Sniper Elite 4 review: Headshotting Nazis has never felt so good
I originaly posted this a week or so back and ticked the resolved box because I thought it was, It is not, the problems are back.
When I open IE7 or FF I get extra web pages opening themself.
After some advise on here I downloaded Superantispyware and A-squared, updated them,ran them in safe mode, all appeared to be ok.
Next time at the computer everything back, I've since turned off system restore re run as before re-booted and turned system restore back on but still problems a couple of the URL's are
www em pc on interet com
www celldorado com
I have googled these and the fixes seem complicated, any help advise appreciated.
Before running any anti-spyware, etc, turn off system restore first. The reason is because some things can reside within the files used by system restore and not get picked up during a scan...
Nope - always better to have a SR point to restore to, even if infected.
Best advice is to follow VoG™'s recommendation's.
However you could try this;
Download the SmitfraudFix click here
Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
You should print out these instructions, or copy them to a Notepad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.
Please reboot your computer in Safe Mode by doing the following :
* Restart your computer
* After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
* Instead of Windows loading as normal, a menu with options should appear;
* Select the first option, to run Windows in Safe Mode, then press "Enter".
* Choose your usual account.
Once in Safe Mode, double-click SmitfraudFix.exe
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.
The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".
The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart anyway into normal Windows.
Warning : running option #2 on a non infected computer will remove your Desktop background.
If you have already posted a hjt log at MWR and you decide to run the SmitfraudFix...and you still have problems...you will need to post a new HJT log at MWR.
I ran the Smitfraudfix first to see if it would cure the problem, I had seen this advised on some other sites so thought I would try it.
Unfortunately it did not cure the problem.
I have now posted on the Malware removal forum.
Thanks for the advise.
What name are you using there?
User name tracemate, easy for me to remember my only claim to fame, I invented it.
Hijacked, Extra Web Pages Opening on Their Own.
First set of instructions already posted, will start when I get home.
km already got it. Youll soon be clean.
This thread is now locked and can not be replied to.