Then go ahead and let me know how it works
FINDIT NT-2000-XP Log
#31
Posted 26 February 2005 - 07:48 PM
Then go ahead and let me know how it works
#32
Posted 26 February 2005 - 08:02 PM
Booted into Safe Mode.
HJT sees them anyway and cannot clean them out.
Stubbirn huh?
#33
Posted 26 February 2005 - 08:06 PM
if we find a definitive answer on what is causing these BHO to stay I will notify you ASAP. in the mean time
How do you prevent spyware from being installed again? We strongly recommend installing SpywareBlaster (it's free for personal use) Click Here.
Download, run, check for updates, download updates, select all, protect against checked. All done. Check for updates every couple of weeks. If you have any errors running the program like a missing file see the link at the bottom of the javacool page.Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted pests.
Block spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.
Restrict the actions of potentially dangerous sites in Internet Explorer.
Consumes no system resources.
IE-SPYAD puts over 4000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
https://netfiles.uiu...rce.htm#IESPYAD
It's also very important to keep your system up to date to avoid unnecessary security risks. Click Here to make sure that you have the latest patches for Windows.
And also see
So how did I get infected in the first place?
These next two steps are optional, but will provide the greatest protection.
1. Use ANY browser besides Internet Explorer, almost every exploit is crafted to take advantage of an IE weakness. We usually recommend FireFox .
2. Install Sun's Java. It's much more secure than Microsoft's Java Virtual Machine .
It's okay to delete the Hijack This folder if everything is working okay.
After doing all these, your system will be thoroughly protected from future threats.
Edited by Efwis, 26 February 2005 - 08:08 PM.
#34
Posted 26 February 2005 - 08:09 PM
Thanks for all your help. That was truly a Marathon.
I get paid next week .
I think this service is good for a $20.
Sheesh, after this day, maybe I should become a helper.
Portnoy
#35
Posted 26 February 2005 - 08:11 PM
Edited by Efwis, 26 February 2005 - 08:11 PM.
#36
Posted 02 March 2005 - 10:52 AM
it looks like we may have a fix for you
Download: Registrar Lite (freeware)
http;//www.respendence.com/reglite
* Run HijackThis and produce a log.
* Start Registrar Lite
* Locate the each of the "(no file)" entries from the HijackThis log.
* Copy and paste the CLSID into the top address bar in Registrar Lite.
* Click the Go button (upper right)
* Once located, right-click and select: Properties
* Click Permissions, Click the Advanced button
Place a checkmark next to the following:
"Inherit from parent the permission entries that apply to child objects..."
Click OK, Click Ok, Delete the key
Repeat for each of the returning entries ...
Let us know how you do
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users