jholland1964

Malwarebytes' instructions we generally use here are very clear so I would request that those be used: * DoubleClick [B]mbam-setup.exe[/B] and follow the prompts to install MBA-M. [B]* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.[/B] * If an update …

Can you please update MBA-M and then run a new Full System Scan. Have it Remove All Found. Reboot the computer. Then run a new HJT scan and save the log. Post back here with the MBA-M log and the HJT log. If we don't see these logs we cannot …

Have you rebooted the computer lately? You are showing 5 instances of IE and 1 of Firefox running at the time of your scan. Have you cleaned out all temp files, internet temp files recently? Have you run a defrag lately? Download [B][URL="http://www.ccleaner.com/download"]CCleaner[/URL][/B] use it to run the default cleaning. …

Much of your malware is related to FunWebProducts and MyWebSearch. A lot was removed but some of this should be done manually. First, uninstall the My Web Search option from Add/Remove Programs 1) Click on Start, Settings, Control Panel 2) Double click on Add/Remove Programs 3) Find "My Web Search" …

Can you manually, say from a CD or Flash drive, put [B][URL="http://download.cnet.com/Trend-Micro-HijackThis/3000-8022_4-10781312.html"]HiJackThis [/URL][/B]on there and run a scan? Obviously you are not using the affected computer. If you can also download [B][URL="http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?cdlPid=10997763"]Malwarebytes[/URL][/B]' to a flash drive, take it to the affected computer along with the [B][URL="http://www.gt500.org/malwarebytes/database.jsp"]manual update file[/URL][/B] and run …

We need to see the Malwarebytes' log.

[QUOTE]How likely is it that if a virus somehow managed to initially get past my anti-virus programs, it could further avoid detection by all three virus scanners? Also, if there was a virus on my computer, would it always show up under the running processes listed in Task Manager?[/QUOTE] I …

You should have waited for an answer in this thread rather than making another thread. I posted the answer [B][URL="http://www.daniweb.com/forums/thread202074.html"]THERE[/URL][/B] [QUOTE]Here's How for XP, you didn't state which OS you are running: 1.Navigate to the Control Panel in Windows XP by left-clicking on Start, followed by Settings and then choosing …

Remove it. Malwarebytes backs up all it removes. If it would happen to be a false positive then you could restore it. But, since there is no "ap" file I would say it is not a false positive. Malwarebytes is the top of the line right now, beats all others …

Agree with PhilliePhan.

One thing I see is that you have some remaining McAfee files on there. You need to fully uninstall this program. Do a file search for McAfee and remove all you find. I don't see evidence of Webroot but I do see Advanced SystemCare 3. Run HJT again. Put check …

[QUOTE] Originally Posted by AndyOne Yeah...I should have mentioned...that Repair Wizard doesn't fix it, either. Thanks anyway. At least now that I know I shouldn't use just any old program someone on a forum suggests![/QUOTE] I am going to reiterate what Crunchie has said; [QUOTE]Shouldn't be using combofix anyway without …

Hard to say here, since you say it is an old computer could just be a coincidence and a failure would have happened regardless of what you were doing. Since you were downloading via uTorrent then infection also has to be figured in there too. If nothing is recognized though, …

How DID you remove the virus? That is one thing we need to know before we go forward. You are running TWO anti-virus programs, Avast and AVG 8. That is an absolute No-No. TOTALLY UNINSTALL one of them immediately. You will have to do this before other steps can be …

I receive same thing using the address you included so there is a problem with the address itself. However, check this one and see if you get the page you want to see. Note, it does not include "www." Don't type it in, just click on the link below. If …

How do you know it was the AV2009 Trojan that you had? Do you have the MBA-M log you can post? Do you have a HiJackThis log? Try Safe Mode with Networking.

[QUOTE]I just tried out Combofix, the latest solution provided by member 'crunchie' and it worked[/QUOTE] First of all ComboFix is not the "latest solution" it has been around a long time but because of the power of the program it is not recommended often and then only for very specific …

You are using a very old version of HiJackThis. Uninstall it and download the [B][URL="http://download.cnet.com/Trend-Micro-HijackThis/3000-8022_4-10781312.html"]newest version[/URL][/B] and run a new scan. Please make sure word wrap is turned OFF on your log before posting it as this log is nearly impossible to read.

[QUOTE=tom curren;912353]go to Kaspersky.com and download the KIS 30 day free trial. install it and clean up your system[/QUOTE] How do you know the poster doesn't all ready have an anti-virus program on the computer? If this is the case then installing another one is a big No-No. [B] isaac752,[/B] …

I would recommend that you Uninstall The Rosetta Stone, that is where some of the infected files are located. You need to run ESET again and be sure that Remove found threats is checked and the option to Scan unwanted applications is Checked. [B]Reboot the computer[/B] Update MBA-M and run …

What version of HiJackThis is it? The newest version is [B][URL="http://download.cnet.com/Trend-Micro-HijackThis/3000-8022_4-10781312.html"]2.0.2.[/URL][/B] Download the new version and try that one. Also, give us the [B]names[/B] of the items removed by AVG

[B]No action[/B] was taken in your MBA-M scan AND you only ran a Quick Scan. If you followed the instructions given on this site you will see that you should run a [B]Full System[/B] Scan and then [B]Be sure that everything is checked, and click [COLOR="Red"]Remove Selected[/COLOR].[/B] [B]Reboot the computer[/B] …

Here is the suggestion from the MBA-M site. Delete that install file, also do a search to be sure it has NOT been installed and just doesn't show. Then do the following: [QUOTE]Please download [B][URL="http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button"]Malwarebytes' Anti-Malware[/URL][/B] to your desktop and save. In order to get MBAM to install on the …

You are[B] NOT[/B] Finished. You did not do all the steps requested by RIK. The running of Mbam is ESPECIALLY important to clean the computer. Just deleting those few files is NOT ENOUGH. You have a hijacked computer which shows clearly in your HJT log. Just removing those files will …

[QUOTE=praveen_dusari;910524]what is aol manager.exe my system frequently ask this is corrupted please run utility manager i dont find any kind of softwares with this name in my system[/QUOTE] Are you saying here that you do NOT use AOL at all?

It would be helpful if you would give us more information. We have no idea what sort of problems you are experiencing or how you know you have a "virus or something". Your HJT log does show that you are running multiple or parts of multiple anti-virus software. This is …

Here's How for XP, you didn't state which OS you are running: [B] 1.[/B]Navigate to the Control Panel in Windows XP by left-clicking on Start, followed by Settings and then choosing Control Panel. [B]2.[/B]In the Control Panel window, open System. [B] Note:[/B] In Microsoft Windows XP, depending on how your …

If the program doesn't work, open or install this is VERY often indication of infection. Did you run a Full Scan? If so, did you tell it to remove items found? You should post the log here for review along with a HJT scan log.

[QUOTE]A scan of my PC shows...[/QUOTE] a scan with what program? I see at least one, maybe two serious infections on the computer. Turn OFF this program until further notice: [B]BitTorrent DNA[/B] Do the following: Please download [B][URL="http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html"]Malwarebytes' Anti-Malware (MBA-M)[/URL][/B] to your Desktop. * DoubleClick [B]mbam-setup.exe[/B] and follow the prompts …

Please download[B][URL="http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html"] Malwarebytes' Anti-Malware (MBA-M)[/URL][/B] to your Desktop. * DoubleClick [B]mbam-setup.exe[/B] and follow the prompts to install MBA-M. [B] * Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.[/B] * If an update is found, it will download and install the …

First do the following: Disable Spybot's TeaTimer * Run Spybot-S&D in Advanced Mode * If it is not already set to do this, go to the Mode menu select Advanced Mode * On the left hand side, click on Tools * Then click on the Resident icon in the list …

[QUOTE]Hi there recently my step sister has been using limewire on our family computer and since then every time I use google 90% of the time the search results I click on redirect me to a useless search engine of some sort.....(Oh and I have taught her how to use …

Please Download [B][URL="http://www.atribune.org/ccount/click.php?id=1"]ATF-Cleaner.exe by Atribune[/URL][/B] Save to the desktop for easy access. Click on [B]ATF-Cleaner[/B] to run it -- Where it says Select Files To Delete, [B]Check the Select All Option -- Click Empty Selected > OK[/B] If you use Firefox browser, do this also: * Click Firefox at the …

[QUOTE]got a string of nasties a couple days ago, and just finished dealing with them [/QUOTE] It would certainly help to know exactly what these were, how they were removed and with what? Were the scans you just posted done in normal mode? You appear to have very few auto …

To ALL[B] EXCEPT[/B] original poster [B][COLOR="Green"]Inlovewithnight[/COLOR][/B], [B]you need to begin YOUR OWN threads[/B] and not hijack another person's thread. NO two computers are identical and even though problems may seem identical they rarely are. You can follow the instructions I give to Inlovewithnight but post the results on your OWN …

You have at least one trojan on the system AND you are running TWO anti-virus programs, AVG and BitDefender. An absolute no-no. UNINSTALL one of these immediately. Run HJT again and place check marks next to the following entries: O1 - Hosts: ::1 localhost O1 - Hosts: 209.44.111.57 security.microsoft.com O1 …

Well you obviously have a hijacker on the computer for sure and likely other items. Obviously when Sygate alerts you to this access request be sure to block it. Please TURN OFF ALL unnecessary programs for now until we get this thing or things off of there. PunkBuster Steam Quicktime …

[QUOTE]I have tried to remove the registry entry of O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)[/QUOTE] Nothing wrong with this entry: [B]NCO 2.0 IE BHO[/B]>Norton Confidential" online identity theft protection, now incorporated into other Norton products You might try this fix I found at another …

First of all turn off that BitTorrent program and ALL OTHER P2P programs until the computer is clean, this may very well be how you got the infection. Second, you only ran the Quick Scan with MBA-M. Please run a Full System scan now and Remove Everything found. Post back …

Can you tell me who is your internet provider? Did you personally add all those trusted sites? Is this a business computer or used for your job?

You are running TWO anti-virus programs, AVG and Avira. [B]Uninstall AVG completely[/B]. Reboot the system and see if that makes a difference. Then run another HJT scan and post that new log.

That isn't what gerbil requested. [B][URL="http://download.cnet.com/Trend-Micro-HijackThis/3000-8022_4-10781312.html"]HiJackThis [/URL][/B]was requested.

Did you reboot the computer? No way of knowing if infection has been removed completely yet. You need to run a NEW HJT Full System scan and post that log.

You have at least one trojan on the system, maybe more. MBA-M should have found those. Update the program and run it again, a Full system scan. [B]Be sure that everything is checked, and click [COLOR="Red"]Remove Selected[/COLOR].[/B] [B]Reboot the computer.[/B] Run HiJackThis again and place check marks next to the …

Is this the same computer in [B][URL="http://www.daniweb.com/forums/thread195841.html"]this thread[/URL][/B]? Reason you may not have received a reply on that one is you have multiple other threads that you have begun and then have not returned to complete. There are only a few of us here who work on these, we generally …

andeethree, you need to begin YOUR OWN thread, stating exactly what problems you are experiencing and what steps you have taken to try to correct them. Just posting your log within somebody else's thread doesn't give us any information and can only lead to confusion. Please state exactly what problems …

Hello and welcome to daniweb, Please do the following: Please Download [B][URL="http://www.atribune.org/ccount/click.php?id=1"]ATF-Cleaner.exe by Atribune[/URL][/B](Windows XP, 2K, 2003 & Vista ONLY) • You can put ATF-Cleaner on your Desktop for easy access. [B]RUN ATF-Cleaner.exe.[/B] -- [B]Click on ATF-Cleaner to run it[/B] -- Where it says Select Files To Delete, Check the …

[QUOTE=cuchulain;892263]I had the same thing happen to me, however none of the things you have listed are showed up when i ran Hijack This. Here's my logfile I'd appreciate it if you could pick out anything that might be causing the redirects[/QUOTE] This gives us[B] NO [/B]information whatsoever, the same …

There is usually NO need to do anything to the registry. Using registry fixers is generally not advised. One wrong click in the registry and the operating system can be totally disabled. WHY do you want to do something to the registry?

First of all do the following: [B]Disable Spybot's TeaTimer[/B] it can interfere with any fixes done. * Run Spybot-S&D in Advanced Mode * If it is not already set to do this, go to the Mode menu select Advanced Mode * On the left hand side, click on Tools * …