Please do not attach your log, but copy and paste it in the thread instead..
I see you are running Teatimer.
I suggest you to disable it because it can interfere with the changes you'll make on your system.
When everything is done and your log is clean again, you can enable it again.
If teatimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.How to disable TeaTimer during HijackThis Cleanup
Then, Download ResetTeaTimer.bat
Double click ResetTeaTimer.bat to remove all entries set by TeaTimer.
* Please download SmitfraudFix
)* Reboot into Safe Mode`
: ( without networking support !)
°To get into the Safe mode as the computer is booting press and hold your "F8 Key". Use your arrow keys to move to "Safe Mode" and press your Enter key.
* Doubleclick SmitFraudFix to start the tool.
Select option #2 - Clean
by typing 2
and press "Enter
" to delete infected files.(Warning : running option #2 will set your desktop background blank again. But you can reapply your desktop background again afterwards
You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y
and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.
The tool will now check if wininet.dll
is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y
and press "Enter".
The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.
A text file will appear onscreen, with results from the cleaning process.
Post the log from smitfraudfix in your next reply together with a new hijackthislog.
The report can also be found at the root of the system drive, usually at C:\rapport.txt