After a weeks analyze newest search term
keywords coming to my blog I found there is a lot of request for
articles about how to removing virus Searchqu (around 5%). In this short
articles I will write how to remove SearchQU virus and bring back your
computers to normal condition.
Searchqu is a highly dangerous trojan
which lures users to unknowingly perform corrupt actions on a targeted
computer. Searchqu poses as an antispyware application that displays
deceptive warnings and misleading scan results. It then asks for users
to purchase it. Searchqu record the contents of all the instant messages
you send or receive—along with the usernames and addresses of your IM
partners. Searchqu record the entire contents of each chat room you
visit—and log the usernames and addresses of other channel members.
Searchqu pretends to be a legitimate software, but infact it’s a virus
many computer users got currently, and antivirus won’t help, you need to
remove Searchqu manually.
2 simple step to remove SearchQU virus
1. Deleted this file list manually :
%AppData%\searchqutoolbar\stat.log
%AppData%\searchqutoolbar\uninstallStatIE.dat
%AppData%\searchqutoolbar\uninstallIE.dat
%AppData%\searchqutoolbar\stats.dat
%AppData%\searchqutoolbar\guid.dat
%AppData%\searchqutoolbar\preferences.dat
%AppData%\searchqutoolbar\log.txt
%AppData%\searchqutoolbar\dtx.ini
%AppData%\searchqutoolbar\coupons\categories.xml
%AppData%\searchqutoolbar\
%AppData%\searchqutoolbar\version.xml
%AppData%\searchqutoolbar\coupons\merchants2.xml
%AppData%\searchqutoolbar\coupons\merchants.xml
%Temp%\searchqutoolbar-manifest.xml
%AppData%\searchqutoolbar\uninstallStatIE.dat
%AppData%\searchqutoolbar\uninstallIE.dat
%AppData%\searchqutoolbar\stats.dat
%AppData%\searchqutoolbar\guid.dat
%AppData%\searchqutoolbar\preferences.dat
%AppData%\searchqutoolbar\log.txt
%AppData%\searchqutoolbar\dtx.ini
%AppData%\searchqutoolbar\coupons\categories.xml
%AppData%\searchqutoolbar\
%AppData%\searchqutoolbar\version.xml
%AppData%\searchqutoolbar\coupons\merchants2.xml
%AppData%\searchqutoolbar\coupons\merchants.xml
%Temp%\searchqutoolbar-manifest.xml
Or you can created a manual batch file with content like this:
del %AppData%\searchqutoolbar\stat.log
del %AppData%\searchqutoolbar\uninstallStatIE.dat
del %AppData%\searchqutoolbar\uninstallIE.dat
del %AppData%\searchqutoolbar\stats.dat
del %AppData%\searchqutoolbar\guid.dat
del %AppData%\searchqutoolbar\preferences.dat
del %AppData%\searchqutoolbar\log.txt
del %AppData%\searchqutoolbar\dtx.ini
del %AppData%\searchqutoolbar\coupons\categories.xml
del %AppData%\searchqutoolbar\
del %AppData%\searchqutoolbar\version.xml
del %AppData%\searchqutoolbar\coupons\merchants2.xml
del %AppData%\searchqutoolbar\coupons\merchants.xml
del %Temp%\searchqutoolbar-manifest.xml
del %AppData%\searchqutoolbar\uninstallStatIE.dat
del %AppData%\searchqutoolbar\uninstallIE.dat
del %AppData%\searchqutoolbar\stats.dat
del %AppData%\searchqutoolbar\guid.dat
del %AppData%\searchqutoolbar\preferences.dat
del %AppData%\searchqutoolbar\log.txt
del %AppData%\searchqutoolbar\dtx.ini
del %AppData%\searchqutoolbar\coupons\categories.xml
del %AppData%\searchqutoolbar\
del %AppData%\searchqutoolbar\version.xml
del %AppData%\searchqutoolbar\coupons\merchants2.xml
del %AppData%\searchqutoolbar\coupons\merchants.xml
del %Temp%\searchqutoolbar-manifest.xml
Or download it from here…
2. Remove this registry list manually:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar “Searchqu Toolbar”
HKEY_LOCAL_MACHINE\SOFTWARE\Classes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1\SearchQUIEHelper.DNSGuard
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ProgID “SearchQUIEHelper.UrlHelper.1″
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} “UrlHelper Class”
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\VersionIndependentProgID “SearchQUIEHelper.UrlHelper”
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\InprocServer32 “C:\PROGRA~1\WINDOW~4\ToolBar\searchqudtx.dll”
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} “Searchqu Toolbar”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7} “Searchqu Toolbar”
HKEY_LOCAL_MACHINE\SOFTWARE\Classes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1\SearchQUIEHelper.DNSGuard
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ProgID “SearchQUIEHelper.UrlHelper.1″
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} “UrlHelper Class”
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\VersionIndependentProgID “SearchQUIEHelper.UrlHelper”
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\InprocServer32 “C:\PROGRA~1\WINDOW~4\ToolBar\searchqudtx.dll”
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} “Searchqu Toolbar”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7} “Searchqu Toolbar”
Or download searchqu-repair.inf from my blog, then right click on it ,choose install.
3. Done.
I’m not guarantee this way will works for everyone, if there is new varian this step may not works. Have a nice day everyone!
Source: http://www.istanto.net/how-to-remove-searchqu-virus.html
Postingan Terkait
Widget dari [ Mukelujauh.blogspot.com ]