Hello berkboy
Please read this post completely before begining the fix. If there's anything that you do not understand, kindly ask your questions before proceeding. Please ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.
IT IS IMPORTANT THAT YOU DON'T MISS A STEP & PERFORM EVERYTHING IN THE RIGHT ORDER.
========================
Additional Downloads
Please download these additional files/programs. Do not run them until instructed to do so.
Unless otherwise stated, they should be stored in same directory as the HiJackThis program.
Please download
VundoFix.exe to your desktop.
- Double-click VundoFix.exe to extract the files
- This will create a VundoFix folder on your desktop.
- After the files are extracted, please reboot your computer into Safe Mode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode then hit enter.
- Once in safe mode open the VundoFix folder and doubleclick on KillVundo.bat
- You will first be presented with a warning.
It should look like this
- At this point press enter one time.
- Next you will see:
- At this point please type the following file path (make sure to enter it exactly as below!):
- C:\WINDOWS\system32\dmsext.dll
- Press Enter to continue with the fix.
- Next you will see:
- At this point please type the following file path (make sure to enter it exactly as below!):
- C:\WINDOWS\system32\txesmd.* ----- Make sure you include this *
- Press Enter to continue with the fix.
- The fix will run then HijackThis will open, if it does not open automatically please open it manually.
Fixing Entries with HijackThis
Run a scan with HiJackThis & select/tick the following & click "Fix checked" :
O2 - BHO: (no name) - {ba25366e-f9f8-46a4-9105-fbe7860c42b6} - C:\WINDOWS\system32\dmsext.dll
O20 - Winlogon Notify: dmsext - C:\WINDOWS\SYSTEM32\dmsext.dll
Please remember to close all other windows, including browsers then click Fix checked.
=================
REBOOT TO NORMAL MODE
Running Additional Scanners
Establish an internet connection & Perform an online scan with Internet Explorer with
Panda ActiveScan
**
click on "Free use ActiveScan" located on the top right hand corner- Click Check Now & a 'pop up' window shall appear. *ensure that your pop up blocker doesn't block it
- Enter your e-mail address, country, and state & click Scan Now ...begins downloading 8 MB Panda's ActiveX controls
Begin the scan by selecting
My Computer- If it finds any malware, it will offer you a report.
- Please ignore any entry it finds and wants you to buy the program for removal as we will address this later.
- Click on see report. Then click Save report
=================
Please Run a scan with
HiJackThis and
save the log
===============================================
In your next post, please include fresh logs from:
- vundofix.txt ---file from the vundofix folder
- Online scan
- HiJackThis
Please provide details of any problems you encountered whilst performing the above steps & update us on how the computer behaves now