JeanInMontana
Honorary Members-
Posts
3,859 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by JeanInMontana
-
CWS.Svchost32 issues and desperately need help !
JeanInMontana replied to RifRaf's topic in Resolved Malware Removal Logs
the quick scan with MBAM is what is instructed and really all you need to do. 00035872 adware/popuper Adware No 0 Yes No c:\documents and settings\all users\favorites\online antivirus and spyware remover.url 00035872 adware/popuper Adware No 0 Yes No c:\documents and settings\all users\favorites\online directory of pure porn.url As you see the two above are the root of the popups and need to be taken out of Favorites and don't go there again. Porn sites are notorious for infection and most likely the other is a rogue application. Run HJT again and remove these lines below by placing a check next to them and then clicking fix. O1 - Hosts: 66.180.173.39 google.ae O1 - Hosts: 66.180.173.39 google.am O1 - Hosts: 66.180.173.39 google.as O1 - Hosts: 66.180.173.39 google.az O1 - Hosts: 66.180.173.39 google.bi O1 - Hosts: 66.180.173.39 google.cd O1 - Hosts: 66.180.173.39 google.cg O1 - Hosts: 66.180.173.39 google.ci O1 - Hosts: 66.180.173.39 google.cl O1 - Hosts: 66.180.173.39 google.co.cr O1 - Hosts: 66.180.173.39 google.co.hu O1 - Hosts: 66.180.173.39 google.co.in O1 - Hosts: 66.180.173.39 google.co.je O1 - Hosts: 66.180.173.39 google.co.jp O1 - Hosts: 66.180.173.39 google.co.ke O1 - Hosts: 66.180.173.39 google.co.ls O1 - Hosts: 66.180.173.39 google.co.th O1 - Hosts: 66.180.173.39 google.co.ug O1 - Hosts: 66.180.173.39 google.co.uk O1 - Hosts: 66.180.173.39 google.co.ve O1 - Hosts: 66.180.173.39 google.dj O1 - Hosts: 66.180.173.39 google.es O1 - Hosts: 66.180.173.39 google.fm O1 - Hosts: 66.180.173.39 google.gg O1 - Hosts: 66.180.173.39 google.gl O1 - Hosts: 66.180.173.39 google.gm O1 - Hosts: 66.180.173.39 google.hn O1 - Hosts: 66.180.173.39 google.kz O1 - Hosts: 66.180.173.39 google.li O1 - Hosts: 66.180.173.39 google.lt O1 - Hosts: 66.180.173.39 google.lu O1 - Hosts: 66.180.173.39 google.lv O1 - Hosts: 66.180.173.39 google.mn O1 - Hosts: 66.180.173.39 google.ms O1 - Hosts: 66.180.173.39 google.mu O1 - Hosts: 66.180.173.39 google.mw O1 - Hosts: 66.180.173.39 google.no O1 - Hosts: 66.180.173.39 google.off.ai O1 - Hosts: 66.180.173.39 google.pn O1 - Hosts: 66.180.173.39 google.pt O1 - Hosts: 66.180.173.39 google.ro O1 - Hosts: 66.180.173.39 google.ru O1 - Hosts: 66.180.173.39 google.rw O1 - Hosts: 66.180.173.39 google.se O1 - Hosts: 66.180.173.39 google.sh O1 - Hosts: 66.180.173.39 google.sk O1 - Hosts: 66.180.173.39 google.sm O1 - Hosts: 66.180.173.39 google.td O1 - Hosts: 66.180.173.39 google.tm O1 - Hosts: 66.180.173.39 google.tt O1 - Hosts: 66.180.173.39 google.uz O1 - Hosts: 66.180.173.39 google.vg O1 - Hosts: 66.180.173.39 google.ae O1 - Hosts: 66.180.173.39 google.am O1 - Hosts: 66.180.173.39 google.as O1 - Hosts: 66.180.173.39 google.az O1 - Hosts: 66.180.173.39 google.bi O1 - Hosts: 66.180.173.39 google.cd O1 - Hosts: 66.180.173.39 google.cg O1 - Hosts: 66.180.173.39 google.ci O1 - Hosts: 66.180.173.39 google.cl O1 - Hosts: 66.180.173.39 google.co.cr O1 - Hosts: 66.180.173.39 google.co.hu O1 - Hosts: 66.180.173.39 google.co.in O1 - Hosts: 66.180.173.39 google.co.je O1 - Hosts: 66.180.173.39 google.co.jp O1 - Hosts: 66.180.173.39 google.co.ke O1 - Hosts: 66.180.173.39 google.co.ls O1 - Hosts: 66.180.173.39 google.co.th O1 - Hosts: 66.180.173.39 google.co.ug O1 - Hosts: 66.180.173.39 google.co.uk O1 - Hosts: 66.180.173.39 google.co.ve O1 - Hosts: 66.180.173.39 google.dj O1 - Hosts: 66.180.173.39 google.es O1 - Hosts: 66.180.173.39 google.fm O1 - Hosts: 66.180.173.39 google.gg O1 - Hosts: 66.180.173.39 google.gl O1 - Hosts: 66.180.173.39 google.gm O1 - Hosts: 66.180.173.39 google.hn O1 - Hosts: 66.180.173.39 google.kz O1 - Hosts: 66.180.173.39 google.li O1 - Hosts: 66.180.173.39 google.lt O1 - Hosts: 66.180.173.39 google.lu O1 - Hosts: 66.180.173.39 google.lv O1 - Hosts: 66.180.173.39 google.mn O1 - Hosts: 66.180.173.39 google.ms O1 - Hosts: 66.180.173.39 google.mu O1 - Hosts: 66.180.173.39 google.mw O1 - Hosts: 66.180.173.39 google.no O1 - Hosts: 66.180.173.39 google.off.ai O1 - Hosts: 66.180.173.39 google.pn O1 - Hosts: 66.180.173.39 google.pt O1 - Hosts: 66.180.173.39 google.ro O1 - Hosts: 66.180.173.39 google.ru O1 - Hosts: 66.180.173.39 google.rw O1 - Hosts: 66.180.173.39 google.se O1 - Hosts: 66.180.173.39 google.sh O1 - Hosts: 66.180.173.39 google.sk O1 - Hosts: 66.180.173.39 google.sm O1 - Hosts: 66.180.173.39 google.td O1 - Hosts: 66.180.173.39 google.tm O2 - BHO: (no name) - {602DD5BD-6413-46D9-B655-937776DFEA19} - C:\WINDOWS\system32\ljJYRHBT.dll (file missing) O2 - BHO: (no name) - {6BAF4B9A-3399-4233-A380-109DFD48E690} - C:\WINDOWS\system32\andcea.dll (file missing) O2 - BHO: (no name) - {D8A7FBC6-AE1D-4743-9E70-21902FB19B6D} - C:\WINDOWS\system32\ljJAPIax.dll (file missing) O9 - Extra button: (no name) - {BE2F2769-8A63-4bc7-8A99-06C2C4AD7B9B} - (no file) (HKCU) O20 - Winlogon Notify: ljJAPIax - ljJAPIax.dll (file missing) O24 - Desktop Component 0: (no name) - http://www.focusstoc.com/forums/uploads/11..._2_2_117383.jpg O24 - Desktop Component 1: (no name) - http://www.wolves.premiumtv.co.uk/content/...R64/367353.JPEG Reboot. Update MBAM do a quick scan again and post that log and a new HJT log. -
Hi chucky830 and welcome to Malwarebytes. Interesting, how did you use malware to remove malware? xp 2008? No such thing, that I'm aware of. I suggest you follow the instructions here http://www.malwarebytes.org/forums/index.php?showtopic=2936
-
Rogue Program Pop-Ups.
JeanInMontana replied to normishmael's topic in Malwarebytes for Windows Support Forum
You never finished your topic here http://www.malwarebytes.org/forums/index.p...amp;#entry21734 so it's impossible to tell if your infected or not. You don't have to install for some infections to get you. I can't stress enough you follow the instructions in the pre HJT post instructions and start your own topic. -
Use the whitelist and no problems.
-
Malwarebytes detected as a trojan?
JeanInMontana replied to dohi312's topic in Malwarebytes for Windows Support Forum
Well this sucks. I am an affiliate with RegNow and how do I get this fixed? -
Registry Keys Infected with Trojan.Agent
JeanInMontana replied to kgom's topic in Malwarebytes for Windows Support Forum
Hi kgom and welcome to Malwarebytes. Please follow the instructions here http://www.malwarebytes.org/forums/index.php?showtopic=2936 and start your own topic. Someone will be happy to help you. -
What is your biggest catch?
JeanInMontana replied to mamister's topic in Malwarebytes for Windows Support Forum
No, I don't think you are realizing anything. Please start a topic in the Malware Removal forum and follow the instruction in the link I posted prior. You need to clean this machine, it's a menace to the WWW. -
CWS.Svchost32 issues and desperately need help !
JeanInMontana replied to RifRaf's topic in Resolved Malware Removal Logs
Hi RifRaf and welcome to Malwarebytes. Please follow the instructions here http://www.malwarebytes.org/forums/index.php?showtopic=2936 -
Trojan.Downloader - Which Files to Remove?
JeanInMontana replied to anonimito's topic in Resolved Malware Removal Logs
Looks good now. Get some of the free prevention programs on it, us SiteHound or SiteAdvisor and a host file. -
Interesting results? Online analyzers are not safe or reliable. They might show you something that should be removed or they might not. No one I know uses them with confidence or recommends.
-
Trojan.Downloader - Which Files to Remove?
JeanInMontana replied to anonimito's topic in Resolved Malware Removal Logs
It doesn't take 5 hours. 30 minutes is an average, something wasn't right. What does MBAM show now? and HJT? There is a new version of MBAM, run a quick scan and post the log and a new HJT. -
A malware removal school like Malware Removal University, Geeks 2 Go, What the Tech is your best bet for learning how to use HJT. It is a diagnosis tool not a malware scanner. The majority of items you see in a HJT log are valid and crucial system items. Those are schools that can teach you.
-
Trojan.Downloader - Which Files to Remove?
JeanInMontana replied to anonimito's topic in Resolved Malware Removal Logs
Then you put a reinstall disk in, and ran a full install? Not a repair? -
Virtumonde..pls help (HJT and MBAM logs inside)
JeanInMontana replied to Trance's topic in Resolved Malware Removal Logs
Please read and follow the instructions here http://www.malwarebytes.org/forums/index.php?showtopic=2936 . -
run-time error '6': overflow
JeanInMontana replied to Adaox's topic in Malwarebytes for Windows Support Forum
Hi Adaox and welcome to Malwarebytes. Have your girlfriend join the forum and follow the instructions here http://www.malwarebytes.org/forums/index.php?showtopic=2936 . Someone will be happy to help her. -
Trojan.Downloader - Which Files to Remove?
JeanInMontana replied to anonimito's topic in Resolved Malware Removal Logs
You must not have done the reformat correctly is all I can think. When it asks do you want to completely remove the volume on C or overwrite, I forget the exact wording. Choose yes. You must completely erase the drive and then reinstall Windows. -
Trojan Downloader.Wma question
JeanInMontana replied to Edward's topic in Resolved Malware Removal Logs
Hi Edward and welcome to Malwarebytes. Please follow the instructions here http://www.malwarebytes.org/forums/index.php?showtopic=2936 . -
Hi Coolpoolfool and welcome to Malwarebytes. Only one active antivirus running you can have more as backup scanners but running two at once is no good. Many of infections can be avoided with an added layer of prevention. All recommended programs are free and easy on system resources. You should install them as part of your protection arsenal. Keep MBAM and Spybot Search & Destroy and always immunize SBS&D when you update. You will also need at least one other scanning program Asquared or SuperAntiSpyware are good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use. A firewall and antivirus are also essential. The Windows firewall in XP is not sufficient. Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan. Keep other software known for vulnerabilities updated also. Use the Secunia Inspector free scan to identify risks in outdated versions. SpywareBlaster from Javacool Software WinPatrol by BillPStudios SiteHound by FireTrust RogueRemover hpHosts The windows firewall is not sufficient to protect. It doesn't monitor outgoing traffic and this is a must. I use and recommend Online Armor Free Also the full protection of MBAM is offered at a very low price. Give it a trial using the link in my signature.
-
Suggestion: Logfile and command line options
JeanInMontana replied to amyc's topic in Malwarebytes for Windows
Some of the features are in the pay version. You can schedule tasks to be preformed minimized and you barely know the program has run.