Now... aren't we glad we did the other scan
~~~~~~~~~~~~~~
Download
L2mfix - Save to Desktop. This is a self extracting file. By double clicking on it, it will automatically extract it's contents to a new folder on Desktop. We'll be using it later.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Copy to clipboard, all the items below by highlighting them & pressing [CTRL]+[C] on your keyboard.
C:\WINDOWS\cdmxtras
C:\WINDOWS\system32\inneradinstall.log
C:\WINDOWS\inf\polall1r.inf
C:\WINDOWS\smdat32m.sys
C:\Documents and Settings\Fuchs_Family\Application Data\tvmcwrd.dll
C:\WINDOWS\inf\polall1r.inf
C:\WINDOWS\smdat32a.sys
C:\WINDOWS\smdat32m.sys
C:\WINDOWS\system32\biggie.exe
C:\WINDOWS\system32\IF01.exe
C:\WINDOWS\system32\INNERADINSTALL.LOG
C:\WINDOWS\system32\k404SearchSetup_MS14.exe
Start KillBox.
- Go to the File menu, and choose Paste from Clipboard.
Verify that you've done this properly by clicking the dropdown-arrow next to the Full Path of File to Delete field. The filenames you pasted will be found in there.
- Select/tick the following:
* Delete on Reboot
* End Explorer Shell While Killing File
* Unregister.dll Before Deleting" if it's not grayed out.
- Click the RED X button.
- Click [Yes] at the 'Delete on Reboot' prompt. Click [Yes] at the Pending Operations prompt.
~~~~~~~~~~~~~~
Reboot to Safe Mode
Enable the viewing of Hidden files
- Open Windows Explorer
- Go to Tools>Folder Options>View tab.
- enable the option for `Show hidden files and folder´
- disable the option for `Hide file extensions for known types´
- disable the option for `Hide protected operating system files´
- click "Yes" to confirm & then click "OK"
Locate and delete the following file(s), if present:
- C:\WINDOWS\system32\K404SearchSetup*.exe
C:\Documents and Settings\Fuchs_Family\Application Data\tvm*.dll
~~~~~~~~~~~~~~
Run Cleanup! & configure the program up as follows:
- Click Options...
- Move the arrow down to Custom CleanUp!
- Put a check next to the following:
- Empty Recycle Bins
- Delete Cookies
- Delete Prefetch files
- [X]Scan local drives for temporary files (Please uncheck this option)
- Cleanup! All Users
- Click OK
- Press the CleanUp! button to start the program. Reboot/logoff when prompted.
* CleanUp! will delete all the files in your temp folders without making a backup
~~~~~~~~~~~~~~
- Close ALL other programs
- Double click L2mfix.exe
- When prompted, answer Accept
- Then click the Install button to extract the files to a newly created folder named - L2mfix
- Open the L2mfix folder & double click L2mfix.bat
- Select option #2 for Run Fix by typing 2 and then press enter
- Press any key to reboot your computer.
After a reboot, your desktop and icons will appear, then disappear (this is normal). L2mfix will continue to scan your computer and when it's finished, you will be presented with a log. Copy the contents of that log and paste it here, along with a new HJT log.
If you receive an error - \system32\Autoexec.nt is not suitable for running MS-Dos applications, you will need to visit this website to download additional files.
Please Do NOT run any other files in the l2mfix folder until you are told to
~~~~~~~~~~~~~~
Reboot to Normal Mode & post a fresh HJT log along with the log created by L2MFix
__________________
Question - what have you done for the community today?