TechSpot

Google searches keep redirecting.

Inactive
By blewweyezz
Jul 5, 2011
Topic Status:
Not open for further replies.
  1. Hi Experts...
    I am having alot of trouble with my IE redirecting when I google search. This is my first visit to your site and I am not sure of the procedures. But I would really appreciate any help that I might be able to get with this...
    Thanks in advance...
  2. blewweyezz

    blewweyezz TS Rookie Topic Starter

    Re-post... with logs

    Sorry about that... I was reading the other threads regarding this issue and saw the 8 steps thread... logs are posted below.... thanks again...

    Attached Files:

  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Welcome to TechSpot! I'll help with the redirect.

    But I must ask you to paste the logs into your next reply. When they are attached, it takes us too much time to copy and paste entries we made need to identified. So we leave the copy and paste up to the member and no longer review attached logs.

    I'll review yours as soon as you paste then into your next reply.
    ================================
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.
    • Please let me know if there is any change in the system.
    If I have not replied for 2 days, you can send me a PM reminder. Include the URL of your thread. Please do not send me a PM to tell me your logs are up.
    If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
    =====================================
  4. blewweyezz

    blewweyezz TS Rookie Topic Starter

    Sorry about that....

    Here you go....
    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 7027

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    7/5/2011 7:03:40 AM
    mbam-log-2011-07-05 (07-03-40).txt

    Scan type: Quick scan
    Objects scanned: 203297
    Time elapsed: 6 minute(s), 54 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)


    GMER 1.0.15.15640 - http://www.gmer.net
    Rootkit quick scan 2011-07-05 07:09:38
    Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.FG00
    Running: gmer.exe; Driver: C:\Users\Wendy\AppData\Local\Temp\kgloqpob.sys


    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

    ---- EOF - GMER 1.0.15 ----


    .
    DDS (Ver_2011-06-23.01) - NTFSx86
    Internet Explorer: 8.0.7600.16385
    Run by Wendy at 7:13:41 on 2011-07-05
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3034.1946 [GMT -7:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: IObit Security 360 *Disabled/Updated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7f2308f435f2c4c1\STacSV.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Dell\DellDock\DockLogin.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\rundll32.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7f2308f435f2c4c1\aestsrv.exe
    C:\Program Files\TWC\DigiDo\AffinegyService.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\IObit\IObit Security 360\IS360srv.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Dell DataSafe Local Backup\SftService.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\conhost.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\DellTPad\Apoint.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\DellTPad\ApMsgFwd.exe
    C:\Program Files\TWC\DigiDo\TrayApp.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\DellTPad\Apntex.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\DellTPad\HidFind.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\TWC\DigiDo\DigiDo.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\conhost.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uSearch Page =
    uStart Page = hxxp://www.google.com/
    uSearch Bar =
    mDefault_Page_URL = hxxp://www.yahoo.com
    mStart Page = hxxp://www.yahoo.com
    mSearchAssistant =
    uURLSearchHooks: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} - c:\program files\freeonlineradioplayerrecorder\prxtbFree.dll
    mURLSearchHooks: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} - c:\program files\freeonlineradioplayerrecorder\prxtbFree.dll
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Conduit Engine (beta): {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
    BHO: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} - c:\program files\freeonlineradioplayerrecorder\prxtbFree.dll
    BHO: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No File
    TB: Conduit Engine (beta): {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
    TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
    TB: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} - c:\program files\freeonlineradioplayerrecorder\prxtbFree.dll
    TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    TB: {0C8413C1-FAD1-446C-8584-BE50576F863E} - No File
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [Apoint] c:\program files\delltpad\Apoint.exe
    mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell2.exe" /mode2
    mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
    mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
    mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
    mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
    mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [DigiDo] "c:\program files\twc\digido\TrayApp.exe" startup
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
    uPolicies-explorer: HideSCAHealth = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - c:\program files\paltalk messenger\Paltalk.exe
    IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{165A6CB1-8D51-4F7E-B713-2B5C1E6C181F} : DhcpNameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{875C8276-910A-4056-85EF-8A1B29E0D25D} : DhcpNameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{875C8276-910A-4056-85EF-8A1B29E0D25D}\2456C6B696E6E233737373 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{875C8276-910A-4056-85EF-8A1B29E0D25D}\2456C6B696E6F5052756D2E4F5733383330303 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{875C8276-910A-4056-85EF-8A1B29E0D25D}\2456C6B696E6F5E4F575962756C6563737F5531356030393 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{875C8276-910A-4056-85EF-8A1B29E0D25D}\46C696E6B6 : DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{875C8276-910A-4056-85EF-8A1B29E0D25D}\D6F6A6963616 : DhcpNameServer = 192.168.1.1
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
    Notify: igfxcui - igfxdev.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
    R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2009/12/11 19:20:16];c:\program files\cyberlink\powerdvd dx\000.fcl [2009-12-11 87536]
    R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_7f2308f435f2c4c1\AEstSrv.exe [2009-12-11 81920]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-7-5 136360]
    R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-7-5 269480]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-10-21 61960]
    R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-12-18 155648]
    R2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2010-3-13 312152]
    R2 SftService;SoftThinks Agent Service;c:\program files\dell datasafe local backup\SftService.exe [2009-8-15 648432]
    R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2009-10-11 143968]
    R3 OA009Ufd;Creative Camera OA009 Upper Filter Driver;c:\windows\system32\drivers\OA009Ufd.sys [2009-3-6 133632]
    R3 OA009Vid;Creative Camera OA009 Function Driver;c:\windows\system32\drivers\OA009Vid.sys [2009-3-19 271552]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-21 136176]
    S2 PermissionResearch;PermissionResearch;c:\program files\permissionresearch\prservice.exe /service --> c:\program files\permissionresearch\prservice.exe [?]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-7-5 1153368]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\drivers\CtAudDrv.sys [2009-10-11 134144]
    S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-21 39272]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-21 136176]
    S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
    S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
    S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
    S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [2010-6-8 20480]
    S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2010-6-8 174720]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-4 1343400]
    .
    =============== Created Last 30 ================
    .
    2011-07-05 15:48:38 1553920 ----a-w- c:\windows\system32\tquery.dll
    2011-07-05 15:48:38 1401856 ----a-w- c:\windows\system32\mssrch.dll
    2011-07-05 15:48:37 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
    2011-07-05 15:48:37 666624 ----a-w- c:\windows\system32\mssvp.dll
    2011-07-05 15:48:37 59392 ----a-w- c:\windows\system32\msscntrs.dll
    2011-07-05 15:48:37 428032 ----a-w- c:\windows\system32\SearchIndexer.exe
    2011-07-05 15:48:37 337408 ----a-w- c:\windows\system32\mssph.dll
    2011-07-05 15:48:37 197120 ----a-w- c:\windows\system32\mssphtb.dll
    2011-07-05 15:48:37 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
    2011-07-05 15:48:35 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
    2011-07-05 13:55:57 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-07-05 13:55:54 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-07-05 13:55:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-07-05 13:46:43 -------- d-----w- c:\users\wendy\appdata\roaming\Avira
    2011-07-05 13:44:05 -------- d-----w- c:\programdata\Avira
    2011-07-05 13:44:05 -------- d-----w- c:\program files\Avira
    2011-07-05 13:15:08 388096 ----a-r- c:\users\wendy\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-07-05 13:10:18 -------- d-----w- c:\program files\PcMedik
    2011-07-05 11:27:35 7074640 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{a3178587-0baf-4728-8c35-c3211cbda172}\mpengine.dll
    2011-07-05 11:27:05 7074640 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll
    2011-07-05 11:26:37 -------- d-----w- C:\0215b4671e7cc540ea8dd7
    2011-07-05 11:14:05 -------- d-----w- c:\programdata\AVAST Software
    2011-07-05 11:14:05 -------- d-----w- c:\program files\AVAST Software
    2011-07-05 11:11:29 -------- d--h--w- c:\programdata\Common Files
    2011-07-05 11:10:50 -------- d-----w- c:\programdata\MFAData
    2011-07-05 10:14:42 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2011-07-05 10:14:42 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2011-07-05 10:12:39 -------- d-----w- c:\users\wendy\appdata\roaming\SUPERAntiSpyware.com
    2011-07-05 10:12:34 -------- d-----w- c:\program files\SUPERAntiSpyware
    2011-07-05 10:11:56 20552 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
    2011-07-05 10:11:29 -------- d-----w- c:\program files\Hitman Pro 3.5
    2011-07-05 10:10:19 -------- d-----w- c:\programdata\Hitman Pro
    2011-07-04 10:25:05 -------- d-----w- C:\Emergency
    2011-07-04 05:42:13 201728 --sha-r- c:\windows\system32\nlahcd.dll
    2011-07-04 05:31:59 -------- d-----w- c:\users\wendy\Matrix
    2011-07-04 05:19:23 -------- d-----w- c:\users\wendy\appdata\roaming\My Star World
    2011-07-04 00:20:42 -------- d-----w- c:\users\wendy\appdata\roaming\Jasc
    2011-07-03 23:14:33 98304 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\knlwrap.exe
    2011-07-03 23:14:33 36864 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\msihook.dll
    2011-07-03 23:14:32 102400 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\scpthdlr.dll
    2011-07-03 21:53:42 -------- d-----w- c:\users\wendy\appdata\roaming\GetRightToGo
    2011-07-03 21:27:34 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys
    2011-06-28 17:51:43 0 ---ha-w- c:\users\wendy\appdata\local\BIT9B46.tmp
    2011-06-15 18:22:36 276992 ----a-w- c:\windows\system32\wcncsvc.dll
    2011-06-15 18:22:01 1137664 ----a-w- c:\windows\system32\mfc42.dll
    2011-06-15 18:22:00 1164288 ----a-w- c:\windows\system32\mfc42u.dll
    2011-06-15 18:16:55 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
    2011-06-15 18:16:55 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
    2011-06-15 18:16:55 107520 ----a-w- c:\windows\system32\cdd.dll
    2011-06-15 14:25:40 2983424 ----a-w- c:\windows\system32\UIRibbon.dll
    2011-06-15 14:25:40 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
    2011-06-15 14:25:21 15712 ----a-w- c:\program files\common files\windows live\.cache\e3ad6231cc2b6805\MeshBetaRemover.exe
    2011-06-15 14:08:21 -------- d-----w- c:\users\wendy\appdata\local\Conduit
    2011-06-15 14:08:17 -------- d-----w- c:\users\wendy\appdata\roaming\Free MP3 WMA OGG Converter
    2011-06-15 14:08:10 458752 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
    2011-06-15 14:08:10 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
    2011-06-15 14:08:10 348160 ----a-w- c:\windows\system32\NCTWMAFile2.dll
    2011-06-15 14:08:10 344064 ----a-w- c:\windows\system32\msvcr70.dll
    2011-06-15 14:08:10 1986560 ----a-w- c:\windows\system32\NCTAudioFile2.dll
    2011-06-15 14:08:10 1212416 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
    2011-06-15 06:25:13 -------- d-----w- c:\program files\TREO
    2011-06-15 02:09:12 -------- d-----w- c:\users\wendy\appdata\local\Apple Computer
    2011-06-14 23:00:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
    2011-06-14 23:00:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
    2011-06-14 23:00:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
    2011-06-14 23:00:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
    2011-06-14 23:00:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
    2011-06-14 23:00:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
    2011-06-14 23:00:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
    2011-06-14 22:58:47 -------- d-----w- c:\users\wendy\appdata\local\Apple
    2011-06-14 18:09:47 -------- d-----w- c:\program files\Bonjour
    2011-06-14 18:09:32 -------- d-----w- c:\programdata\Affinegy
    2011-06-14 18:09:32 -------- d-----w- c:\program files\TWC
    2011-06-13 22:28:13 -------- d-----w- c:\users\wendy\RESCUES
    2011-06-07 19:35:34 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
    .
    ==================== Find3M ====================
    .
    2011-05-28 03:00:02 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2011-05-04 02:43:59 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
    2011-05-04 02:43:48 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
    2011-05-04 02:43:41 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2011-05-03 04:50:29 740864 ----a-w- c:\windows\system32\inetcomm.dll
    2011-04-29 02:57:34 311296 ----a-w- c:\windows\system32\drivers\srv.sys
    2011-04-29 02:57:21 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
    2011-04-29 02:57:13 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2011-04-27 22:25:24 65024 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
    2011-04-27 02:33:46 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys
    2011-04-25 04:56:06 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2011-04-25 02:35:40 338944 ----a-w- c:\windows\system32\drivers\afd.sys
    2011-04-22 19:36:05 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
    2011-04-22 19:31:50 981504 ----a-w- c:\windows\system32\wininet.dll
    2011-04-22 19:31:26 44544 ----a-w- c:\windows\system32\licmgr10.dll
    2011-04-22 18:23:59 386048 ----a-w- c:\windows\system32\html.iec
    2011-04-18 20:18:50 43392 ----a-w- c:\windows\system32\drivers\MpNWMon.sys
    2011-04-18 20:18:50 165648 ----a-w- c:\windows\system32\drivers\MpFilter.sys
    2011-04-09 06:13:06 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2011-04-09 06:13:06 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
    .
    ============= FINISH: 7:14:37.64 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-06-23.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 12/11/2009 6:52:46 PM
    System Uptime: 7/5/2011 6:50:37 AM (1 hours ago)
    .
    Motherboard: Dell Inc. | | 0G848F
    Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz | Microprocessor | 1200/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 218 GiB total, 152.662 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP524: 6/19/2011 3:57:16 PM - Windows Update
    RP525: 6/20/2011 4:18:13 PM - Windows Update
    RP526: 6/21/2011 8:00:54 PM - Windows Update
    RP527: 6/22/2011 9:34:54 PM - Windows Update
    RP528: 6/24/2011 2:30:12 PM - Windows Update
    RP529: 6/25/2011 3:22:53 PM - Windows Update
    RP530: 6/26/2011 5:55:34 PM - Windows Update
    RP531: 6/28/2011 9:59:35 AM - Windows Update
    RP532: 6/29/2011 11:39:45 AM - Windows Update
    RP533: 6/30/2011 12:46:17 PM - Windows Update
    RP534: 7/1/2011 1:49:12 PM - Windows Update
    RP535: 7/2/2011 3:56:17 PM - Windows Update
    RP536: 7/3/2011 2:02:05 PM - Installed Jasc Paint Shop Pro 8
    RP537: 7/3/2011 2:09:21 PM - Removed Jasc Paint Shop Pro 8
    RP538: 7/3/2011 2:16:12 PM - Installed Jasc Paint Shop Pro 8
    RP539: 7/3/2011 2:22:25 PM - Removed Jasc Paint Shop Pro 8
    RP540: 7/3/2011 2:30:17 PM - Installed Jasc Paint Shop Pro 9
    RP541: 7/3/2011 2:32:49 PM - Removed Jasc Paint Shop Pro 9
    RP542: 7/3/2011 2:41:48 PM - Installed Jasc Paint Shop Pro 8
    RP543: 7/3/2011 2:50:27 PM - Removed Jasc Paint Shop Pro 8
    RP544: 7/3/2011 2:57:04 PM - Installed Jasc Paint Shop Pro 9
    RP545: 7/3/2011 2:59:31 PM - Removed Jasc Paint Shop Pro 9
    RP546: 7/3/2011 3:12:20 PM - Installed Jasc Paint Shop Pro 8
    RP547: 7/3/2011 3:53:07 PM - Installed Serials 2005.
    RP548: 7/3/2011 4:14:48 PM - Installed Paint Shop Pro 7 Evaluation
    RP550: 7/3/2011 4:15:25 PM -
    RP552: 7/3/2011 4:16:19 PM -
    RP554: 7/3/2011 4:18:28 PM -
    RP555: 7/3/2011 5:07:45 PM - Removed Jasc Paint Shop Pro 8
    RP556: 7/3/2011 5:08:01 PM - Removed Jasc Paint Shop Pro 8
    RP557: 7/3/2011 9:13:21 PM - Removed Paint Shop Pro 7 Evaluation
    RP559: 7/3/2011 9:14:54 PM -
    RP560: 7/3/2011 9:16:16 PM - Removed Serials 2005.
    RP561: 7/3/2011 9:21:25 PM - Windows Update
    RP562: 7/3/2011 10:18:27 PM - Installed My Star World
    RP563: 7/3/2011 10:26:38 PM - Removed My Star World
    RP564: 7/4/2011 4:40:08 AM - Restore Operation
    RP565: 7/5/2011 4:13:50 AM - avast! Free Antivirus Setup
    RP569: 7/5/2011 6:14:45 AM - Installed HiJackThis
    RP566: 7/5/2011 8:05:05 AM - Restore Operation
    RP567: 7/5/2011 8:13:30 AM - avast! Free Antivirus Setup
    RP568: 7/5/2011 8:48:39 AM - Windows Update
    .
    ==== Installed Programs ======================
    .
    7-Zip 4.65
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.4.5
    Adobe Shockwave Player 11.5
    Advanced Audio FX Engine
    Advanced SystemCare 3
    AIM 7
    Apple Application Support
    Apple Software Update
    Avira AntiVir Personal - Free Antivirus
    Bonjour
    CCleaner
    Compatibility Pack for the 2007 Office system
    Conduit Engine (beta)
    Consumer In-Home Service Agreement
    D3DX10
    Dell-eBay
    Dell DataSafe Local Backup
    Dell DataSafe Local Backup - Support Software
    Dell Dock
    Dell Edoc Viewer
    Dell Getting Started Guide
    Dell Touchpad
    Dell Webcam Central
    DigiDo
    Free MP3 WMA OGG Converter 8.2.5
    FreeOnlineRadioPlayerRecorder Toolbar
    Game Booster
    Google Earth
    Google Gears
    Google Talk (remove only)
    Google Update Helper
    HiJackThis
    Hitman Pro 3.5
    IDT Audio
    InstallVC90Support
    Integrated Webcam Driver (1.02.01.0320)
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) TV Wizard
    Intel® Matrix Storage Manager
    Intuit SiteBuilder
    IObit Security 360
    Java Auto Updater
    Java(TM) 6 Update 21
    Junk Mail filter update
    LEGO Digital Designer
    Little Shop - Road Trip
    Live! Cam Avatar Creator
    Malwarebytes' Anti-Malware
    MB Guardian Angel
    Microsoft .NET Framework 4 Client Profile
    Microsoft Antimalware
    Microsoft Application Error Reporting
    Microsoft Default Manager
    Microsoft IntelliPoint 8.0
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Word Viewer 2003
    Microsoft Search Enhancement Pack
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual J# 2.0 Redistributable Package
    Microsoft Works
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    My Star World
    Norton Internet Security
    OGA Notifier 2.0.0048.0
    OpenSource Flash Video Splitter (remove only)
    Palm Desktop by ACCESS
    Paltalk Messenger
    Pando Media Booster
    Pattern Maker for cross stitch - v4
    PcMedik
    PhotoMail Maker
    PowerDVD DX
    Quick Brick v1.62
    QuickSet
    QuickTime
    RealPlayer
    RealUpgrade 1.0
    Roxio Creator Audio
    Roxio Creator Copy
    Roxio Creator Data
    Roxio Creator DE
    Roxio Creator Tools
    Roxio Express Labeler 3
    Roxio Update Manager
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Shutterfly Express Uploader
    Skype™ 4.2
    Spelling Dictionaries Support For Adobe Reader 9
    SpongeBob SquarePants 3-D
    Spybot - Search & Destroy
    SUPERAntiSpyware
    Unity Web Player (All users)
    Visual C++ 8.0 ATL (x86) WinSXS MSM
    Visual C++ 8.0 CRT (x86) WinSXS MSM
    Winamp
    Windows 7 Upgrade Advisor
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Mail
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinRAR archiver
    Yahoo! Messenger
    Yahoo! Software Update
    .
    ==== Event Viewer Messages From Past Week ========
    .
    7/5/2011 8:40:14 AM, Error: Service Control Manager [7024] - The Distributed Transaction Coordinator service terminated with service-specific error %%-1073737712.
    7/5/2011 8:09:47 AM, Error: volmgr [46] - Crash dump initialization failed!
    7/5/2011 6:51:27 AM, Error: Service Control Manager [7003] - The SBSD Security Center Service service depends the following service: wscsvc. This service might not be installed.
    7/5/2011 5:49:39 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Works 9 (KB2431831).
    7/5/2011 4:43:17 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    7/5/2011 4:43:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    7/5/2011 4:43:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    7/5/2011 4:43:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    7/5/2011 4:43:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    7/5/2011 4:43:10 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    7/5/2011 4:43:01 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    7/5/2011 4:42:45 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx vwififlt Wanarpv6 WfpLwf
    7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
    7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    7/5/2011 4:28:32 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MsMpSvc service.
    7/5/2011 3:09:31 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
    7/4/2011 1:52:53 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
    7/4/2011 1:51:35 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service AffinegyService with arguments "" in order to run the server: {CA16036E-70FD-41AA-AD9C-61CDD4692DAE}
    7/4/2011 1:49:33 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
    .
    ==== End Of File ===========================
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Thank you. Much better. I'd like to get a Site Advisor on your system. If you had one, it would have spared you going to at least 2 sites and getting at least 2 bad programs. I recommend the following:

    The Web of Trust (WOT) add-on is a safe surfing tool for your browser. Traffic-light rating symbols show which rate the site for Trustworthiness, Vendor Reliability, Privacy, Child Safety.Your online email account – Google Mail, Yahoo! Mail and Hotmail is also protected.

    Every time you do a search and the screen comes up with the sites, they will have the rating light. Green (2 shades), Amber/Yellow Caution, Red> not advised. A few sites haven't been rated and show as a blue flashlight.

    If you want to link to another site from the page you're on o another, WOT will give you an Alert that the site is known for fraudulent entries, unreliable or other and the site won't load. Don't worry- those Alerts don't happen if you stick to the green rating.

    Please do that now.
    ==========================================
    When you have finished, please run this online virus scan:
    • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESETOnlineScan
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      [o] Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
      [o] Double click on the [​IMG]on your desktop.
    • Check 'Yes I accept terms of use.'
    • Click Start button
    • Accept any security warnings from your browser.
      [​IMG]
    • Uncheck 'Remove found threats'
    • Check 'Scan archives/
    • Leave remaining settings as is.
    • Press the Start button.
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
    • When the scan completes, press List of found threats
    • Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
    • Push the Back button
    • Push Finish

    NOTE: If no malware is found then no log will be produced. Let me know if this is the case.

    After I check the Eset log, I'll determine the next step. We have some housekeeping to do.
  6. blewweyezz

    blewweyezz TS Rookie Topic Starter

    Sorry about that...

    Hi Bobbye...
    Apologies for not being patient and waiting for a reply. I got the WOT with no problem but when I try to get the ESET I keep getting a message at the top of my IE saying something about "Click here to install the ActiveX control...." I click and nothing happens.
    Any suggestions?
  7. blewweyezz

    blewweyezz TS Rookie Topic Starter

    Got it...

    I figured out how to get it running... I will post as soon as it is finished running....
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    If I'm still on line tonight when you post the log, I will give you the 'housekeeping' I have prepared.
  9. blewweyezz

    blewweyezz TS Rookie Topic Starter

    Online scan...

    Hi Bobbye
    The scanner is running and is at 99% so shouldnt be long... so far there are 3 things showing up... I HOPE that it finishes before you go....
    I'll be back as soon as its finished :)
  10. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    I'll be around for a little bit.
  11. blewweyezz

    blewweyezz TS Rookie Topic Starter

    Grrrrrr..

    Well.... the scanner was at 99% it was up to 4 threats (mywebsearch was what they said) then my machine just locked up... the scanner had been running over an hour so I dont know what to do now.... should I try running it again or is there anything else we can do for now to at least stablize this machine before running it again.
     
  12. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Let the Eset scan continue for another hour or so. Keep in mind that the more processes there are on the system, the longer the scans.
  13. blewweyezz

    blewweyezz TS Rookie Topic Starter

    Ok

    I will post when it is done
  14. blewweyezz

    blewweyezz TS Rookie Topic Starter

    Again...

    Hey Bobbye,
    The scanner/computer locked up again during the scan. This time when I restarted the machine that black screen that says the disk needed checking came on. It did the chkdsk and started up and I came right here. Im at a loss.... Help!
  15. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    You ran the Error checking- did you run it from the command chkdsk /r or did you use the Error Checking in the My Computer> right click on Local Drive> Properties> Tools tab> Error check> Check both boxes on screen that comes up> Apply> Close nag message and reboot. Error checking will reboot when through.

    If you did that successfully, please try the Eset online scan again. If it still won't run, use this scan:
    Run Kaspersky Online Scanner in Internet Explorer

    Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
    • Click Accept and the web scanner will begin to load
    • If a yellow warning bar appears at the top of the browser, click it and choose Install ActiveX Control
    • You will be prompted to install an ActiveX component from Kaspersky, click Install
    • If you are prompted about another ActiveX control called Kaspersky Online Scanner GUI part then allow it to be installed also.
    • The program will launch and then begin downloading the latest definition files:
    • Once the files have been downloaded click on NEXT and then Scan Settings
    • In the scan settings make that the following are selected:
      [o] Scan using the following Anti-Virus database> Extended (if available otherwise Standard)
      [o] Scan Options: Scan Archives> Scan Mail Bases
    • Click OK
    • Now under select a target to scan:
      [o] Select My Computer
    • The program will start to scan your system.
    • Once the scan is complete, click on the Save as Text button and save the file to your desktop
    Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license is accepted, reset to 100%.
    ========================================
    If you still can't run either online scan, please see if you can run Combofix:
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.