Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.
It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.
---------------------------------------------------------------------------------------------
Please reboot your computer in
Safe Mode by doing the following :
1. Restart your computer.
2. When the computer starts you will see your computer's hardware being listed. When you see this information start to gently tap the F8 key repeatedly until you are presented with the Windows Vista Advanced Boot Options.
3. Select the Safe Mode option using the arrow keys.
4. Then press the enter key on your keyboard to boot into Vista Safe Mode.
5. When Windows starts you will be at a typical logon screen. Logon to your computer using your usual account and Vista will enter Safe mode.
---------------------------------------------------------------------------------------------
Right click on
SmitfraudFix.exe and choose Run As administrator to start the tool.
Select option
#2 - Clean by typing
2 and press
Enter.
Wait for the tool to complete and disk cleanup to finish.
You will be prompted : "
Registry cleaning - Do you want to clean the registry?" answer
Yes by typing
Y and hit
Enter.
The tool will also check if wininet.dll is infected. If a clean version is found, you will be prompted to replace wininet.dll. Answer
Yes to the question "
Replace infected file?" by typing
Y and hit
Enter.
A reboot may be needed to finish the cleaning process, if you computer does not restart automatically please do it yourself manually.
Reboot into Normal Windows.
The tool will create a log named
rapport.txt in the root of your drive, eg: Local Disk C:
(C:\rapport.txt) or partition where your operating system is installed. Please post that log along with all others requested in your next reply.
---------------------------------------------------------------------------------------------
Next go to
Control Panel click Display>Desktop>Customize Desktop>Web> Now,
Uncheck Everything and delete if present:
- "Security Info"
- "Warning Message"
- "Security Desktop"
- "Warning Homepage"
- "Desktop Uninstall"
- "Privacy Danger" or something similar
Also make sure the
'Lock desktop items' box is
unticked. Click
OK, and then Click
Apply, then
OK.
---------------------------------------------------------------------------------------------
Right click on
SmitfraudFix.exe and choose Run As administrator to start the tool.
Select option
#3 - Delete Trusted zone by typing
3 and press
Enter
Answer
Yes to the question "Restore Trusted Zone ?" by typing
Y and hit
Enter.
Note, if you use
SpywareBlaster and/or
IE-SPYAD, it will be necessary to re-install the protection both afford. For SpywareBlaster, run the program and re-protect all items. For IE-SPYAD, run the ZonedOut file and reinstall the protection.
---------------------------------------------------------------------------------------------
Please run Deckard's System Scanner once again, this time using these instructions:
Click the Windows 'Start' button > Select 'Run' - then copy/paste this into the run box & click OK
"C:\Users\Owner\Desktop\dss.exe" /config
Click on "
Check All"
Click Scan!
When finished, it shall produce two logs for you. Post those logs in your next reply.
Then post the following logs in your next reply...
C:\rapport.txt (log from the tool)
DSS logs