Please please help...what is kshpihkm.dll

Discussion in 'Malware Help (A Specialist Will Reply)' started by Sihlv, Oct 16, 2007.

  1. Sihlv

    Sihlv Private E-2

    Hi...:)
    This is my first post in here but i've read a few posts and they have helped me in the past. Im not computer savvy but i can follow directions. I have some nasty pop-ups like some of the other posters in these forums that look sooo legit that i actually clicked on them and omg what a big mistake now i'm paying for it...I have this file in my system32 folder kshpihkm.dll I don't know what its for and how i got it. I have read thru some of the forums and searched for this file but have come up with nothing. My computer has had virus problems for a few days now and i've come to a halt on what i can do. I had trojans, worms and what else theyre called. I'v used spybot to get rid over 8000 infected files (which were in one folder...bugger me how they got there), have ran avg and a few of the ones that have been mentioned in here e.g CCleaner, VundoFix(which couldnt remove kshpihkm.dll even after restart), SDFix (cos my task manager went poof!!! and not to mention my System32 folder but thats now back thanks to these forums), HJT, ATF cleaner, smitfraudfix.........i have 3-4 of these files showing up in my HJT logs (system32 folder and WinLogon ????) but when i fix them theyre back in there when i run it again...i dont want to format yet but im running out of options and programs to give me hope of flushing it out of my system. The so-called legit balloons list the following viruses: PSW.x-Vir trojan, Trojan-Spy.win32@mx, black door trojan - Spyware cyberlog-X, NetWorm-i.Virus@fp, SpyBot@MXT trojan and some others that i havent written down yet.
    Another thing i noticed is that something (i'm not sure if its all these crappy trojans) set a restore point that i cant undo i have turned off system restore buuuuuut its turned back on again when i restart....:cry...i know this post is a little vague and scambled but omg im soooo lost. if someone out there can interpret and unscamble my post into some plain english....oh please help.

    Thanks for reading my gobbly goo...:)
     
    Sihlv, Oct 16, 2007
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Welcome to Majorgeeks!

    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.
    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
      • CounterSpy
      • AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy
      • Bitdefender - from step 6
      • Panda Scan - from step 6
      • runkeys.txt - the log from GetRunKey.bat
      • newfiles.txt - the log from ShowNew.bat
      • HijackThis
    NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
     
    TimW, Oct 16, 2007
    #2
  3. Sihlv

    Sihlv Private E-2

    Hi TimW and thanks for the welcome...

    With regards to the kshpihkm.dll file...I have finally found where it was being used (as an add-on in internet explorer as an unknown, so i disabled it...oh the grief it gave) I deleted it using VundoFix...YAY...YAY...YAY and now my pc has picked up dramatically, no more pop ups and slowness. I ran HiJackThis a few times to ensure that it had packed its bags and left my pc...and omg I was sooo happy it has gone. I still havnt put my pc back on the net yet...im a lil afraid it mite come back, but if needed i will do another search with HiJackThis and post the log if still required...

    I so thank everyone that has posted in these forums if it wasnt for u guys i soooo would have formatted by now...

    Thanks heaps :) :) :)
     
    Sihlv, Oct 17, 2007
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I'm glad you got it working ...however, I can't give you a clean bill of health without the requested logs ....there is still remnants that may be remaining.

    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
      • CounterSpy
      • AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy
      • Bitdefender - from step 6
      • Panda Scan - from step 6
      • runkeys.txt - the log from GetRunKey.bat
      • newfiles.txt - the log from ShowNew.bat
      • HijackThis
     
    TimW, Oct 17, 2007
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds