Hey (Slow Pc)

Sorry but that is not how it is supposed to be. But when you add a message you bump your thread and will not get an answer any sooner.

Yes we do which is why we run those scans. If you are such an expert at what is needed to remove malware, why are you posting here for help? If you don't like it, then you don't have to post here. We are a malware removal forum! Not a HijackThis reading forum which by itself is basically useless against today's malware.

This was absolutely never true. HijackThis was meant to report browser hijackers and it showed a few running system processes and a very small number of registry keys. There are tens of thousands of registry keys. A HijackThis log alone will not allow your PC to be properly cleaned. It never has.

If you want our help, you still need to attach the ComboFix log. If you don't want our help, I will simply delete your thread since you are worried about info in the logs which is really not a problem.

Your SAS log should be in the below folder:
C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Logs

Since no log is shown, this normally means it was not run thru to completion or somehow you stopped it from saving the log. The above is the default and it always saves logs there even if nothing was found.

By the way the Vundo infection you have may have well been cause by Messenger Plus! Live which you have installed and we recommended in the READ & RUN ME to uninstall. This program and its sponsor program are responsible for tens of thousands of infected PCs.

Your MBAM log shows that you Took No Action. Did you actually fix what it found and just save the log before fixing?

Did you knowingly install Freecorder Toolbar? It is not recommended. Neither is BearShareMediaBar. See the below:

http://www.spywareremove.com/removeBearShareMediabar.html

 

This can sometimes happen for two reasons.

• the people who are answering other threads, are not sure how to deal with your problems
• people who are answering could be at working and have limited time to answer and thus only answer threads they can answer quickly since they do not have time to compose longer fixes.

Yes about 3.5 years ago we ran PandaActiveScan, BitDefender, Ad-Aware, Spybot and HijackThis and wanted logs from all of them. But just like malware has evolved, so has our cleaning process. We had to evolve to be able to fix all the newer forms of malware as those other scans and logs were not adequate....especially HijackThis. If we did not change, and add tools like MGtools and ComboFix we would have missed many malware files and registry entries over the last few years. And if we did not dump useless programs like Ad-Aware and start using SUPERAntiSpyware and Malwarebytes, are manual cleanup steps would be very long and complex.

I did not say MSN Messenger. I said Messenger Plus! Live which is not from Microsoft.

Not the same thing. The Logs folder is where text logs will be saved when the scanner is run. If there are no logs here, it means either the scan was not run, or the scan did not run properly.

Don't worry about it now. You can run it again if you wish to see if it saves a log but right now I'm not sure I need it unless it is still finding problems.

Yes but it is shareware not free. See this: How to Protect yourself from malware!

 

Only to the untrained eye. There is a lot of additional info in there and even in the very beginning you can see that additional malware files and a malware driver were removed.

You forgot to answer my question about whether you actually had MBAM fix what it found. Your logs shows you took no action.

Do you know what the below folder is for that showed up on Feb 21, 2009?
C:\Program Files\BlackIsle


Uninstall the below software:
Java(TM) 6 Update 11
Java(TM) 6 Update 6
Java(TM) 6 Update 7
Viewpoint Media Player <-- should have been uninstalled in step 1 of the READ ME

Now we need to use ComboFix again.

• Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
  • If it is not on your Desktop, the below will not work.
• Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
• Open Notepad and copy/paste the text in the below quote box into it:

• Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.


After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment

Also delete all files in the below folders except ones from the current date (Windows will not let you delete the files from the current day).
C:\WINDOWS\Temp
C:\Documents and Settings\Administrator\Local Settings\Temp
Now run Ccleaner!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• C:\ComboFix.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Your logs are clean but you forget to install the current version of Sun Java so you do not have a Java version installed right now.

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /u
     • Notes: The space between the combofix" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
   • Delete the C:\combofix folder from combofix (if it exists)
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
6. Go to add/remove programs and uninstall HijackThis.
7. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
8. If you are running Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
9. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!

 

You're welcome. Surf safely!