Disable Spybot's TeaTimerWhile TeaTimer is an excellent tool for the prevention of spyware, it can also interfere with HijackThis fixes. Please disable TeaTimer for now until we are done.
1. Right click Spybot in the System Tray (looks like a calendar with a padlock symbol). Choose
Exit Spybot S&D Resident2. Run
Spybot S&D 3. Go to the
Mode menu, and make sure
Advanced Mode is selected.
4. On the left hand side, choose
Tools >
Resident
uncheck
Resident TeaTimer and
OK any prompt and
Restart your computer.
Note: If TeaTimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.
If TeaTimer will not turn off then uninstall Spybot until we are done cleaning.
----------
Open HijackThis and select
Do a system scan onlyPlace a check mark next to the following entries: (if there)
- F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe,C:\WINDOWS\system32\word64main.exe, Important: Close all open windows except for HijackThis and then click
Fix checked.
Once completed, exit HijackThis.
----------
Download ComboFix© by sUBs from one of the below links. Be sure top save it to the
Desktop.
Link #1Link #2**Note: It is important that it is saved directly to your DesktopClose any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix.
Temporarily
disable your
antivirus and any
antispyware real time protection
before performing a scan. Click
this link to see a list of security programs that should be disabled and how to disable them.
Double click combofix.exe & follow the prompts.
Vista users Right-Click on
ComboFix.exe and select
Run as administrator (you will receive a UAC prompt, please allow it)
When finished ComboFix will produce a log for you.
Post the
ComboFix log in your next reply.
Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.Remember to re-enable your antivirus and antispyware protection when ComboFix is complete.
If you have problems with ComboFix usage, see
How to use ComboFix