tetonbob

S& D Spybot's Tea Timer

While TeaTimer is an excellent tool for the prevention of spyware, it can sometimes prevent our tools from fixing certain things.
Please disable TeaTimer for now until you are clean. TeaTimer can be re-activated once your HijackThis log is clean.

• Open Spybot Search & Destroy.
• In the Mode menu click "Advanced mode" if not already selected.
• Choose "Yes" at the Warning prompt.
• Expand the "Tools" menu.
• Click "Resident".
• Uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box.
• In the File menu click "Exit" to exit Spybot Search & Destroy.
• See this link for a tutorial

Download ResetTeaTimer.bat by right-clicking on the link, and choosing Save As. Save it to your desktop, or somewhere you can find it easily.
Double click ResetTeaTimer.bat to remove all entries set by TeaTimer.

Ad-Aware's AdWatch

Please disable AdWatch, as it may hinder the removal of some entries. You can re-enable it after you're clean.
To disable AdWatch:

• Open AdAware SE.
• Go to AdWatch User Interface.
• Go to Tools and Preferences.
• At the bottom of the screen you will see 2 options Active and Automatic.
• Active: This will turn Ad-Watch On\Off without closing it
• Automatic: Suspicious activity will be blocked automatically
• Uncheck both options. You can enable these after resolving your problem.
• Unless they are turned off they could interfere with the fix..

Open notepad and copy/paste the text in the quotebox below into it:

Save this as CScript.txt




Refering to the picture above, drag CFScript.txt into ComboFix.exe

When finished, it shall produce a log for you, C:\ComboFix.txt. Post that log in your next reply.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

---------------------------------------------------------------------------------------------

Also post a new HijackThis log.