Please help Hijack This log

Welcome to MGs!
Please note that you must follow standard cleaning procedures before posting HJT logs. Also your version of HJT has not been used in close to 2 years. You also do not have HJT installed properly.


Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

- Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

Make sure you check version numbers and get all updates.

- Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.


After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

Downloading, Installing, and Running HijackThis

.

 

You BitDefender log is incomplete. It does not show what and where the infections were found. You must post the complete log for it to be of any use.

But you still ignored my instructions on HijackThis.

 

You mean just now or do you mean previously. There is no way you got 1.97.7 from our download link.

Check a new log. If it says 1.99.1, then attach it. Otherwise download it again and extract it from the ZIP file. Delete your old version first to avoid a mistake.

 

Perhaps you did but you are still running your old version not the new one. Delete the old hijackthis.exe that is in the folder and then you must UNZIP (that is extract) the new one from the zip file into the folder. Then get a new log.

 

Okay what I can tell you is that at least part of your problem is a Look 2 Me infection. One of the newer forms that require special removal steps but we have had some luck using SpySweeper so we will try it first. You must use the version given in the link.

Download, install, update and run this slightly older version of Spy Sweeper: here
Save the Spy Sweeper log and post it here as an attachment.
Also post a new HJT log.

DO NOT DO THE ABOVE WHILE BITDEFENDER IS RUNNING! Either abort BD or what until complete!

 

Question:

Do you know what the below are for?

O4 - Startup: DPMPopup.exe
O4 - Startup: PurgeEcho2.bat.lnk = PUBLIC\Batch\PurgeEcho2.bat

 

Some of the items Spysweeper found on your PC are very dangerous and relate to trojans that steal passwords especially to financial institutions. You should consider having ALL passwords changed for all accounts that have been accessed from this PC. The items I'm referring to are:
ibm00003.exe (ID = 232305)
ibm00004.dll (ID = 232306)

These may be part of this: -->>: Malware - Bancos.LU

You can also have HJT fix the below two lines:

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: {B2892222-7C18-11D3-98DC-00A0C9A342AA} - - (no file)

Other than that your HJT log is clean. As an adidtional precaution you could run the below scan too and post the log. It's up to you. When finished, I would suggest not keeping SpySweeper, Ewido, and MS Antispyware all running as they will put a strain on system resources. Only keep one. SpySweeper (as you may have noticed) is the best but only if you buy it and keep it updated.

Running Ewido Security Suite and attach the Ewido log