 |
| Quick Defragmenter GUI |
(Thanks to rogueamp)
If you somehow ended up with Quick Defragmenter then you should remove it from your computer as soon as possible. Do not purchase this bogus program. It prompts the user to pay for a full version of the program to fix the problem. Do not fall victim to this malicious software. If you have already purchased it then you should contact your credit card company and dispute the charges.
Please follow the removal instructions outlined below to remove Quick Defragmenter from your computer for free using legitimate anti-malware software.
Quick Defragmenter removal instructions using HijackThis or Process Explorer (in Normal mode):
1. Download iexplore.exe (NOTE: iexplore.exe file is renamed HijackThis tool from TrendMicro).
Launch the iexplore.exe and click "Do a system scan only" button.
If you can't open iexplore.exe file then download explorer.scr and run it.
2. Search for such entries in the scan results:
O4 - HKCU\..\Run: [SET OF RANDOM CHARACTERS] %Temp%\[SET OF RANDOM CHARACTERS].exe
%Temp% refers to the Windows Temp folder. By default, this is:
C:\Documents and Settings\[User Name]\Local Settings\Temp for Windows 2000/XP,
C:\Users\[User Name]\AppData\Local\Temp for Windows Vista and Windows 7.
Select all similar entries and click once on the "Fix checked" button. Close HijackThis tool.
OR you may download Process Explorer and end Quick Defragmenter process:
- [SET OF RANDOM CHARACTERS].exe
NOTE: in some cases the rogue program may block anti-malware software. Before saving the selected program onto your computer, you may have to rename the installer to iexplore.exe or winlogon.exe With all of these tools, if running Windows 7 or Vista they MUST be run as administrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.
4. New threats appear every day. In order to protect your PC from such (new) infections we strongly recommend you to use ESET Smart Security.
Quick Defragmenter removal instructions (in Safe Mode with Networking):
1. Reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key. Read more detailed instructions here: http://www.computerhope.com/issues/chsafe.htm
NOTE: Login as the same user you were previously logged in with in the normal Windows mode.
2. Download free anti-malware software from the list below and run a full system scan.
NOTE: in some cases the rogue program may block anti-malware software. Before saving the selected program onto your computer, you may have to rename the installer to iexplore.exe or winlogon.exe With all of these tools, if running Windows 7 or Vista they MUST be run as administrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.
3. New threats appear every day. In order to protect your PC from such (new) infections we strongly recommend you to use ESET Smart Security.
Quick Defragmenter associated files and registry values:
Files:
- %Temp%\[SET OF RANDOM CHARACTERS]
- %Temp%\dfrg
- %Temp%\dfrgr
- %Temp%\[SET OF RANDOM CHARACTERS].exe
- %Temp%\[SET OF RANDOM CHARACTERS].dll
- %UserProfile%\Desktop\Quick Defragmenter.lnk
- %UserProfile%\Start Menu\Programs\Quick Defragmenter\
- %UserProfile%\Start Menu\Programs\Quick Defragmenter\Quick Defragmenter.lnk
- %UserProfile%\Start Menu\Programs\Quick Defragmenter\Uninstall Quick Defragmenter.lnk
C:\Documents and Settings\[UserName]\Local Settings\Temp (in Windows 2000/XP)
C:\Users\[UserName]\AppData\Local\Temp (in Windows Vista & Windows 7)
%UserProfile% refers to:
C:\Documents and Settings\[UserName]\ (in Windows 2000/XP)
C:\Users\[UserName]\ (in Windows Vista & Windows 7)
Registry values:
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[SET OF RANDOM CHARACTERS].exe"
No comments:
Post a Comment