|
|
Remove EasySearch |
|
EasySearch is a malicious browser hijacker that changes the Internet Explorer default home page. The parasite also downloads from the Internet and installs other privacy threats. EasySearch acts as a local proxy server used by Internet Explorer to access the Internet. This allows the parasite to regularly redirect a web browser to undesirable web sites, usually with pornographic content. EasySearch runs on every Windows startup. EasySearch manual removal:Kill processes:iau.exe, runwin32.exe, lssas.exe, mservice.exe, msqdevl.exe, stisvsq.exe, svshost.exe Delete registry values: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Games Acceleration HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Internet Connection Wizard HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Internet Mail and News HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Internet Accelerator HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Management Console HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Multimedia Extensions HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Games Acceleration HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Internet Connection Wizard HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Internet Mail and News HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft Internet Accelerator HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft Management Console HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Multimedia Extensions HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page=[site address] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page=[site address] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer=[IP address] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyOverride=[local] Delete files: iau.exe, runwin32.exe, lssas.exe, mservice.exe, msqdevl.exe, stisvsq.exe, svshost.exe Misc: [site address] is an adrress of a web site on the easy-search.biz domain. [IP address] is a local address of a compromised computer (127.0.0.1:8080). All EasySearch files can be found in the main system directory C:\Windows or C:\Winnt.
|
|
||||||
Previous: EasyServ Next: EasyNet 3.0 |
|||||||
| | 1-9 | O | P | Q | R | S | T | U | V | W | X | Y | N | M | L | A | B | C | D | E | F | G | H | I | J | K | Z | |||||||
Copyright ©
SpywareDot 2004-2009| Spyware Removal. All rights reserved. |
|||||||