Welcome Guest ( Log In | Register )

Outline · [ Standard ] · Linear+

 virus, am i virus infected?

views
     
Sempurna
post Jul 4 2006, 05:53 PM

Look at all my stars!!
Group Icon
VIP
3,022 posts

Joined: Jul 2006
From: KL


QUOTE(hickups @ Jul 4 2006, 04:53 PM)
kk thank you very much
*

You're very welcome!! It's my pleasure!! smile.gif


Your Kaspersky scan shows a number of malware. We will fix them after we fix your Smitfraud infection first, ok?

In addition, there are lots of malware in your System Restore files. So, please don't use the System Restore function or you will get reinfected.We will fix the System Restore files after we clean your system first.

OK, now on to the fix. It is very, very important that you follow the fix EXACTLY as outlined below (the detailed instructions are below the outline):
  1. Download, install, and update ewido anti-spyware.
  2. Restart your computer into Safe Mode.
  3. Run SmitfraudFix, run Option #2 - Clean (in Safe Mode). If a restart is needed, please restart BACK into Safe Mode.
  4. Then run ewido and scan (also in Safe Mode).
  5. Save the report from the ewido scan and post it in your next reply.
  6. After ewido has finished, restart normally into Windows.
  7. Scan with HijackThis and post the log into your next reply.


NEXT:

Please read through these instructions at least once first before proceeding. Better to save it to Notepad or MS Word, or even print them out (that way you can tick off the items that you have already done smile.gif ). The reason is when you are in Safe Mode later on in the fix you won't be able to connect to the Internet to view these instructions.


NEXT:

Please follow the instructions exactly in the order listed; this is very important!

First download ewido anti-spyware from CLICK HERE and save that file to your desktop.
This is a 30-day trial of the program
  1. Once you have downloaded ewido anti-spyware, locate the icon on the desktop and double-click it to launch the setup program.
  2. Once the setup is complete you will need to run ewido and update the definition files.
  3. On the main screen select the "Update" icon, then under the "Manual update" section select the "Start update" button.
  4. The update will start and a progress bar will show the updates being installed.
  5. Once the update has completed (the progress bar will display "Update successful!") select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  6. Once in the "Settings" screen click on "Recommended actions" and then select "Quarantine".
  7. Under "Reports:"
    • Select "Automatically generate report after every scan".
    • Un-Select "Only if threats were found".
  8. Close ewido anti-spyware. Do NOT run a scan yet!


NEXT:

Please reboot your computer into Safe Mode by doing the following:
  1. Reboot your computer.
  2. After hearing your computer beep once during startup, but before the Windows icon appears, begin tapping the F8 key on your keyboard. Continue to do so until the Windows Advanced Options menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
  3. Instead of Windows loading as normal, a menu should appear.
  4. Using the arrow keys on the keyboard, scroll to and select the "Safe Mode" menu item, and then press "Enter".


NEXT:

Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd
  1. Select Option #2 - Clean by typing 2 and press "Enter" to delete infected files.
  2. You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the desktop background and clean registry keys associated with the infection.
  3. The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".
  4. The tool may need to restart your computer to finish the cleaning process. A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.

WARNING : Running Option #2 on a non-infected computer will remove your desktop background.


NEXT:

AFTER SmitfraudFix finishes (and after a reboot if required), please open ewido. (If a reboot is required, please boot BACK into Safe Mode.)

IMPORTANT : Do NOT open any other windows or programs while ewido is scanning, it may interfere with the scanning process.
  1. Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  2. ewido will now begin the scanning process, be patient this may take a little time.
  3. Once the scan is complete do the following:
    • If you have any infections you will prompted, then select the "Apply all actions" button, ewido will then display "All actions have been applied" on the right hand side.
    • Next select the "Save Report" button at the bottom.
    • Then select the "Save report as" button in the lower left hand of the screen and save it as a text file on your system (make sure to remember where you saved that file, this is important!).
  4. Close ewido.


NEXT:

Then please REBOOT into Normal Windows. Please post the contents of the SmitfraudFix log located at C:\rapport.txt into this thread, along with the ewido report and a new HijackThis log.


TShickups
post Jul 6 2006, 01:33 PM

Casual
***
Junior Member
470 posts

Joined: Jan 2003
From: Klang


i haven do yet
i'll post when im done
been out
Sempurna
post Jul 6 2006, 04:35 PM

Look at all my stars!!
Group Icon
VIP
3,022 posts

Joined: Jul 2006
From: KL


Hi hickups,

Mana you pergi, bro? I thought you lost this thread and couldn't find it. tongue.gif

Don't worry. Take your time, and do it slowly, ok? smile.gif
TShickups
post Jul 8 2006, 06:25 PM

Casual
***
Junior Member
470 posts

Joined: Jan 2003
From: Klang


i'll be doing it tonight
bro soo srry....
rudethemyth
post Jul 8 2006, 07:22 PM

Getting Started
**
Junior Member
70 posts

Joined: Jul 2006
From: shah alam~


huehuehue.. yeah!! do it slowly, huehue.. trust sempurna~~ he pro in dis case~~ ^^''v he my sensei~~ lalalala...
Sempurna
post Jul 8 2006, 07:58 PM

Look at all my stars!!
Group Icon
VIP
3,022 posts

Joined: Jul 2006
From: KL


QUOTE(hickups @ Jul 8 2006, 06:25 PM)
i'll be doing it tonight
bro soo srry....
*
Don't worry, hickups. No extra points for doing faster, wan. Just take your time, read through the instructions slowly, and do the fix. You'll do alright, wan.

So, no need to be sorry. I'm glad to help you help yourself, wan... biggrin.gif




 

Change to:
| Lo-Fi Version
0.0177sec    0.67    6 queries    GZIP Disabled
Time is now: 28th March 2024 - 08:32 PM