Hi Sid
You have a variant of the SmitFraud Infection, It could of caused other
problems on your system like disabling the task manager and replacing the
genuine Microsoft wininet.dll file with a Trojan so Use these free scanners
to remove the infection and restore your settings, Ewido shows its a 14 day
free trial but it performs fine after that expires as a standard scanner and
remover so its worth keeping on your system, It stops the real time
protection and auto updates after 14 days but I never advise enabling the
real time as it could conflict with Microsoft Antispyware's Protection and
the updates can be done manually anytime you want:
Copy and Paste this to notepad and save it so you can still view if needed
as you will not be able to access the Internet in safe mode.
Use Smitrem, Ewido and finally Ccleaner to remove temp files
Download SmitRem
http://noahdfear.geekstogo.com/click counter/click.php?id=1
Save it to your desktop,Double click on the SmitRem.exe file and extract it
to it's own folder on the desktop.
Download Ewido Security Suite
http://www.ewido.net/en/download/
When installing, under "Additional Options" uncheck "Install background
guard" and "Install scan via context menu". Click on update in the left menu,
then click the Start update button. After the update finishes (the status bar
at the bottom will display "Update successful") Exit Ewido. DO NOT scan yet.
Download Ccleaner (To Remove Temp and unused files from your system)
http://download.ccleaner.com/ccdownload.asp
Install Then close
Now reboot to Safe Mode - Restart your computer and immediately begin
tapping the F8 key on your keyboard.
If done right a Windows Advanced Options menu will appear. Select the Safe
Mode option and press Enter.
To return to normal mode just restart your computer as you normally would.
Run Smitrem :
Open the smitRem folder, then double click the RunThis.bat file to start the
tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.
The tool will create a log named smitfiles.txt in the root of your drive,
eg; Local Disk C: or partition where your operating system is installed.
Run Ewido
Click on the Scanner button in the left menu, then click on complete system
scan. When ewido finds something, it will pop up a notification.
Select "clean" and check the boxes "Perform action with all infections" and
"Create encrypted backup" before clicking on ok. When the scan finishes,
click on "Save Report" from the bottom of the screen and save it to your
desktop incase you need more help with this.
Run Ccleaner and press "Run Cleaner" then exit.
While still in safe mode reset the Internet Settings : Goto Start Menu then
Control Panel then to Internet Options, Click the Programs Tab and press
"Reset Web Settings" and include the homepage then press Yes, Then goto the
General Tab and enter the homepage you want to use into the space provided
and press Apply .
Then Reboot back to Normal Mode
Let us know if you have any problems
You will need to reload your wallpaper after this tool finishes, Smitrem
will reset it because Trojans related to this infection will display a
spyware warning as a desktop wallpaper which cannot be removed, To change
your wallpaper right click desktop and choose properties, Set the Theme to XP
if you are running XP then goto the Desktop tab and choose your wallpaper
from there. While on the Desktop tab press 'Customize Desktop' then the 'Web'
Tab, In the web pages box look for 'Security' or 'Security Info', if its
there then place a check next to it and press Delete then press OK
Regards
Andy