Joined
·
923 Posts
Apologies for the delay in responding.
The workload on this forum is intense, and sometimes it is not possible to respond to every inquiry.
Please download SmitfraudFix
Save it to the Desktop
Right click the SmitfraudFix.zip
Select: Extract All to extract it to its own folder
Also download SDFix
Also save it to the Desktop
Right click the SDFix.zip
Select: Extract All to extract it to its own folder
~~~~
Start the computer in Safe Mode :
Open SmitfraudFix
You may be prompted to replace the infected file (if found).
Replace infected file? Answer Y (yes) and hit Enter to restore a clean file.
~~~~
Still in Safe Mode, open the SDFix folder on the Desktop
~~~~
Now, download ComboFix
Save it to the Desktop
Double-click combofix.exe to run the program
Follow the prompts.
(Don't click on the window while the program is running, it may cause your system to stall.)
When finished, a log, ComboFix.txt, is produced.
~~~~
Last, run HijackThis once again to obtain a new log.
~~~~
Please post the following in your reply:
The SmitFraudFix report located at C:\rapport.txt
The SDFix Report.txt
The ComboFix.txt
A new HijackThis[/QUOTE]
The workload on this forum is intense, and sometimes it is not possible to respond to every inquiry.
Please download SmitfraudFix
Save it to the Desktop
Right click the SmitfraudFix.zip
Select: Extract All to extract it to its own folder
Also download SDFix
Also save it to the Desktop
Right click the SDFix.zip
Select: Extract All to extract it to its own folder
~~~~
Start the computer in Safe Mode :
- When the machine starts again, tap the F8 key before Windows starts
- You are presented with a Windows XP Advanced Options menu.
- Select the option for Safe Mode using the arrow keys.
- Press Enter to boot into Safe Mode.
Open SmitfraudFix
- Double-click smitfraudfix.cmd
- Select Option 2 - Clean by typing 2 and press Enter (Deletes infected files)
- You are prompted: Do you want to clean the registry? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
You may be prompted to replace the infected file (if found).
Replace infected file? Answer Y (yes) and hit Enter to restore a clean file.
~~~~
Still in Safe Mode, open the SDFix folder on the Desktop
- Double click RunThis.bat to start the script.
- Type Y to begin the cleanup process.
- The process removes any Trojan Services or Registry Entries found, and then prompts you to press any key to Reboot.
- Press any key to restart the PC.
- When the PC restarts the SDFix will run again and complete the removal process
- It then displays Finished
- Press any key to end the script and load the Desktop icons.
- Once the Desktop icons load, the SDFix report opens on screen and saves itself in the SDFix folder as Report.txt.
~~~~
Now, download ComboFix
Save it to the Desktop
Double-click combofix.exe to run the program
Follow the prompts.
(Don't click on the window while the program is running, it may cause your system to stall.)
When finished, a log, ComboFix.txt, is produced.
~~~~
Last, run HijackThis once again to obtain a new log.
~~~~
Please post the following in your reply:
The SmitFraudFix report located at C:\rapport.txt
The SDFix Report.txt
The ComboFix.txt
A new HijackThis[/QUOTE]
