You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.
Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how
HERE.
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how
HERE.
Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
O24 - Desktop Component 0: (no name) - file:///C:\DOCUME~1\BRIAN&~1.ODE\LOCALS~1\Temp\msohtml1\01\clip_image002.jpg
Click on the fix checked button.
Close HJT.
Locate and delete the following
bold files and/or directories(if there).
C:\DOCUME~1\BRIAN&~1.ODE\LOCALS~1\Temp\msohtml1\01\
clip_image002.jpg
Reboot into normal mode and rehide your protected OS files.
Turn off system restore.(XP/ME only) See how
HERE.
Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of otnpabka only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.