JeanInMontana

Hi again. Please uninstall MBAM, delete all files and folders and in 45 minutes from the time you see on this post, download the new version and reinstall it. Let's see if that fixes the update issue and be sure to also run a quick scan post that log and a new HJT log please.

No do not edit posts. Now we have lost the history of what has gone on with your system. You post a reply and add what is requested. Update MBAM run a quickscan post that log and then the HJT log please.

CF normally runs in about 30 seconds. I am not French and do not read French very well. It's very hard for me to see what is what when you post your logs in French. Please choose English for all logs. Your ComboFix log is not complete either. You either didn't let it finish or you didn't post all the log. This doesn't show me all I need to see. I do see lots of P2P software and you need to remove that if we are to continue. We will not be involved in illegall activities here and unless your paying for whatever your downloading with the P2P it is illegal. See if you can update MBAM and run it and HJT in normal mode. I need feed back on what changes if any have happened. Are you able to boot to normal now an run the system? CF did remove two items.

Hello fox and welcome to Malwarebytes. Please be patient and follow all instructions. Make sure your running as an administrator on the machine. Allow email from Malwarebytes.org and set your preferences in the User Control Panel to email notifications for replies to your topics. This ensures you make prompt replies back and we get you cleaned in the fastest way possible. Please set your system to show all files; Click Start. Open My Computer. Select the Tools menu and click Folder Options. Select the View Tab. Under the Hidden files and folders heading select Show hidden files and folders. Uncheck the Hide protected operating system files (recommended) option. Click Yes to confirm. Click OK. If you haven't already, please get these programs, update and run a complete scan removing all items found. Spybot Search & Destroy Be sure to use the immunize feature. But do not enable TeaTimer at this time. Open SB S&D Make sure you are in Advanced Mode. Click on the Mode link at the top of the program and then Advanced Mode. Click on the Tools section and then Resident. You will see two items. 1. Resident "SD helper" (Internet Explorer bad download blocker.) active 2. Resident "Tea Timer" (Protection of over-all system settings.) active. Uncheck number 2.. Leave number 1 checked always. You can enable Tea Timer again if you wish once all special fixes have been done. Please run a quick scan of your main drive, usually C with MBAM making sure you check all items found for removal. Please post that log in your next reply. Then go here and run a scan PandaActive Scan There is a full tutorial on how to to this at the top of this forum. Post the logs from the Panda and MBAM scans please, along with a log from this program HiJack This! You will post three logs. 1. MBAM scan. 2. Panda Active Scan. 3. HiJack This scan. Please run and post the scans in this order. You will finish the MBAM first so go ahead and post that log, then move on to Panda and so forth. I will analyze the logs and give you further instructions. Be sure to set your email to allow mail from Malwarebytes.org and your personal settings to send an email on reply to your topic. This will let you know when there has been an update to your topic and you can come and see what has been said. Be patient and persistent. These things can take time and many procedures.

Since this issue is resolved I will close the thread to prevent others from posting into it. If you need assistance please start your own topic and someone will be happy to assist you. The fixes and advice in this thread are for this machine only. Do not apply to your machine. Please start a thread of your own and someone will be happy to help you.

Please run HJT again in scan only mode and place a check next to the following lines, then click fix. O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing) <==== this is from your AVG you may want to reinstall it to put that back. O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) Your log looks clean. We need to now reset a clean System Restore point. If you don't and you need to use System Restore you will reinfect yourself. Go to Start>Control Panel>System. Click on the System Restore tab and put a check in Turn off System Restore. Then click OK. Now go to Start>Help and Support > Undo Changes to Your System or System Restore depending on the make of your PC. Click on what ever will open the System Restore box. You will see two options, Choose Create a System Restore Point. Give it a name like Clean Restore Point and today's date. Now if you need to use it you have it. Many of infections can be avoided with an added layer of prevention. All recommended programs are free and easy on system resources. You should install them as part of your protection arsenal. Keep MBAM and Spybot Search & Destroy and always immunize SBS&D when you update. You will also need at least one other scanning program Asquared or SuperAntiSpyware are good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use. A firewall and antivirus are also essential. The Windows firewall in XP and Vista is not sufficient. Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan. Keep other software known for vulnerabilities updated also. Use the Secunia Inspector free scan to identify risks in outdated versions. SpywareBlaster from Javacool Software WinPatrol by BillPStudios SiteHound by FireTrust RogueRemover hpHosts The windows firewall is not sufficient to protect. It doesn't monitor outgoing traffic and this is a must. I use and recommend Online Armor Free Also the full protection of MBAM is offered at a very low price, from the link in my signature.

By all means take it out of startup. Your log looks clean. We need to now reset a clean System Restore point. If you don't and you need to use System Restore you will reinfect yourself. Go to Start>Control Panel>System. Click on the System Restore tab and put a check in Turn off System Restore. Then click OK. Now go to Start>Help and Support > Undo Changes to Your System or System Restore depending on the make of your PC. Click on what ever will open the System Restore box. You will see two options, Choose Create a System Restore Point. Give it a name like Clean Restore Point and today's date. Now if you need to use it you have it. Many of infections can be avoided with an added layer of prevention. All recommended programs are free and easy on system resources. You should install them as part of your protection arsenal. Keep MBAM and Spybot Search & Destroy and always immunize SBS&D when you update. You will also need at least one other scanning program Asquared or SuperAntiSpyware are good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use. A firewall and antivirus are also essential. The Windows firewall in XP and Vista is not sufficient. Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan. Keep other software known for vulnerabilities updated also. Use the Secunia Inspector free scan to identify risks in outdated versions. SpywareBlaster from Javacool Software WinPatrol by BillPStudios SiteHound by FireTrust RogueRemover hpHosts The windows firewall is not sufficient to protect. It doesn't monitor outgoing traffic and this is a must. I use and recommend Online Armor Free Also the full protection of MBAM is offered at a very low price, from the link in my signature.

It is a great little tool for cleaning up junk on a machine. The lines below concern me are you sure they are updated? O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java

Your log looks clean. We need to now reset a clean System Restore point. If you don't and you need to use System Restore you will reinfect yourself. Go to Start>Control Panel>System. Click on the System Restore tab and put a check in Turn off System Restore. Then click OK. Now go to Start>Help and Support > Undo Changes to Your System or System Restore depending on the make of your PC. Click on what ever will open the System Restore box. You will see two options, Choose Create a System Restore Point. Give it a name like Clean Restore Point and today's date. Now if you need to use it you have it. Many of infections can be avoided with an added layer of prevention. All recommended programs are free and easy on system resources. You should install them as part of your protection arsenal. Keep MBAM and Spybot Search & Destroy and always immunize SBS&D when you update. You will also need at least one other scanning program Asquared or SuperAntiSpyware are good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use. A firewall and antivirus are also essential. The Windows firewall in XP and Vista is not sufficient. Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan. Keep other software known for vulnerabilities updated also. Use the Secunia Inspector free scan to identify risks in outdated versions. SpywareBlaster from Javacool Software WinPatrol by BillPStudios SiteHound by FireTrust RogueRemover hpHosts The windows firewall is not sufficient to protect. It doesn't monitor outgoing traffic and this is a must. I use and recommend Online Armor Free Also the full protection of MBAM is offered at a very low price, you'll find a link in my signature.

Since this topic has had no reply for over 5 days it will be closed to prevent other from posting into it. Should you decide to resume with your assistance PM any staff member and we will be happy to reopen the topic. Note: the fixes in this topic are for this system only. Applying them to your system can cause severe damage and result in utter system failure. If you need help start your own topic and someone will be happy to assist you.

Hello virgilhicks and welcome to Malwarebytes. I am going to move your initial post to a closed forum so that we may verify what you have stated here. It is our opinion at this time that what you say is not probable and it would not be to any user's advantage to try your methods. If indeed it does prove to be true we will let you know.

Did you get updated?

Please try updating MBAM and see if it doesn't fix this.

That means you should have reinstalled from 1.28 to 1.29. There has been an update yesterday that should fix this. It did for me. Uninstall and download again from Download.com and see if it all works. Let us know please.

W00t!!

Let's get this done. Running CF takes about 30 seconds. Malware needs to be dealt with in a timely fashon to be effective at all.

You didn't update MBAM. Please update it and scan again. Post that log and a new HJT log.

MBAM doesn't remove Appinit.dll's yet so we will with HJT Run HJT in scan only and put a check next to O20 - AppInit_DLLs: adubes.dll then click fix. Please get CCleaner Install the program run the scan. If you have any queries or comments then please use the Forum or contact us via this form.. NOTE: You may wish to save your cookies for sites you use often and have saved the passwords or use auto logon. Also Saved form information. BUT since this is a malware issue, starting over is always a good plan. You will be amazed at the amount of space on the HD you gain and probably notice improved performance. Reboot update MBAM run another quick scan and post that log and a new HJT log. As for your Adobe woes, there is a great free alternative. Foxit reader and writer. Open Office also free has PDF capabilities too. You still have to update Java also. 1.6u10 is current.

I told you to get rid of the Bit torrent. If you are not willing to do that then I will just close this thread and move on to those willing to follow instructions. Thinking you checked something isn't what is needed here. You need to do it.

Your sytem is booting from Safe Mode probably from the infection. Be sure you do choose start Windows in normal mode for all removal and logs we need. Run HJT in scan only, put a check next to the lines below, then click fix. O4 - HKUS\S-1-5-18\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe (User 'Default user') Reboot to normal mode. Now update MBAM again and scan, post that log and a new HJT please. The infection shown in your HJT log is removed with MBAM so you shouldn't be showing it in the HJT log. Be sure to post the HJT log after the MBAM scan.

Do you get an error message? Please give all the details you can so that I may assist in the fastest and best way possible. Try again, I had mine give an error message earlier I think there may have been a website glitch.

Since this topic has had no reply for over 5 days it will be closed to prevent other from posting into it. Should you decide to resume with your assistance PM any staff member and we will be happy to reopen the topic. Note: the fixes in this topic are for this system only. Applying them to your system can cause severe damage and result in utter system failure. If you need help start your own topic and someone will be happy to assist you.

OK the topic is reopened. If your circumstances have not changed please follow the ComboFix instructions.

Update MBAM and post the log and then the HJT log.

There is no malware showing up. MBAM has had another definitions update see if that has added anything you might still have. The strange thing I see are all these IE entries in your log are you closing it when you scan with HJT? Do you have that many open windows? C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe