JeanInMontana

MyteryFCM might not have had his morning cuppa .

This issue should be fixed any day now. It is something that affects a very select group of machines. If you attach the mini dump here it may help Marcin.

Im sure it's there by the time you get to this step your going to find "source path" in the right side large box, not in the left side column. Service Pack Source Path <========= bingo

You need to take action. Be sure there is a check next to the item found and remove it. Show me that log and a new HJT please. IMO Norton is crap. It rarely removes what is found, it's a huge resource hog and there are other free better programs. Give Antivir a try. http://www.free-av.de/de/download/index.html Turn off Norton and scan with an updated Antvir/Avira. You'll see a huge performance increase too.

Since this topic has had no reply for over 5 days it will be closed to prevent other from posting into it. Should you decide to resume with your assistance PM any staff member and we will be happy to reopen the topic. Note: the fixes in this topic are for this system only. Applying them to your system can cause severe damage and result in utter system failure. If you need help start your own topic and someone will be happy to assist you.

Since this topic has had no reply for over 5 days it will be closed to prevent other from posting into it. Should you decide to resume with your assistance PM any staff member and we will be happy to reopen the topic. Note: the fixes in this topic are for this system only. Applying them to your system can cause severe damage and result in utter system failure. If you need help start your own topic and someone will be happy to assist you.

Since this topic has had no reply for over 5 days it will be closed to prevent other from posting into it. Should you decide to resume with your assistance PM any staff member and we will be happy to reopen the topic. Note: the fixes in this topic are for this system only. Applying them to your system can cause severe damage and result in utter system failure. If you need help start your own topic and someone will be happy to assist you.

Read here find the I386 folder for SP3 and it should work just the same as in the instructions.

OK logs look clean. Are you having symptoms of any sort?

Hi there dkarst and welcome to Malwarebytes. Did you also use Smitfraudfix? Please update MBAM and run a quick scan, post that log and a new HJT log.

You still have some I don't like the looks of. Please set your system to show all files; Click Start. Open My Computer. Select the Tools menu and click Folder Options. Select the View Tab. Under the Hidden files and folders heading select Show hidden files and folders. Uncheck the Hide protected operating system files (recommended) option. Click Yes to confirm. Click OK. C:\WINDOWS\system32\vqdgxqtg.exe C:\WINDOWS\system32\pejanunm.exe C:\WINDOWS\system32\furytufe.exe Try to find those again please, and zip them here as before. You can delete the others they are with out a doubt malware. O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) <=========== clean that line with HJT also. Update MBAM and scan again post that log and a new HJT.

How are you running now? Logs are looking good we can clean this one R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = If you feel your free of malware we can move on. Your log looks clean. We need to now reset a clean System Restore point. If you don't and you need to use System Restore you will reinfect yourself. Go to Start>Control Panel>System. Click on the System Restore tab and put a check in Turn off System Restore. Then click OK. Now go to Start>Help and Support > Undo Changes to Your System or System Restore depending on the make of your PC. Click on what ever will open the System Restore box. You will see two options, Choose Create a System Restore Point. Give it a name like Clean Restore Point and today's date. Now if you need to use it you have it. Many of these infections can be avoided with an added layer of prevention. All recommended programs are free and easy on system resources. You should install them as part of your protection arsenal. Keep MBAM and Spybot Search & Destroy and always immunize SBS&D when you update. You will also need at least one other scanning program Asquared or SuperAntiSpyware are good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use. A firewall and antivirus are also essential. The Windows firewall in XP and Vista is not sufficient. Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan. Keep other software known for vulnerabilities updated also. Use the Secunia Inspector free scan to identify risks in outdated versions. SpywareBlaster from Javacool Software WinPatrol by BillPStudios SiteHound by FireTrust RogueRemover hpHosts The windows firewall is not sufficient to protect. It doesn't monitor outgoing traffic and this is a must. I use and recommend Online Armor Free Also the full protection of MBAM is offered at a very low price.

Hello Sophia450 and welcome to Malwarebytes. You can burn a disk with HJT on it and then copy that file to the infected machine and run a scan for me. You can also update MBAM and scan again. MBAM is showing it finds no malware after the first removal. Try downloading Firefox for a browser, you can't use it for Panda but might be able to then connect to this site and work direct from the infected machine. I need to see a HiJack This! log please.

Hello zenybear and welcome to Malwarebytes. Please follow these instructions here and begin your own topic in that forum.

OK Let's get another scan with MBAM after update and a new HJT log.

I fixed it. Welcome to Malwarebytes.

Hi xyz and welcome to Malwarebytes. There are 3 update sites. What one is blocked?

Hope your having a great day my friend!!

You did not follow the steps. TeaTimer is still running. You need to turn this off, it could be blocking MBAM from removing anything leftover. No Trend-Micro is no better than Norton. Both are inferior to others such as Avira Antivir, Avast or NOD32. Turn off TeaTimer and run an updated quick scan of MBAM and a new HJT log.

Not if it's a delete on reboot no. Some things do stay. So, I have to admit I am not sure where the line is there. We will get to the bottom of it.

You have nothing in quarantine because it was quarantined and deleted. Just like it says in your log.

If your Norton has a firewall do not install another. CCleaner and Defrag once a month is probably good enough. You can check Windows Updates by going to the update site. SpywareBlaster from Javacool Software WinPatrol by BillPStudios SiteHound by FireTrust RogueRemover hpHosts I recommend the above be added they are all free, and two don't even run as a process.

There is an issue for a very few machines where the service doesn't unload properly. I am among that group and for now reason if I try to shut down MBAM it will BSOD. Soon there will be a version update that fixes this. There can be minor tweaks without updating the version, but this problem doesn't seem to be a minor tweak. I can't wait for it to be fixed.

Hi and welcome to Malwarebytes. Please find these files C:\WINDOWS\system32\vqdgxqtg.exe C:\WINDOWS\system32\pejanunm.exe C:\WINDOWS\system32\furytufe.exe C:\WINDOWS\system32\bajiporg.exe C:\WINDOWS\system32\ohgjkzuf.exe C:\WINDOWS\system32\jyzodkng.exe C:\WINDOWS\system32\ulapknkt.exe C:\WINDOWS\system32\duhmhmzu.exe copy them all to a folder you name suspect and then right click on that folder and choose send to zipped folder. Attach it to your next reply please.

We don't know that things are back to normal. Please follow through with this.