How to remove Spyware.ChilyEMon

Spyware.ChilyEMon remover

Spyware.ChilyEMon removal process

For remove Spyware.ChilyEMon virus,please clean/delete all Spyware.ChilyEMon infected files and Delete/Modify any values Spyware.ChilyEMon added to the registry as following:
This spyware program may be downloaded from the following location:
www.recoveryfix.com

When the program is executed, it creates the following folder:
%SystemRoot%\ChilyTemp

It also drops the following files:

• %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Chily EmployeeActivityMonitor.lnk
• %UserProfile%\Desktop\Chily EmployeeActivityMonitor.lnk
• %UserProfile%\Local Settings\Temp\ChilyTemp\AppQueue\App[RANDOM NUMBER].NUA
• %UserProfile%\Local Settings\Temp\ChilyTemp\EmpMonTemp\EmpMonAgentStat
• %UserProfile%\Local Settings\Temp\ChilyTemp\KeyLog.txt
• C:\Documents and Settings\All Users\Start Menu\Programs\Chily EmployeeActivityMonitor\Chily Employee Activity Monitor on the Web.lnk
• C:\Documents and Settings\All Users\Start Menu\Programs\Chily EmployeeActivityMonitor\Chily EmployeeActivityMonitor.lnk
• C:\Documents and Settings\All Users\Start Menu\Programs\Chily EmployeeActivityMonitor\Uninstall EmployeeActivityMonitor.lnk
• %ProgramFiles%\Chily EmployeeActivityMonitor\ActivateSoftware.dll
• %ProgramFiles%\Chily EmployeeActivityMonitor\AppWatch.exe
• %ProgramFiles%\Chily EmployeeActivityMonitor\Chily Employee Activity Monitoring Software.chm
• %ProgramFiles%\Chily EmployeeActivityMonitor\ChilyClient.exe
• %ProgramFiles%\Chily EmployeeActivityMonitor\ChilyEmpActivityMonitor.exe
• %ProgramFiles%\Chily EmployeeActivityMonitor\ChilyPopup.exe
• %ProgramFiles%\Chily EmployeeActivityMonitor\EmployeeActivityMonitor.url
• %ProgramFiles%\Chily EmployeeActivityMonitor\InternetSPI.dll
• %ProgramFiles%\Chily EmployeeActivityMonitor\KeyHook.dll
• %ProgramFiles%\Chily EmployeeActivityMonitor\MD_5.dll
• %ProgramFiles%\Chily EmployeeActivityMonitor\NU_Install.exe
• %ProgramFiles%\Chily EmployeeActivityMonitor\NU_Uninstall.exe
• %ProgramFiles%\Chily EmployeeActivityMonitor\RemoteExecute.exe
• %ProgramFiles%\Chily EmployeeActivityMonitor\unins000.dat
• %ProgramFiles%\Chily EmployeeActivityMonitor\unins000.exe
• %ProgramFiles%\Chily EmployeeActivityMonitor\{99923125-DBC6-50b5-9C61-DE91275C3178}.dll
• %System%\AppWatch.exe
• %System%\ChilyClient.exe
• %System%\ChilyPopup.exe
• %System%\EmployeeActivityMonitor.url
• %System%\InternetSPI.dll
• %System%\KeyHook.dll
• %System%\NU_Install.exe
• %System%\NU_Uninstall.exe
• %System%\unins000.dat
• %System%\unins000.exe

• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"ChilyClient=C:\WINDOWS\system32\ChilyClient.exe"
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"NUAgentInstallPath=C:\WINDOWS\system32\NU_Install.exe"

• HKEY_CLASSES_ROOT\CLSID\{99923125-DBC6-50b5-9C61-DE91275C3178}
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chily Employee Activity Monitor Agent_is1
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chily Employee Activity Monitor_is1

• Records keystrokes
• Views screenshots of every desktop activity performed by a user
• Views FTP transfers
• Views Internet activity
• Gains full control of the computer
• Tracks the program and application windows accessed over time
• Monitors all of the systems over the LAN which the agent is installed upon

2. Update the virus definitions. Reboot computer in SafeMode;

3. Delete the IE temp files,some Spyware.ChilyEMon temp file exisit there.

4.If you failed to remove Spyware.ChilyEMon,please go to our remove help forum:http://help.antiviruses123.com