Let's see what running Part 1 of S!Ri's SmitfraudFix shows. We need to disable Spybot S&D's "TeaTimer"
TeaTimer works by preventing ANY
changes to the system. It will attempt to undo any fixes we run, because it blocks these fixes from running.
In order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer. We can reenable it when we're done if you like.
- Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.
- If prompted with a legal dialog, accept the warning.
- Click and then on "Advanced Mode"
- You may be presented with a warning dialog. If so, press
- Click on
- Click on
- Uncheck this checkbox:
- Close/Exit Spybot Search and Destroy
Please download SmitfraudFix
Select option #1 - Search
by typing 1
and press "Enter
"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.Note
: process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.http://www.beyondlogic.org/consulting/proc...processutil.htm
Now run SDFix:
Please print out and follow these instructions: "How to use SDFix
". <- This program is for Windows 2000/XP ONLY.When using this tool, you must use the Administrator's account or an account with "Administrative rights"
-- If the computer has been infected with the VirusAlert! malware warning from the clock and the Start Menu icons or drives are not visible, open the SDFix folder, right-click on either the XP_VirusAlert_Repair.inf or W2K VirusAlert_Repair.inf (depending on your version of Windows) and select Install from the Context menu. Then reboot to apply the changes.
- Disconnect from the Internet and temporarily disable your anti-virus, script blocking and any real time protection programs before performing a scan.
- When done, the SDFix report log will open in notepad and automatically be saved in the SDFix folder as Report.txt.
- If SDFix is unable to run after rebooting from Safe Mode, run SDFix in either Mode, and type F, then press Enter for it to finish the final stage and produce the report.
- Please copy and paste the contents of Report.txt in your next reply.
- Be sure to renable you anti-virus and and other security programs before connecting to the Internet.