Hello kmac182,
You did just fine--I had neglected to change the file path when editing my speech for your system. My apologies for the confusion.
Please copy this page to
Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.
It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.
***************************************************
Download
Combofix and save it to your desktop.
**Note: It is important that it is saved directly to your desktop**
-------------------------------------
Close any open browsers.
-------------------------------------
Go to
<<Start>> then
<<Run>> then
paste in the
single line command then click
OK
"%userprofile%\desktop\combofix.exe" /v homsiuel qgtjrryr
When finished, it shall produce a log for you that will ultimately be named
ComboFix2.txt and will be located directly on the C:\ drive. We'll need that log in your next reply
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
-----------------------------------
Open HijackThis and click on 'Do a System Scan Only'. Check the following entries:
O2 - BHO: (no name) - {0888E7C1-48A1-4152-B147-D52ECF067233} - C:\WINDOWS\Config\svsva.dll
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O20 - Winlogon Notify: svsva - C:\WINDOWS\Config\svsva.dll
Click
'Fix Checked' .
-----------------------------------
Still in HijackThis, in the lower right corner click on the
Config button>
Misc Tools .
- On the screen, click on "Delete a file on reboot...".
- Navigate to C:\WINDOWS\Config\svsva.dll and double click on that file.
- HJT will ask you if you want to reboot, now. Click "Yes".
----------------------------------
Please run this online scan to search for any remnants. It can take some time, so please be patient and allow it to run it's full course:
Perform an online scan with Internet Explorer with
Panda ActiveScan- Click on
located at the bottom of the page.
- A "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it *
- Enter your e-mail address, country, and state & click "Free Online Scan" *The download of the 8 MB Panda's ActiveX control will take place*
Begin the scan by selecting
- If it finds any malware, it will offer you a report.
- Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later.
- Click on
then click 
* You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
* Turn off the real time scanner of any existing antivirus program while performing the online scan
-----------------------------------
Double click on
combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
Post the
ComboFix.txt in your next reply.
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
-----------------------------------
Run a new scan with HijackThis and save the log.
-----------------------------------
Please include the following in your next reply:
ComboFix2.txt
Panda results
ComboFix.txt
New HijackThis log
__________________
Member of ASAP since 2005
Member of UNITE since 2006
"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."