Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

FINDIT NT-2000-XP Log


  • This topic is locked This topic is locked

#31
Dragon

Dragon

    All Around Computer Nut

  • Retired Staff
  • 2,678 posts
make a backup of your registry first so you can repair it if necessary.

Then go ahead and let me know how it works
  • 0

Advertisements


#32
Portnoy

Portnoy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
I deleted them.
Booted into Safe Mode.
HJT sees them anyway and cannot clean them out.

Stubbirn huh?
  • 0

#33
Dragon

Dragon

    All Around Computer Nut

  • Retired Staff
  • 2,678 posts
well without the registry keys, and actual files to cause problems, I am willing to call this log clean. They are just cluttering up your log but causing no problems for you.

if we find a definitive answer on what is causing these BHO to stay I will notify you ASAP. in the mean time

How do you prevent spyware from being installed again? We strongly recommend installing SpywareBlaster (it's free for personal use) Click Here.

Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted pests.
Block spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.
Restrict the actions of potentially dangerous sites in Internet Explorer.
Consumes no system resources.

Download, run, check for updates, download updates, select all, protect against checked. All done. Check for updates every couple of weeks. If you have any errors running the program like a missing file see the link at the bottom of the javacool page.

IE-SPYAD puts over 4000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
https://netfiles.uiu...rce.htm#IESPYAD

It's also very important to keep your system up to date to avoid unnecessary security risks. Click Here to make sure that you have the latest patches for Windows.

And also see
So how did I get infected in the first place?

These next two steps are optional, but will provide the greatest protection.
1. Use ANY browser besides Internet Explorer, almost every exploit is crafted to take advantage of an IE weakness. We usually recommend FireFox Posted Image.
2. Install Sun's Java. It's much more secure than Microsoft's Java Virtual Machine .

It's okay to delete the Hijack This folder if everything is working okay.

After doing all these, your system will be thoroughly protected from future threats. :tazz:

Edited by Efwis, 26 February 2005 - 08:08 PM.

  • 0

#34
Portnoy

Portnoy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
OK!

Thanks for all your help. That was truly a Marathon.
I get paid next week .
I think this service is good for a $20.

Sheesh, after this day, maybe I should become a helper.

Portnoy
  • 0

#35
Dragon

Dragon

    All Around Computer Nut

  • Retired Staff
  • 2,678 posts
if you are seriously interested in helping us fight this war, then please email an admin and explain to them that you are wanting to join GeekU, that is our training class, we will teach you how to recognize all sorts of Malware and how to clean other users systems with our tools of the trade

Edited by Efwis, 26 February 2005 - 08:11 PM.

  • 0

#36
Dragon

Dragon

    All Around Computer Nut

  • Retired Staff
  • 2,678 posts
hi again Portnoy,
it looks like we may have a fix for you

Download: Registrar Lite (freeware)
http;//www.respendence.com/reglite

* Run HijackThis and produce a log.
* Start Registrar Lite
* Locate the each of the "(no file)" entries from the HijackThis log.
* Copy and paste the CLSID into the top address bar in Registrar Lite.
* Click the Go button (upper right)
* Once located, right-click and select: Properties
* Click Permissions, Click the Advanced button


Place a checkmark next to the following:

"Inherit from parent the permission entries that apply to child objects..."

Click OK, Click Ok, Delete the key

Repeat for each of the returning entries ...

Let us know how you do
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP