NEED HELP DELETING VIRUS!
August 6th, 2016
Download smitfraudfix from here.
http://siri.urz.free.fr/Fix/SmitfraudFix.exe
- Boot to safe mode by tapping F8 before the Windows loading screen.
- Select Safe mode.
- Once in safe mode, run smitfraudfix.exe.
- It will open the cmd windows and create itself a folder.
- Allow the cmd window to load, press any key when asked.
- Select option 2 (clean).
- This will start the cleaning proccess.
- Enter y and press enter at the registry cleaning stage.
- It will make a log when finished.
- Boot back to normal mode and post the log back here.
Downloading now. Will be back to post log.
If i move the file through a USB, will it infect my thumb drive?
Nah, smitfraud doesn’t target USB’s.
Where is the text file saved to?
C:\smitfraudfix.txt I think.
Can you install an antivirus? Or can you install Malwarebytes or SuperAntiSpyware? If not get Geeks Squad CD and run all 4 antiviruses it comes with. To get it go to the link in my siggy, and theres other goodies in my thread as well.
Install nod32 in and scan your p.c in safe mode
after i ran this it deleted Av2009 (Virus) and AV2009 was running on Internet explorer and kept restarting my computer and dumping physical memory.
[Log]
SmitFraudFix v2.371
Scan done at 20:20:24.64, Sat 11/01/2008
Run from F:\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] – Windows_NT
The filesystem type is NTFS
Fix run in safe mode
������������������������ SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler’s .dll
������������������������ Killing process
������������������������ hosts
127.0.0.1 localhost
������������������������ VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
������������������������ Winsock2 Fix
S!Ri’s WS2Fix: LSP not Found.
������������������������ Generic Renos Fix
GenericRenosFix by S!Ri
������������������������ Deleting infected files
������������������������ IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
������������������������ 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
������������������������ AntiXPVSTFix
AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
������������������������ RK
������������������������ DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{2E643159-CA77-48AF-AD25-2B935B600BD4}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{EF1E3ACE-CF18-43F8-9DEF-5D35A66287A7}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{2E643159-CA77-48AF-AD25-2B935B600BD4}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{EF1E3ACE-CF18-43F8-9DEF-5D35A66287A7}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{2E643159-CA77-48AF-AD25-2B935B600BD4}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{EF1E3ACE-CF18-43F8-9DEF-5D35A66287A7}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
������������������������ Deleting Temp Files
������������������������ Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
“System”=””
������������������������ Registry Cleaning
Registry Cleaning done. ������������������������ SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler’s .dll
������������������������ End