Great.. now we can fix it.
We'll need to transport some files from the computer you are now posting to your infected computer.
and save the file to your desktop.
Right click on the file and extract it to it's own folder
on the desktop.
So you'll get a new folder called smitrem on your desktop.
I want you to put that folder on cd or floppy or usb-stick.
On your infected computer, boot again in safe mode and open your taskmanager again.
now use the cd or floppy or usbstick where you saved the smitremfolder and put it in the appropiate drive (cdromdrive, floppy, usb..) on your infected computer.
In your taskmanager, click 'applications' (first tab)
Click new task
Now browse to the drive where your floppy, usbstick or cd is present (could be A or D or E or F.. you'll see..)
Search for that smitremfolder.
Rightclick on the smitrem-folder and choose: Copy
Now browse via taskmanager to My Documents or Program Files.
Rightclick somewhere in there and choose Paste
Now open that smitremfolder you just copied and pasted and click:RunThis.bat
In that window where it says 'Create new task', click OK
Normally, you'll have to drag the different windows you'll see to left or to right, because normally they will open on top of eachother and you wont see the window that is under it.
You'll see a blue window now.
Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.
When done, in taskmanager, click 'shut down' on top and click restart. Your computer will reboot now.
Reboot to normal mode and post a hijackthislog in your next reply.
Edited by miekiemoes, 08 July 2005 - 04:18 AM.