Hello.
The log shows a malware infection, so sometime whenever, it has or had internet connection, either that or someone used an infected USB stick/transported infected files onto the machine.
I've just run a check on a DNS setting, I need to know if you/your ISP is Irish, or located in Ireland.
- Open HijackThis
- Choose "Do a system scan only"
- Check the boxes in front of these lines:
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Config\csrss.exe
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {F3847163-16EB-4D60-897F-6416BB863EC7} - C:\WINDOWS\system32\atmli.dll
O4 - HKCU\..\Run: [InstallProgram] C:\Documents and Settings\Orinne\Local Settings\Temporary Internet Files\Content.IE5\POU3CY5A\setup_246_509_[1].exe
- Press "Fix Checked"
- Close Hijack This.
Please download and run this tool.
Download Malwarebytes' Anti-Malware from
HereDouble Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.Post the contents of the MBAM Log.