I really appreciate the help from everyone…you guys rock!
Thank you so much essexboy (I sent you a pm).
Yep tack it onto this one… ;D
Is it possible that running OTL (OTL works on my laptop!) or any other thing would delete files from my computer? I’ve got important stuff there and no way to back it up…
Nope it will only delete stuff if I tell it to ;D
Bad stuff I hope 
Unless I go demented then yes ;D
Hahah! OTL scan is taking soooo long!
Ok it’s done.
Basically, some days ago ago I ran a full scan on Microsoft Essentials and it found some virus called EyeStye…MSE removed them. Now I installed malwarebytes and it found something else, here’s the malwarebytes log
Protection: Enabled
17-08-2012 13:03:17
mbam-log-2012-08-17 (13-03-17).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 273349
Time elapsed: 32 minute(s), 48 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKCU\SOFTWARE\Casino Tropez (Adware.Casino) → Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 1
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) → Quarantined and deleted successfully.
Files Detected: 1
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) → Quarantined and deleted successfully.
(end)
OTL logs attached.
Looks quite clean apart from the odd toolbar
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
https://dl.dropbox.com/u/73555776/OTL_Fix.GIF
:OTL
IE - HKU\S-1-5-21-1614895754-1563985344-1343024091-1187\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
IE - HKU\S-1-5-21-1614895754-1563985344-1343024091-1187\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1614895754-1563985344-1343024091-1187\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.60.30;<local>
IE - HKU\S-1-5-21-1614895754-1563985344-1343024091-1187\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.midesa.pt:3128
FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Programas\VDownloader\Addons\npVDownloader.dll File not found
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programas\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programas\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1614895754-1563985344-1343024091-1187\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programas\vShare\vshare_toolbar.dll ()
O4 - HKU\.DEFAULT..\Run: [cleansweep.exe] C:\cleansweep\cleansweep.exe File not found
O4 - HKU\S-1-5-18..\Run: [cleansweep.exe] C:\cleansweep\cleansweep.exe File not found
:Files
ipconfig /flushdns /c
C:\Programas\vShare
:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Hi, I’ve been kind of busy so I couldn’t reply to this thread. I have not done what you said above yet on my laptop. Meanwhile, my desktop has been acting weird, really slow. yesterday I turned it on and it lost the internet connection from time to time and sometimes it would crash and reboot automatically
We can look at the desktop on completion
I have to write everything short just in case I lose the connection.
when it reboots automatically, it tells me windows recovered from a serious error.
in the windows report I can find something about sysdata.xml and Mini(some numbers).dmp.
If this is the desktop then could you run OTL on that
Download OTL to your Desktop
[*]Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
https://dl.dropbox.com/u/73555776/OTL_Main_Tutorial.gif
[*]Select All Users
[*]Under the Custom Scan box paste this in
netsvcs
BASESERVICES
%SYSTEMDRIVE%*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
qmgr.dll
/md5stop
%systemdrive%$Recycle.Bin|@;true;true;true
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s
CREATERESTOREPOINT
[*]Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Post both logs
We tried to use OTL before…but it didn’t work. I’ll try it again.
If it doesnt work. would aswMBR.exe do the job?
OTL still doesnt work
What error do you get when you try to run OTL ?
Please download DDS and save it to your desktop.
[*]Disable any script blocking protection[*] Double click dds.scr to run the tool. [*]When done, DDS.txt will open. [*]Click Yes at the next prompt for Optional Scan. [*]Save both reports to your desktop.
Please attach the contents of the following in your next reply:
DDS.txt
I get that basic windows error information…“OTL could not run…send report to microsoft”
How do I do this -Disable any script blocking protection?
Your dds download link isn’t working properly.
Is this safe http://www.bleepingcomputer.com/download/dds/ ?
Yes that is where the link should take you… Just tried on my system and it worked
What about this step? -Disable any script blocking protection
I dont know how to do it