Trojan-Spy.Win32@mx procedures requires technical know-how on computer troubleshooting. It is better to consult your LAN Administrator or Technical Persons to avoid additional damage on your computer if modifications on Services and Registry have to be done. MANUAL REMOVAL: 1. Temporarily disable System Restore (Windows Me/XP). [how to] 2. Download Free Ewido Antispyware and save it to a desired location. 3. After downloading, browse where the file was saved and double click to install it. 4. After installation, connect to internet and download all necessary updates. 5. Download SmitfraudFix (by S!Ri) and save it to a desired location. This will be in ZIP File. 6. Extract all the files to your Desktop, it will create a folder SmitfraudFix Note: When extracting or executing, some files might be detected as Potential Threat or Harmful Script. Please disable AntiVirus or Any Script Blocking Software temporarily. It may harm or make the Fix incomplete. Trojan spy win32@mx 7. Reboot your computer in SafeMode [how to] 8. Run Ewido and do a thorough scan. Delete all infected files. 9. Close Ewido and other open Applications. 10. Browse the folder SmitfraudFix on your Desktop and double-click on smitfraudfix.cmd 11. "Enter your Choice: (1,2,3,4,L,Q):" Press no. 2 on your keyboard to select Option 2 12. Wait for the process to finish. 13. If prompted for: Registry cleaning - Do you want to clean the registry? Press Y, as Yes 14. It will check if your wininet.dll file is damaged, if so it will ask you to Replace Infected File? Press Y as Yes and hit Enter 15. If it prompts you to Reboot your computer, Please do so. 16. After reboot, download and scan with CCleaner (Standard Build Only). Additional Clean-Up (If Present Only): 1. Go to Control Panel>Add/Remove programs 2. Uninstall the following - Seekmo Toolbar or just Seekmo - AWS or Weatherbug 3. Close Add/Remove Programs after successful removal. 4. Download and Run HiJackThis. (Close any running applications) 5. Mark the following entries: - O3 - Toolbar: Seekmo Toolbar - {53E0B6E8-A51D-448B-B692-40B67B285543} - C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTB.dll - O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1 - O11 - Options group: [INTERNATIONAL] International* 6. Select the option Fix checked to fix the problem. If prompts to reboot select No. 7. Close HiJackThis 8. Find and delete the following Directories: - C:\Program Files\Seekmo Programs - C:\Program Files\AWS