JeanInMontana

Are you taking out part of the HJT log? Run HJT again in scan only and put a check next to these lines, then click fix. O2 - BHO: (no name) - {D545BDBA-727B-4661-8ED1-5600073CDC27} - c:\windows\system32\ascuijq.dll (file missing) O20 - Winlogon Notify: zfvlnnlm - ascuijq.dll (file missing) Reboot. Update MBAM run a quick scan post that log and a new HJT log. The full HJT log.

You still haven't posted the new updated MBAM log or the HJT log. We need to stick with the cleaning or I close the thread. Many others need help too.

Hi unknown and welcome to Malwarebytes, is this you here http://www.castlecops.com/p1116206-HJT_Log_Trojan_Vundo.html . You need to stick with that thread if that is you, since you have already taken it upon yourself to use ComboFix.

Your welcome glad we could be of assistance. Since this issue is resolved I will close the thread to prevent others from posting into it. If you need assistance please start your own topic and someone will be happy to assist you. The fixes and advice in this thread are for this machine only. Do not apply to your machine. Please start a thread of your own and someone will be happy to help you.

Hi hadog and welcome to Malwarebytes. If you would like further assistance please go here http://www.malwarebytes.org/forums/index.php?showtopic=2936 follow those instructions and then begin your own topic and post the logs requested.

Hi patlaw and welcome to Malwarebytes. What are you searching for? I just did a test and it works fine.

Well it's a driver, for a mini port, but I sent you over here because I am not at ease when it comes to hardware. LOL I'll stick a bug in an ear that is.

I need a new updated MBAM log and a HJT please. I did re-read, and if you did delete all the files that's good, but obviously something is still here. I think we know what it is and I just need to see it in the HJT log.

No way did Merijn ever say to rename HJT. Renaming HJT is only if it is suspected that malware is causing it to fail. This guy is banned for idiocy and more.

Hi and welcome to Malwarebytes. You have a seriously outdated version of MBAM. Please update it immediately do another quick scan, post that log and a new HJT log.

Hi again, sorry sometimes things get slowed with the weekend. Let's get a new scan with MBAM, be sure to update it, run a quick scan, post the log and a new HJT log too.

Did you go to the link? I see now they are selling it. Yes any I386 is going to be the one. There should only be one. SP2 and SP3 where SP = Service Pack. You might be able to replace the driver files through Dell too. I'm not sure they are going to be in I386. Google search of the file name. http://www.google.com/search?q=Sym_U3.sys&...lient=firefox-a

There is something with the link. I'm guessing its a credit for the clicks, or if you sign up at freewebs. The site doesn't load for me with the link as posted, Google search, brings us Coils Collection, and a smattering of sites where guess what? Links to freewebs.com.coilscollection in many posts and since Malwarebytes ranks very high in Google searches, now so does coils collection. Some would call it spam.

I'm not giving up. I will need to get advice from someone. I already did that once, and we thought this would work. It might be to do with two machines being involved. I can't say anything useful at this time. I'll get some sleep, talk to the guru, and get back to you.

The log for MBAM is not complete. There is no doubt of that at all. The HJT log looks suspiciously short. I want to see the full logs. One from an updated MBAM, and one from HJT with all entries.

Empty your MBAM quarantine and fix what SBS&D is finding.

Hello, you don't have to pay to remove. Delete ComboFix from your desktop. Your not taking action with MBAM. When you scan with it you need to check the boxes next to what it found and remove them. Update MBAM, scan again this time take action. Post that log and then the full HJT log.

Scanning in safe mode will likely show no infection if you are infected. Your renaming HJT for what reason? Don't scan in safe mode and expect to actually do anything. Most malware doesn't run in Safe Mode and therefore no scan will find it.

Bit of a link over load. Are you representing any of them?

OK, what you need to do, is hard reset the modem. On the back there is a small opening labeled reset,, you will need to use a pen to poke it. Be ready to call your ISP to get them to reconnect you, they will not believe you know what is going on and that it is their router/modem infected or that it is the router/modem infected. We know it is and it's pointless to try and convince them. Just tell them you have lost connection. They will reset you on their end and you should be clean. Maybe you can find the new connection, if your machine is able, mine will if I reset mine. Most will not. Let me know how you make out.

Hello and welcome to Malwarebytes. Please follow the instructions here http://www.malwarebytes.org/forums/index.php?showtopic=2936

Update MBAM. Your definitions are way outdated. I need a HJT log too please.

Your logs are edited, why? That item can be fixed with no problems.

C:\Users\Default\Cookies\MM2048.DAT (Trojan.Agent) -> No action taken. C:\Users\Default\Cookies\MM256.DAT (Trojan.Agent) -> No action taken. Those cookies are what Raid wants. Please read these instructions http://www.malwarebytes.org/forums/index.php?showtopic=2936 and begin your own topic in that forum. We can see what's going on with some more logs.

What nosirrah does is what he does. I'm telling you not to offer advice period. I see that you have again. Maybe you didn't notice BC is not this site. They certainly are one of the best sites for PC help, we work closely with them in fact. What goes on at this site is totally different. Consider this your last warning.