sarahw

Trusted Helpers
  • Content Count

    424
  • Joined

  • Last visited

Everything posted by sarahw

  1. Its usually a file that runs servces on your computer. Is the file requesting outbound access or inbound? Do you know where to? Does it happen when you use certain applications? Jotti File Submission: Please go to Jotti's malware scan Copy and paste the following file path into the "File to upload & scan"box on the top of the page:C:\WINDOWS\SYSTEM\svchost.exe.exe [*] Click on the submit button [*] Please post the results in your next reply.
  2. Hi, I tried sending you a few emails but they are getting hotmail postmaster returned. I was saying thanks for keeping me informed, at least you got that MySQL update I'm not mad, as you hoped I wasn't, as I only had a few pages up and there still on my computer, I feel more badly for you actually. Glad your back up Many thanks, Sarah.
  3. 1. Time for some housekeeping Click START then RUN Now type Combofix /u in the runbox and click OK [*] When shown the disclaimer, Select "2" The above procedure will: Delete the following: ComboFix and its associated files and folders. VundoFix backups, if present The C:\Deckard folder, if present The C:_OtMoveIt folder, if present [*] Reset the clock settings. [*] Hide file extensions, if required. [*] Hide System/Hidden files, if required. [*] Reset System Restore. 2. Updating Java and Clearing Cache Go to Start > Control Panel double-click on the Java Icon (coffee cup) in the
  4. Please download ATF Cleaner by Atribune. This program is for XP and Windows 2000 only Double-click ATF-Cleaner.exe to run the program. Under Main choose: Select All Click the Empty Selected button. If you use Firefox browser Click Firefox at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. If you use Opera browser Click Opera at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. Click Exit on the Ma
  5. Hi Femi, Welcome to the site Please follow this information HERE about how to post a Hijack This log. I want you to show hidden files. There are instructions HERE to help you do this. You should have Administrator rights to perform the fixes. Some of the instructions I give may need to be printed or saved for reference during the fix. Some of the fix will be done in Safe Mode so you will be unable to access this thread at that time. Please dont use any of the tools without specific instructions. Some of them are dangerous (and could leave your computer in worse condition that it is when infec
  6. Hmmm, ok. Please run a BitDefender Online Scan Click I Agree to agree to the EULA. Allow the ActiveX control to install when prompted. Click Click here to scan to begin the scan. Please refrain from using the computer until the scan is finished. This might take a while to run, but it is important that nothing else is running while you scan. When the scan is finished, click on Click here to export the scan results. Save the report to your desktop so you can post it in your next reply.
  7. What is downloading a virus, Avast? Panda Active scan? Could you explain more what is happening?
  8. Hi, Plug in your external hard drives and run this scan: Please go HERE to run Panda's ActiveScan Once you are on the Panda site click the Scan your PC button A new window will open...click the Check Now button Enter your Country Enter your State/Province Enter your e-mail address and click send Select either Home User or Company Click the big Scan Now button If it wants to install an ActiveX component allow it It will start downloading the files it requires for the scan (Note: It may take a couple of minutes) When download is complete, click on My Computer to start the scan When the scan comp
  9. Can you please run combofix again. Also, post a fresh hijack this log.
  10. Could you try that again please, drag the new log.txt (the one that you posted the information from) onto the RenV.exe file in normal mode.
  11. Hi, Download RegSearch by Bobbi Flekman to your desktop. Extract the zip file. Once it is extracted to your desktop, doubleclick the icon to run it. In the top box, paste the information in the quote box below: Under "Search", make sure all boxes are ticked. Click OK. The results are also saved to a file named RegSearch.txt in the same location as the program. Paste those results into your next post.
  12. Hi, Thats an odd issue you have. Malware might have corrupted a few things. Click Start, then Run. Copy the following line below into the Run box and press enter. regedit /e C:\look.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" Open My Computer and navigate to C:\ Open look.txt in notepad then copy and paste the contents into a reply.
  13. It's a common problem. You should never get codec's to your programs unless it comes from the person who made it. Ie: Windows Media player extensions, codecs and other packs should only come from Microsoft, the creator of the program. If you can't veiw the program with out third party add-ons, its not worth watching anyways. It's a problem with the program.1. First, empty your Recycle Bin. Whatever can't be deleted, restore to you computer. If you can't restore it, leave it where it is. 2. Download ComboFix from Here or Here to your Desktop. Double click combofix.exe and follow the prompts.
  14. Download a new version of RenV.exe by sUBs to your desktop. Replsce your old copy. Copy the entire contents of the Code Box below to Notepad. Name the file as Log.txt (Overwrite the existing one) Change the Save as Type to All Files and Save it on the desktop Reboot into Safe Mode ------w 84,640 2008-01-02 07:53:49 C:\Program Files\Common Files\Symantec Shared\ccApp .exe In Safe mode, refering to the picture above, drag Log.txt into RenV.exe and attach the resulting report to your reply.
  15. Before we begin this fix, can you please save these instructions in Notepad to your desktop, or print them, for reference. Some of this fix will be done in Safe Mode, where you will not be able to access this thread on the internet. If you have questions at any point, or are unsure of the instructions, feel free to post here and ask for clarification before proceeding. 1. First download AVG Anti-Spyware from HERE and save that file to your desktop. This is a 30 day trial of the program Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch t
  16. Hi, Welcome to the site I will be handling your log to help you get cleaned up. Please give me some time to look it over and I will get back to you as soon as possible. I want you to show hidden files. There are instructions HERE to help you do this. You should have Administrator rights to perform the fixes. Some of the instructions I give may need to be printed or saved for reference during the fix. Some of the fix will be done in Safe Mode so you will be unable to access this thread at that time. Please dont use any of the tools without specific instructions. Some of them are dangerous (and
  17. I looks like it wants to call alot of files on your i: and j: a Virus, do you know why that is? Apart from that your logs are looking very promising. Can you please run Combofix again.
  18. Great! Can you please run the Kapersky Online scanner. Post a fresh Hijack This log in a reply with the kapersky report.
  19. These errors are because Norton is totally corrupted. This is a really bad infection that you have, but we've almost gotten rid of it. ------w 84,640 2008-01-02 07:53:49 C:\Program Files\Common Files\Symantec Shared\ccApp .exe You can see here this file doesn't look right. Would you be able to uninstall it? As its expired I would strongly recommend you do that, you can get some great free Anti-Virus programs that wont slow your computer down like Norton/Symantec does. Click Start, then Control Panel. Open Add/Remove Programs and look for Norton/Symantec Anti-Virus, or the security package
  20. What version of Norton Anti-Virus do you have? ie. 2006, 2007 ?
  21. Hi, 1. Download RenV.exe by sUBs to your desktop Copy the entire contents of the Code Box below to Notepad. Name the file as Log.txt (Overwrite the existing one) Change the Save as Type to All Files and Save it on the desktop Refering to the picture above, drag Log.txt into RenV.exe and attach the resulting report to your reply when you finnish these instructions. 2. 1. Please open Notepad Click Start , then Run Type notepad .exe in the Run Box. 2. Now copy/paste the entire content of the codebox below into the Notepad window: 3. Save the above as CFScript.txt 4. Then drag the CFScr
  22. You have a bad Vundo infection. The more you reboot, the more it will become infected, untill your computer is unusable. Delete your old version of combofix and download a new version from Here or Here to your Desktop. Double click combofix.exe and follow the prompts. When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply Note: Do not mouseclick combofix's window while its running. That may cause it to stall
  23. Hi, Thanks for letting us know.
  24. Hi, Welcome to the site I will be handling your log to help you get cleaned up. Please post another Hijack This log in a reply. This is because your computers condition may have changed. I want you to show hidden files. There are instructions HERE to help you do this. You should have Administrator rights to perform the fixes. Some of the instructions I give may need to be printed or saved for reference during the fix. Some of the fix will be done in Safe Mode so you will be unable to access this thread at that time. Please dont use any of the tools without specific instructions. Some of them