w32.myzor.fk@yf infection trouble cleaning

machdown · Dec 9, 2008

Hi,

My computer was recently infected with w32.myzor.fk@yf. I follow the guide below but not exactly as it was stated. Before I ran smitfraudfix.cmd i did not boot into safe mode I later realized my mistake and reran the smitfraudfix in safe mode. When i did so the second time i got the error "IEDFIX.exe file missing. Unzip all the archives in a folder." (no idea what that means as all the files are unzipped in the folder. I continued googling and reading more about this infection and came across the program combofix. It seemed like a good solution but many sites advised against using it without professional help. What should I do. I know you guys are the pros!

PLEASE READ ALL OF THESE INSTRUCTIONS FIRST BEFORE DOING ANYTHING. Ask any questions that you may have before starting.

Please print out or copy these instructions to Notepad as the internet will not be (while in Safe Mode) available to you at certain points of the removal process. Make sure to work through all the Steps in the exact order in which they are listed below. Again, if there's anything that you don't understand, ask your question(s) before moving on with the fixes.

Reboot your computer into Safe Mode per the safe directions in the READ & RUN ME.

Open the SmitfraudFix Folder of your Desktop, then double-click smitfraudfix.cmd file to start the tool.

Select option #2 - Clean by typing 2 and press Enter.
Wait for the tool to complete and disk cleanup to finish.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?" answer Yes by typing Y and hit Enter.

The tool will also check if wininet.dll is infected. If it is infected and a clean version is found, you will be prompted to replace the infected wininet.dll with the clean file. Answer Yes to the question "Replace infected file ?" by typing Y and hit Enter.

A reboot may be needed to finish the cleaning process, if you computer does not restart automatically please do it yourself manually. BUT Reboot in Safe Mode.

The tool will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please attach this log along in your next reply.

machdown · Dec 10, 2008

hey can noone help me fix this problem?

machdown · Dec 11, 2008

just bumping. this malware is really annoying

dr.moriarty · Dec 14, 2008

Welcome to Major Geeks, machdown!

Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

If something does not run, write down the info to explain to us later but keep on going.

Do not assume that because one step does not work that they all will not.

READ & RUN ME FIRST. Malware Removal Guide

Notes:

If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode. You can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools on another PC and burn to a CD. Links are given in the Step 2: Installing Tools and Running Scans section for downloading the definitions for the MBAM & SAS scanners. Then copy them to the problem PC. Yes, you could use a flash drive too but flash drives are writeable and infections can spread to them.

Here's a guide on how to attach the logs HOW TO: Attach Items To Your Post

And "Thanks!" for being patient!
dr.m

Log in or Sign up

w32.myzor.fk@yf infection trouble cleaning

machdown Private E-2

machdown Private E-2

machdown Private E-2

dr.moriarty Malware Super Sleuth Staff Member