Hi Shark,
I figured that was what you were using the card for shortly after I wrote that...LOL!Originally Posted by shark74
-- The zipped files are benign - I didn't think that they were anything to worry about, but was curious.
Yeah - TM is a good product.
There are often registry remnants left after malware removal. In this case,it is a bit different as you are dealing with a number of infected external drives.
Those registry values will come back with the next infected drive - unfortunately, it is difficult to stop these drives from autorunning. Changes are usually only temporary. But, stopping their autoruns would be something to look into...
-- At least there are no actual malware files showing on your computer!
Agreed! They look good. Had a bit of difficulty reading the Kaspersky log in that format, but it too looks OK. I would say that this machine is clean. Now might be a good time to make a disk image with a tool such as Acronis...
-- Let me know how things are running and we'll wrap this up.
Well. . . This is a long-standing problem with TM. It sometimes has trouble interacting with other anti-malware programs (most notably, SpybotSD - which I do not see in HJT Log....)
http://blog.kazmarek.com/2007/10/10/...-too-much-cpu/
http://www.wilderssecurity.com/showthread.php?t=157277
If you do replace TM, I would suggest Kaspersky or NOD32 - they are listed in my linky below!
-- I would also suggest learning to use some tools such as ComboFix and SDFix and the like as they will be invaluable if you have to clean 20+ laptops.... These tools will remove a number of baddies automatically and a large number of other baddies will show in the logs as being recently added to the machines.
Cheers
PP
Reply With Quote