JeanInMontana

H jinhavong and welcome to Malwarebytes. Please update MBAM, run a quick scan and this time take action. Your previous log shows that you didn't remove anything. Post the new MBAM log and rename HJT to jinhavong.exe try installing now. Post the log.

Hi tfc2609 and welcome to Malwarebytes. Please run HJT again in scan only mode, and put a check next to the following then click fix. R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL <=== This is optional, if you choose to install it fine, if not please remove it. O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) F3 - REG:win.ini: load= F3 - REG:win.ini: run= O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing) Now reboot to normal mode, update MBAM, quick scan again, if nothing shows great. Please get CCleaner Install the program run the scan. If you have any queries or comments then please use the Forum or contact us via this form.. NOTE: You may wish to save your cookies for sites you use often and have saved the passwords or use auto logon. Also Saved form information. BUT since this is a malware issue, starting over is always a good plan. Do not use the registry repair option with out first backing up your registry. You will be amazed at the amount of space on the HD you gain and probably notice improved performance. Your running an outdated and unsafe version of Adobe Acrobat Reader latest version. Or get the alternative faster lighter on resources Foxit PDF Reader and Editor Look at the Downloads tab here or Downloads if you don't want to see the features etc. Update MBAM do a quick scan, post that log and a new HJT log please.

I didn't recommend you buy anything. I meant the free scan program. I'm sorry I don't ever send people to buy a program, especially when we sell one here. But, I'm glad your running and yes please post the logs so we can see if your fully clean.

Ok, look in the program settings for LogMeIn and see if there is an option to not start with boot up. If not, WinPatrol will do this for you if you use it to remove startup entries. The PC in Egypt, you will never know if they are secure, you don't have access. Your end needs to be double secure. Yes install the items listed. All are free and very low on resources. Do not have LogMeIn this loading at start up. Malwarebytes is not a fire wall or an antivirus, you need both. What company? Malwarebytes or yours? LOL I hope you got it from my affiliate link. I might get a commission some day. Nice to know about Active X thanks. Those seem odd, Win95? They were in Temp files too, are they by any chance still in the virus vault? If so snag them please and upload and attach it in a zipped folder here in a new topic you start, link back to your thread in the HJT forum please. If not there fine and to be safe yes reset a Restore Point.

is this the same machine as your thread here http://www.malwarebytes.org/forums/index.p...amp;#entry35419 ?

Is this the same machine as your thread here http://www.malwarebytes.org/forums/index.p...amp;#entry35324

You need to run as administrator to uninstall on Vista. Your logs look clean with no malware. Many infections can be avoided with an added layer of prevention. All recommended programs are free and easy on system resources. You should install them as part of your protection arsenal. Keep MBAM and Spybot Search & Destroy and always immunize SBS&D when you update. You will also need at least one other scanning program Asquared or SuperAntiSpyware are good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use. A firewall and antivirus are also essential. The Windows firewall in XP and Vista is not sufficient. Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan. Keep other software known for vulnerabilities updated also. Use the Secunia Inspector free scan to identify risks in outdated versions. SpywareBlaster from Javacool Software WinPatrol by BillPStudios SiteHound by FireTrust RogueRemover hpHosts The windows firewall is not sufficient to protect. It doesn't monitor outgoing traffic and this is a must. I use and recommend Online Armor Free Also the full protection of MBAM is offered at a very low price, from the link in my signature.

Hi nat15 and welcome to Malwarebytes. Please update MBAM, your using an outdated version of the definitions. Do a quick scan again, post that log and a new HJT log.

http://www.siteadvisor.com/sites/betabbs.c...FF&aff_id=0Please don't post links to sites like that here.

A search of known reputable AV vendors would be safe. But my point is if you simply search for the rogue, your going to find it. Some people don't know the difference between the good guys and the bad guys. I am thinking of how many will read this thread and be the victim.

Hi jayney and welcome to Malwarebytes. Please uninstall MBAM and download the new version http://www.malwarebytes.org/mbam.php . Install and update the program to the current definitions 1405 or above. Run a quick scan and post that log, and a log from Please get HiJack This! install it to C:\Program Files Close all programs leaving only HijackThis running, and click on scan and save a log. Post that log as a reply here in the body of the post after the MBAM log, not as an attachment

If it was flagged as malware, you could whitelist it. What portion of the scan does it hit ZA?

You need to run scans in normal mode to be effective and please post in the forum as exile360 suggested.

Hello JamesR and welcome to Malwarebytes. Please follow these instructions here and begin your own topic in that forum. It sounds like you might not have cleaned everything.

Your looking clean, but I would be wary of LogMeIn.exe remote log in can be easily exploited. Where is the other end? Is that machine secured? Those are big issues and potential for a huge hack. Your log looks clean. We need to now reset a clean System Restore point. If you don't and you need to use System Restore you will reinfect yourself. Go to Start>Control Panel>System. Click on the System Restore tab and put a check in Turn off System Restore. Then click OK. Now go to Start>Help and Support > Undo Changes to Your System or System Restore depending on the make of your PC. Click on what ever will open the System Restore box. You will see two options, Choose Create a System Restore Point. Give it a name like Clean Restore Point and today's date. Now if you need to use it you have it. Many infections can be avoided with an added layer of prevention. All recommended programs are free and easy on system resources. You should install them as part of your protection arsenal. Keep MBAM and Spybot Search & Destroy and always immunize SBS&D when you update. You will also need at least one other scanning program Asquared or SuperAntiSpyware are good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use. A firewall and antivirus are also essential. The Windows firewall in XP and Vista is not sufficient. Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan. Keep other software known for vulnerabilities updated also. Use the Secunia Inspector free scan to identify risks in outdated versions. SpywareBlaster from Javacool Software WinPatrol by BillPStudios SiteHound by FireTrust RogueRemover hpHosts The windows firewall is not sufficient to protect. It doesn't monitor outgoing traffic and this is a must. I use and recommend Online Armor Free Also the full protection of MBAM is offered at a very low price, from the link in my signature.

Man your system is toasted. I don't know what else we can try, nothing runs. Do you have install disks? That's your last option, or take to a shop and see if they will do a recovery repair.

Hi LennyB and welcome to Malwarebytes. Please post a 1.99 HJT log and see if you can get http://www.prevx.com/freescan.asp to run. They are flagging MBAM and the new version of HJT and crippling them. So post me a log of the Prevx and the old HJT unless after Prevx scan you can run the new HJT and MBAM. Understand what I'm saying? If Prevx will run, it's probably going to get rid of enough to run the other stuff. And if D none of the above is the case we can try some other stuff.

Prevention is key and we will get to that as soon as you follow the next steps in your HJT thread.

Do not search Google for it unless you want to be pwned by it. This is a nasty program posing as a "cure" and injecting a trojan. They hate us and are doing all they can to cripple MBAM and block access to the website.

Sasser was spread by email not websites. Your brother clicked a link or opened an attachment.

Hello PeregrineKodiak and welcome to Malwarebytes. Please follow these instructions here and begin your own topic in that forum.

You did not update MBAM. The current version for definitions is 1405 yours are 1306. Update MBAM and run a quick scan post that log and a new HJT.

Hey welcome back. MBAM is outdated. You need to update it and run a new quick scan, it's clean, I think your clean too. there is some clean up in the HJT log. Please run it and put a check next to the following and click fix. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) Reboot and post the quick scan log from MBAM and a new HJT.

OK, the internet does not scan, so I don't know what you saw scanning. What "hacker" website did you visit? Yes the unprotected files are normal, you have never had SBS&D immunize before. C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe C:\Users\owner\AppData\Local\Temp\Temp1_HiJackThis.zip\HijackThis.exe C:\Users\owner\Desktop\HijackThis.exe You have HJT on the desktop it needs to be only in program files. Empty your temp files and get rid of the version of HJT on the desktop. Where is the (x86) coming from in your log? Update MBAM and run a quick scan post that log and then a log from HJT from the correct location please. Do not start another topic, stay in this thread and be patient.

Please update MBAM and run a quick scan, post that log, and a new HJT log. Also send a copy of that strange file Please find this file helper.sig and attach it in a zipped folder here in a new topic you start, link back to your thread in the HJT forum please. How did you fix the image issue?