Smitfraud-C.gp virus...please help!

Hi,

When you try to start system in normal mode does it show desktop even for a short moment before the BSOD occurs?


Open notepad and copy/paste the contents inside the code box below.

Code: 
CMD: copy c:\windows\ntbtlog.txt F:\

Save it on the flashdrive as fixlist.txt

Boot back into Repair your computer>Command prompt like you did earlier.

Type in f:\frst64.exe and when the tool opens, Run FRST64 and click the Fix button just once and wait.

When it has completed, you should see a file named ntbtlog.txt on your flashdrive. Attach that file please.
 
Last edited:
Hi,
Am I supposed to uncheck the whitelist boxes you identified before, check the List Drivers MD5 box and click scan, like I did before and then click the fix box at the end, or just leave all the boxes checked and just click fix?

Thanks.
 
Log is attached. When I try to start in normal mode, my desktop does not appear at all. It gives me the login screen, then the please wait screen once I enter my pswd, then the BSoD.
 
Hi,

Go again to System Recovery Options via Vista installation DVD. This time, select "System Restore" option. Select restore point that ComboFix has created earlier. Follow the prompts to restart after (hopefully) successful system Restore operation. Let me know if there are any issues.
 
Hi,
I don't see a restore point that ComboFix created. I ran ComboFix twice on 9/29. There are System:Schedule Checkpoints on 9/25 and then not again until 10/1. The only things in between are the installation of more current versions of Java and Adobe Reader and a windows update.
 
Hi,

Let's try while we still have some hope left :)

Access command prompt again via Vista DVD. Type the following command:
bootrec.exe /fixmbr
Click to expand...

Let's see if that helps.
 
Hi,

One more thing we could try.

Reboot into safe mode.
Navigate to c:\Windows\ERDNT\hiv-backup folder.
Right-click erdnt.exe file there and select run as administrator. Wait until registry restoring has finished. Reboot.
 
There are 2 folders. The first is 9-21-2011. The second is AutoBackup. Inside AutoBackup there is another folder, 9-22-2011. There is not a hiv-backup folder in any of these folders.
 
Hi,

Download and Run SystemLook

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    Code: 
    :filefind
erdnt.exe
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
 
Well, I think my computer just died, but what do I know. I saved SystemLook to a usb drive and inserted it into my computer which was already open in safe mode. When I clicked on computer it didn't seem to recognize the drive so I attempted to restart. On restart I got a message that said:

Broadcom UNDI PXE-2.1 v11.0.9
Copyright © 2000-2008 Broadcom Corp
Copyright © 1997-2000 intel corp
Pxe-e61 media test failure check cable
Pxe-mof exiting Broadcom pxe rom
Operating system not found
 
Does your system have nothing but Windows partition on it? I can't recall seeing anything Linux related before this in the topic but that message has something to do with Linux.
 
You must log in or register to reply here.
Back
Top