Hello please run SmitfraudFix again.
Disconnect from the Internet and reset your router with a strong logon/password
so the malware cannot gain control before connect again. Many users seldom change the default username/password on the router and are prone to this type of infection.
to start the tool again.
Select option #5 - Search and clean DNS Hijack
by typing 5 and press "Enter
After running SmitFraudFix, a text file named rapport.txt
will have automatically been saved to the root of the system drive at C:\rapport.txt.
Copy/Paste that report into your next reply.Now run part 2 of SmitFraudFix,Cleaning.
You should print out these instructions, or copy them to a Notepad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.
Please reboot your computer in Safe Mode
by doing the following :
- Restart your computer
- After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
- Instead of Windows loading as normal, a menu with options should appear;
- Select the first option, to run Windows in Safe Mode, then press "Enter".
- Choose your usual account.
Once in Safe Mode, double-click SmitfraudFix.exe
Select option #2 - Clean
by typing 2
and press "Enter
" to delete infected files.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y
and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.
The tool will now check if wininet.dll
is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y
and press "Enter".
The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart anyway into normal Windows. A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.
The report can also be found at the root of the system drive, usually at C:\rapport.txt
Can we run MBAM now?
Open MBAM in normal mode and click Update
tab, select Check for Updates
scan and scan.
After scan click Remove Selected
, Post new scan log
into normal mode.