Jacee

Volunteer Security Advisor
  • Content Count

    18
  • Joined

  • Last visited

Everything posted by Jacee

  1. Korab, You're going to have to call in your IT person to track down the machine that's infecting the others with a.exe. All computers on the network need to be cleaned. There may be other malware files on the infected machine, so your best bet is to call in the person your Company pays to 'fix' the malware. Ad-aware will definitely alert you to a "CoolWeb" infection, but some instances can't be cleaned if it involves changes in the registry due to other malware that attached themselves to the infection.
  2. Hi again nada987, I was hoping you would post your HJT log in the HijackThis! forum This is what this forum is for: Please go ahead and start a new topic in the correct forum, posting your HJT log, so this thread can be closed. Thank you. http://www.lavasoftsupport.com/index.php?showforum=36
  3. Hi nada987 Please click the link to the 'HijackThis forum: http://www.lavasoftsupport.com/index.php?showforum=36 Follow the "pinned" instructions before posting a HijackThis! log.
  4. About Internet Explorer: Currently, almost all Internet users use either Microsoft's Internet Explorer (MSIE) browser or Netscape (now part of AOL), and many users use both. Although Netscape was initially the predominant product in terms of usability and number of users, Microsoft's browser is generally considered superior by many users (although many other users see them as roughly equivalent) and has taken a significant lead in usage. Netscape's browser, called "Navigator," was developed in 1995.
  5. okay, these all belong to programs that you either have or had on your computer. Every one of these are legit. Kodak EasyShare ESSCT --> MsiExec.exe /I{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8} ESSEMAIL --> MsiExec.exe /I{FEDE2483-87B7-44C1-A5BB-D75AEB8B6340} ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A} ESShelp --> MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD} ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765} ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5} ESSSONIC --> MsiExec.exe /I{4F677FC7-7AA8-412B-A957-F13CBE1C7331} ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589} essvcpt --> MsiExec.exe /I{D1973749-F5E7-40EB-B528-F2B78685B9FF} ESSvpaht --> MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69} ESSvpot --> MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1} OFoto OTtBP --> MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C} OTtBPSDK --> MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353} Sonic (I think) SHASTA --> MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237} SKIN0001 --> MsiExec.exe /I{FDF9943A-3D5C-46B3-9679-586BD237DDEE} SKINXSDK --> MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F} WIRELESS --> MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F} msiexec.exe belongs to the Windows Installer Component and is used to install new programs that use Windows Installer package files (MSI). msiexec.exe should not be disabled. It required for essential applications to work properly. This program is important for the stable and secure running of your computer and should not be terminated
  6. I don't see any malware in either of your logs. CCleaner must be downloaded by the user...it is not a 'drive-by' application and it isn't malware: http://www.ccleaner.com/ I don't see an active firewall or anti-virus program running. This is dangerous even if you're on dial-up. Please take a look at these free programs and download one of them to help keep your computer safe: AVG makes an excellent free antivirus client, as do AntiVir avast!. Please make sure to run your antivirus software regularly, and to keep it up-to-date. Some good free firewalls are ZoneAlarm, Kerio, or Outpost A tutorial on understanding and using firewalls may be found here.
  7. Hi flyawaykiara, Please download Combofix from here: http://download.bleepingcomputer.com/sUBs/combofix.exe Or http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe ** Take note that the links are case sensitive Save ComboFix to the desktop. 1. Double click on combo.exe & follow the prompts. 2. When finished, it will produce a logfile located at C:\ComboFix.txt. 3. Post the contents of that log in your next reply with a new hijackthis log. Note: Do not mouseclick combofix's window while it is running. That may cause your system to stall/hang.
  8. For IE7: Click on the tools icon (below address bar to the right), then click on Pop-up Blocker. Click on the Pop-up Blocker setting from there and configure.
  9. Hi topladuk First let's get your java updated to Java Runtime Environment (JRE) 6 Go to Start > Control Panel double-click on the Software icon > add/remove programs. Search in the list for all previously installed versions of Java. (J2SE Runtime Environment.... ) It should have this icon next to it: Select it and click Remove. Then Download and install the newest version from here: http://java.sun.com/javase/downloads/index.jsp Go offline to install it. Reboot/restart your computer. Now, download AVG Anti-Spyware 7.5 from http://free.grisoft.com/doc/5390/lng/us/tp...anti-virus-free and save that file to your desktop. This is a 30 day trial of the program Once you have downloaded AVG anti-spyware, locate the icon on the desktop and double-click it to launch the set up program. Once the setup is complete you will need run AVG Anti-Spyware 7.5 and update the definition files. On the main screen select the icon "Update" then select the "Update now" link.Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed. [*]Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab. [*]Once in the Settings screen click on "Recommended actions" and then select "Quarantine". [*]Under "Reports" Select "Automatically generate report after every scan" Un-Select "Only if threats were found" Close AVG Anti-Spyware 7.5, Do Not run a scan just yet, we will shortly. Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter. IMPORTANT: Do not open any other windows or programs while AVG is scanning, it may interfere with the scanning proccess: Lauch AVG Anti-Spyware 7.5 by double-clicking the icon on your desktop. Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan". AVG will now begin the scanning process, be patient this may take a little time. Once the scan is complete do the following: If you have any infections you will prompted, then select "Apply all actions" Next select the "Reports" icon at the top. Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important). Close AVG Anti-Spyware 7.5 and reboot your system back into Normal Mode and post the results of the report scan and a new HJT log.
  10. SpywareGuard and SpywareBlaster work well with both IE7 and Mozilla/FoxFire. Both are from javacool (free) ...read the tutorials, install and update SpywareBlaster. SpywareBlaster and SpywareGuard: http://www.javacoolsoftware.com/products.html Spyware Guard is a real-time malware scanner SpywareBlaster tutorial: http://www.bleepingcomputer.com/forums/Usi...ware-tut49.html SpywareGuard tutorial: http://www.bleepingcomputer.com/forums/Usi...kers-tut50.html You can keep track of unwanted (most) cookies with CookieWall, also free: http://www.analogx.com/contents/download/network/cookie.htm
  11. Ad-aware is compatable with Vista. I have it installed with Vista Business, and have found no problems