LandzDown Forum

ESET SCAN:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=0e8bb742ff48804b8e5cd9b5ca02d22a
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-07-15 02:33:22
# local_time=2010-07-14 07:33:22 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=3584 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 19265 115765601 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=157806
# found=2
# cleaned=0
# scan_time=3129
C:\Users\Owner\Documents\AutoClick.exe   Win32/TrojanClicker.Agent.NFX trojan   00000000000000000000000000000000   I
C:\Users\Owner\Documents\My Games\awesome\Client_EATtheDEAD.exe   a variant of Win32/Packed.Themida application   00000000000000000000000000000000   I
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=0e8bb742ff48804b8e5cd9b5ca02d22a
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-07-15 03:52:26
# local_time=2010-07-14 08:52:26 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=3584 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 22733 115769069 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=158349
# found=0
# cleaned=0
# scan_time=4404

Let's go this route.

To determine whether the issue that you are experiencing is caused by one or more system files that are used by Windows, run the System File Checker tool. The System File Checker tool scans system files and replaces incorrect versions of the system files by using the correct versions.

To run the System File Checker tool, follow these steps:

• Click Start, and then type cmd in the Start Search box.
• Right-click cmd in the Programs list, and then click Run as administrator.
• If you are prompted for an administrator password or confirmation, type your password or click Continue
• At the command prompt, type the following line, and then press ENTER:

sfc /scannow (note the space before the backslash)

• When the scan is complete, restart the computer and test to see whether the issue that you are experiencing is resolved.

Then, let's see a MBAM Fresh

• Launch Malwarebytes' Anti-Malware then click the Update tab and "Check for Updates
• Once the update has been installed and the program has loaded, select Quick scan
• When the scan is complete, click OK, then Show Results to view the results.
  
• Be sure that everything is checked, EXCEPT items in System Restore as shown in this sample:
  
  
• Click Remove Selected.
  
• When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be found here on Windows XP: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt and C:\Users\UserName\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt on Windows Vista and Windows 7.
  
• Please post contents of that file in your next reply.

Did System File Checker find anything?

It may be necessary to do a repair install.  However, first, let's take a look at a Rootkit log. 

Please download GMER Rootkit Scanner from here.

• Double-click the .exe file. If asked to allow gmer.sys driver to load, please consent
• If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO
• In the right panel, you will see several boxes that have been checked. UNtick the following ...
  
  • Sections
  • IAT/EAT
  • Drives/Partition other than Systemdrive (typically C:\)
  • Show All (don't miss this one)
    
    Click the image to enlarge it
    
• Then click the Scan button & wait for it to finish
• Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post
• Save it where you can easily find it, such as your desktop, and post it in reply

**Caution**  Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Note: Do not run any programs while Gmer is running.