Hello and welcome to TechSpot.
I've seen evidence of the FakeAlert virus in your HJT log.
Step 1:
Run HijackThis with no other programs open and do a system scan. Place a check in the box next to the following entries (if there):
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O17 - HKLM\System\CCS\Services\Tcpip\..\{ADAF7812-879D-4431-8CEE-4DA4B9D4CBED}: NameServer = 85.255.113.122,85.255.112.169
O22 - SharedTaskScheduler: hundi - {596e4935-4d3b-4a3c-842d-2efd1b3de598} - E:\WINNT\system32\pjgerka.dll
Click the Fix Checked button. Close HJT.
Step 2:
Navigate to
virusscan.jotti.org.
Enter the following into the text box at the top of the page.
E:\Documents and Settings\Mike\Downloads\msconfig.exe
Click the Submit button.
Please post the results here.
Step 3:
Please download FixWareout from
here or
here.
Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
Step 4:
Please download SmitFraudFix from
here. Save it to your desktop.
Double-click smitfraudfix.exe
Select 1 and hit Enter to create a report of the infected files. The report can be found at the root of the system drive, usually at C:\rapport.txt
Boot into safe mode, under your normal user name (not the administrator account). See how
HERE.
Double-click smitfraudfix.exe
Select 2 and hit Enter to delete infected files.
You will be prompted: Do you want to clean the registry? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file? answer Y (yes) and hit Enter to restore a clean file.
A reboot may be needed to finish the cleaning process.
Step 5:
Please post fresh HijackThis, ComboFix, and AVG Anti-Spyware logs as attachments into this thread. Also post the results of the Jotti virus scan, as well as the SmitFraudFix log (located at E:\rapport.txt).
Regards
This thread is for the use of speedoboyny only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.