Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help with infection


  • Please log in to reply
5 replies to this topic

#1 sonycosmos

sonycosmos

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:47 AM

Posted 05 March 2012 - 09:13 PM

Hi ... I have Windows xp pro sp3 . When I use Malwarebytes it picks this up (PUM.Hijack.StartMenu). Can someone help me get rid of this ? Thanks

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:47 AM

Posted 05 March 2012 - 10:03 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 sonycosmos

sonycosmos
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:47 AM

Posted 06 March 2012 - 03:44 PM

Thanks for the welcome Broni ... Okay i must tell you prior to my first post I did scan my comp in safe mode with Malwarebytes and afterwards it caught that infection . What I did was quarantined and deleted . Now I just making sure the comp is clean now , also I hope I place the scans right in this post

Check Up

Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

SUPERAntiSpyware
CCleaner
Java™ 6 Update 31
Adobe Flash Player 11.1.102.62
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
``````````End of Log````````````

Farbar Service Scanner Version: 01-03-2012
Ran by Paul (administrator) on 06-03-2012 at 15:12:58
Running from "C:\Documents and Settings\Paul\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is set to Disabled. The default start type is Auto.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice: "C:\WINDOWS\system32\srsvc.dll".

sr Service is not running. Checking service configuration:
The start type of sr service is set to Disabled. The default start type is Boot.
The ImagePath of sr: "\SystemRoot\system32\DRIVERS\sr.sys".


System Restore Disabled Policy:
========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=DWORD:1


Security Center:
============

Windows Update:
============

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.

**** End of log ****

MiniToolBox by Farbar Version: 18-01-2012
Ran by Paul (administrator) on 06-03-2012 at 15:15:02
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/04/2012 06:02:36 PM) (Source: Application Hang) (User: )
Description: Hanging application rundll32.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/04/2012 04:21:08 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 0, P2 moaccapability, P3 3.0.8402.0, P4 3, P5 3, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (03/04/2012 04:05:58 PM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientmsseces.exe2.1.1116.00x80004004updatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNIL

Error: (03/04/2012 03:50:02 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 3.0.8402.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.


System errors:
=============
Error: (03/04/2012 11:34:37 PM) (Source: DCOM) (User: Paul)
Description: DCOM got error "%%1058" attempting to start the service helpsvc with arguments ""
in order to run the server:
{833E4010-AFF7-4AC3-AAC2-9F24C1457BCE}

Error: (03/04/2012 10:51:47 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/04/2012 10:50:30 PM) (Source: DCOM) (User: Paul)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (03/04/2012 10:50:29 PM) (Source: DCOM) (User: Paul)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (03/04/2012 10:50:19 PM) (Source: DCOM) (User: Paul)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (03/04/2012 10:49:38 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
AmdK8
Fips
IPSec
MpFilter
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
SASDIFSV
SASKUTIL
Tcpip

Error: (03/04/2012 10:49:38 PM) (Source: Service Control Manager) (User: )
Description: The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
%%31

Error: (03/04/2012 10:49:38 PM) (Source: Service Control Manager) (User: )
Description: The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:
%%31

Error: (03/04/2012 10:49:38 PM) (Source: Service Control Manager) (User: )
Description: The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%31

Error: (03/04/2012 10:49:38 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:
%%31


Microsoft Office Sessions:
=========================
Error: (03/04/2012 06:02:36 PM) (Source: Application Hang)(User: )
Description: rundll32.exe5.1.2600.5512hungapp0.0.0.000000000

Error: (03/04/2012 04:21:08 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry0moaccapability3.0.8402.033unspecifiedunspecifiedNILNILNIL

Error: (03/04/2012 04:05:58 PM) (Source: Microsoft Security Client)(User: )
Description: mssecurityclientmsseces.exe2.1.1116.00x80004004updatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNIL

Error: (03/04/2012 03:50:02 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry0x80070003moaccachereset3.0.8402.0unspecifiedunspecifiedunspecifiedNILNILNIL


=========================== Installed Programs ============================

Acronis True Image Home 2012 (Version: 15.0.6131)
Adobe Flash Player 11 Plugin (Version: 11.1.102.62)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Broadcom 802.11 Wireless LAN Adapter (Version: 4.150.29.0)
CCleaner (Version: 3.16)
Conexant HD Audio
eReg (Version: 1.20.138.34)
foobar2000 v1.1.10 (Version: 1.1.10)
Foxit Reader 5.1 (Version: 5.1.3.1201)
HDAUDIO Soft Data Fax Modem with SmartCP
HP Pavilion Webcam (Version: 5.7.7.0)
HP Webcam (Version: )
Icon Restore 1.0
ImgBurn (Version: 2.5.6.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Logitech SetPoint 6.32 (Version: 6.32.20)
magicJack (Version: 2.0.6073.4252)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 10.0.2 (x86 en-US) (Version: 10.0.2)
MWSnap 3 (Version: 3.0.0.74)
NVIDIA Drivers
PartitionMagic (Version: 8.01.000)
SUPERAntiSpyware (Version: 5.0.1144)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 11.0.7.0)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VLC media player 1.1.11 (Version: 1.1.11)
WebFldrs XP (Version: 9.50.7523)
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) (Version: 05/27/2006 1.3.2.0)
Windows Driver Package - usbvm326 (usbvm328) Image (10/12/2006 326.1.061012.25) (Version: 10/12/2006 326.1.061012.25)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
WinRAR 4.11 (32-bit) (Version: 4.11.0)

========================= Devices: ================================

Name: HP Pavilion Webcam
Description: HP Pavilion Webcam
Class Guid: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Manufacturer: HP
Service: SNP2UVC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 1982.54 MB
Available physical RAM: 1472.67 MB
Total Pagefile: 4874.17 MB
Available Pagefile: 4510.1 MB
Total Virtual: 2047.88 MB
Available Virtual: 1976.86 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:39.06 GB) (Free:31.51 GB) NTFS
3 Drive x: (New Volume) (Fixed) (Total:147.25 GB) (Free:86.5 GB) NTFS

========================= Users: ========================================

User accounts for \\SN00KER-905APB

Administrator Guest HelpAssistant
Paul SUPPORT_388945a0


**** End of log ****

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.06.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Paul :: SN00KER-905APB [administrator]

3/6/2012 3:16:52 PM
mbam-log-2012-03-06 (15-16-52).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 180621
Time elapsed: 10 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-06 15:27:38
-----------------------------
15:27:38.125 OS Version: Windows 5.1.2600 Service Pack 3
15:27:38.125 Number of processors: 2 586 0x4802
15:27:38.125 ComputerName: SN00KER-905APB UserName: Paul
15:27:38.796 Initialize success
15:30:33.890 AVAST engine defs: 12030600
15:30:43.109 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006d
15:30:43.109 Disk 0 Vendor: ST9200420ASG 3.AAA Size: 190782MB BusType: 3
15:30:43.140 Disk 0 MBR read successfully
15:30:43.140 Disk 0 MBR scan
15:30:43.203 Disk 0 Windows XP default MBR code
15:30:43.203 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 39997 MB offset 63
15:30:43.234 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 150781 MB offset 81915435
15:30:43.250 Disk 0 scanning sectors +390716865
15:30:43.343 Disk 0 scanning C:\WINDOWS\system32\drivers
15:31:00.375 Service scanning
15:31:14.203 Service MpKsl38c5bcc4 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB49BC03-AD7F-4D17-9C6B-3B8499B09177}\MpKsl38c5bcc4.sys **LOCKED** 32
15:31:28.078 Modules scanning
15:31:31.968 Disk 0 trace - called modules:
15:31:31.984 ntkrnlpa.exe fltsrv.sys hal.dll tdrpman.sys CLASSPNP.SYS disk.sys vsflt61.sys ACPI.sys nvata.sys
15:31:31.984 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89c9dab8]
15:31:31.984 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> [0x89cb5a08]
15:31:31.984 5 vsflt61.sys[b9f60f9b] -> nt!IofCallDriver -> \Device\0000006e[0x89cb6ac0]
15:31:31.984 7 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\0000006d[0x89cb5030]
15:31:32.250 AVAST engine scan C:\WINDOWS
15:31:38.218 AVAST engine scan C:\WINDOWS\system32
15:34:32.703 AVAST engine scan C:\WINDOWS\system32\drivers
15:34:52.093 AVAST engine scan C:\Documents and Settings\Paul
15:35:23.921 AVAST engine scan C:\Documents and Settings\All Users
15:35:36.859 Scan finished successfully
15:35:50.968 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Paul\Desktop\MBR.dat"
15:35:50.968 The log file has been saved successfully to "C:\Documents and Settings\Paul\Desktop\aswMBR.txt"

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:47 AM

Posted 06 March 2012 - 04:57 PM

All looks clean.

Did you disable System Restore for whatever reason?
If you did please re-enable it.

Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 sonycosmos

sonycosmos
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:47 AM

Posted 06 March 2012 - 06:54 PM

All looks clean.


It look that way , thank you

Did you disable System Restore for whatever reason?
If you did please re-enable it.


I never use this instead I use Acronis TI . If my system is that badly infected I will just do a restore image with ATI

Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.


Thanks for this one...

NOTE. If Eset doesn't find any threats it'll NOT produce any log.


That is exactly what happen here , all clean then . I guess Malwarebytes did the trick the first time ...

Again , Thank you for your help :thumbup2:

Edited by sonycosmos, 06 March 2012 - 06:55 PM.


#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:47 AM

Posted 06 March 2012 - 07:40 PM

You're very welcome Posted Image

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users