Inactive Google searches keep redirecting.

Status
Not open for further replies.

blewweyezz

Posts: 9   +0
Hi Experts...
I am having alot of trouble with my IE redirecting when I google search. This is my first visit to your site and I am not sure of the procedures. But I would really appreciate any help that I might be able to get with this...
Thanks in advance...
 
Re-post... with logs

Sorry about that... I was reading the other threads regarding this issue and saw the 8 steps thread... logs are posted below.... thanks again...
 

Attachments

  • mbam-log-2011-07-05 (07-03-40).txt
    885 bytes · Views: 1
  • GMER.txt
    425 bytes · Views: 1
  • DDS 1.txt
    20.7 KB · Views: 1
  • Attach.txt
    12.6 KB · Views: 1
Welcome to TechSpot! I'll help with the redirect.

But I must ask you to paste the logs into your next reply. When they are attached, it takes us too much time to copy and paste entries we made need to identified. So we leave the copy and paste up to the member and no longer review attached logs.

I'll review yours as soon as you paste then into your next reply.
================================
My Guidelines: please read and follow:
  • Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
  • Read my instructions carefully. If you don't understand or have a problem, ask me.
  • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
  • Follow the order of the tasks I give you. Order is crucial in cleaning process.
  • File sharing programs should be uninstalled or disabled during the cleaning process..
  • Observe these:
    [o] Don't use any other cleaning programs or scans while I'm helping you.
    [o] Don't use a Registry cleaner or make any changes in the Registry.
    [o] Don't download and install new programs- except those I give you.
  • Please let me know if there is any change in the system.
If I have not replied for 2 days, you can send me a PM reminder. Include the URL of your thread. Please do not send me a PM to tell me your logs are up.
If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
=====================================
 
Sorry about that....

Here you go....
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 7027

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

7/5/2011 7:03:40 AM
mbam-log-2011-07-05 (07-03-40).txt

Scan type: Quick scan
Objects scanned: 203297
Time elapsed: 6 minute(s), 54 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


GMER 1.0.15.15640 - http://www.gmer.net
Rootkit quick scan 2011-07-05 07:09:38
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.FG00
Running: gmer.exe; Driver: C:\Users\Wendy\AppData\Local\Temp\kgloqpob.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----


.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.7600.16385
Run by Wendy at 7:13:41 on 2011-07-05
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3034.1946 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Security 360 *Disabled/Updated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7f2308f435f2c4c1\STacSV.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7f2308f435f2c4c1\aestsrv.exe
C:\Program Files\TWC\DigiDo\AffinegyService.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Dell DataSafe Local Backup\SftService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\conhost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\TWC\DigiDo\TrayApp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\TWC\DigiDo\DigiDo.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uStart Page = hxxp://www.google.com/
uSearch Bar =
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
mSearchAssistant =
uURLSearchHooks: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} - c:\program files\freeonlineradioplayerrecorder\prxtbFree.dll
mURLSearchHooks: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} - c:\program files\freeonlineradioplayerrecorder\prxtbFree.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine (beta): {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
BHO: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} - c:\program files\freeonlineradioplayerrecorder\prxtbFree.dll
BHO: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No File
TB: Conduit Engine (beta): {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
TB: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} - c:\program files\freeonlineradioplayerrecorder\prxtbFree.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {0C8413C1-FAD1-446C-8584-BE50576F863E} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell2.exe" /mode2
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [DigiDo] "c:\program files\twc\digido\TrayApp.exe" startup
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
uPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - c:\program files\paltalk messenger\Paltalk.exe
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{165A6CB1-8D51-4F7E-B713-2B5C1E6C181F} : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{875C8276-910A-4056-85EF-8A1B29E0D25D} : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{875C8276-910A-4056-85EF-8A1B29E0D25D}\2456C6B696E6E233737373 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{875C8276-910A-4056-85EF-8A1B29E0D25D}\2456C6B696E6F5052756D2E4F5733383330303 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{875C8276-910A-4056-85EF-8A1B29E0D25D}\2456C6B696E6F5E4F575962756C6563737F5531356030393 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{875C8276-910A-4056-85EF-8A1B29E0D25D}\46C696E6B6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{875C8276-910A-4056-85EF-8A1B29E0D25D}\D6F6A6963616 : DhcpNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2009/12/11 19:20:16];c:\program files\cyberlink\powerdvd dx\000.fcl [2009-12-11 87536]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_7f2308f435f2c4c1\AEstSrv.exe [2009-12-11 81920]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-7-5 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-7-5 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-10-21 61960]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-12-18 155648]
R2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2010-3-13 312152]
R2 SftService;SoftThinks Agent Service;c:\program files\dell datasafe local backup\SftService.exe [2009-8-15 648432]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2009-10-11 143968]
R3 OA009Ufd;Creative Camera OA009 Upper Filter Driver;c:\windows\system32\drivers\OA009Ufd.sys [2009-3-6 133632]
R3 OA009Vid;Creative Camera OA009 Function Driver;c:\windows\system32\drivers\OA009Vid.sys [2009-3-19 271552]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-21 136176]
S2 PermissionResearch;PermissionResearch;c:\program files\permissionresearch\prservice.exe /service --> c:\program files\permissionresearch\prservice.exe [?]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-7-5 1153368]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\drivers\CtAudDrv.sys [2009-10-11 134144]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-21 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-21 136176]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [2010-6-8 20480]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2010-6-8 174720]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-4 1343400]
.
=============== Created Last 30 ================
.
2011-07-05 15:48:38 1553920 ----a-w- c:\windows\system32\tquery.dll
2011-07-05 15:48:38 1401856 ----a-w- c:\windows\system32\mssrch.dll
2011-07-05 15:48:37 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-07-05 15:48:37 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-07-05 15:48:37 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-07-05 15:48:37 428032 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-07-05 15:48:37 337408 ----a-w- c:\windows\system32\mssph.dll
2011-07-05 15:48:37 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-07-05 15:48:37 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-07-05 15:48:35 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-07-05 13:55:57 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-05 13:55:54 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-05 13:55:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-05 13:46:43 -------- d-----w- c:\users\wendy\appdata\roaming\Avira
2011-07-05 13:44:05 -------- d-----w- c:\programdata\Avira
2011-07-05 13:44:05 -------- d-----w- c:\program files\Avira
2011-07-05 13:15:08 388096 ----a-r- c:\users\wendy\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-07-05 13:10:18 -------- d-----w- c:\program files\PcMedik
2011-07-05 11:27:35 7074640 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{a3178587-0baf-4728-8c35-c3211cbda172}\mpengine.dll
2011-07-05 11:27:05 7074640 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll
2011-07-05 11:26:37 -------- d-----w- C:\0215b4671e7cc540ea8dd7
2011-07-05 11:14:05 -------- d-----w- c:\programdata\AVAST Software
2011-07-05 11:14:05 -------- d-----w- c:\program files\AVAST Software
2011-07-05 11:11:29 -------- d--h--w- c:\programdata\Common Files
2011-07-05 11:10:50 -------- d-----w- c:\programdata\MFAData
2011-07-05 10:14:42 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-07-05 10:14:42 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-07-05 10:12:39 -------- d-----w- c:\users\wendy\appdata\roaming\SUPERAntiSpyware.com
2011-07-05 10:12:34 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-07-05 10:11:56 20552 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-07-05 10:11:29 -------- d-----w- c:\program files\Hitman Pro 3.5
2011-07-05 10:10:19 -------- d-----w- c:\programdata\Hitman Pro
2011-07-04 10:25:05 -------- d-----w- C:\Emergency
2011-07-04 05:42:13 201728 --sha-r- c:\windows\system32\nlahcd.dll
2011-07-04 05:31:59 -------- d-----w- c:\users\wendy\Matrix
2011-07-04 05:19:23 -------- d-----w- c:\users\wendy\appdata\roaming\My Star World
2011-07-04 00:20:42 -------- d-----w- c:\users\wendy\appdata\roaming\Jasc
2011-07-03 23:14:33 98304 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\knlwrap.exe
2011-07-03 23:14:33 36864 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\msihook.dll
2011-07-03 23:14:32 102400 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\scpthdlr.dll
2011-07-03 21:53:42 -------- d-----w- c:\users\wendy\appdata\roaming\GetRightToGo
2011-07-03 21:27:34 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys
2011-06-28 17:51:43 0 ---ha-w- c:\users\wendy\appdata\local\BIT9B46.tmp
2011-06-15 18:22:36 276992 ----a-w- c:\windows\system32\wcncsvc.dll
2011-06-15 18:22:01 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-06-15 18:22:00 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-06-15 18:16:55 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-06-15 18:16:55 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-06-15 18:16:55 107520 ----a-w- c:\windows\system32\cdd.dll
2011-06-15 14:25:40 2983424 ----a-w- c:\windows\system32\UIRibbon.dll
2011-06-15 14:25:40 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-06-15 14:25:21 15712 ----a-w- c:\program files\common files\windows live\.cache\e3ad6231cc2b6805\MeshBetaRemover.exe
2011-06-15 14:08:21 -------- d-----w- c:\users\wendy\appdata\local\Conduit
2011-06-15 14:08:17 -------- d-----w- c:\users\wendy\appdata\roaming\Free MP3 WMA OGG Converter
2011-06-15 14:08:10 458752 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
2011-06-15 14:08:10 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2011-06-15 14:08:10 348160 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2011-06-15 14:08:10 344064 ----a-w- c:\windows\system32\msvcr70.dll
2011-06-15 14:08:10 1986560 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2011-06-15 14:08:10 1212416 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2011-06-15 06:25:13 -------- d-----w- c:\program files\TREO
2011-06-15 02:09:12 -------- d-----w- c:\users\wendy\appdata\local\Apple Computer
2011-06-14 23:00:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-06-14 23:00:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-06-14 23:00:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-06-14 23:00:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-06-14 23:00:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-06-14 23:00:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-06-14 23:00:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2011-06-14 22:58:47 -------- d-----w- c:\users\wendy\appdata\local\Apple
2011-06-14 18:09:47 -------- d-----w- c:\program files\Bonjour
2011-06-14 18:09:32 -------- d-----w- c:\programdata\Affinegy
2011-06-14 18:09:32 -------- d-----w- c:\program files\TWC
2011-06-13 22:28:13 -------- d-----w- c:\users\wendy\RESCUES
2011-06-07 19:35:34 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2011-05-28 03:00:02 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-04 02:43:59 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-05-04 02:43:48 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-05-04 02:43:41 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-05-03 04:50:29 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 02:57:34 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 02:57:21 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 02:57:13 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-27 22:25:24 65024 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2011-04-27 02:33:46 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-04-25 04:56:06 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-04-25 02:35:40 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-04-22 19:36:05 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-22 19:31:50 981504 ----a-w- c:\windows\system32\wininet.dll
2011-04-22 19:31:26 44544 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-22 18:23:59 386048 ----a-w- c:\windows\system32\html.iec
2011-04-18 20:18:50 43392 ----a-w- c:\windows\system32\drivers\MpNWMon.sys
2011-04-18 20:18:50 165648 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2011-04-09 06:13:06 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:13:06 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
.
============= FINISH: 7:14:37.64 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/11/2009 6:52:46 PM
System Uptime: 7/5/2011 6:50:37 AM (1 hours ago)
.
Motherboard: Dell Inc. | | 0G848F
Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz | Microprocessor | 1200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 218 GiB total, 152.662 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP524: 6/19/2011 3:57:16 PM - Windows Update
RP525: 6/20/2011 4:18:13 PM - Windows Update
RP526: 6/21/2011 8:00:54 PM - Windows Update
RP527: 6/22/2011 9:34:54 PM - Windows Update
RP528: 6/24/2011 2:30:12 PM - Windows Update
RP529: 6/25/2011 3:22:53 PM - Windows Update
RP530: 6/26/2011 5:55:34 PM - Windows Update
RP531: 6/28/2011 9:59:35 AM - Windows Update
RP532: 6/29/2011 11:39:45 AM - Windows Update
RP533: 6/30/2011 12:46:17 PM - Windows Update
RP534: 7/1/2011 1:49:12 PM - Windows Update
RP535: 7/2/2011 3:56:17 PM - Windows Update
RP536: 7/3/2011 2:02:05 PM - Installed Jasc Paint Shop Pro 8
RP537: 7/3/2011 2:09:21 PM - Removed Jasc Paint Shop Pro 8
RP538: 7/3/2011 2:16:12 PM - Installed Jasc Paint Shop Pro 8
RP539: 7/3/2011 2:22:25 PM - Removed Jasc Paint Shop Pro 8
RP540: 7/3/2011 2:30:17 PM - Installed Jasc Paint Shop Pro 9
RP541: 7/3/2011 2:32:49 PM - Removed Jasc Paint Shop Pro 9
RP542: 7/3/2011 2:41:48 PM - Installed Jasc Paint Shop Pro 8
RP543: 7/3/2011 2:50:27 PM - Removed Jasc Paint Shop Pro 8
RP544: 7/3/2011 2:57:04 PM - Installed Jasc Paint Shop Pro 9
RP545: 7/3/2011 2:59:31 PM - Removed Jasc Paint Shop Pro 9
RP546: 7/3/2011 3:12:20 PM - Installed Jasc Paint Shop Pro 8
RP547: 7/3/2011 3:53:07 PM - Installed Serials 2005.
RP548: 7/3/2011 4:14:48 PM - Installed Paint Shop Pro 7 Evaluation
RP550: 7/3/2011 4:15:25 PM -
RP552: 7/3/2011 4:16:19 PM -
RP554: 7/3/2011 4:18:28 PM -
RP555: 7/3/2011 5:07:45 PM - Removed Jasc Paint Shop Pro 8
RP556: 7/3/2011 5:08:01 PM - Removed Jasc Paint Shop Pro 8
RP557: 7/3/2011 9:13:21 PM - Removed Paint Shop Pro 7 Evaluation
RP559: 7/3/2011 9:14:54 PM -
RP560: 7/3/2011 9:16:16 PM - Removed Serials 2005.
RP561: 7/3/2011 9:21:25 PM - Windows Update
RP562: 7/3/2011 10:18:27 PM - Installed My Star World
RP563: 7/3/2011 10:26:38 PM - Removed My Star World
RP564: 7/4/2011 4:40:08 AM - Restore Operation
RP565: 7/5/2011 4:13:50 AM - avast! Free Antivirus Setup
RP569: 7/5/2011 6:14:45 AM - Installed HiJackThis
RP566: 7/5/2011 8:05:05 AM - Restore Operation
RP567: 7/5/2011 8:13:30 AM - avast! Free Antivirus Setup
RP568: 7/5/2011 8:48:39 AM - Windows Update
.
==== Installed Programs ======================
.
7-Zip 4.65
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.5
Adobe Shockwave Player 11.5
Advanced Audio FX Engine
Advanced SystemCare 3
AIM 7
Apple Application Support
Apple Software Update
Avira AntiVir Personal - Free Antivirus
Bonjour
CCleaner
Compatibility Pack for the 2007 Office system
Conduit Engine (beta)
Consumer In-Home Service Agreement
D3DX10
Dell-eBay
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Dock
Dell Edoc Viewer
Dell Getting Started Guide
Dell Touchpad
Dell Webcam Central
DigiDo
Free MP3 WMA OGG Converter 8.2.5
FreeOnlineRadioPlayerRecorder Toolbar
Game Booster
Google Earth
Google Gears
Google Talk (remove only)
Google Update Helper
HiJackThis
Hitman Pro 3.5
IDT Audio
InstallVC90Support
Integrated Webcam Driver (1.02.01.0320)
Intel(R) Graphics Media Accelerator Driver
Intel(R) TV Wizard
Intel® Matrix Storage Manager
Intuit SiteBuilder
IObit Security 360
Java Auto Updater
Java(TM) 6 Update 21
Junk Mail filter update
LEGO Digital Designer
Little Shop - Road Trip
Live! Cam Avatar Creator
Malwarebytes' Anti-Malware
MB Guardian Angel
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Default Manager
Microsoft IntelliPoint 8.0
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Word Viewer 2003
Microsoft Search Enhancement Pack
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Works
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Star World
Norton Internet Security
OGA Notifier 2.0.0048.0
OpenSource Flash Video Splitter (remove only)
Palm Desktop by ACCESS
Paltalk Messenger
Pando Media Booster
Pattern Maker for cross stitch - v4
PcMedik
PhotoMail Maker
PowerDVD DX
Quick Brick v1.62
QuickSet
QuickTime
RealPlayer
RealUpgrade 1.0
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Shutterfly Express Uploader
Skype™ 4.2
Spelling Dictionaries Support For Adobe Reader 9
SpongeBob SquarePants 3-D
Spybot - Search & Destroy
SUPERAntiSpyware
Unity Web Player (All users)
Visual C++ 8.0 ATL (x86) WinSXS MSM
Visual C++ 8.0 CRT (x86) WinSXS MSM
Winamp
Windows 7 Upgrade Advisor
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR archiver
Yahoo! Messenger
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
7/5/2011 8:40:14 AM, Error: Service Control Manager [7024] - The Distributed Transaction Coordinator service terminated with service-specific error %%-1073737712.
7/5/2011 8:09:47 AM, Error: volmgr [46] - Crash dump initialization failed!
7/5/2011 6:51:27 AM, Error: Service Control Manager [7003] - The SBSD Security Center Service service depends the following service: wscsvc. This service might not be installed.
7/5/2011 5:49:39 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Works 9 (KB2431831).
7/5/2011 4:43:17 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
7/5/2011 4:43:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/5/2011 4:43:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/5/2011 4:43:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
7/5/2011 4:43:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
7/5/2011 4:43:10 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/5/2011 4:43:01 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/5/2011 4:42:45 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx vwififlt Wanarpv6 WfpLwf
7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/5/2011 4:42:45 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
7/5/2011 4:28:32 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MsMpSvc service.
7/5/2011 3:09:31 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
7/4/2011 1:52:53 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
7/4/2011 1:51:35 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service AffinegyService with arguments "" in order to run the server: {CA16036E-70FD-41AA-AD9C-61CDD4692DAE}
7/4/2011 1:49:33 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
.
==== End Of File ===========================
 
Thank you. Much better. I'd like to get a Site Advisor on your system. If you had one, it would have spared you going to at least 2 sites and getting at least 2 bad programs. I recommend the following:

The Web of Trust (WOT) add-on is a safe surfing tool for your browser. Traffic-light rating symbols show which rate the site for Trustworthiness, Vendor Reliability, Privacy, Child Safety.Your online email account – Google Mail, Yahoo! Mail and Hotmail is also protected.

Every time you do a search and the screen comes up with the sites, they will have the rating light. Green (2 shades), Amber/Yellow Caution, Red> not advised. A few sites haven't been rated and show as a blue flashlight.

If you want to link to another site from the page you're on o another, WOT will give you an Alert that the site is known for fraudulent entries, unreliable or other and the site won't load. Don't worry- those Alerts don't happen if you stick to the green rating.

Please do that now.
==========================================
When you have finished, please run this online virus scan:
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESETOnlineScan
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    [o] Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    [o] Double click on the
    esetSmartInstallDesktopIcon.png
    on your desktop.
  • Check 'Yes I accept terms of use.'
  • Click Start button
  • Accept any security warnings from your browser.
    esetonlinescannersettings_thumb.jpg
  • Uncheck 'Remove found threats'
  • Check 'Scan archives/
  • Leave remaining settings as is.
  • Press the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
  • When the scan completes, press List of found threats
  • Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
  • Push the Back button
  • Push Finish

NOTE: If no malware is found then no log will be produced. Let me know if this is the case.

After I check the Eset log, I'll determine the next step. We have some housekeeping to do.
 
Sorry about that...

Hi Bobbye...
Apologies for not being patient and waiting for a reply. I got the WOT with no problem but when I try to get the ESET I keep getting a message at the top of my IE saying something about "Click here to install the ActiveX control...." I click and nothing happens.
Any suggestions?
 
If I'm still on line tonight when you post the log, I will give you the 'housekeeping' I have prepared.
 
Online scan...

Hi Bobbye
The scanner is running and is at 99% so shouldnt be long... so far there are 3 things showing up... I HOPE that it finishes before you go....
I'll be back as soon as its finished :)
 
Grrrrrr..

Well.... the scanner was at 99% it was up to 4 threats (mywebsearch was what they said) then my machine just locked up... the scanner had been running over an hour so I dont know what to do now.... should I try running it again or is there anything else we can do for now to at least stablize this machine before running it again.
 
Let the Eset scan continue for another hour or so. Keep in mind that the more processes there are on the system, the longer the scans.
 
Again...

Hey Bobbye,
The scanner/computer locked up again during the scan. This time when I restarted the machine that black screen that says the disk needed checking came on. It did the chkdsk and started up and I came right here. Im at a loss.... Help!
 
It did the chkdsk and started up and I came right here. Im at a loss.... Help!

You ran the Error checking- did you run it from the command chkdsk /r or did you use the Error Checking in the My Computer> right click on Local Drive> Properties> Tools tab> Error check> Check both boxes on screen that comes up> Apply> Close nag message and reboot. Error checking will reboot when through.

If you did that successfully, please try the Eset online scan again. If it still won't run, use this scan:
Run Kaspersky Online Scanner in Internet Explorer

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • Click Accept and the web scanner will begin to load
  • If a yellow warning bar appears at the top of the browser, click it and choose Install ActiveX Control
  • You will be prompted to install an ActiveX component from Kaspersky, click Install
  • If you are prompted about another ActiveX control called Kaspersky Online Scanner GUI part then allow it to be installed also.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT and then Scan Settings
  • In the scan settings make that the following are selected:
    [o] Scan using the following Anti-Virus database> Extended (if available otherwise Standard)
    [o] Scan Options: Scan Archives> Scan Mail Bases
  • Click OK
  • Now under select a target to scan:
    [o] Select My Computer
  • The program will start to scan your system.
  • Once the scan is complete, click on the Save as Text button and save the file to your desktop
Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license is accepted, reset to 100%.
========================================
If you still can't run either online scan, please see if you can run Combofix:
 
Status
Not open for further replies.
Back