Take a look for me please

axlmastr · Jan 8, 2012

Clone machine of my personal machine. May have the same items on it. I followed the MG Removal guide and just wanted to see if you found anything else. At first attempt SAS took over ten minutes to open up so I could initiate a a scan but only after I opened Task Manager which must have jogged something. When I looked for SAS in Processes it was using nearly 500MB of memory before it finally opened. Similar symptoms on my personal machine TimW helped me with yesterday. Logs are attached. Thanks again for your extra eyes.

axlmastr · Jan 8, 2012

Additional log

Kestrel13! · Jan 9, 2012

I want you to run TDSSKiller so refer to the below for how to do so.

TDSSkiller - How to run

Please also download MBRCheck to your desktop

Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)

It will show a Black screen with some information that will contain either the below line if no problem is found:

Done! Press ENTER to exit...

Or you will see more information like below if a problem is found:

Found non-standard or infected MBR.

Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.

MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.

axlmastr · Jan 9, 2012

logs attached

Kestrel13! · Jan 10, 2012

Not seeing anything.

Important Notice: A new version of SUPERAntiSpyware is available.

Please uninstall your current version (this is necessary).

Then download this SUPERAntiSpyware

Install this new version. It may tell you that you need to reboot to complete the installation. You must reboot at this time.

After the reboot, run SUPERAntiSpyware and immediately click the Check for Updates button to get more updates for the database.

Now run a new full scan of your system. And attach this log later.

Delete this unless you know what it is.

C:\WINDOWS\Tasks\52Work.job

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

After clicking Fix exit HJT.

Run Ccleaner, not the resgistry section, just the cleaner itself to be rid of a chunk of temp files.

Everything running okay?

axlmastr · Aug 18, 2012

Sorry Kestrel13! forgot this thread was still open :-o You were a great help on this one and all is better. Running fine! Thanks for the eyeballs on this one.This thread is considered closed

Kestrel13! · Aug 19, 2012

You are welcome. Safe surfing!

Log in or Sign up

Take a look for me please

axlmastr Private E-2

Attached Files:

MGlogs.zip

ComboFix.txt

mbam-log-2012-01-08 (15-40-07).txt

SUPERAntiSpyware Scan Log - 01-08-2012 - 14-06-43.log

axlmastr Private E-2

Attached Files:

RRreport.txt

Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

axlmastr Private E-2

Attached Files:

MBRCheck_01.09.12_16.54.39.txt

TDSSKiller.2.6.25.0_09.01.2012_16.48.33_log.txt

Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

axlmastr Private E-2

Kestrel13! Super Malware Fighter - Major Dilemma Staff Member