Please print off a copy of these instructions, and also save them to a Notepad file on your desktop, so they are easily accessible.
We are going to boot into Safe Mode later in the fix, and there is no internet access.
Open the file and it will extract the contents (a folder named SmitfraudFix) to your Desktop.
Download AVG Anti-Spyware
to your Desktop.
Start the set-up program by double clicking the installer.
Follow the on screen instructions to install the program, making sure that "Launch AVG Anti-Spyware" is checked.
Click the Update
tab then select Start update
; a progress bar will show the updates being installed.
Now press the Scanner
icon, and click the Settings
Click Recommended actions
, then set it to Quarantine
.Close the programme now, we will scan with it later on.
Reboot your computer into Safe Mode
This is done by rebooting Windows and pressing F8
at boot/Windows startup, usually right after the beep.
Then select Safe Mode from the list.
Make sure you choose the option without Networking Support.Launch AVG Anti-Spyware
by double clicking the icon on your Desktop.
Press the Scanner
Then click on the Complete System Scan
button.If any infections are found
, you will be asked for an action; select Apply all actions
Now press the Reports
icon at the top.
Choose Save report as
and save the text file to your Desktop.
Please post this log in your next reply.
Open the SmitfraudFix
Select option #2 - Clean
by typing 2
and press "Enter
" to delete infected files.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y
and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.
The tool will now check if wininet.dll
is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y
and press "Enter".
The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.
A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.
The report can also be found at the root of the system drive, usually at C:\rapport.txtWarning
: running option #2 on a non infected computer will remove your Desktop background.
Please include rapport.txt
, in your next reply, along with the AVG report.