Welcome to the TechSpot OpenBoards. Please read the FAQ if you have any questions. Login to participate.
|
|||||||
Help with sagipsul virus
 |
|
|
|
Thread Tools |
|
#1
01-02-2009
|
|||
|
|||
|
Help with sagipsul virus
I have just done the 8 steps and have sent the logs. The pop ups have stopped. Please check the logs to make sure I got everything. Thank you for your help
Last edited by cgarmon; 01-02-2009 at 08:32 PM.. |
|
#2
01-03-2009
|
|||
|
|||
|
HJT scan. Tick & fix. Restart computer.
Code:
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing) >> broken
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll (file missing) >> broken
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) >> broken (MS money)
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~2\bar\2.bin\mwsoemon.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~2\bar\2.bin\m3SrchMn.exe" /m=0
C:\PROGRA~1\MYWEBS~2 Code:
Files Infected: C:\WINDOWS\SYSTEM32\senekafvkkyvbe.dll (Trojan.Seneka) -> Delete on reboot. HJT scan >> computer restarted? Probably not. O20 - AppInit_DLLs: nydjht.dll Rescan with MBAB & SAS (run as pairs) until clean or something that cannot be cleaned. HJT scan informs what has not been handled (computer restart before HJT scan) |
|
|
#3
01-05-2009
|
|||
|
|||
|
removal
an HJT only the 04-hklm showed up removed them , restarted computer deleted files and folders for program mywebs. Ran MBAB & SAS twice now clean. restarted computer and ran HJT. This is a log of the final HJT ran Do I need to remove the 02 files from the previous log since they are still there?
|
|
#4
01-05-2009
|
|||
|
|||
|
Reference >> O20 - AppInit_DLLs: nydjht.dll qhjqrb.dll
Verify both files are gone. It takes a week or so for tool developers to clean up this reference. C:\windows\system32\nydjht.dll C:\windows\system32\qhjqrb.dll The next time you update / repair / remove Yahoo tools will take care of remaining O2 items. It does not cause problems. Otherwise, Safe mode may be needed if the tick/fix did not work in normal mode. Establish a new clean restore point and Clear your existing System Restore points:
|
|
| Thread Tools | |
|
|
| Similar Topics | ||||
| Topic | Category | Replies | Last Post | |
| Sagipsul help please | Virus & Malware removal | 12 | 01-08-2009 07:24 PM | |
| Sagipsul Virus | Virus & Malware removal | 4 | 01-02-2009 09:34 PM | |
| Sagipsul virus help | Virus & Malware removal | 7 | 01-02-2009 07:06 PM | |
| Thanks for help - Sagipsul.com | Virus & Malware removal | 1 | 01-01-2009 03:46 PM | |
| Help with Sagipsul please | Virus & Malware removal | 1 | 12-31-2008 07:19 AM | |
All times are GMT -4. The time now is 04:09 AM.