cdmservice spyware problem

Hey,

I mistakenly downloaded systemdoctor earlier today, which led to a ton of crap being loaded onto my computer.

I ran adaaare, microsoft defender, spy bot etc.. and managed to get rid of a fair amount of stuff. I even managed to get rid of surfsidekick using the guide provided here.

However, spybot still detects cmdservice on my computer. I have attached my hjlog for your review.

Thanks for your help!!!

 

Welcome to MajorGeeks.com!

Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

- Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

• Make sure you check version numbers and get all updates.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis:

Downloading, Installing, and Running HijackThis

When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)

• Bitdefender
• Panda Scan
• HijackThis

 

Small Popup issue

Hey,

I mistakenly downloaded system doctor yesterday, which resulted in my computer being flooded with spyware. Using the tips from this site I think I have gotten rid of 99% of the issues. However, I still get 1 popup that occasionally surfaces while surfing the web. The issue is actually very minor, however, I hoping to get my computer 100% clean.

I have followed all the steps in the faq (ran CCcleaner, adaware, spybot, microsoft defender etc...nummerous times) I also ran a number of different registry cleaners in the hope of removing any garbage that could be contributing to the problem.

Note:

Bitdefender found 1 item, but deleted it succesfully.. I have attached the log for your review

Panda active scan found 79 items, but i'm guessing the majority is minor stuff (cookies etc..). Report is also attached.

Hijack this report has also been included.

THanks

 

sorry, I got rid of the cmdservice problem so I thought a new thread might be necessary..

Thanks for the new directions@@

 

Ok, I ran the program and have attached the file.

 

Bump

 

Download
- Pocket Killbox

The installed version of Java on this compter is out-date.[/color][/b] Install version 1.5.0_07 available from http://www.java.com/en/download/manual.jsp. Make sure you uninstall all older versions that are on your computer.

Download DelDomains and unzip it to your desktop.

Find the files from deldomains.zip on your Desktop and RightClick on the deldomains.inf file and select Install.

Afterwards run Spybot and make sure you re-Immunize immediately. Then run a full system scan. If you get any reported problems, attach the log from Spybot.

Make sure you have done the following:
- How to view hidden, system files & folders!

Read and understand the following:
- Searching for Hidden Files on WinXP

Copy everything inside the quote box below and paste it into notepad. Go to "File > Save As" and click the drop-down box to change the "Save As Type" to "All Files". Save it as FixReg.reg on your Desktop. DO NOT run the registry patch, we will do that later in Safe Mode.

Close Notepad.

Copy everything inside the quote box below (starting with dir) and paste it into notepad. Go up to "File > Save As" and click the drop-down box to change the "Save As Type" to "All Files". Save it as findfile.bat on your Desktop.

Locate findfile.bat on your Desktop and double-click on it. It will open Notepad with some text in it. Go to "File > Save As" and click the drop-down box to change the "Save As Type" to "All Files". Save it as findfile.txt on your Desktop.

In HJT Choose Open the Misc Tools Section choose Process Manager, Highlight:

Choose Kill Process

Now Run HijackThis. Click the 'Do a system scan only' button. Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click the RED X.

Run Killbox.exe. Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot. Note many of the file list below may not exist but we need to check for them anyway.

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open Windows Explorer navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

Locate FixReg.reg on your Desktop, double-click on it and answer 'Yes' when asked if you want to merge with the registry.

Using the serach function in the Start Menu, search for repairs303169590.dll. Delete ever occurance.

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Post findfiles.txt and a fresh HijackThis log.