adjusted the instructions to be more detailed.The tone you've taken with me is quite alarming, and it's better that I waited a while before responding. For starters, you asked me to send information. Apparently it wasn't the way you like to see it, and felt that telling me several different times, was the only way I'd understand. Using red angry letters capitalizing "Do Not"... I got it the first time!
And I used to just use bold text for important notices. But I found that they got overlooked. So I now use red text for important changes.
I had already dropped it. But I think offering to sacrifice you children's blood indicates a larger problem than some malware on a computer.I already acknowledged my mistake (more than once) for associating it with THIS site, apologized for the mistake. Apparently, that wasn't enough and you had to remind me again.. Would you bathing in my children's blood absolve me of this?!? Or can you learn to drop it once both sides come to an agreement?
Yep, I misspelled rogue. You got me. I'm sorry that you think I was wagging my finger. I was just trying to give you some information. Most people appreciate that.Rouge is a color.. Rogue is the word you were looking for. And yes, I'm well aware of negative effects of SpyHunter.. hence, why I was alarmed that anyone had recommended it in the first place. But since I admitted my mistake, apologized, and attempted to move past it; somehow, you seem fixated on wagging your finger about it. If this is the kind of 'help' you prefer to dish out, then maybe you are in the wrong line of work. Please put me in contact with someone that isn't such a rectal oriface.
And I don't work here. I volunteer here.
Having said all that I will offer to continue to assist you. And I will adjust any future posts to remove any bold or red text and scale them to the minimum.
But I won't ask any of my colleagues to take over and endure this kind of verbal attack.
If that isn't acceptable I will close this topic. That will leave you a few options:
1. Feel free to start a new topic. I will put a warning on your account linking back to this discussion so every staff member can see who they are dealing with before offering their assistance.
2. Go back to the site that recommended SpyHunter. Or another site.
3. Take the computer to a repair shop and pay them the $100 and up to put up with the verbal abuse.
Please let me know what you want to do.
#13
Posted 18 January 2014 - 05:06 PM
I asked for someone new, because of YOUR tone and attacks. Citing your various attempts of badgering me, when I clearly understood the first time. Even now, instead of backing down, apologizing, or attempting to move ahead, despite your being called on the carpet, you then give me an ultimatum of options... telling me to 'like it or leave it'. Do what you feel you need to do, I came here with an issue and don't feel that I'm being assisted (by you), and would rather resolve this with someone that gets to the root of the problem and not rehash posts from June, or repeatedly telling me "Do Not attach log files unless I ask for it."
You might want to change your footer. "Please post your final results, good or bad. We like to know! " because apparently you only want to hear 'good' things.
#14
Posted 18 January 2014 - 06:07 PM
I did apologize. Several times. And I offered to move ahead. The ball is in your court now. If you wish to continue please complete the fix and scans in post #10 and post the logs I requested. I have revised the instructions to remove any objectionable coloring.(I can't do anything about the blue link color. The board does that automatically).Even now, instead of backing down, apologizing, or attempting to move ahead, despite your being called on the carpet, you then give me an ultimatum of options... telling me to 'like it or leave it'. Do what you feel you need to do,
We want all feedback. You are the second person who was / is unhappy with my assistance. I asked my colleagues to take over on the first one. And they were abused just as badly as I was. That's why I won't do that again.You might want to change your footer. "Please post your final results, good or bad. We like to know! " because apparently you only want to hear 'good' things.
If you haven't posted a reply in 4 days the topic will be considered abandoned and will be closed.
#15
Posted 18 January 2014 - 09:19 PM
I told you what I would prefer, and that's to have assistance from someone other than yourself. You claim to be the victim of verbal abuse, and that you've apologized, yet you go right back to wagging the finger, defending you behavior, and chastising me for calling you out for it. I didn't realize this was your personal platform to berate people with computer issues. Be sure to link this to any future posts, I'm sure your colleagues will begin to see the image you project. I'm the second person that is displeased with your treatment and manner of assistance. I simply asked that you step away, because this isn't moving forward. You make too many assumptions. First, you assumed that this was related to the first issue from 7 months ago (duh!). Second, you assumed that I understood you when I attached the files, instead of copy/paste them. Third, you assumed that I needed to be told several times that you only want that if you directly specifically ask for it. Fourth, you assume that you've been 'helpful' and that I've only come to this site to berate you, I came to this site, because of the success I've had in the past, and this time, it is clearly not successful.
I asked for someone else, because I'd rather have instructions for fixing my computer problem. Instead, I've been given long posts of tertiary responses, duplicated instructions, defense of bad behavior.
"First, let me apologize."
This was the one and only time you offered an apology, not several times as you claimed. It was immediately followed up by accusations of abandoning a topic from 7 months ago to 'clarify' your distain. Since it's clear your version of 'assistance' involves accusations, assumptions, and defense of your actions and word choices, you forego in transferring me to someone else. If I were dissatisfied with a particular doctor, I'd ask for another, not go to a new hospital for treatment. The same goes for an auto-mechanic, I'd still frequent the same shop, but request that someone else works on my car.. but here... that's just not in your plan.. so I must endure your attitude problems, or go somewhere else. As I said before, I've had great success in the past with this site, but you've made it clear I must deal with you and you alone.. or else!
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users