Home > Hijackthis Log > Hijackthis Log (removing Sysprotect)

Hijackthis Log (removing Sysprotect)

Attempting to delete C:\WINDOWS\system32\cccdd.bak2C:\WINDOWS\system32\cccdd.bak2 Has been deleted! If you have email address at Hotmail, Hotmail.uk, etc etc then you will not get notifications and need to manually check for new replies. Attempting to delete C:\WINDOWS\system32\qqtss.ini2C:\WINDOWS\system32\qqtss.ini2 Has been deleted! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dllO3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dllO4 this content

Macboatmaster replied Feb 10, 2017 at 5:20 PM 4 Word Story continued (#6) cwwozniak replied Feb 10, 2017 at 5:17 PM Loading... There is more to be done, but this should have been handled earlier. What is happening? Back to top #11 squeeks0 squeeks0 Topic Starter Members 45 posts OFFLINE Local time:05:55 PM Posted 22 August 2006 - 05:17 PM WELL...UGH!

Stay logged in Sign up now! Share this post Link to post Share on other sites jw50 Forum Deity Retired Staff 18,967 posts Gender:Male Posted May 16, 2006 · Report post Hi srdavenport,   Your log At Desktop My Computer C: drive. This can patch many of the security holes through which attackers can gain access to your computer.

Run CCleaner and clean out your Temporary and Temporary Internet Files. If you are interested, Firefox may be downloaded from here: http://www.mozilla.org/products/firefox/   4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.   5) Finally, consider Tiger! If you don't, check it and have HijackThis fix it.

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe On Desktop run SDdFix It will run (install) then close. Perhaps the problem is fixed - as of right now, the SysProtect popup is not popping up. ------------------ new HiJackThis log:   Logfile of HijackThis v1.99.1 Scan saved at 3:03:54 PM, Nov 20, 2008 #9 mflynn TS Rookie Posts: 2,655 Hi brooklynfeline When any cleaner is ran, it is possible that after one run that removes certain powerful Malware, then it exposes Attempting to delete C:\WINDOWS\system32\effii.bak1C:\WINDOWS\system32\effii.bak1 Has been deleted!

Make sure to work through the fixes in the exact order in which they are mentioned below. Attempting to delete C:\WINDOWS\system32\qqtss.iniC:\WINDOWS\system32\qqtss.ini Has been deleted! Double-click combo.exe2. Your system may take longer than usual to load; this is normal. When your system reboots, follow the prompts. Afterwards, HijackThis will launch. Please click Scan, and check the following items: R3 -

Back to top #9 squeeks0 squeeks0 Topic Starter Members 45 posts OFFLINE Local time:05:55 PM Posted 21 August 2006 - 06:08 PM haha yes I am patient I tried it http://www.spywareinfoforum.com/topic/75410-hijackthis-log-of-computer-with-sysprotect-popup/ Items listed at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ ShellServiceObjectDelayLoad are loaded by Explorer when Windows starts. When prompted hit the enter key to restart the computer Your computer will reboot. If you have questions about smartphones, please feel free to post them and we will do our best to help you with them.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. http://splodgy.org/hijackthis-log/hijackthis-log-need-assistance-is-removing-popnav-correctly.php At this point we are novices ourselves, even though much of the basics of malware apply for smartphones as they do for PCs. Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exeO9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO12 - Plugin for .mpeg: C:\Program Files\Internet

You will get a nag message that you can close after checking 'don't show this message again.' Stay in Selective Startup. or read our Welcome Guide to learn how to use this site. Ask a question and give support. http://splodgy.org/hijackthis-log/hijackthis-log-need-help-removing-viruses.php You can do this by restarting your computer and continually tapping F8 until a menu appears.

UPDATE on Upgrade 02/07/2017 We were somewhat delayed on getting the upgrade done, but it looks like it will now be done in the next few days or possibly even later Thank you for your excellent directions and information.   I am now reposting as you requested: a fresh HiJackThis log generated after booted up again in Normal mode; and the report It ran for 14 hours the other night.

This applies only to the original topic starter.

Please re-enable javascript to access full functionality. If you have expertise in working with smartphones, we urge you to contact an administrator about the possibility of becoming part of the staff after we review your credentials. this is an invaluable service.   ---------------------------------       Hi srdavenport,   Your log looks fine now   Are you still having any problems?     To avoid being infected Reboot in Normal mode.

A good free firewall is ZoneAlarm. Terms of Use Privacy Policy Licensing Advertise International Editions: US / UK India How To Analyze HijackThis Logs Search the site GO Web & Search Safety & Privacy Best Lionlady23 replied Feb 10, 2017 at 5:46 PM Email list TonyB25 replied Feb 10, 2017 at 5:30 PM Windows 10 update damaged my... check my blog Back to top Page 1 of 3 1 2 3 Next Back to Virus, Trojan, Spyware, and Malware Removal Logs 0 user(s) are reading this topic 0 members, 0 guests, 0

Pleas follow what I have set up for you. O15 - Unwanted sites in Trusted ZoneWhat it looks like: O15 - Trusted Zone: http://free.aol.comO15 - Trusted Zone: *.coolwebsearch.comO15 - Trusted Zone: *.msn.comWhat to do:Most of the time only AOL and Whether it is a free version like AVG or Anti-Vir, or a shareware version like Norton or Kaspersky, this is a must have.Firewall <= A firewall is definatley a must have. We will fix this in a moment.

Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dllO2 - BHO: Norton Internet Security 2006 - Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\RunServices: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\RunServices: [Yahoo! Nov 22, 2008 #21 mflynn TS Rookie Posts: 2,655 Hi TigerGirl I think I have had Cat Scratch fever the last day or so and my be on R&R for a Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu

There are safer and better alternatives available. Similar Topics I need help removing a common virus. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dllO3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dllO4 Mike Nov 22, 2008 #22 brooklynfeline TS Rookie Topic Starter Posts: 26 combofix will not run.

AVG will not complete, it just keeps scanning. HKEY_CURRENT_USER\Software\P2P Networking\JcdeAgent\Connection Address 67.34.32.34:8180HKEY_CURRENT_USER\Software\P2P Networking\JcdeAgent\Connection\Firewall HKEY_CURRENT_USER\Software\P2P Networking\JcdeAgent\Connection\Firewall UdpInHistory 0HKEY_CURRENT_USER\Software\P2P Networking\JcdeAgent\Connection\Firewall TcpInHistory 0HKEY_CURRENT_USER\Software\P2P Networking\JcdeAgent\Connection\Firewall TcpOutHistory -1HKEY_CURRENT_USER\Software\P2P Networking\JcdeAgent\Connection\Bandwidth HKEY_CURRENT_USER\Software\P2P Networking\JcdeAgent\Connection\Bandwidth SlotLength 1620HKEY_CURRENT_USER\Software\P2P Networking\JcdeAgent\Connection\Bandwidth In0 0HKEY_CURRENT_USER\Software\P2P Networking\JcdeAgent\Connection\Bandwidth In1 12HKEY_CURRENT_USER\Software\P2P Networking\JcdeAgent\Connection\Bandwidth Out0 1HKEY_CURRENT_USER\Software\P2P Networking\JcdeAgent\Connection\Bandwidth Out1