Home > Hjt Log > HJT Log Help - Ross

HJT Log Help - Ross

As promised, one HJT Report, hopefully it sheds some light on my problems: Logfile of HijackThis v1.99.1 Scan saved at 00:02:35, on 02/03/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Tech Support Forum Security Center Virus/Trojan/Spyware Help General Computer Security Computer Security News Microsoft Support BSOD, Crashes And Hangs Windows 10 Support Windows 8, 8.1 Support Windows 7, Vista Support Windows It is harmless. Service & Support HijackThis.de Supportforum Deutsch | English Forospyware.com (Spanish) www.forospyware.com Malwarecrypt.com www.malwarecrypt.com Computerhilfen www.computerhilfen.com Log file Show the visitors ratings © 2004 - 2017

Then right click once more, this time click the bottom line, Exit. Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cabO16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{EAF984B3-3B7A-4D21-A8FC-DD7EAEA767A2}: NameServer = - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)O20 - Winlogon Notify: igfxcui Regarding processes: seems to show system idle fluctuating all the time between 95% and 97%, CPU usage on idle 4-5% Main memory use: explorer.exe cpu 0-2% fluctuating with mem usage 28k, One quick check I might suggest: Press -- to open Task Manager, then click on the Processes tab. http://www.techsupportforum.com/forums/f100/hjt-log-help-ross-295023.html

Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: If you see anything showing high CPU usage or high Memory usage, make a note of it.Now, click the Performance tab. Help Started by ross607, July 14, 2009 9 posts in this topic ross607    New Member Topic Starter Members 7 posts ID: 1   Posted July 14, 2009 Hey Guys,OK got

Nothing is hogging your CPU at idle. You can have it fix R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost This one, I'm not sure what it is, so you can delete it and if you need it, restore it Register now! I can't say for sure, I only checked a few sites.

O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program It is Valentine's day, so do not worry about this until tomorrow. Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab28578.cabO16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/.../ymmapi_416.dllO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cabO16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) logs below INFO info.txt logfile of random's system information tool 1.02 2008-09-29 10:22:14 ======Uninstall list====== -->C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0 -->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature -->C:\WINDOWS\System32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} -->C:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}

Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Download it to your desktop and double click to open. Would you see another reason why I cannot do the update for Internet Explorer? Only problem is, is that when I run AVG 7.0 the scan always comes up clean saying there is no virus.

My machine is a very middling Sempron 2400, low end when I built it a year and a half ago.What you are looking for is sustained high usage, with a bad I have a feeling there is still something lurking there which is slowing down the system.As requested I attach SpyBot and new HiJackThis logs. You can delete them if you wish. Quote Share this post Link to post Share on other sites MrsBeam 0 Members 0 1,552 posts Posted February 15, 2005 · Report post I am happy that my computer

Register now! The forums have been very busy.If you still need help, I need to see a Spybot log.Open the program, run updates, and then run a full system scan. If a page is retrieved from cache CPU usage is much less.Actually had to fire up IE for the first time in weeks to check this--I use Firefox. Do you use a proxy server?Another question: Did this slowdown coincide with the installation of a new program, or an update -- including Windows updates?The only line I see in your

Have you tried the check I suggested, tracking what happens to CPU usage while you are using Internet Explorer? The first item is the MSN toolbar. I cannot stay on line for now. Three of the lines I am not sure of, they are these:O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-gb\msntb.dll (file missing)O9 - Extra button: Yahoo!

We will also try and help with troubleshooting any technical problems you may have with the forums. Ok, here's the HJT in normal mode. Under the proxy section there is an entry: Port 80, but the section is greyed out and the box is not checked, so I'm assuming whatever is in there is

Open the Tools section.

So to disable guard.exe, I just put a check next to its line in HJT and clicked fix checked. You can read the information on the download page for an idea of what it will do. Click here to Register a free account now! If a browser behaves like this it usually means it has been hijacked and is doing things behind your back.

The x's are numbers, the first four being the current year. Please help. I re-ran HiJackThis and the O23 line entry was still showing too. Next step is to open Internet Explorer and open Task Manager at the same time.

Again you will get the warning message, click Yes to close the program. That means it's causing the CPU to work continuously, which should not be the case for a web browser. Please let me know if it helped.