JeanInMontana

Are you rebooting when MBAM says to? I need to see the HJT log after the reboot for removal with MBAM.

Go to Start > My Computer> Local Disk C right click on C and select properties then the Tools tab. First click on Error Checking, in the box that pops up put a check in both boxes and then click ok when it tells you it can schedule to check on reboot. Reboot. Let the check run. In the same location you will see Defragmentation. Do it. Don't let it tell you it isn't needed, if you don't know what it is it's needed. CCleaner Go to PCPitstop and run the diagnostics. See what they come up with. If you get rid of Symantec you still need something. Malware usually is why auto updates get turned off. Spybot S&D will fix it for you and monitor it. Your log looks clean. We need to now reset a clean System Restore point. If you don't and you need to use System Restore you will reinfect yourself. Go to Start>Control Panel>System. Click on the System Restore tab and put a check in Turn off System Restore. Then click OK. Now go to Start>Help and Support > Undo Changes to Your System or System Restore depending on the make of your PC. Click on what ever will open the System Restore box. You will see two options, Choose Create a System Restore Point. Give it a name like Clean Restore Point and today's date. Now if you need to use it you have it. Many of these infections can be avoided with an added layer of prevention. All recommended programs are free and easy on system resources. You should install them as part of your protection arsenal. Keep MBAM and Spybot Search & Destroy and always immunize SBS&D when you update. You will also need at least one other scanning program Asquared or SuperAntiSpyware are good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use. A firewall and antivirus are also essential. The Windows firewall in XP and Vista is not sufficient. Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan. Keep other software known for vulnerabilities updated also. Use the Secunia Inspector free scan to identify risks in outdated versions. SpywareBlaster from Javacool Software WinPatrol by BillPStudios SiteHound by FireTrust RogueRemover hpHosts The windows firewall is not sufficient to protect. It doesn't monitor outgoing traffic and this is a must. I use and recommend Online Armor Free Also the full protection of MBAM is offered at a very low price.

Hi since you have stated you used this machine for banking etc, please be sure to notify those entities that your identity could have been stolen. The best option for you is to do a total reformat at this stage. If that is impossible then please do the requested steps below. I've been asked to request you use the program below, I realize if the machine is offline you can't follow all instructions, get the log for us above all else. This is the last ditch effort to fix the machine and a total reformat is the best option. Review this article here how to use ComboFix Be sure you cover the section on How to install and use the Windows XP Recovery Console and make sure it is installed on your machine. This is important should anything go wrong and we need to recover your PC and not lose all the data. 1. Download this file : http://download.bleepingcomputer.com/sUBs/ComboFix.exe save it to your desktop. 2. Double click combofix.exe. It will be a red icon with a white X on your desktop. Follow the prompts you will get a blue cmd prompt screen and a choice to choose Y or N. Choose Y and hit enter. 3. When finished, it shall produce a log for you. This logfile is located at C:\ComboFix.txt. Post that log and a HiJack log in your next reply Note: Do not mouseclick combofix's window while its running. That may cause it to stall.

This is fixed.

That's good because we have to use it from time to time with some infections as DaChew mentioned.

Websites have problems Grizzly and this was a request for damn good reasons. The whole site was having trouble. You seem a bit confused about who has authority here, it's not you.

That will surely help thanks, I've alerted nosirrah.

Hi again. We need to see a new updated MBAM log, be sure you update. Do a quick scan with MBAM, post that log and then a new HJT too please.

I should have looked at all the links before posting. The above is the reason MBAM is better. We are constantly improving it and working out bugs. It's not a year old. This time last year we were still in private beta.

MBAM is the program name, Malwarebytes Anti Malware, it is NOT an antivirus. You need to correct these things.

Hi Biscuit and welcome to Malwarebytes. I'll answer your questions the best I can. 1. We know of no conflicts from any AV programs. Our personal favorite to run along side MBAM is Avira from Antivir. 2. At this time, we do not have the corp version that runs on a server and pushes out to workstations up and running. It is in the works. 3. MBAM has not replaced RR. RR offers a permanent site block feature that MBAM does not at this time. More planned for the future there also. 4 Many users have requested a portable version and down the road that is a possibility. No program is ever going to be completely free of false positives or other bugs. That's just the nature of the beast. MBAM protects against deleting vital files by making the user choose to remove, however, they can still choose to remove a good file. Hope I have answered your questions.

Please stop posting malicious files in open forum. We have a file upload.

Contact Marcin/RubbeR DuckY at marcin at malwarebytes.org directly and he will set you up.

Congrats!!

Yesterday morning the DB for MBAM was 1202 so at 5PM you show 1200? You didn't update or we have a problem. O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL Those are all Ask Jeeves a borderline item, if you installed it by choice fine, otherwise, I would get rid of it. Please update MBAM and run a quick scan, post the log. Are you having symptoms? Ahhh I see you like to steal. H:\Utils\DVD Burning\CDRApps\Ahead Nero8\keygen.exe H:\Utils\DVD Burning\Aone\Aone.Movie.DVD.Maker.v1.6.6\Aone.Movie.DVD.Maker.v1.6.6\keygen\keygen.exe �z�D�� H:\Utils\DVD Burning\Aone\Aone.Ultra.DVD.Creator.v1.6.8\Aone.Ultra.DVD.Creator.v1.6.8\keygen\keygen.exe H:\Utils\Serials\Cracks\PCMark2002_build_100_by_KaliM.zip[PCMark.exe] �z�D�� H:\Utils\Serials\Cracks\WinRAR_Univesal_Crack_All_Version_3[1].xx.zip[winrar3uni_crk.exe] �z�D�� H:\Utils\Serials\Keygens\nav2004keygen.zip[keygen.exe] <======= That's against the law! All of those are ripped off stolen programs and you got just what you deserved for stealing. We're done here.

Well those programs always set themselves up to auto start. You can leave them installed but go into the program settings and set them to start manually. Viewpoint is addware force installed by AOL and some other stuff. You will eventually have to reinstall it if your using them for ISP, they won't allow connection. The Skype can also be set to not auto start. Did you do the other maintenance stuff? If your soon to run out on Symantec's license I certainly wouldn't renew. Get something like Avira, its free or has a paid version too. Runs with hardly any resource use and is a great companion for MBAM. Defragging and a reg clean and CCleaner can really speed up performance.

Hi there irakli_san, and welcome to Malwarebytes. Please find this file osama.pif and attach it in a zipped folder here in a new topic you start, link back to your thread in the HJT forum please. Make sure your running as an administrator on the machine. Allow email from Malwarebytes.org and set your preferences in the User Control Panel to email notifications for replies to your topics. This ensures you make prompt replies back and we get you cleaned in the fastest way possible. Please set your system to show all files; Click Start. Open My Computer. Select the Tools menu and click Folder Options. Select the View Tab. Under the Hidden files and folders heading select Show hidden files and folders. Uncheck the Hide protected operating system files (recommended) option. Click Yes to confirm. Click OK. If you haven't already, please get these programs, update and run a complete scan removing all items found. Spybot Search & Destroy Be sure to use the immunize feature. But do not enable TeaTimer at this time. Open SB S&D Make sure you are in Advanced Mode. Click on the Mode link at the top of the program and then Advanced Mode. Click on the Tools section and then Resident. You will see two items. 1. Resident "SD helper" (Internet Explorer bad download blocker.) active 2. Resident "Tea Timer" (Protection of over-all system settings.) active. Uncheck number 2.. Leave number 1 checked always. You can enable Tea Timer again if you wish once all special fixes have been done. Please run a quick scan of your main drive, usually C with MBAM making sure you check all items found for removal. Please post that log in your next reply. Then go here and run a scan PandaActive Scan There is a full tutorial on how to to this at the top of this forum. Post the logs from the Panda and MBAM scans please, along with a log from this program HiJack This! You will post three logs. 1. MBAM scan. 2. Panda Active Scan. 3. HiJack This scan. Please run and post the scans in this order. You will finish the MBAM first so go ahead and post that log, then move on to Panda and so forth. I will analyze the logs and give you further instructions. Be sure to set your email to allow mail from Malwarebytes.org and your personal settings to send an email on reply to your topic. This will let you know when there has been an update to your topic and you can come and see what has been said. Be patient and persistent. These things can take time and many procedures.

Follow the instructions here http://www.malwarebytes.org/forums/index.php?showtopic=2936

OK run HJT again in scan only put a check next to the following and then click fix. O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll (file missing) Your log looks clean. We need to now reset a clean System Restore point. If you don't and you need to use System Restore you will reinfect yourself. Go to Start>Control Panel>System. Click on the System Restore tab and put a check in Turn off System Restore. Then click OK. Now go to Start>Help and Support > Undo Changes to Your System or System Restore depending on the make of your PC. Click on what ever will open the System Restore box. You will see two options, Choose Create a System Restore Point. Give it a name like Clean Restore Point and today's date. Now if you need to use it you have it. Many of these infections can be avoided with an added layer of prevention. All recommended programs are free and easy on system resources. You should install them as part of your protection arsenal. Keep MBAM and Spybot Search & Destroy and always immunize SBS&D when you update. You will also need at least one other scanning program Asquared or SuperAntiSpyware are good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use. A firewall and antivirus are also essential. The Windows firewall in XP and Vista is not sufficient. Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan. Keep other software known for vulnerabilities updated also. Use the Secunia Inspector free scan to identify risks in outdated versions. SpywareBlaster from Javacool Software WinPatrol by BillPStudios SiteHound by FireTrust RogueRemover hpHosts The windows firewall is not sufficient to protect. It doesn't monitor outgoing traffic and this is a must. I use and recommend Online Armor Free Also the full protection of MBAM is offered at a very low price.

It's seeing the zip folder of files on your desktop as bad. Please delete them from the desktop. Your logs look clean! Your log looks clean. We need to now reset a clean System Restore point. If you don't and you need to use System Restore you will reinfect yourself. Go to Start>Control Panel>System. Click on the System Restore tab and put a check in Turn off System Restore. Then click OK. Now go to Start>Help and Support > Undo Changes to Your System or System Restore depending on the make of your PC. Click on what ever will open the System Restore box. You will see two options, Choose Create a System Restore Point. Give it a name like Clean Restore Point and today's date. Now if you need to use it you have it. Many of these infections can be avoided with an added layer of prevention. All recommended programs are free and easy on system resources. You should install them as part of your protection arsenal. Keep MBAM and Spybot Search & Destroy and always immunize SBS&D when you update. You will also need at least one other scanning program Asquared or SuperAntiSpyware are good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use. A firewall and antivirus are also essential. The Windows firewall in XP and Vista is not sufficient. Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan. Keep other software known for vulnerabilities updated also. Use the Secunia Inspector free scan to identify risks in outdated versions. SpywareBlaster from Javacool Software WinPatrol by BillPStudios SiteHound by FireTrust RogueRemover hpHosts The windows firewall is not sufficient to protect. It doesn't monitor outgoing traffic and this is a must. I use and recommend Online Armor Free Also the full protection of MBAM is offered at a very low price.

Good going!! Update MBAM again and do another quick scan, post that log and a new HJT too.

Not at all. Very low on resources. So, what's wrong with 20mb? Scan times will vary and depend on the system. It's a good program.

Dave, find all the bad sites you want. But don't post the links here. Think about it, posting malicious site links on a forum as busy as this, what's going to happen? At least two of the links you have posted are nothing. One goes to a forum log on and the other is Google search.

Run one more MBAM scan for me and post it please, reboot, update MBAM and quick scan. You have two messenger programs running, QuickTime, ITunes and Symantec all running that's enough to cause poor performance. Malware will also fragment lots of files and even damage some system files. If we get a clean MBAM this scan, we can continue with some last steps and maybe some stuff that will help performance.

Are you still getting popups? If so what do they say? There has been an update to MBAM also 1202 is current data base version.