Safenavweb virus
- Thread starter jhm2341
- Start date
- Status
Tedster
Posts: 5,746 +14
How to remove safenavweb.com hijacker
Symptoms: system keeps popping up warning messages & launching Internet Explorer & directing it to safenavweb.com
For fix safenavweb.com malware, make follow steps:
Download HijackThis and save the file to your desktop.
Double click on the file to extract it to it’s own folder on the desktop.
Download CCleaner. Double click on the file for install.
Download and unzip Avenger to your desktop.
Download SmitfraudFix (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.
Reboot your computer again in Safe Mode by doing the following:
1. Restart your computer
2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3. Instead of Windows loading as normal, a menu should appear
4. Select the first option, to run Windows in Safe Mode.
Start HijackThis. Click “Do a system scan only.” and put a checkmark next to the following items:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: MSVPS System - {480598DD-AE28-48B7-82F7-6ADDA1AA6B66} - C:\WINDOWS\ntspkfxt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: The htunistock - {C58A4487-4C2E-45E4-9E3A-52B3A23CC396} - C:\WINDOWS\htunistock.dll
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O21 - SSODL: hostctrl - {20D7F2C0-86AB-4F63-88E4-E3F4887E0CC1} - C:\WINDOWS\hostctrl.dll
O21 - SSODL: hstsys - {44195BC8-06C2-4D25-81E9-1607B1313715} - C:\WINDOWS\hstsys.dll
Now close all browser and other windows except for HijackThis, and click “Fix Checked” to have HijackThis fix the entries you checked.
Boot your PC again in Safe Mode.
Open the SmitfraudFix folder and double-click smitfraudfix.cmd. Press the number 2 on your keyboard and the press the enter key to choose the option Clean (safe mode recommended).
You will be prompted : “Registry cleaning - Do you want to clean the registry ?“; answer “Yes” by typing Y and press “Enter” in order to remove the Desktop background and clean registry keys associated with the infection.
The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer “Yes” by typing Y and press “Enter”.
The tool may need to restart your computer to finish the cleaning process; if it doesn’t, please restart it into Normal Windows.
Download the HostsXpert 3.7 - Hosts File Manager.
# Unzip HostsXpert 3.7 - Hosts File Manager to a convenient folder such as C:\HostsXpert
# Click HostsXpert.exe to Run HostsXpert 3.7 - Hosts File Manager from its new home
# Click “Make Hosts Writable?” in the upper right corner (If available).
# Click Restore Microsoft’s Hosts file and then click OK.
# Click the X to exit the program.
# Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.
Run CCleaner.
Click Analyze button. After scan your system, click Run Cleaner.
Reboot your PC.
If you are still having problems with spyware after completing these instructions, then please follow the steps outlined in the topics linked below
Symptoms: system keeps popping up warning messages & launching Internet Explorer & directing it to safenavweb.com
For fix safenavweb.com malware, make follow steps:
Download HijackThis and save the file to your desktop.
Double click on the file to extract it to it’s own folder on the desktop.
Download CCleaner. Double click on the file for install.
Download and unzip Avenger to your desktop.
Download SmitfraudFix (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.
Reboot your computer again in Safe Mode by doing the following:
1. Restart your computer
2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3. Instead of Windows loading as normal, a menu should appear
4. Select the first option, to run Windows in Safe Mode.
Start HijackThis. Click “Do a system scan only.” and put a checkmark next to the following items:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: MSVPS System - {480598DD-AE28-48B7-82F7-6ADDA1AA6B66} - C:\WINDOWS\ntspkfxt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: The htunistock - {C58A4487-4C2E-45E4-9E3A-52B3A23CC396} - C:\WINDOWS\htunistock.dll
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O21 - SSODL: hostctrl - {20D7F2C0-86AB-4F63-88E4-E3F4887E0CC1} - C:\WINDOWS\hostctrl.dll
O21 - SSODL: hstsys - {44195BC8-06C2-4D25-81E9-1607B1313715} - C:\WINDOWS\hstsys.dll
Now close all browser and other windows except for HijackThis, and click “Fix Checked” to have HijackThis fix the entries you checked.
Boot your PC again in Safe Mode.
Open the SmitfraudFix folder and double-click smitfraudfix.cmd. Press the number 2 on your keyboard and the press the enter key to choose the option Clean (safe mode recommended).
You will be prompted : “Registry cleaning - Do you want to clean the registry ?“; answer “Yes” by typing Y and press “Enter” in order to remove the Desktop background and clean registry keys associated with the infection.
The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer “Yes” by typing Y and press “Enter”.
The tool may need to restart your computer to finish the cleaning process; if it doesn’t, please restart it into Normal Windows.
Download the HostsXpert 3.7 - Hosts File Manager.
# Unzip HostsXpert 3.7 - Hosts File Manager to a convenient folder such as C:\HostsXpert
# Click HostsXpert.exe to Run HostsXpert 3.7 - Hosts File Manager from its new home
# Click “Make Hosts Writable?” in the upper right corner (If available).
# Click Restore Microsoft’s Hosts file and then click OK.
# Click the X to exit the program.
# Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.
Run CCleaner.
Click Analyze button. After scan your system, click Run Cleaner.
Reboot your PC.
If you are still having problems with spyware after completing these instructions, then please follow the steps outlined in the topics linked below
- Status
Latest posts
-
Adobe Firefly and Photoshop receive new AI enhancements, hilarity ensues- Daniel Sims replied
-
Microsoft is rolling out new Start menu ads to all Windows 11 users despite backlash- scavengerspc replied
