Your HijackThis log is clean.
i meant to ask can i put or should i put the teatimer thing back on
I've got a bit of an issue with TeaTimer at the moment. One of the people I was helping on another forum was having trouble getting rid of some 'orphan' entries that appeared in their HijackThis log. We would fix them and they would come straight back. I finally narrowed this down to TeaTimer. When you reactivate it, it will ask you to allow or deny any of the changes that have been made to the registry while it was switched off. If you deny them, the bad entries will be re-instated. If you allow the changes, it seems to replace some of the registry 'keys' but doesn't add the value. These entries are not, in themselves, harmful but are untidy and could trigger alarms from anti-malware programs. In the case I refer to, TeaTimer re-instated the registry key and then Spybot alerted the user that he was infected!
I haven't had the chance to check this out yet but, in the meantime, I will not recommend that people use Spybot's TeaTimer. The decision is yours but, if you do switch it back on, make sure that you allow the registry changes when prompted. When I tested this on my own computer, I couldn't see the text on the buttons in Spybot's dialog box. If you get the same thing, the 'allow' button is on the left-hand side.
---------------------------------------------------------------
In an earlier post, I wrote:
I cannot see any sign that you are using a firewall. Are you using Windows XP Firewall? If not, I suggest that you switch it on immediately. I will make some recommendations later.
Windows XP Firewall is better than nothing, but it only protects against incoming traffic. It doesn't protect you against outgoing baddies trying to "phone home". I strongly suggest that you use one of the third-party ones. Sunbelt Kerio and Zone Alarm are both good and have a free version. I cannot stress how important it is that you use a firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can greatly lower your risk.
-------------------------------------------------------------
You can delete the following:
- Blacklight and its report(s)
- BFU (delete the folder - c:\BFU)
- SmitFraudFix and its report (c:\rapport.txt)
- This SmitFraudFix file - C:\WINDOWS\system32\process.exe <- file only
------------------------------------------------------------
Hide System Files
For safety's sake, we need to re-hide your system files.
- Click Start
- Open My Computer
- Select the Tools menu and click Folder Options
- Select the View tab
- Advanced Settings:
- Select Hide extensions for known file types
- Select Hide protected operating system files (Recommended)
Flush System Restore
Now that your computer is clean, it would be a good idea to 'flush' the system restore points.
Turn OFF System Restore.
- Click on Start
- Right-click My Computer
- Click Properties
- Click the System Restore tab
- Check Turn off System Restore
- Click Apply, and then click OK
Turn ON System Restore.
- Click on Start
- Right-click My Computer
- Click Properties
- Click the System Restore tab
- Uncheck Turn off System Restore
- Click Apply, and then click OK
-------------------------------------------------------
Please let me know if you have any questions.