Pop-Up Ads Keep Appearing As New Tabs in Firefox

Hi! First off, thanks so much for your help!

I've been having an issue since yesterday, where new tabs pop up every now on then when I'm using Firefox. They usually direct the new tabs to advertisement sites--such as kevinathomeblog.com and things relating to that.

I have run Malwarebyte's Anti-Malware, and did a full scan, but it hasn't found any threatening files.

Here is my HijackThis Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:27:57 AM, on 11/29/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16916)
Boot mode: Normal

Running processes:
C:Windowssystem32Dwm.exe
C:Windowssystem32taskeng.exe
C:WindowsExplorer.EXE
C:Program FilesWindows DefenderMSASCui.exe
C:Program FilesDellTPadApoint.exe
C:Program FilesIntelIntel Matrix Storage ManagerIAAnotif.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesSymantec AntiVirusVPTray.exe
C:Program FilesCommon FilesAladdin SharedeTokenetCoreMgr.exe
C:Windowssttray.exe
C:WindowsSystem32rundll32.exe
C:WindowsSystem32rundll32.exe
C:Windowsehomeehtray.exe
C:Windowsehomeehmsas.exe
C:WindowsSystem32rundll32.exe
C:Program FilesDellTPadApMsgFwd.exe
C:Program FilesDellTPadHidFind.exe
C:Program FilesDellTPadApntex.exe
C:Program FilesMalwarebytes' Anti-Malwarembam.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Windowssystem32SearchFilterHost.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.dartmouth.edu/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:Program FilesRealRealPlayerrpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre6binssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll
O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 - HKLM..Run: [Apoint] C:Program FilesDellTPadApoint.exe
O4 - HKLM..Run: [IAAnotif] C:Program FilesIntelIntel Matrix Storage Manageriaanotif.exe
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [vptray] C:PROGRA~1SYMANT~1VPTray.exe
O4 - HKLM..Run: [KeyAccess] C:Windowskeyacc32.exe
O4 - HKLM..Run: [eTCoreManager] "C:Program FilesCommon FilesAladdin SharedeTokenetCoreMgr.exe"
O4 - HKLM..Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM..Run: [NvSvc] RUNDLL32.EXE C:Windowssystem32nvsvc.dll,nvsvcStart
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [NVHotkey] rundll32.exe C:Windowssystem32nvHotkey.dll,Start
O4 - HKLM..RunOnce: [Malwarebytes' Anti-Malware] C:Program FilesMalwarebytes' Anti-Malwarembamgui.exe /install /silent
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O13 - Gopher Prefix:
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.dell.com/systemprofiler/SysProExe.CAB
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:WindowsSystem32DreamScene.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:Program FilesCisco SystemsVPN Clientcvpnd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:Program FilesSymantec AntiVirusDefWatch.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:Program FilesIntelIntel Matrix Storage ManagerIAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 - Service: Pharos Systems ComTaskMaster - Pharos Systems International - C:PROGRA~1PharosBinCTskMstr.exe
O23 - Service: Remote Procedure Call (RPC) Net (Rpcnet) - Absolute Software Corp. - C:WindowsSystem32rpcnet.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:Program FilesSymantec AntiVirusSavRoam.exe
O23 - Service: Symantec Protection Agent 5.1 (SmcService) - Symantec Corporation - C:Program FilesSymantecSPAsmc.exe
O23 - Service: Symantec NAC Service (SNAC) - Symantec Corporation - C:Program FilesSymantecSPAsnac.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:Windowssystem32STacSV.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:Program FilesSymantec AntiVirusRtvscan.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe

--
End of file - 6820 bytes

Here is my DDS Report:


DDS (Ver_09-11-29.01) - NTFSx86
Run by Administrator at 10:48:09.39 on Sun 11/29/2009
Internet Explorer: 7.0.6000.16916 BrowserJavaVersion: 1.6.0_14
Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1252.1.1033.18.2045.921 [GMT -5:00]

AV: Symantec AntiVirus *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
SP: Symantec AntiVirus *enabled* (Updated) {6C85A515-B91D-4D2B-AF18-40984A4A8493}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:Windowssystem32wininit.exe
C:Windowssystem32lsm.exe
C:Windowssystem32svchost.exe -k DcomLaunch
C:Windowssystem32svchost.exe -k rpcss
C:WindowsSystem32svchost.exe -k secsvcs
C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted
C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted
C:Windowssystem32svchost.exe -k netsvcs
C:Windowssystem32SLsvc.exe
C:Windowssystem32svchost.exe -k LocalService
C:Windowssystem32svchost.exe -k NetworkService
C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
C:WindowsSystem32spoolsv.exe
C:Windowssystem32svchost.exe -k LocalServiceNoNetwork
C:Windowssystem32Dwm.exe
C:Windowssystem32taskeng.exe
C:WindowsExplorer.EXE
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesCisco SystemsVPN Clientcvpnd.exe
C:Program FilesWindows DefenderMSASCui.exe
C:Program FilesDellTPadApoint.exe
C:Program FilesIntelIntel Matrix Storage ManagerIAAnotif.exe
C:Program FilesSymantec AntiVirusDefWatch.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesIntelIntel Matrix Storage ManagerIAANTMon.exe
C:Program FilesSymantec AntiVirusVPTray.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe
C:Windowskeyacc32.exe
C:Program FilesCommon FilesAladdin SharedeTokenetCoreMgr.exe
C:Windowssttray.exe
C:PROGRA~1PharosBinCTskMstr.exe
C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted
C:WindowsSystem32rundll32.exe
C:WindowsSystem32rundll32.exe
C:Windowsehomeehtray.exe
C:Windowssystem32svchost.exe -k regsvc
C:WindowsSystem32rpcnet.exe
C:Windowssystem32STacSV.exe
C:Windowssystem32svchost.exe -k imgsvc
C:Program FilesSymantec AntiVirusRtvscan.exe
C:Windowsehomeehmsas.exe
C:WindowsSystem32svchost.exe -k WerSvcGroup
C:Windowssystem32SearchIndexer.exe
C:WindowsSystem32rundll32.exe
C:Windowssystem32DRIVERSxaudio.exe
C:Windowssystem32taskeng.exe
C:Program FilesDellTPadApMsgFwd.exe
C:Program FilesDellTPadHidFind.exe
C:Program FilesDellTPadApntex.exe
C:Program FilesMalwarebytes' Anti-Malwarembam.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Windowssystem32SearchProtocolHost.exe
C:Windowssystem32SearchFilterHost.exe
C:UsersAdministratorDesktopdds.scr
C:Windowssystem32wbemwmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.dartmouth.edu/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:program filescommon filesadobeacrobatactivexAcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:program filesrealrealplayerrpbrowserrecordplugin.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:program filesjavajre6binssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program filesjavajre6binjp2ssv.dll
uRun: [ehTray.exe] c:windowsehomeehTray.exe
mRun: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
mRun: [Apoint] c:program filesdelltpadApoint.exe
mRun: [IAAnotif] c:program filesintelintel matrix storage manageriaanotif.exe
mRun: [ccApp] "c:program filescommon filessymantec sharedccApp.exe"
mRun: [vptray] c:progra~1symant~1VPTray.exe
mRun: [KeyAccess] c:windowskeyacc32.exe
mRun: [eTCoreManager] "c:program filescommon filesaladdin sharedetokenetCoreMgr.exe"
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [NvSvc] RUNDLL32.EXE c:windowssystem32nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:windowssystem32NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:windowssystem32NvMcTray.dll,NvTaskbarInit
mRun: [NVHotkey] rundll32.exe c:windowssystem32nvHotkey.dll,Start
mRunOnce: [Malwarebytes' Anti-Malware] c:program filesmalwarebytes' anti-malwarembamgui.exe /install /silent
IE: E&xport to Microsoft Excel - c:progra~1micros~2office12EXCEL.EXE/3000
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:progra~1common~1skypeSKYPE4~1.DLL
AppInit_DLLs: KATRACK.DLL
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%System32DreamScene.dll
mASetup: {7070D8E0-650A-46b3-B03C-9497582E6A74} - %SystemRoot%system32soundschemes.exe /AddRegistration
mASetup: {B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24} - %SystemRoot%system32soundschemes2.exe /AddRegistration

================= FIREFOX ===================

FF - ProfilePath - c:usersadmini~1appdataroamingmozillafirefoxprofiles7meawdgy.default
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:program filesmozilla firefoxpluginsnpunagi2.dll
FF - plugin: c:program filesmozilla firefoxpluginsnpzylomgamesplayer.dll
FF - plugin: c:usersadministratorappdataroamingmozillafirefoxprofiles7meawdgy.defaultextensionsmoveplayer@movenetworks.complatformwinnt_x86-msvcpluginsnpmnqmp071303000006.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:windowsmicrosoft.netframeworkv3.5windows presentation foundationdotnetassistantextension
FF - HiddenExtension: Java Console: No Registry Reference - c:program filesmozilla firefoxextensions{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R2 Symantec AntiVirus;Symantec AntiVirus;c:program filessymantec antivirusRtvscan.exe [2006-11-28 1962136]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:windowssystem32driversb57nd60x.sys [2007-2-8 179712]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:program filescommon filessymantec sharedeengineEraserUtilRebootDrv.sys [2009-8-28 102448]
R3 eTSCFLT;eToken SmartCard Upper Class Filter Driver;c:windowssystem32driverseTSCFLT.sys [2006-11-27 12720]
R3 MBAMSwissArmy;MBAMSwissArmy;c:windowssystem32driversmbamswissarmy.sys [2009-11-29 38224]
S3 AKSUP;AKSUP;c:windowssystem32driversaksup.sys [2007-7-26 33712]
S3 SavRoam;SAVRoam;c:program filessymantec antivirusSavRoam.exe [2006-11-28 122008]
S3 TuneCVideo;TuneCVideo;c:windowssystem32driversTuneCVideo.sys [2009-7-1 3768]
S3 WmaCAudio;WmaCAudio;c:windowssystem32driversWmaCAudio.sys [2009-7-1 23096]

=============== Created Last 30 ================

2009-11-29 15:27:17 0 d-----w- c:program filesTrend Micro
2009-11-29 14:51:00 38224 ----a-w- c:windowssystem32driversmbamswissarmy.sys
2009-11-29 14:50:57 19160 ----a-w- c:windowssystem32driversmbam.sys
2009-11-29 14:50:57 0 d-----w- c:program filesMalwarebytes' Anti-Malware
2009-11-29 06:04:56 0 d-----w- c:usersadmini~1appdataroamingMalwarebytes
2009-11-27 18:33:13 93360 ----a-w- c:windowssystem32driversSBREDrv.sys
2009-11-27 18:29:50 0 d-----w- c:programdataLavasoft
2009-11-25 08:01:12 2048 ----a-w- c:windowssystem32tzres.dll
2009-11-25 07:45:40 2048 ----a-w- c:windowssystem32msxml6r.dll
2009-11-25 07:45:40 2048 ----a-w- c:windowssystem32msxml3r.dll
2009-11-25 07:45:40 1406464 ----a-w- c:windowssystem32msxml6.dll
2009-11-25 07:45:40 1260032 ----a-w- c:windowssystem32msxml3.dll
2009-11-25 07:45:36 713728 ----a-w- c:windowssystem32timedate.cpl
2009-11-20 06:34:09 0 d-----w- c:programdataReal
2009-11-11 06:04:46 2031104 ----a-w- c:windowssystem32win32k.sys
2009-11-11 06:04:34 321536 ----a-w- c:windowssystem32WSDApi.dll
2009-11-08 15:00:24 0 d-----w- c:windowsThe Game Of Life by Hasbro
2009-11-04 15:31:10 0 d-----w- c:program filesMozilla Sunbird
2009-11-04 14:59:24 1383424 ----a-w- c:windowssystem32mshtml.tlb

==================== Find3M ====================

2009-11-29 14:45:17 86016 ----a-w- c:windowsinfinfstrng.dat
2009-11-29 14:45:17 86016 ----a-w- c:windowsinfinfstor.dat
2009-11-29 14:45:17 51200 ----a-w- c:windowsinfinfpub.dat
2009-11-29 14:41:45 56680 ----a-w- c:windowssystem32rpcnet.dll
2009-11-29 14:41:45 17408 ----a-w- c:windowssystem32rpcnetp.dll
2009-11-29 14:40:31 17408 ----a-w- c:windowssystem32rpcnetp.exe
2009-11-27 03:14:59 56863 ----a-w- c:usersadmini~1appdataroamingnvModes.dat
2009-11-03 01:42:06 195456 ------w- c:windowssystem32MpSigStub.exe
2009-09-17 19:35:36 35840 ----a-w- c:windowssystem32DIAG64.DLL
2009-09-10 17:40:11 4096 ----a-w- c:windowssystem32dxmasf.dll
2009-09-10 17:39:44 7680 ----a-w- c:windowssystem32spwmp.dll
2009-09-10 17:38:29 216576 ----a-w- c:windowssystem32msv1_0.dll
2009-09-10 15:29:54 8147968 ----a-w- c:windowssystem32wmploc.DLL
2009-09-10 15:29:34 311296 ----a-w- c:windowssystem32unregmp2.exe
2009-09-09 23:34:08 49152 ----a-w- c:windowssystem32instw32.exe
2009-09-04 12:38:11 60928 ----a-w- c:windowssystem32msasn1.dll
2008-12-13 17:22:34 174 --sha-w- c:program filesdesktop.ini
2008-06-14 19:57:35 665600 ----a-w- c:windowsinfdrvindex.dat
2006-11-02 12:40:37 30674 ----a-w- c:windowsinfperflib0409perfd.dat
2006-11-02 12:40:37 30674 ----a-w- c:windowsinfperflib0409perfc.dat
2006-11-02 12:40:37 287440 ----a-w- c:windowsinfperflib0409perfi.dat
2006-11-02 12:40:37 287440 ----a-w- c:windowsinfperflib0409perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:windowsinfperflib0000perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:windowsinfperflib0000perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:windowsinfperflib0000perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:windowsinfperflib0000perfc.dat
2007-07-10 19:14:29 16384 --sha-w- c:windowssystem32configsystemprofileappdatalocalmicrosoftfeeds cacheindex.dat
2007-07-10 19:14:29 32768 --sha-w- c:windowssystem32configsystemprofileappdatalocalmicrosoftwindowshistoryhistory.ie5mshist012007071020070711index.dat
2009-06-05 00:22:28 16384 --sha-w- c:windowstempcookiesindex.dat
2009-06-05 00:22:28 16384 --sha-w- c:windowstemphistoryhistory.ie5index.dat
2009-06-05 00:22:28 32768 --sha-w- c:windowstemptemporary internet filescontent.ie5index.dat

============= FINISH: 10:51:17.71 ===============


Please let me know if you require any information. I would greatly appreciate any help.

Thank you.

EDIT: Oops! I didn't mean to double-post. Sorry about that.

Merged posts. ~ OB

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:

• Download DDS by sUBs from one of the following links. Save it to your desktop.
  • DDS.scr
  • DDS.pif
• Double click on the DDS icon, allow it to run.
• A small box will open, with an explaination about the tool. No input is needed, the scan is running.
• Notepad will open with the results.
• Follow the instructions that pop up for posting the results.
• Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

Due to the lack of feedback, this topic is now closed.
If you need this topic reopened, please PM a staff member and we will reopen it for you (include the address of this thread in your request). This applies to the original topic starter only. Everyone else with similar problems, please start a new topic.