Home > Need Help > Need Help Removing SspMydoom

Need Help Removing SspMydoom

Rebooted in safe mode and reran hijackthis. Click on the View tab and make sure that "Show hidden files and folders" is checked. Need help to fix sspmyDoom.cih & About:Blank Started by v9774 , Feb 10 2005 11:49 PM Please log in to reply #1 v9774 Posted 10 February 2005 - 11:49 PM v9774 Download AboutBuster » http://www.downloads.subratam.org/AboutBuster.zip Unzip it to your desktop but don't run it yet. 2. this contact form

Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: Yahoo! O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe O4 - After we are finished with your log file and verified that it's clean, you may turn it back on and create a new restore point. Have Adaware installed updated and ready to run 3.

Password Site Map Posting Help Register Rules Today's Posts Search Site Map Home Forum Rules Members List Contact Us Community Links Pictures & Albums Members List Search Forums Show Threads Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downloadv3.com/binaries/IA/netpe32_EN_XP.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab O16 - DPF: Make sure your PC is configured to show hidden files Open Windows Explorer & Go to Tools > Folder Options. When I ran hijackthis, not all of the items you listed were present.

Some info for you. There are currently no users on-line. Please click here if you are not redirected within a few seconds. I will take a look at it. « Hijackthis log file | pc is running slow, and the annoying ads1.revenue- pop-up » Thread Tools Show Printable Version Download Thread

If it is checked, please uncheck it and then try to delete the file once again.] C:\PROGRA~1\Aveo\Attune\bin\attune_ce.exe C:\WINDOWS\system32\sysfv.exe C:\Program Files\Security iGuard\Security iGuard.exe C:\WINDOWS\System32\systime.exe C:\Documents and Settings\les\Application Data\eesi.exe C:\WINDOWS\System32\vbsys.dll C:\WINDOWS\mfcqo.exe Use the Protect all that you LOVE this Valentine’s Day off Buy Now Limited time offer: 03 Days / 00 Hrs / 04 Min / 04 Sec Search Search for: My Account Have Adaware installed updated and ready to run 3. Back to top #3 porksandwich9113 porksandwich9113 ^Cheap Man's Labtop^ Advanced Member 3,513 posts Gender:Male Location:Duluth,Mn Posted 12 February 2005 - 10:51 PM i would try the Microsoft Anti-spyware, it works quite

Save it to a convienient location. Show Ignored Content As Seen On Welcome to Tech Support Guy! Announcements Notifications blocked by Outlook.com, Hotmail, Live, etc Our notifications are blocked by those mail servers. Done! -- Scan 2 --------------------------- About:Buster Version 4.0 Reference List : 19 No ADS found on system Attempted Clean Of Temp folder.

Then check the box to the left of these item(s) - if present : [The O15s might not be there anymore, so don’t worry about those if you don’t see it.] Click Do a System Scan and make a Hijackthis! Your Display Name will now be the only name you have for the forum and, if you used your Username to log in, you will now need to use your Display Save it to post here later.

Pages Reset... weblink This is required because HijackThis will create backups and we don't want them to be deleted. Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downloadv3.com/binaries/IA/netpe32_EN_XP.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab O16 - DPF: Disconnect from the internet Close ALL browser windows (including this one) - run hijackthis and tick to fix (check the box next to) the list below.........when all are ticked (checked) click

file C:\WINDOWS\system32\sdkrh.exe ... Jump to content FacebookTwitter Geeks to Go Forum Security Virus, Spyware, Malware Removal Welcome to Geeks to Go - Register now for FREE Geeks To Go is a helpful hub, where Read the guide in Understanding and Using Firewalls then try these free firewall: [url=http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp;jsessionid=ByLx8M1sXcYsoBoYvARIOiEF23pK6YbD5S59yXS11SlNxkTHgF13!1503941800!-1062696905!7551!7552!776180791!-1062696904!7551!7552?lid=error]Zone Alarm’s[/url] free version; Sygate Personal ; and Kerio Personal. navigate here You have a CoolWebSearch infection.

For the R entries in your previous log, I couldn't see it, so it's possible that it's gone. SEO by vBSEO 3.5.2 Tech Support Forum Security Center Virus/Trojan/Spyware Help General Computer Security Computer Security News Microsoft Support BSOD, Crashes And Hangs Windows 10 Support Windows 8, 8.1 Support Windows Spybot seemed to hang trying to create a system backup point, so I cancelled and modified the parameters as they suggest to not create a backup and it ran.

Just post the contents of the result.txt file in the forum. __________________ Please do NOT PM me.

Make sure your PC is configured to show hidden files Open Windows Explorer & Go to Tools > Folder Options. Any assisstance would be so greatly appreciated! I clicked and unclicked the appropriate boxes but the Apply to all folders button was still shaded, so I clicked the Reset all files button. I continually get pop-up.

Tech Support Guy is completely free -- paid for by advertisers and donations. An excellent reference in developing a plan of defense is Tony Klein’s article How Did I Get Infected In The First Place. For the options that you checked/enabled earlier, you may uncheck them after your log is clean. his comment is here Register Help Remember Me?

Again, thanks for all your help!!! *********** first aboutbuster run *********************** Scanned at: 7:11:39 AM on: 2/27/2005 -- Scan 1 --------------------------- About:Buster Version 4.0 Reference List : 19 No ADS found Privacy Policy & Cookies Legal Terms We use cookies to ensure that we give you the best experience on our website. Thank you, Jasper logfile of HijackThis v1.99.1 Scan saved at 11:39:41 AM, on 2/20/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no

If you're not already familiar with forums, watch our Welcome Guide to get started. Since your log's clean, let's create a new restore point for your system. Again, it shows the TIB Browser and the same CWS.Feads hijacker. Check if the address is correct.

You can change your cookie settings at any time.