How to remove "searchnu.com" and "sweetim.com" virus ?

  1. profile image60
    POSITIVEHOPEposted 5 years ago

    I am facing this problem since more than 2 months. When googling the search bar will be redirected by
    either searchnu.com or sweeim.com. This is embarrassing to see a useless search engine redirecting when we are on serious work.

    Being with computers for long time I tried all of the following which did not work at all:

    1.  Went to www.ilivid.com to  find how to remove searchnu.com , but failed after all efforts.
    2.   Pressing Ctrl+Alt+Del and removing searchnu.com processes and related files and new folders     deleted.
    3. From Tools --> Add ons--> removed sweetim plugin and other unwanted plugins as well.
    4. From Registry removed HKEYS related to them
    5. Run Avast latest antivirus several times ( unfortunately antivirus softwares are so dump that they cannot identify these kind of virus )
    6. Searched for help on tech forums including
    7. Did things as told in community answers at : http://community.norton.com/t5/Norton-I … d-p/702581
    8. So funny looking basic advices in some tech forums as 'uninstalling sweetim' or ilvid.com  or search.nu.com was uninstalled long ago. They are not seen in Control Panel--> Programs and Performances' but seems their souls will stay there and take their cake whenever we browse !

    So some more I did like this to get rid of this . My friends give me any advice you have to remove
    a) sweetim
    b) searchnu.com

    Thank you.

    1. rodocop profile image61
      rodocopposted 4 years ago in reply to this

      What browser do you use?
      Try to switch to some alternative. The more rare is browser - the more secure is to use it. I recommend K-Meleon for portability and speed and Comodo Dragon or Comodo IceDragon for security. Dragon is Chrome-based and IceDragon - Firefox-based.
      When installing select option to use ComodoDNS inside Dragons. The other alternative is OpenDNS (both are the solutions to filter malware and bad sites on the DNS-server side).

      Update your Windows, Java, FlashPlayer and AdobeReader in order to prevent reinfection.

      Install AnVir Task Manager from anvir.com. It guards your Startup locations - you can use this to delete malware from autorun.

      check userinit registry entry (HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit ) - it should contain only 'C:\WINDOWS\system32\userinit.exe,' value (the path to windows may be different). If something else is present there - then replace it with path to userinit.exe from windows\system32 folder.

      If you are comparatively skilled user, try Comodo Cleaning Essentials to find and fight over malware autoruns.

      Disable all autorun on your system.

      Find TEMP system folder (look into http://support.microsoft.com/kb/310519 if you don't know where it's located) and delete all files there.

      You'll need something like Unlocker or FileGovernor to kill files which are locked.

      If all this wouldn't help, download DrWeb CureIt! http://www.freedrweb.com/cureit/?lng=en and run it. This should delete all known malware. That's the best antimalware tool!

      Good luck in your struggle!

  2. paradigmsearch profile image86
    paradigmsearchposted 5 years ago

    The bastard is probably in your bootrecord. Anti-virus stuff available to the general public is crap. You are going to have to take it to a pro and pay money.

 
working