JeanInMontana

No your not a failure. You have something "speshal". I've got the lead Developer working with me. We need a log from this please. OK let's go for another special scan tool. Download GMER get the zip file and save to your desktop. Just run gmer.exe. All required files ( gmer.dll and gmer.sys ) will by copied to the system during the first lanuch. . Do not click scan.Use the copy button to copy to your clipboard. Post the log in your next reply.

Most likely Zarina is being reinfected from the illegal software she has downloaded. Shows up really plain in the Panda log http://www.malwarebytes.org/forums/index.php?showtopic=6392

Hi Zarina, you didn't do much that is asked at all. No where is a SBS&D log asked for. All logs are asked to be posted in the body of the reply not as an attachment and the link to download HJT is also in the instructions. We usually don't have a problem re-instructing people who don't read. However what is shown in your Panda log is evidence of illegal activity and we won't be party to that. Key gens are illegal ways of getting programs free. This is probably how you got infected too. Kind of serves you right. o C:\MULTIMEDIA\edrive\Software New\selteco full suite crack.zip[selteco.full.suite.5.0.full.incl.keygen-tsrh.exe] No C:\MULTIMEDIA\edrive\Software New\Selteco.Flash.Designer.v5.0.24.Incl.Keygen-SSG.zip[keygen.exe] No C:\Program Files\Selteco\Alligator Flash Designer 5\keygen.exe No C:\Program Files\Selteco\Alligator Flash Designer 5\selteco.full.suite.5.0.full.incl.keygen-tsrh.exe No C:\Torrents\New Folder\Dreamweaver Plugins\Lab_Plugs_in\PluginLab Combo Box Menu V1.4.0 For Adobe Dreamweaver\KeyGen\keygen.exe Topic closed because of obvious illegal activity.

Let's get one more scan with MBAM. Update it and do a quick scan, post that log and a new HJT please.

Allow SBS&D to change what ever it wants. It is adding to your hosts file and that is what protects you from going to bad sites. You have two firewalls... not good .. Symantec or OnlineArmor...uninstall the other. Don't install new programs while we are cleaning please. Do install the one below. Uninstall one of the firewalls. You are running an outdated and unsafe version of Java. You need to uninstall it via Add/Remove programs and delete the program file also. Then go here Java Update and install the correct version for your system. Choose the offline installation. TeaTimer should be off for this. Open SB S&D Make sure you are in Advanced Mode. Click on the Mode link at the top of the program and then Advanced Mode. Click on the Tools section and then Resident. You will see two items. 1. Resident "SD helper" (Internet Explorer bad download blocker.) active 2. Resident "Tea Timer" (Protection of over-all system settings.) active. Uncheck number 2.. Leave number 1 checked always. You can enable Tea Timer again if you wish once all special fixes have been done. Run HJT in scan only and put a check next to all items below and click fix. O2 - BHO: (no name) - {8B50A1B5-8EF2-4AB0-B105-A06D61DB4D9F} - (no file) O2 - BHO: (no name) - {D000F365-B799-4FB3-BF36-66AB7AEE6836} - (no file) O2 - BHO: (no name) - {E8BCF159-49B9-496F-AB23-F727641F2468} - (no file) O20 - AppInit_DLLs: wxvault.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: rqRKCvTL - C:\WINDOWS\ Reboot, Update MBAM run a quick scan post that log and a new HJT log please.

OK looking good. Few things to clean up. Run HJT in scan only and put a check next to the following items and click fix. O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = Your running an outdated and unsafe version of Adobe Acrobat Reader latest version. Or get the alternative faster lighter on resources Foxit PDF Reader and Editor Look at the Downloads tab here or Downloads if you don't want to see the features etc. Your log looks clean. We need to now reset a clean System Restore point. If you don't and you need to use System Restore you will reinfect yourself. Go to Start>Control Panel>System. Click on the System Restore tab and put a check in Turn off System Restore. Then click OK. Now go to Start>Help and Support > Undo Changes to Your System or System Restore depending on the make of your PC. Click on what ever will open the System Restore box. You will see two options, Choose Create a System Restore Point. Give it a name like Clean Restore Point and today's date. Now if you need to use it you have it. Many of these infections can be avoided with an added layer of prevention. All recommended programs are free and easy on system resources. You should install them as part of your protection arsenal. Keep MBAM and Spybot Search & Destroy and always immunize SBS&D when you update. You will also need at least one other scanning program Asquared or SuperAntiSpyware are good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use. A firewall and antivirus are also essential. The Windows firewall in XP and Vista is not sufficient. Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan. Keep other software known for vulnerabilities updated also. Use the Secunia Inspector free scan to identify risks in outdated versions. SpywareBlaster from Javacool Software WinPatrol by BillPStudios SiteHound by FireTrust RogueRemover hpHosts The windows firewall is not sufficient to protect. It doesn't monitor outgoing traffic and this is a must. I use and recommend Online Armor Free Also the full protection of MBAM is offered at a very low price.

The MBAM log shows you took no action. I want to see the log when you have taken action and then the HJT log. Please follow instructions. Update MBAM, run a quick scan remove anything found, post that log and a new HJT log.

What is a reset? What were the error messages? You have not emptied temp files. That was the purpose of running the CCleaner. The malware being found is in your Temp folder. Go to Start and My Computer, or just My Computer if you have it on the desktop. Open Local Disk C:\ Documents and Settings\User Name\Local Settings\Temp . Open the folder Temp and click on the first file while holding down the shift key click on the last file and click on delete. Once all files have been deleted empty the Recycle Bin on the Desktop. Reboot and scan again with both programs.

Adele are you going to respond?

Since this topic has had no reply for over 5 days it will be closed to prevent other from posting into it. Should you decide to resume with your assistance PM any staff member and we will be happy to reopen the topic. Note: the fixes in this topic are for this system only. Applying them to your system can cause severe damage and result in utter system failure. If you need help start your own topic and someone will be happy to assist you.

Greg nothing is pegged as malware until the scan finishes. "Are you sure boxes" aren't going to show up until the scan is done. I don't see how your suggestion is going to make it faster.

OK, I'll have the dev team take a look.

No what your seeing in the MBAM log is a trace and something in the temp files. Please get CCleaner Install the program run the scan. If you have any queries or comments then please use the Forum or contact us via this form.. NOTE: You may wish to save your cookies for sites you use often and have saved the passwords or use auto logon. Also Saved form information. BUT since this is a malware issue, starting over is always a good plan. You will be amazed at the amount of space on the HD you gain and probably notice improved performance. Now let's do one more MBAM update and quick scan. Post that log and a new HJT.

We create a new restore point because if in the future you were to use one created during the time you were infected you would reinfect yourself. By deleting them all and creating a new clean one you have a good point to use. Since this issue is resolved I will close the thread to prevent others from posting into it. If you need assistance please start your own topic and someone will be happy to assist you. The fixes and advice in this thread are for this machine only. Do not apply to your machine. Please start a thread of your own and someone will be happy to help you.

Run HJT again in scan only put a check next to the lines below and click fix. O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u Your running an outdated and unsafe version of Adobe Acrobat Reader latest version. Or get the alternative faster lighter on resources Foxit PDF Reader and Editor Look at the Downloads tab here or Downloads if you don't want to see the features etc. Your log looks clean. We need to now reset a clean System Restore point. If you don't and you need to use System Restore you will reinfect yourself. Go to Start>Control Panel>System. Click on the System Restore tab and put a check in Turn off System Restore. Then click OK. Now go to Start>Help and Support > Undo Changes to Your System or System Restore depending on the make of your PC. Click on what ever will open the System Restore box. You will see two options, Choose Create a System Restore Point. Give it a name like Clean Restore Point and today's date. Now if you need to use it you have it. Many of these infections can be avoided with an added layer of prevention. All recommended programs are free and easy on system resources. You should install them as part of your protection arsenal. Keep MBAM and Spybot Search & Destroy and always immunize SBS&D when you update. You will also need at least one other scanning program Asquared or SuperAntiSpyware are good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use. A firewall and antivirus are also essential. The Windows firewall in XP and Vista is not sufficient. Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan. Keep other software known for vulnerabilities updated also. Use the Secunia Inspector free scan to identify risks in outdated versions. SpywareBlaster from Javacool Software WinPatrol by BillPStudios SiteHound by FireTrust RogueRemover hpHosts The windows firewall is not sufficient to protect. It doesn't monitor outgoing traffic and this is a must. I use and recommend Online Armor Free Also the full protection of MBAM is offered at a very low price.

Hi there huiaa and welcome to Malwarebytes. Update MBAM run a quick scan post that log [no code box please] then run HJT and post that log, this needs to be after the MBAM log always.

So, does this mean your not going to do anything and I should close the thread?

All we removed with HJT was traces and redirects of your homepage. Windows Defender is not a firewall it's an antimalware program and I'm guessing it had that malware added to it's definitions. I can't be positive because I'm not sure if you can scanned with MBAM before this happened and after you had submitted the files to be added.

Great news!

You can't have found anything because you never completed the process. Don't blame the program for your behavior. If it says reboot then do that. Scan with HiJack This! and see if there is evidence of malware traces. I use this program exclusively for malware clean up as much as possible. It is so much safer for the user than the special fixes.

Of course I agree with you, but I have to say SBS&D is a awesome program too. I would and do keep it along with MBAM. AdAware has been bloated ick for awhile now.

Umm yeah. Why aren't you doing what the program says? Don't use tools like ComboFix unless you know what your doing. MBAM removes most stuff safely that CF is going to see.

New version of a browser won't cure infection.

ZoneAlarm AV is not the best by a long shot. Avira, NOD32 by ESET or Kaspersky's are far better.

WinPatrol