Home > Hjt Log > HJT Log - Check Please

HJT Log - Check Please

What the Tech → Spyware / Malware / Virus Removal → Virus, Spyware & Malware Removal Javascript Disabled Detected You currently have javascript disabled. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_2_r.mbam... Once the computer is totally clean, I'll certainly let you know. http://filealley.com/hjt-log/hjt-log-please-check.html

And thanks for the help so far! -Missy ShadowsInAsh, Aug 25, 2005 #8 dvk01 Derek Moderator Malware Specialist Joined: Dec 14, 2002 Messages: 50,466 * Run ActiveScan online virus scan DUNK08-04-2010, 05:35 PMHi Speedy. C:\Documents and Settings\Mike\Application Data\SwvUpdater\status.cfg (PUP.Software.Updater) -> Quarantined and deleted successfully. I would ask that you instead consider donating the greatest gift - Organ Donation.

Main Sections Technology News Reviews Features Product Finder Downloads Drivers Community TechSpot Forums Today's Posts Ask a Question News & Comments Useful Resources Best of the Best Must Reads Trending Now Information on A/V control HEREWe also need a new log from the GMER anti-rootkit scanner. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Here's my hijackthis log: Logfile of HijackThis v1.98.2 Scan saved at 10:49:43 AM, on 8/22/2005 Platform: Windows ME (Win9x 4.90.3000) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\mmtask.tsk

DDS (Ver_2012-11-20.01) . Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Even if your computer appears to act better, it may still be infected. Here 'tis.

Without regular updates you WILL NOT be protected when new malicious programs are released.If you have any addition questions just ask...David Back to top Prev Page 2 of 2 1 2 Place a tick next to the following and then press Fix all O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program You all have always been so helpful to me, and I'm grateful! -Missy ShadowsInAsh, Aug 22, 2005 #1 Sponsor brendandonhu Joined: Jul 8, 2002 Messages: 14,681 Save a copy you could check here Feedback Doctor's Lounge « Previous Thread | Next Thread » Thread Information Users Browsing this Thread There are currently 1 users browsing this thread. (0 members and 1 guests) Posting Permissions

To start viewing messages, select the forum that you want to visit from the selection below. Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_0_r.mbam... Ask a question and give support. This is normal and indicates the tool ran successfully.

Ask a Question See Latest Posts TechSpot Forums are dedicated to computer enthusiasts and power users. Removal finished Jun 22, 2013 #6 Broni Malware Annihilator Posts: 53,147 +349 Create new restore point before proceeding with the next step.... If you need more time, simply let me know. I'm glad to hear you've had no popups.

If, for some reason, Combofix refuses to run, try the following... have a peek at these guys It is important that it is saved directly to your desktop** Never rename Combofix unless instructed. HKCR\TypeLib\{DF058C45-CD18-453e-8745-5A77F60722AB} (Adware.Gdown) -> Quarantined and deleted successfully. DUNK08-04-2010, 03:17 AMWell.

Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Scanning will begin, which takes a long time. You posted this before I'd even got back !! check over here I think even that helped, my comp seems to be doing better already!

Exit Ewido. brendandonhu, Aug 22, 2005 #2 ShadowsInAsh Thread Starter Joined: Mar 4, 2004 Messages: 19 I did as you said, and deleted: C:\WINDOWS\ZGVmYXVsdAAA\command.exe C:\WINDOWS\lslps4.exe C:\Program Files\tpus\ The others apparently did not exist. They'll come back.

Inspecting partition table: MBR Signature: 55AA Disk Signature: E686F016 Partition information: Partition 0 type is Other (0xde) Partition is NOT ACTIVE.

Inspecting partition table: MBR Signature: 55AA Disk Signature: 75260D85 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Include the report in your next post. If the tool does Login _ Social Sharing Find TechSpot on... Consistently helpful members with best answers are invited to staff.

God knows when though. I see that one of your logs found VUNDO. Back to top BC AdBot (Login to Remove) BleepingComputer.com Register to remove ads #17 -David- -David- Members 10,603 posts OFFLINE Gender:Male Location:London Local time:12:26 AM Posted 16 September 2006 this content UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

Register now! MS-MVP Windows Security 2007-8-9 Proud Member ASAP UNITE Member 2006 Back to top Related Topics Back to Virus, Spyware & Malware Removal · Next Unread Topic → 0 user(s) are Dismiss Notice TechSpot Forums Forums Software Virus and Malware Removal Today's Posts Log checkplease Byswker98 ยท 9 replies Jan 19, 2009 Hi, Im checking someones computer and it looks good but If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.

Wait until the Status box shows Deleting Finished. Please perform the following scan:Download DDS by sUBs from one of the following links. Yes, my password is: Forgot your password? Whats it doing or not doing?

Do NOT run it yet. and the reinstall it.