Run Hijack This again and put a check by these. Close all windows except HijackThis and click "Fix checked"
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINNT\twaintec.dll
O2 - BHO: (no name) - {71ED4FBA-4024-4bbe-91DC-9704C93F453E} - (no file)
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINNT\2_0_1browserhelper2.dll
O4 - HKLM\..\Run: [Belt] C:\WINNT\Belt.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKCU\..\RunOnce: [DeleteIESearchbar] rundll32.exe advpack.dll,DelNodeRunDLL32 "c:\progra~1\iesearchbar\iesearchbar.dll"
Restart to safe mode.
How to start your computer in safe mode
First in safe mode click on My Computer then click Tools > Folder Options. In Folder options click on the View tab. Under Files and Folders tick "Show hidden files and folders" then uncheck "Hide file extensions for known file types" and uncheck "Hide protected operating system files (recommended)". Now click "Like current folder" then "Apply" and "OK"
Now find and delete:
The C:\Program Files\Internet Optimizer folder
The C:\Program Files\iesearchbar[\b] folder
The C:\WINNT\Belt.exe file
Go here and download Adaware 6 Build 181
Install the program and launch it.
First in the main window look in the bottom right corner and click on Check for updates now and download the latest referencefiles.
Make sure the following settings are made and on -------ON=GREEN
From main window :Click Start then Activate in-depth scan (recommended)
Click Use custom scanning options then click Customize and have these options selected: Under Drives and Folders put a check by Scan within archives and below that under Memory and Registry put a check by all the options there.
Now click on the Tweak button in that same window. Under Scanning engine select Unload recognized processes during scanning and under Cleaning Engine select Let windows remove files in use at next reboot
Click proceed to save your settings.
Now to scan just click the Next button.
When the scan is finished mark everything for removal and get rid of it.(Right-click the window and choose select all from the drop down menu and click Next)
Restart your computer.
Then go here and download Spybot Search & Destroy.
Install the program and launch it.
Before scanning press Online and Search for Updates .
Put a check mark at and install all updates.
Click Check for Problems and when the scan is finished let Spybot fix/remove all it finds marked in RED.
Restart your computer.
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINNT\twaintec.dll
O2 - BHO: (no name) - {71ED4FBA-4024-4bbe-91DC-9704C93F453E} - (no file)
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINNT\2_0_1browserhelper2.dll
O4 - HKLM\..\Run: [Belt] C:\WINNT\Belt.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKCU\..\RunOnce: [DeleteIESearchbar] rundll32.exe advpack.dll,DelNodeRunDLL32 "c:\progra~1\iesearchbar\iesearchbar.dll"
Restart to safe mode.
How to start your computer in safe mode
First in safe mode click on My Computer then click Tools > Folder Options. In Folder options click on the View tab. Under Files and Folders tick "Show hidden files and folders" then uncheck "Hide file extensions for known file types" and uncheck "Hide protected operating system files (recommended)". Now click "Like current folder" then "Apply" and "OK"
Now find and delete:
The C:\Program Files\Internet Optimizer folder
The C:\Program Files\iesearchbar[\b] folder
The C:\WINNT\Belt.exe file
Go here and download Adaware 6 Build 181
Install the program and launch it.
First in the main window look in the bottom right corner and click on Check for updates now and download the latest referencefiles.
Make sure the following settings are made and on -------ON=GREEN
From main window :Click Start then Activate in-depth scan (recommended)
Click Use custom scanning options then click Customize and have these options selected: Under Drives and Folders put a check by Scan within archives and below that under Memory and Registry put a check by all the options there.
Now click on the Tweak button in that same window. Under Scanning engine select Unload recognized processes during scanning and under Cleaning Engine select Let windows remove files in use at next reboot
Click proceed to save your settings.
Now to scan just click the Next button.
When the scan is finished mark everything for removal and get rid of it.(Right-click the window and choose select all from the drop down menu and click Next)
Restart your computer.
Then go here and download Spybot Search & Destroy.
Install the program and launch it.
Before scanning press Online and Search for Updates .
Put a check mark at and install all updates.
Click Check for Problems and when the scan is finished let Spybot fix/remove all it finds marked in RED.
Restart your computer.
