Samsters

Well as it turns out that IS an active program. It's part of a Point of Sale program used everyday for sales transactions. We had to scramble around for half an hour to re-install the MySQL service so customers could be served. I should know better than to try this stuff during business hours. I will also look over the FRST logs myself more carefully next time. The FRST.txt log had that program white-listed: (TABS, Inc.) C:\Program Files\TABS AutoBiz\tabs.exe What was in the logs that made the MySQL service seem redundant? Maybe there is something goofy about the way the developer implemented the MySQL Service? But the PC is behaving much better now - they will put it to the test for real on Monday. Thanks

The Fix from FRST may have removed a legit instance of MYSQL running on this machine (TABS Auto Biz - legit software) Can you check on that? Here's the entry in the Fixlog: Line 62:R2 MySQL; "C:\Program Files\TABS AutoBiz\mysql\bin\mysqld-nt" MySQL [X] Line 166:MySQL => Service deleted successfully. Sam

OK - here are the log files - thanks. Fixlog.txt AdwCleanerS0.txt

Thanks - here are the files so far - MBAR did not find any problems: mbar-log-2015-02-26 (20-54-34).txt system-log.txt Addition.txt FRST.txt

The last time I posted, I stated that the machine was for a client. I am a tech support person myself with many clients running MBAM Pro - but I am not a malware expert. I am happy to pay someone for help when needed (since I do get paid myself - eventually) Is there another forum where I can pay for this type of support? Or should I Donate first to someone? Thanks - Sam

BTW - we have been using MBAM Pro on this machine in Active Protection mode for years Sam

This machine is Vista 32-bit with a bunch of unwanted PC Checkers and bogus Search tools. The only thing I've done so far is uninstall the Weather Bug program - which seems to attract other "Bugs" . . . I've attached the FRST.txt and Addition.txt files. Thanks - Sam FRST.txt Addition.txt

Oops - here it is. Fixlog.txt

Here are all the logs I have two JRT logs because I forgot to disable MBAM and MSE before I ran the first JRT scan. Thanks! mbam-log.txt AdwCleanerS0.txt JRT-log-1.txt JRT-log-2.txt mrt.log

Thanks Kevin - I am stepping through the scans now. It sounds like you prefer that each log is pasted into the reply, rather than attachments - is that correct? Sam

Greetings, I have a client who may have the securitylog.systems infection on her system. The machine is Windows 7 64-bit with MSE and MBAM Pro installed - have run updated scans with both and still have the pop-ups. I have attached the FRST.txt and Addition.txt from FRST64.exe - plus a couple of pop-up screen shots. Any help is greatly appreciated! Thanks - Sam FRST.txt Addition.txt

I don't know what version it was upgrading from - I manually started MBAM and it could only continue with the next upgrade. XP Home SP3 is the OS - Thanks

Using the paid version of MBAM, with active protection enabled, what happens in this update scenario? MBAM tells me there is a Program update downloaded and I proceed with the update, but then choose "reboot later". I fail to reboot for days, maybe even weeks; the MBAM tray icon is missing; mbam.exe and mbamgui.exe are not running, but mbamservice.exe is running. Since the MBAM service is still running, does that mean active protection is still working in this "reboot later" condition? I know it's silly to skip rebooting for that long, but this is the case with clients I have who imagine they are "too busy" to reboot, shutdown, or startup their computer - they just want to leave their machine on ALL the time. I advise them to at least shut down every night, but perhaps they'll listen if they understand that skipping the reboot is leaving them unprotected. Thanks - Sam

Sorry if I did not make it clear, but that's what I meant by "compromised". My client has had to get new credit cards issued twice in the past 3 months after being notified by the bank of suspicious activity, fraudulent charges. I am testing SpyShelter Premium, and it's a pain to get going; almost every legitimate program must be "allowed" or have a rule enabled, but I have SpyShelter set to "High Security Level" and perhaps that is not necessary? I will try running Kaspersky as well. Thanks for all the tips so far . . .

My client's credit card has been compromised twice in the last 3 months, and he wants me to "scan all machines" with something that could detect a keylogger or data mining program. I have explained that the two security programs already installed should detect almost all infections with those capabilities We are running the latest paid version of MalwareBytes on all machines with daily quick scans running. AV software is Trend Micro Worry-Free Standard version 6 - with daily scans. If there is some malicious software running undetected on any of the ten machines in his office, is there any program someone could recommend for keylogger or data sniffing detection? I have researched a bit and found a few "Anti Keylogger" programs with very similar names by different companies, but I know nothing about their reputation or effectiveness. Thanks - Sam