I have CiD popups...I downloaded HiJackThis and attached my log....In my Add and Remove Programs theres a program called CiD Help.exe....and everytime I try to unstall it the window freezes and I have to do Ctrl+alt+del...and end process for IEXPLORE.EXE for it to unfreeze.
HELP!! CiD Popups
- Thread starter mitigated
- Start date
- Status
Go and read the following thread.
I have explained on what to do.
And as rik said we need your logs.
Please post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread. But only after doing the above.
Regards Jase
This thread is for the use of mitigated only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
I have explained on what to do.
And as rik said we need your logs.
Please post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread. But only after doing the above.
Regards Jase
This thread is for the use of mitigated only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Please re-read step 12 and step 15 of the instructions.
Viruses/Spyware/Malware, preliminary removal instructions
This thread is for the use of mitigated only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Viruses/Spyware/Malware, preliminary removal instructions
This thread is for the use of mitigated only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Your AVG log says "no action taken" on all the entries. You have to get it to delete them all before we can clean your system.
This thread is for the use of mitigated only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
This thread is for the use of mitigated only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
Hello and welcome to Techspot.
You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.
Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.
Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.
Click on the processes tab and end process for(if there).
dupescroption.exe
Close task manager.
Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
O4 - HKCU\..\Run: [AxisBash] C:\DOCUME~1\element\APPLIC~1\ONCEFI~1\dupescroption.exe
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
Click on the fix checked button.
Close HJT.
Locate and delete the following bold files and/or directories(if there).
C:\DOCUME~1\element\APPLIC~1\ONCEFI~1<Delete the entire folder.
Reboot into normal mode and rehide your protected OS files.
Post a fresh HJT log and let me know if you`re still having problems.
Regards Howard :wave: :wave:
This thread is for the use of mitigated only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.
Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.
Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.
Click on the processes tab and end process for(if there).
dupescroption.exe
Close task manager.
Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
O4 - HKCU\..\Run: [AxisBash] C:\DOCUME~1\element\APPLIC~1\ONCEFI~1\dupescroption.exe
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
Click on the fix checked button.
Close HJT.
Locate and delete the following bold files and/or directories(if there).
C:\DOCUME~1\element\APPLIC~1\ONCEFI~1<Delete the entire folder.
Reboot into normal mode and rehide your protected OS files.
Post a fresh HJT log and let me know if you`re still having problems.
Regards Howard :wave: :wave:
This thread is for the use of mitigated only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
Your HJT log is now clean.
Turn off system restore.(XP/ME only) See how HERE.
Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of mitigated only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Turn off system restore.(XP/ME only) See how HERE.
Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of mitigated only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
- Status
Similar threads
