Posts by jholland1964

We KNOW that McAfee is not working so scanning with that is pointless. MBA-M was working but there is no guarantee that it truly still is working well.
Before putting them back onto a clean computer they most definitely should be scanned again with a brand new, fully updated copy of MBA-M and a brand new updated anti-virus program but honestly I cannot guarantee that they won't include infections. If any of these saved files are videos, music or games I would NOT back them up, I would get rid of them.
Neither of those programs should be kept for the new install. You will need to install brand new copies of each. They shouldn't be carried over to the new install.

I truly don't believe so. The original infected files are on that OLD install, new ones have appeared on the new install, telling me the entire computer is very infected. So essentially you have TWO operating system files on there with infections in each.
The GMER running for days is some indication of that. Several hours is what is listed as the longest time, not DAYS and that depends on the computer. Not the 50 hours & 20 hours as both of the runs you have done show...and you had to stop both of them in order to continue. That is nearly 3 days trying to scan with just one program and the scans never could complete, you had to physically stop them.
If you want to try I can give you other tools to use but as I said, the computer files are most likely damaged and running other tools could cause further damage.
As long as you have the Vista operating system disks a reformat/reload would take just a few hours. With all updates applied you could have the computer up and running Vista well by tonight, not several days from now.
You have been working on this well over three days here, that doesn't count the time spent before you came here and posted your question.

Ok, just wanted to be sure. Take a look at where most of those files found by ESET were located,

C:\Windows.old\Program Files\

This says that the upgrade from Vista to Windows 7 was done without first making absolutely certain that the computer was 100% clean and free of infection and it obviously was not clean. It also is very likely that the Vista operating system itself was not fully up to date before doing the upgrade to Windows 7, that is a must also. Those are the first two steps that must always be done when doing anything major on the computer, whether installing new Windows updates and service packs or upgrading the computer to a new operating system.

Some of these infections are very old infections, discovered back at least in 2008 or 2009 and all had removal and prevention steps almost immediately released at that time, but those obviously were not used before the upgrade was done because if they had been then there would have been no infected files in that Window.old folder. Most anti-virus and security programs today either prevent them entirely or at least scan for these and remove them. Most are rarely seen today, except in instances like this. There are also many system and program security updates that have been released in the last three years that would even protect against these getting onto the computer in the first place. This tells me that the computer itself was definitely not …

GMER should not be taking that long. Stop it. Are you actually posting from the infected computer or are you using a different computer? When doing any type of scan nothing else should be done. Are you using the computer for other things while attempting to clean?

I will take your word for this, however be aware, that if you have not been forthcoming with this and there are other cracked programs on there it is possible, even likely that any further fix steps will not work.

Do the following:
Go to the ESET Online Scanner

http://www.eset.com/onlinescan/scanner.php?i_agree=14

* You can use Internet Explorer to complete this scan and you will need to allow an Active X to be installed or you may use Firefox
* You will need to temporarily Disable your current Anti-virus program.
* Be sure the option to Remove found threats is checked and the option to Scan unwanted applications is Checked.
* When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt.

Post back with that log.

Anything else? Those trial versions are only temporary and good for a short time I believe, not illegal unless you illegally upgrade to the paid versions without paying for them.
How many other programs are on there that are not paid for but should have been?
Nearly every infected file found by MBA-M was on there because of the use of a keygen, possibly all of them since that is one of the easiest ways to get an infection, illegal use of what are supposed to be paid programs. Obviously those two are not the only ones on the system. There are four different PAID programs listed with infected files from the MBA-M log, with keygen related infections.All serious trojans.

sony vegas 10
vegas 9
adobe photoshop cs4 v11.0
propellerhead reason 4
Approximate value of all of the above in the U.S. is around $1000.00

I am possibly also questioning the legality of your system based on these notations in the log

c:\Windows.old\

Do you have another Windows operating system installed someplace?

At least one of the items found by MBA-M was the Boaxxe Trojan it installs other malicious programs on your computer that disable key security features and then attempt to steal any passwords you use, such as for your banking website. Another of the real "benefits" of trying to steal paid programs...the people who write these illegal cracks get your money anyway. It just goes to them …

You may have uninstall the keygens but you did not uninstall the program, it still shows in the log
Vegas Pro 10.0

This is one program you attempted to install illegally, how many others do you have on there?

if i click the dds link in the post posted earlier in this thread, i just get a blank page and nothing happens, the url in the url bar shows this: about:blank

i think the MBA-M log is the second one, (malabyte's anti-malware).

and for the GMER, i should scan my C:\ drive (windows installed on this one) and everything except sections and IAT/EAT right?

Just stop the GMER scan.

You must have a pop up blocker enabled on the browser. The DDS link given is a direct link for the executable which should pop up on your computer and ask you where to save it.

Here is a link to the download page itself. Turn off any pop up blockers

http://www.bleepingcomputer.com/download/anti-virus/dds

Stop the GMER scan it should never take 50 hours.

If you refuse to remove these two items found by MBA-M then we cannot go forward.

c:\Users\Cas\Desktop\unused\keygen\sony vegas 10 keygen + patch\Keygen.exe (RiskWare.Tool.CK) -> Not selected for removal.
c:\Users\Cas\Desktop\unused\keygen\vegas 9 free\Keygen2.exe (Trojan.Agent.CK) -> Not selected for removal.
besides being listed as extremely dangerous, these are illegal password and or license key generators, meaning to me anyway that you are running pirated copies of various paid progtams, at least Sony Vegas 9 and 10. Both of these are paid programs and by using a keygen to generate the license key shows you are using them illegally.

This is the number one rule listed here which includes the lines listed below:

[B]Keep It Legal
[/B]
Do not ask about obtaining pirated software, nor link to it
[B]Do not ask for help to pursue any illegal activity[/B] including, but not limited to, hacking and spamming
Do not pursue any illegal activity within forum posts

This includes requesting assistance in the removal of infections contained in or likely brought in by the use of illegally obtained programs.

If you do want assistance you will Uninstall each and every illegally obtained program on the computer and the keygens used to generate any and all of them. Otherwise this thread will not go further.

In order for us to know and see what may be going on with the computer please follow all of the instructions given in our Read Me First Sticky

http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865

Post back here with Copy/pastes of all requested logs then we can tell you what you need to do next.

The laptop has been restarted with nothing running at all.
That isn't possible, except in Safe Mode. Otherwise each and every one of the unnecessary programs listed below auto starts with the computer and runs in the background, even if you are not using them at the time. Look at the huge number of running processes showing when you ran this and the previous DDS scan.

Turn all of these off, they do not need to auto start. All can easily be run manually when needed.
Pando Media Booster
msnmsgr
Google Update
WMPNSCFG
Steam
ManyCam
Windows Defender>>> disable this entirely and leave it disabled. It is useless and can interfere with any other security programs running on the computer.
HP Software Update
Google EULA Launcher
Google Desktop Search
DivX Download Manager>>>can often be considered very questionable.
Camera Assistant Software
Adobe Reader Speed Launcher
Malwarebytes' Anti-Malware (reboot)
QuickTime Task
iTunesHelper
ApnUpdater
SunJavaUpdateSched
DivXUpdate
OSA9.EXE

Have you cleaned all the dust and air vents on the computer recently? This almost sounds to me like an over heating problem. Too much running all the time for sure.

µTorrent is still on there.

Yes, sorry have looked at the logs. Did you uninstall all the items I noted earlier?
If so please run a new DDS Scan and post back with both logs.

HOW CAN YOU TELL IF ITS A blue screen of deathCONCERN
- error msgs
-HD FAILED
-immediate blue screen
-ntldr missing or corrupt
-just plain balank screen

-------------------------------------------------------------
Booting is loading of software, process that will load all ur data in harddrive
hard drive errors are NO BOOT concern
*hard disk failed
*bsod
*ntldr missing or corrupted
*blank screen

TROUBLE SHOOTING
1. Ask them to restart the computer
make sure all non essential peripheral are not connected to the system
and run diagnostic tool

Run diagnostics F12

IF PASSED
*but ask to backed up files ur computer if cant back up, transfer call to solution station with SR
or OSRI(Operating System Reinstallation) pc restore.

IF FAILED,
*know the error code and if ever replace or reseat hard drive

If you encounter error 0141 or 0150, check BIOS to check if the HDD is detected
See if the HDD is properly seated
Recheck BIOS if HDD is detected, if yes rerun diagnostics and test
If it still won't load Windows, it's an OS issue and there's a need for OSRI

Check for HDD error codes:
Check BIOS
Reseat connectors/data cable
PSA (Fn + Power button) for laptops
F12 Hard Drive Diagnostics
For error code = STOP :Xnnnnnn ask the cx the first code
The Last Known Good Configuration (F8)

HDD Troubleshooting:

Check for HDD error …

hey man, having video issues. monitor not showing anything. give me step by step TS. c'',)

Please create your own thread instead of hijacking another person's thread.

First problem is your cousin is running TWO full Security suites, McAfee and total pieces of junk
IObit Security 360
IObit Toolbar v4.1
This IObit Security 360 program gets terrible reviews, it's own website is rated as unsatisfactory and possibly unsafe to even visit.
Having this alone is a real problem but running two different av programs and firewalls is the number one No-No. It does not increase protection but lessens it because they fight each other and the "bad guys' come right on in.
Also on there from this same company and another lousy program is

Advanced SystemCare 3, also very dangerous because it contains a registry cleaner among other things and "allegedly" will speed the computer and keep it running at "top notch" level, it doesn't and a registry cleaner is never needed and can do more damage than good.

I am not crazy about McAfee but it is at least it is from a reputable company and certainly not considered terrible as all that junk from iObit is considered to be.

Just do a search for reviews of iObit products and you will find the majority are "less than glowing".

Also on there is Norton Security Scan

Second no-no is your cousin is running, P2P programs, virtually the easiest way to infect a computer.

These also run all the time, and at start up.
µTorrent
uTorrentBar Toolbar

Is your cousins version of MBA-M …

No, if you notice I said it runs fine in Safe mode if required. Post that Attach.txt log Copy/Paste it.
I already see several key problems but need to see that one too.

There are 47 program files that run automatically at start up, most not required and several that MUST BE Uninstalled for sure.That's part of the slow down for sure.

I have not gone through the Services yet.

Windows Vista. - yes I have tried booting in safe mode and so far so good. He is complaining of the fact that if he is running a couple of programmes then it has a tendancy to crash and restart automatically or go to blue creen.

It takes 15 mins to load on initial start up due to the number of programmes that he has open upon booting. Therefore I do have a feeling that this could be just to pure overload.

Of course it could be malware too so that can't be ruled out yet.But since you say it takes 15 minutes to just boot the computer, which NO computer should require, it sounds to me like you have likely narrowed down the problem.

Run the DDS Scanner FIRST and post those two logs here, copy/paste BOTH logs.
It runs fine in Safe Mode. After you have done that then continue with the malware scanners to rule that out too. But give us the DDS logs. We may find the problem right there.

HiJackThis is rarely used today. Please follow all of the instructions given on our Read Me First sticky and post back with Copy/Pastes of ALL requested logs and we will be happy to assist you.

http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865

Good. Now you absolutely, positively must get some good security programs on that computer, otherwise the next time you won't be so lucky. Without real time security programs on there you are guaranteed there WILL be a next time.

Keep MBA-M. It does NOT have real time protection but it is top of the line in removals. Use it at least once a week to do a Quick Scan. UPDATE first before each scan. If the Quick Scan finds something then have it remove whatever is found, reboot, update again and do a Full Scan immediately and of course have it remove anything found and reboot. If the Quick Scan finds nothing then you are done.

You can delete DDS Scanner and the TDSKiller, you don't need them anymore. Uninstall that AVG Security Toolbar via Add/Remove, it is worthless.

Next here are the security programs I use all are FREE and offer superb protection. You can use these or make your own choice but you are putting your computer at great risk without real time protection, as you have seen.

For an antivirus program I use Avire 2012 Free. Easily configured and it does a great job.

Follow these instructions for install and configuration:

Download the install package from here:

http://download.cnet.com/Avira-Free-Antivirus-2012/3000-2239_4-10322935.html?part=dl-&subj=dl&tag=button

Click the GREEN Download Now Button to get the executable install package, save it wherever you can easily find it, I chose My Desktop.

Before you begin the …

Ok, good. Are you still getting the IE pages opening?

Run this tool next and post back with the log.
Please read carefully and follow these steps.

* Download TDSSKiller and save it to your Desktop.
http://support.kaspersky.com/downloads/utils/tdsskiller.zip

* Extract its contents to your desktop.
* Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

* If an infected file is detected, the default action will be Cure, click on Continue.

* If a suspicious file is detected, the default action will be Skip, click on Continue.

* It may ask you to reboot the computer to complete the process. Click on Reboot Now.

* If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
* If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

I see some very glaring problems in the logs.
1. This is obviously essentially a brand new computer but you don't even have the very basic security programs installed on the computer. No anti-virus program, no firewall at all. With the exception of a minor listing for an AVG Security Toolbar, which is essentially worthless, your computer is totally unprotected.

2. Your Malwarebytes'Anti-Malware program, MBA-M, is grossly out of date and therefore it was definitely not updated prior to the scan so when the program scanned it did not scan for the any infections discovered in the last 18 months. Your log shows version 1.46 which was released in April 2010, so you are 18 months and 4 program versions behind . The most current Version is 1.51.2 was released September 12, 2011. The definition database shown in your log is 7430 and the most recent database is 8050. MBA-M releases definition updates multiple times a day and this is why the instructions for its use include the instruction
"Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version."
This should be done before each and every scan done with MBA-M, even those run one right after the other.

3. The very first instruction given in our Read Me First Sticky is this one:
"1A – Please Uninstall or Disable any P2P (peer-to-peer) programs on the infected computer before posting in this forum. …

Please follow all the steps given in our Read Me First sticky and post back here with all of the requested logs.

Please Copy/Paste ALL of the logs Do Not Attach them as we will not open attached logs.

http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865

Look, do what you want. I didn't say MSE was bad, I said Avira and Avast scores higher on independent testing. Virustotal isn't a program that is even installed on the computer it is an online service that allows you to upload a suspicious file from your computer to be scanned by multiple, more than 30, anti virus engines. MSE, Avira, Avast are only three of them.

I gave the info I have and I know to be true. Do whatever you want. But if you are running only Windows Defender then you absolutely, do not have an anti-virus program on the computer and it WILL become infected again.

I would still go with Avira. It beats MSE hands down. As does Avast.
Look at the results in my print screens from the most recent AV-Comparative testing. This is an independent lab by the way, nothing to do with any of those programs tested.

yeah, I probably confused with those two tool. Probably this guy recomended me microsof security essentials. I didn't know that microsoft had two different tools, so I just found one and I thought that the defender is the tool recomended by that person. So I am now installing microsoft security essentials.

You previously said you were installing Avira, I certainly would choose that over Microsoft Security Essentials. It scores MUCH higher than MSE, in fact many programs score higher than MSE. If you want I have instructions on the install of Avira 2012 Free. It is an excellent program and very easy to use.

Windows Defender is NOT an antivirus program, it is an anti-malware program. It really is a worthless tool because of conflicts with other tools and the most common recommendation from most respectable forums is turn it off and leave it off. It was formerly known as Microsoft AntiSpyware and comes automatically with Vista and Windows 7.
Even Microsofts own anti virus program turns off Windows Defender when it is installed. It rarely works well with any other and more highly rated anti virus programs or anti-malware programs and will often stop fixes done by other programs.

I think you can try kasper sky anti virus,it is good enough to protect the pc.

The poster is in the middle of a clean up, purchasing another anti-virus isn't going to remove this Rootkit. No matter what anti-virus a person is running continuing to do dangerous things on the computer like P2P will catch up sooner or later.

IF it's useful??? Did you see this in the log?

BITCOMET_HELPER_SERVICE <-- ROOTKIT

Notice the program noted...BitComet, one of your P2P programs.

Continue with the scans ONLY. Do NOTHING else online except the steps noted in the Read Me Sticky. I say again, nothing else online, no surfing, no email, no downloading, nothing. The more you do the more you will be adding more infections.
A rootkit is a type of malicious software that is activated each time your system boots up. Rootkits are difficult to detect because they are activated before your system's Operating System has completely booted up. A rootkit often allows the installation of hidden files, processes, hidden user accounts, and more in the systems OS. Rootkits are able to intercept data from terminals, network connections, and the keyboard.

It's your choice as to what to do with your computer, however I have several pieces of advice.
#1. You absolutely cannot correctly clean an infected computer in a "piece meal" way, half a tool today and the other half tomorrow. All of the tools are meant to be run from beginning to end without pausing them or stopping them in the middle and then attempting to restart it. Doing this can cause more damage on top of the damage caused by the infections.You certainly cannot turn off of hibernate a computer while it is in the middle of running a tool, as you have see this causes major problems.

#2. You have said you have run multiple tools but we have only seen one log, HiJackThis. HiJackThis is essentially not a cleaning tool but a scanning tool to give a picture of what "may be" on the computer. There are some very simple clean ups that can be done with HJT but removing an infection is usually not one of them. I truly cannot say with certainty what was/is the infection on the computer without seeing other logs but I do see from the HJT log are 14 windows from google chrome browser. Right there is another mistake, all tools should be run with the browser totally closed unless it is an online scan. In that case there should only be ONE instance of the browser open and that would be the one where the scan is taking …

if you can find the exact location of the virus you can delete their manually hope it works for you....

.Very bad advice. Attempting to remove a virus manually without knowing all files involved can really cause major problems.

You have been cautioned about this in the past and yet you continue to not follow the rules. If you are going to post advice please follow the rules given for First Responders
http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/368036
If you do not adhere to these rules then we do reserve the right to delete your posts.

You are attempting some dangerous things really,especially running Combofix without direction or not posting the logs, especially the MBA-M log. You need to do the steps from our Read Me Sticky and post back here with all of the logs. The logs must be copy/pasted. Once we can see exactly what we are dealing with then we can better assist.

http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865

Then leave them alone. Or boot to safe mode and try to open them.

That is not an ESET log. It is the set up information.
Did you turn off the antivirus programs when you ran the scan? It should have taken probably an hour to scan and you should have actually seen it doing the scanning. It should have shown you what was found and you would have had to tell it what to do with what it found.

Those numbers on the files tell me nothing, what is inside of them? They look like temporary files.

No AVG is not comparable to Avast. What happened when you tried to download Avast?

Try Avira Free, it also is much better than AVG.

http://download.cnet.com/Avira-Free-Antivirus-2012/3000-2239_4-10322935.html?part=dl-&subj=dl&tag=button

Follow these instructions to get and install Avira Free
Click the GREEN Download Now Button to get the executable install package, save it wherever you can easily find it, I chose My Desktop.
You must then UNINSTALL your AVG program completely.
To begin, double click the executable file to start installation. Vista and Windows 7 users must run this executable as Admininistrator.

Before installation the installer will scan your system for other security programs installed. Avira Free AntiVirus 2012 may warn you of POSSIBLE incompatible security software on your system like Emsisoft AntiMalware, some 3rd party Firewalls, especially Zone Alarm. It is just a warning of POSSIBLE conflicts and you do not need to uninstall these software programs. Just install Avira Free AV and everything is OK. …

I recently uncovered three files on my C:\ drive that won't even let me access or delete them
What are the three files and why do you want to delete them?
Please do the following:
Turn OFF Windows Defender, it is out of date and really is not top of the line. Leave it turned off.

Run the ESET Online Scanner

http://www.eset.com/onlinescan/scanner.php?i_agree=14
* You can use Internet Explorer to complete this scan and you will need to allow an Active X to be installed or you may use Firefox
* Be sure the option to Remove found threats is checked and the option to Scan unwanted applications is Checked.
* When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt.
Post back here with the log.

AFTER running ESET please do the following:

You don't have any antivirus installed on the computer you DO need one.I would suggest Avast Free:
http://www.avast.com/free-antivirus-download

Install Avast, update and run a full scan with it. If anything is found have the program remove/quarantine.

I have a similar problem in that the plusnetwork tool bar has installed itself onto Firefox and now also internet explorer does not work. I am running Windows XP 32bit and have Mcafee antivirus and firewall etc. Please can anyone advise me what to do, regards

The advise for you is the same as given to the original poster.

The only way we can offer assistance is for you to begin with steps in our Read Me First sticky. Post back here with Copy/Pastes of all logs from the scans and then we can better advise you on what steps to do next.
http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865

After you have followed those instructions then please begin your OWN thread. We do not offer assistance to more than one person per thread. So you must create your own thread and not hijack another persons thread to receive further assistance.

The only way we can offer assistance is for you to begin with steps in our Read Me First sticky. Post back here with Copy/Pastes of all logs from the scans and then we can better advise you on what steps to do next.
http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865

It is very likely you have additonal infections on the computer, or your MSE has been damaged by the removed infections.

I would strongly advise that you follow all the steps given in our Read Me first sticky and then copy/paste all requested logs from that link back here. We will be most happy to offer additional assistance after seeing all the logs.

http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865

with Avast running it doesn't pop up an error but it doesn't save either... shows up for a fraction of a second then disappears... working as intended?

Look in Avast quarantine. IF it worked then it should be in there or there should be a listing stating that this file has been blocked. If the file itself shows ON your computer then no, it didn't work because it should not be allowed to be saved on the computer.

Still Not Working for Me ( Using Kaspersky 2012 )

Then I would say there IS a problem with your anti-virus program because if you followed the correct instructions to save the file as EICAR.COM then the simple act of saving the file should have triggered an alert.

sorry! you should save file as .com not .con then test it

That is exactly what I posted.
If the av program is set up correctly, a scan shouldn't be necessary, a correctly configured av program should catch it the moment it is saved on the computer and not allow it to be saved. You really should actually know how the test works before posting instructions. Also make sure instructions posted are absolutely correct before posting something. Incorrect instructions for something, not this, but tools for instance, can damage a computer.

If you have installed an antivirus and you are not sure if it is protecting your pc
fully or not? just try this popular test....

open notepad

just type in
"X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*"
(without quotes "")

save this with ".con" extension like: "eicar.con"
scan this file with your antivirus

if your antivirus detects this file- Antivirus is working as it should be...
most antivirus will pop out a message

and if your antivirus doesn't detects it
There's a problem with your installation So, re-install your antivirus

While you are attempting to do a "good thing", your instructions are incorrect.

You need to save the file as EICAR.COM not EICAR.con Your av program should save it the moment you save the file. My Avira did.

I honestly don't see anything. It may very well be that you had "just enough" of McAfee remaining that kept you protected. Also looking at the logs, it appears to me that you are a pretty safe computer user. You don't appear to have any of the very risky P2P programs that much of the time bring in some real nasties. I had something similar happen to me way back when I used Norton AV years ago. I renewed and thought that was all that was necessary there was a major change between the program I had on the computer and the newly released program which necessitated the removal of the old and the download of the newest version. I would bet that is what happened to you.

For safety sake you might try just one more online scan.
Do the following:
Run the ESET Online Scanner

http://www.eset.com/onlinescan/scanner.php?i_agree=14

* You can use Internet Explorer to complete this scan and you will need to allow an Active X to be installed or you may use Firefox
* You will need to temporarily Disable your current Anti-virus program.
* Be sure the option to Remove found threats is checked and the option to Scan unwanted applications is Checked.
* When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt.

If it doesn't find anything then I would think you are "good to go" …

Fantastic!!!
Now here are the two programs I mentioned.
First one is SpywareBlaster from Javacool. It is truly a MUST have program. I have not run my computers without it in years.
"SpywareBlaster doesn't scan for and clean spyware--it prevents it from being installed in the first place. SpywareBlaster prevents the installation of ActiveX-based spyware, adware, dialers, browser hijackers, and other potentially unwanted programs. It can also block spyware/tracking cookies in IE, Mozilla Firefox, Netscape, and many other browsers, and restrict the actions of spyware/ad/tracking sites."

Download it from here:
http://download.cnet.com/SpywareBlaster/3000-8022_4-10196637.html

Install it, update it and then Enable All protection and close the program. This is one reason it is so good, it doesn't run in the background so it cannot interfere with any other programs, but it offers superb protection. Manually check for updates every couple weeks. If there are updates then install them, enable all protection and close the program. Simple as that.

The second one is WOT...Web Of Trust. This is a browser addon which gives you advanced warnings on whether a website is trustworthy or not. If the site is good you will see a little green circle on the browser, if it is questionable the circle will be yellow/orange and if it is totally NOT trustworth the circle will be red.
It is available for both Firefox and Internet Explorer.
http://www.mywot.com/

Keep Malwarebytes' Anti-Malware (MBA-M). Update it at least once a week and …

Ok, almost finished. You need to Uninstall these programs, as I said earlier, they are basically Junk programs and really can do much more harm than good.
Uniblue DriverScanner
Uniblue RegistryBooster
Uniblue SpeedUpMyPC
Uniblue SystemTweaker

These two, are not listed in Add/Remove but do have Program folders so they need to go also
C:\Program Files\ErrorTeck
C:\Program Files (x86)\TotalRecipeSearch

You also should change your Home Page to something other than .mywebsearch, it also brings in a LOT of questionable files.

A huge number of the infected files actually came from TotalRecipeSearch and it is known as a questionable website.Obviously somebody in your household is a cook or loves to cook. There are many other excellent websites where good recipes can be found, I would strongly advise against this one.

Your Java is also WAY out of date so it needs to be updated.
You should Uninstall the old Java using Add/Remove and then download this newest version from this web page.
http://www.java.com/en/download/

Once you have done all of the above come back and I will give you just two more FREE security programs which will help keep your computer safer.
You haven't had anymore indications of the PERSONAL SHIELD PRO have you...I hope anyway.

You are doing SUPER! Exactly as asked with everything.

Just a couple more things so we can be 100% certain that things are fully cleaned up and won't happen again.
I want you to do the following:
Download DDS by sUBs and save it to your Desktop.

http://download.bleepingcomputer.com/sUBs/dds.scr

Be sure follow the instructions below carefully
• If your AV has a script blocker, please disable it
• DoubleClick on dds.scr to run the tool
* A command box will open, displaying added information for your reading pleasure while DDS completes its scan.
* Upon completion, a Dialog Box should open instructing you to save and post the TWO resulting logs (DDS.txt & Attach.txt).
• Copy&Paste both the DDS.txt and the DDS Attach.txt into your post

This is basically a simple scanner program that can show us what has been happening, possibly HOW it happened and also what programs are installed on the computer that may not be needed OR that may have helped contribute to this problem. The logs are quite long and might take more than one reply to paste them completely.

i am hung up at the step for saving the new hosts file to the c:........hosts\ect file
i have downloaded the file but it goes into the download file and i can't get it onto the desktop????

right click the file and choose copy. Then open the C:\Windows\System32\Drivers\etc\ folder and right click and Choose Paste. See if it goes in ok.

Should I be using Uniblue Registry Booster, Drive Scanner, System Tweak and Speed My Computer?
All of those programs are JUNK. They should be uninstalled using Add/Remove.

Should I use Windows security, instead of BitDefender?

No BitDefender is just fine.

However, you are not complete with the clean up yet. This Personal Shield Pro makes some major changes to the computer and you will need to correct those also.
It changes your Windows HOSTS file, you will need to replace this file with the default version for your operating system.
Here are the steps:
Please download the following batch file and save it to your desktop:

http://download.bleepingcomputer.com/bats/hosts-perm.bat

When the file has finished downloading, double-click on the hosts-perm.bat file that is now on your desktop. If Windows asks if you if you are sure you want to run it, please allow it to run. Once it starts you will see a small black window that opens and then quickly goes away. This is normal and is nothing to be worried about. You should now be able to access your HOSTS file.

Next do the following:
Go to C:\Windows\System32\Drivers\etc\HOSTS You need to Delete that HOSTS file.

Once you have done that then do this:
Once it is deleted, download the following HOSTS file
http://download.bleepingcomputer.com/misc/host-files/windows-7/hosts
and save it in the C:\Windows\System32\Drivers\etc folder.

Once you have done that Reboot the computer and come back …

Whew!!! boy, that may be some sort of record!:)
Go to normal mode and update and run Malwarebytes' again the same way, Full Scan, remove everything found and reboot.