Dialer "ENTER". Does anybody know how I can get rid of it?

Welcome to Majorgeeks!

Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

• Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
• Make sure you check version numbers and get all updates.
• Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

• After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

Downloading, Installing, and Running HijackThis
​

• When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)
  • Bitdefender
  • Panda Scan
  • HijackThis

.

 

You must run ALL steps in the READ & RUN ME. Steps 0 thru 7 must be run. They are not optional. If you are having problems with Bitdefender online scan for some reason then try PandaActive scan. But according to your HJT log, you have not even attempted either of them. HijackThis logs must be obtained after running the online scans and all other steps.

Why are you running multiple antivirus applications? See step 3 of the READ ME.

I also do not see any evidence of MS Windows Defender being run.

 

You are missing the point! Read step 3 of the READ & RUN ME again. You MUST NOT use multiple antivirus programs. This can do more harm then good since they get in each others way and seriously impact your PC performance. In addition it can sometimes make fixing problems more difficult since one AV program can view the others as a malware action and it will block it.

Take your pick of which you prefer, but you must uninstall one of them NOW! Do this before continuing!!!!

Is the below something you installed? Is it something to go along with all the DVD stuff you are using?
O4 - HKCU\..\Run: [AMP Agent] C:\Program Files\Common Files\ARS Company\Agent\Agent.exe

You should not be running DVDShrink while obtaining HJT logs.

Download - Pocket KillBox

Extract it to its own folder somewhere that you will be able to locate it later to run it.

Run Pocket Killbox by double clicking on killbox.exe
Choose Tools > Delete Temp Files and click OK.

Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion…say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot. Note some of the files listed below may not exist but we need to check for them anyway.

C:\Documents and Settings\NIKOS\My Documents\Downloads\hrgtheme.exe
C:\WINDOWS\Temp\win730.tmp.exe
C:\WINDOWS\Temp\win7A4.tmp.exe
C:\WINDOWS\Temp\win7B3.tmp.exe
C:\WINDOWS\Temp\win7C3.tmp.exe
C:\WINDOWS\Temp\win7CA.tmp.exe
C:\WINDOWS\SYSTEM32\winzwr32.dll


If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself. However BOOT INTO SAFE MODE during this reboot and do not run anything but what I request. DO NOT open any browsers!

After reboot run HijackThis and select the following lines (if they still exist) but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\ONSPEED\Toolband.dll (file missing)
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\ONSPEED\onspeedcore.exe"
O4 - HKLM\..\RunOnce: [DELDIR0.EXE] "C:\DOCUME~1\NIKOS\LOCALS~1\Temp\DELDIR0.EXE" "C:\Program Files\McAfee\McAfee Shared Components\Central"
O20 - Winlogon Notify: winzwr32 - C:\WINDOWS\SYSTEM32\winzwr32.dll

Now exit HJT
Run Windows Explorer and double check to make sure the below files are all deleted (some we already got with killbox):
C:\Program Files\ONSPEED <--- the whole folder
C:\Program Files\McAfee <--- the whole folder
C:\Documents and Settings\NIKOS\Local Settings\Temp <--- delete all files in this Temp folder
C:\WINDOWS\Temp <--- delete all files in this Temp folder
C:\Documents and Settings\NIKOS\My Documents\Downloads\hrgtheme.exe
C:\WINDOWS\SYSTEM32\winzwr32.dll

Now reboot into normal mode and after reboot double check the same HJT entries I had you fix above and if any still remain, fix them again a second time.

Now also get a new HJT log and attach it to your next message.

Also tell me how things are working!

 

You're welcome but you should post the follow up HJT log I requested so we can be sure everything was fixed properly.

 

Your log is clean. If you are not having any other malware problems, it is time to go back to step 1 of the READ & RUN ME to Disable System Restore which will flush your Restore Points. Then reboot and enable System Restore to create a new clean Restore Point.

After that, you should work thru the below link:

How to Protect yourself from malware!