Invalid-input

Thanks so much for your help (time and effort). I am glad to know that my computer is not infected and it was the internet site. Phew I'll try your sugggestions. Thanks so so much. Keep up the good work.

Thanks for the quick response. Humm. now that I think about it it could be that site that's causing the problem. The reason I said that is that the last 2 occurances happened with the same link. I guess I'll be careful with that site. Thanks. Oh, one more question, which online scans would you recommend for a really good deep scanning for viruses/ malwares? So what should I do now? Uninstall the programs I've d/l for the scans?? How??

Oh, BTW thanks so much for your help. Just thought I should mention that. Please let me know if I am infected with something/ or not and what I should do next. Cheers

How I got my first virus/ trogen was when I selected the link of excite.com off my favourites list, I was redirected to that 'your comp is infected' site. i tried to close it but I guess I accidentially hit inside the window. It caused malware from running/ updating and every antivirus thing stopped working. So I took it to the techie. Now when i hit another link (where I get my torrents) it sometimes redirects me to that site. I know the site where I get my torrents are safe. Then should I install older p2p programs or none at all?? suggestions for d/l torrent programs?

My comp was infected with trogen in Jan and I took it to a comp techie to fix it. But now when I select a link off my Favourites, I some times get direct to the ' you computer is infected' site. It has maybe happed 3-4 times since. I know there is something wrong but the scans produced no results. I use Eset 3.0. Thanks you so very much for your generous help. I am not very good with computers so I hope I have followed the instructions correctly. Here is the dds.txt DDS (Ver_09-12-01.01) - NTFSx86 Run by Sarah at 23:19:19.62 on 11/03/2010 Internet Explorer: 7.0.5730.13 Microsoft Windows XP Professional 5.1.2600.3.1252.2.1033.18.703.375 [GMT -8:00] AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe svchost.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Sarah\Desktop\dds.scr ============== Pseudo HJT Report =============== uWindow Title = Microsoft Internet Explorer uStart Page = hxxp://ca.search.yahoo.com/web/advanced?ei=UTF-8&fr=yfp-t-501 BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [ssAAD.exe] c:\progra~1\sony\sonics~1\SsAAD.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263694369483 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1263694357776 ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\sarah\applic~1\mozilla\firefox\profiles\xc93xfwc.default\ FF - prefs.js: browser.startup.homepage - hxxp://hk.yahoo.com/ ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2007-12-21 33800] R2 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2007-12-21 468224] S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?] =============== Created Last 30 ================ 2010-03-12 07:15:21 0 ----a-w- c:\documents and settings\sarah\defogger_reenable 2010-03-09 07:24:24 3245 ----a-w- c:\windows\system32\wbem\Outlook_01cabf598b4dae70.mof 2010-03-07 23:08:11 0 d-----w- c:\windows\system32\NtmsData 2010-02-22 05:59:29 398 ----a-w- c:\windows\NJCOM.INI 2010-02-22 05:59:23 0 d-----w- c:\docume~1\sarah\applic~1\NJStar 2010-02-22 05:59:05 0 d-----w- c:\program files\NJStar Communicator ==================== Find3M ==================== 2010-01-17 06:39:48 390240 ----a-w- c:\windows\system32\mkdriver.dll 2010-01-17 06:39:48 292696 ----a-w- c:\windows\system32\XceedFtp.dll 2010-01-16 16:53:17 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2010-01-05 10:00:29 832512 ----a-w- c:\windows\system32\wininet.dll 2010-01-05 10:00:21 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-01-05 10:00:20 17408 ----a-w- c:\windows\system32\corpol.dll 2009-12-16 18:43:27 343040 ----a-w- c:\windows\system32\mspaint.exe 2009-12-14 07:08:23 33280 ----a-w- c:\windows\system32\csrsrv.dll ============= FINISH: 23:19:48.37 =============== Malwarebytes log Malwarebytes' Anti-Malware 1.44 Database version: 3857 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 11/03/2010 11:11:31 PM mbam-log-2010-03-11 (23-11-31).txt Scan type: Full Scan (A:\|C:\|D:\|E:\|) Objects scanned: 141053 Time elapsed: 36 minute(s), 24 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Gmer log GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-03-11 23:49:40 Windows 5.1.2600 Service Pack 3 Running: wu5x6g84.exe; Driver: C:\DOCUME~1\Sarah\LOCALS~1\Temp\kxtdapob.sys ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs InCDrec.SYS (InCD File System Recognizer/Nero AG) AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET) AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys AttachedDevice \FileSystem\Fastfat \Fat InCDrec.SYS (InCD File System Recognizer/Nero AG) AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET) ---- EOF - GMER 1.0.15 ---- Please let me know what I should do next. Thanks again for all the help. ark.zip Attach.zip