System Alert! Message VIRUS HELP!! URGENT!!

Your Java is out of date.

o Please navigate to Control Panel.

o Double click Java icon, select 'update' tab (location - Top left of 'Java Control Panel' window)

o Click 'update now', follow the the next set of prompts.

Re-open HiJackThis and scan. Check the boxes next to all the entries listed below (if present):

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O3 - Toolbar: Protection Bar - {0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} - (no file)
O4 - HKCU\..\Run: [SpywareBot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O21 - SSODL: buprestidae - {b59f3ba4-98da-4b5f-8a2d-7b56fb11140b} - C:\WINDOWS\system32\cthkpcv.dll

O4 - HKCU\..\Run: - This entry is an optional clean. SpywareBot is a rouge Antispyware program that delivers false positives to goad the user into purchasing the program. You can either choose to clean or keep this program, but I would recommend cleaning it.

Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis.

Boot into safe mode (you can do this by switching off your machine, and continually tap the F8 key at first blank screen).

Please navigate to Add/Remove programs and uninstall the following programs:

SpywareBot

Using Windows Explorer (to get there right-click your Start button and go to "Explore"), please delete this file/s (if present):

C:\Program Files\SpywareBot

Boot to normal windows.

Download SmitfraudFix (by S!Ri) to your Desktop.

http://siri.urz.free.fr/Fix/SmitfraudFix.zip

Extract all the files to your Destop.

A folder named SmitfraudFix will be created on your Desktop.

o Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually)

o Double-click smitfraudfix.cmd

o Select 2 and hit Enter to delete infect files.

o You will be prompted: Do you want to clean the 'Registry?'

answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.

o The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found):

Replace infected file ? answer Y (yes) and hit Enter to restore a clean file.

o A reboot may be needed to finish the cleaning process.

The report can be found at the root of the system drive, usually at C:\rapport.txt

Please click here and download/install Superantispyware

When installation has completed, click 'Scan your computer'.

Next, place a tick in the box of the drive you would like to scan eg. (A) (C) (D) (E)

Make sure 'Perform complete scan' is ticked, then click 'Next'.

When scanning has completed, place a tick next to all infections found, then click 'Next'.

If your machine requires a reboot, let it reboot.

After reboot, re-open Superantispyware.

Click 'Preferences' and then click 'statistics/logs' tab.

Click the dated log and click 'view log' a text file will appear.

Copy&Paste the results of the text file here, C:\rapport.txt logfile, and a fresh HijackThis logfile.

Kind Regards.

Tron.