Remove Webhancer Spyware

You need to remove Webhancer (is classified as spyware by Symantec). This program monitors internet activity and reports it to a third party. It comes attached to other programs. Grokster and Audio Galaxy are two in particular that tend to carry this spyware. You can remove Webhancer in several ways. There is a manual method and you can download and install a free removal program from Symantec.

It is recommended that you use a removal tool such as the one available from Symantec or other company. This is due to the fact that Webhancer embeds very deeply into your computer system and registry and to remove it manually is extremely difficult. If you do not completely remove it, the program will rebuild itself. Another problem with incomplete removal is that you can lose your internet access. Therefore, it is strongly suggested that a highly recommended removal tool be used to complete this task.

I know there will be a few who want to remove it manually because they do not want to use any software, even if it is free. HijackThis and the free tool from Symantec are of no interest to some. So here is what you need to do in order to get this off of your system. However, please note that this is really doing it the hard way. You must backup your registry prior to attempting this, you must have a rescue or recovery CD available in case of a problem, and you must know how to start your system in safe mode (F8 while booting). With all of that said, please keep in mind that if you make a mistake there is a chance that you can cause permanent damage to your system. This damage might not be reversible.

To remove Webhancer manually. Do all of the following in safe mode. Step one, go to the task manager or process explorer and kill all running processes associated with Webhancer. Go to the registry editor (I’ll assume you know how to get there if you are experienced with it). You will need to search and delete the following registry entries:
o {c900b400-cdfe-11d3-976a-00e02913a9e0}
o WhIeHelperObj.WhIeHelperObj
o WhIeHelperObj.WhIeHelperObj.1

The next step is to unregistered the dll files. Do this by going to the start menu, click run, then type cmd in the box and hit enter. Next type in regsvr32 /u and hit the enter key. Most of these files should be in your Windows System 32 folder. You will need the exact path for all of the following files, we will assume for this article that everything is located in the c:\windows\system32 folder. Here is the path of the first file to unregister. The list is below and you will need to enter in the regsvr32 /u command for each dll. Here is the first file:
regsvr32 /u C:\windows\System32\webhdll.dll
Now you know what the code should look like. Here are the other dll files that need to be unregistered. Use the same format as above.
o WebP2PInstaller.dll
o whiehlpr.dll
o whieshm.dll

After you unregister the above dll files, you need to delete the following files off of your system. Search for them using the start menu and then select search.
o set3f.tmp
o set41.tmp
o WebHancer Survey Companion
o whinsaller.ini
o whSurvey.exe

This is how you remove Webhancer manually. It is really easier to use free software. However, you uninstall it, make sure that you remove all of it or your problems will continue.