2013-02-02, 19:11
im back again, now i have a question about what i think is a web address that i think is a key logger or something like that...

a couple of days back i was on facebook & i clicked on a link for what i thought it was a youtube video, from a friend facebook page...

everything got mixed up, all the buttons on my desktop, toolbars, taskbar, quick launch, the bar where the clock is went blank, instead the icons & the names of files & folders everything was white...

i unplugged the cable from the modem as fast as i could, & the green light on front on my comp stood lit up for more than an hour, i could not do anything, not even move the mouse, after that i turn off the comp by pushing the power button on the comp...

when i turn the comp back on after let say 2 hours and try to do any thing on the internet i saw that when im loading / going to any page, above the start button there a bunch of web addresses that change very rapidly i have notice that there is this one ""https:// www. facebook .com/dialog /oauth?client _id=16995676698&response_ type=token%2C signed_request %2Cc"" (no spaces) that it stays on a bit longer that the others, even when im not logged in on face book...

with every different web site that i visit the numbers between the ""id="" & the ""&response"" part changes, i was told that it might be a key logger...

i have scan my computer with everything i can think of, (avg, spybot, kaspersky, Adaware, malwarebytes, avast free antivirus, spywareblaste, IObit Malware Fighter, SUPERAntiSpyware)... & they results vary but the most uncommon ones that they have report are these:...

the kaspersky...

1."Autorun from hard drives is allowed"
2."Autorun from network drives is enabled"
3."CD/DVD autorun is enabled"
4."Removable media autorun is enabled"
5."Microsoft Internet Explorer: clear history of typed URLs"
6."Microsoft Internet Explorer - disable caching data received via protected channel"
7."Microsoft Internet Explorer: disable sending error reports"
8."Microsoft Internet Explorer: delete cookies"
9."Microsoft Internet Explorer: clear the list of trusted domains"
10."Microsoft Internet Explorer: enable cache autocleanup on browser closing"
11."Microsoft Internet Explorer: start page reset"

the avg shows that all my excel & my word docs have macros in them, weird part about that is that i dont use that, i dont even know haw to use or create macros...

i open a new excel worksheet & i saved it empty, nothing on it, i scanned my comp after that & it showed that it had macros...

i dont remember that happening before...

please advice on what steps can i do / follow to fix or verified everything id ok...

in advance thanks again...

i posted a new thread @ http://forums.whatthetech.com

like i said before i could not run DDS, when i try i receive this...

i hope this helps to help me fix my comp...


""DDS not supported

This operating system is not supperted!
DDS only runs on:

*Windows 2000
*Windows XP (32 bit)
*Windows VIsta (32/64 bit)
*Windows 7 (32/64 bit)
*Windows 8 (32/64 bit)""...


shelf life
2013-02-17, 16:26
I believe the list you posted from Kaspersky are nothing more than suggestions for you generated by the software based on your current set up.

You can disable macros (http://www.bc.edu/offices/help/security/virus/macrovirus.html) in your office tools/preferences etc. sounds like another suggestion from the software.

2013-02-18, 07:52
any word on the log scans?...

2013-02-18, 07:55
or on the "" https:// www. facebook .com/dialog /oauth?client _id ""?...

shelf life
2013-02-19, 01:38
any word on the log scans?...
Logs look ok.

or on the "" https:// www. facebook .com/dialog /oauth?client _id ""?..
All good
https is more secure than standard http
oauth is a client-server authentication model

2013-02-19, 17:22
so is my comp infected with a virus, malware, trojans or something or not?... what about what happen when all of my problems started?...

everything got mixed up, all the buttons on my desktop, toolbars, taskbar, quick launch, the bar where the clock is went blank, instead of the icons & the names of files & folders everything was white...

i unplugged the cable from the modem as fast as i could, & the green light on front on my comp stood lit up for more than an hour, i could not do anything, not even move the mouse, after that, i turn off the comp by pushing the power button on the comp...

& still takes up to 8 mins to turn on after i push the power button...

or off after i click on the turn off button on the start menu...

please advice...


shelf life
2013-02-20, 00:49
so is my comp infected with a virus, malware, trojans or something or not?
Not that I can tell. Plus you have run several antimalware apps yourself:

i have scan my computer with everything i can think of, (avg, spybot, kaspersky, Adaware, malwarebytes, avast free antivirus, spywareblaste, IObit Malware Fighter, SUPERAntiSpyware) And I assume these are all coming up clean.

If you click crtl-alt-delete on your desktop to bring up task manager. Under the process tab you can click on Image Name to sort a-z. Do you see a explorer.exe listed? File>exit to close task manager.

2013-02-20, 03:04
yes, the explorer.exe is there... is it supposed to be there?... & what about the long time for it to boot up & shut off?... i dont remember it to be that long...

& still takes up to 8 mins to turn on & off after i push the power button...

or off after i click on the turn off button on the start menu...

please advice...


shelf life
2013-02-20, 04:34
Yes it is supposed to be there. Trying to account for the task bar problem. Maybe a corrupt user profile, you can try creating a new user account (http://support.microsoft.com/kb/279783) as a experiment and see if the desktop behaves any better.
Not sure if that link is the correct way to create a account for Server 2003. May be similar to XP. Maybe you already know how to do it, in any case once you create it log out of your account then back in on the new one you just made. See if its any better. Then we will go from there based on the results. The shutdown/start will be a separate issue.

2013-02-20, 23:47
""task bar problem""... what task bar problem?... any way i did that and the problem is the same... it still takes a lot of time to boot up & shut down... even with the new user account... now what can we do?... whats the next step?...

shelf life
2013-02-21, 00:42
""task bar problem""... what task bar problem?

everything got mixed up, all the buttons on my desktop, toolbars, taskbar, quick launch, the bar where the clock is went blank,

Dosnt look like a malware issue so I would just continue in the post you had started over at the WTT forum.

2013-02-21, 22:54
a couple of days back i was on facebook & i clicked on a link for what i thought it was a youtube video, from a friend facebook page...

everything got mixed up, all the buttons on my desktop, toolbars, taskbar, quick launch, the bar where the clock is went blank, instead the icons & the names of files & folders everything was white...

that happen when i clicked on the link for the video...

but i dont have that problem anymore, that was just @ that moment...

my problems right now are...

1-. it takes a lot longer to boot up & to shut down than before i tried to watch that video, about 8 minutes now versus 2 or 3 @ the most before that...

2-. the issue with the ""https:// www. facebook .com/dialog /oauth?client _id=16995676698&response_ type=token%2C signed_request %2Cc""

that just kind of hangs for a few seconds, even if i not logged in in facebook...

i guess there was a misunderstanding from the begining...

so what can i do to solve these issues?...

please advice...

shelf life
2013-02-22, 02:01
We can get another look for malware. See if this will run on your machine:

Download TDSSkiller.exe to your desktop


Click the icon, then on Change Parameters. Check the option: Detect TDLFS file system, then click ok and Start Scan

Once the scan is done you will find a .txt file in your root drive Local Disk, usually (C) labeled as: TDSSKILLER. (version,date, time)

Please copy/paste the log file in your reply.

2013-02-23, 01:45
shelf life
2013-02-25, 00:20
From the logs your machine appears to be malware free. Roguekiller did appear to run in reduced functionality (driver not loaded) but thats ok.
For that URL i would try dumping your browsers history. For IE:

Quit Internet Explorer and make sure all browsing windows are closed.

Click "Start" and select "Settings." then "Control Panel" from the Windows "Start" menu.

Double-click "Internet Options" in the Control Panel.
Select the "General" tab and click "Clear History."

Click "Yes" when asked if you want to clear your Internet history. Click "OK" to exit Internet Options.

Click "Tools" in the menu bar and select "Clear Recent History."

Select how much of your browsing history to delete from the "Time range to clear" drop-down menu. To clear all history, select "Everything."

Click the check box next to "Browsing and Download History" to remove all URLs typed in the address bar. Click the check boxes next to the other options as desired.

Click the "Clear Now" button once your selections have been made.

A excellent tool for even more wiping of Windows tracks, has a free version:
