Home > Please Check > Please Check My HijackThis Log File

Please Check My HijackThis Log File

Please re-enable javascript to access full functionality. Raman, will you please tell me if they are good or bad.Mac, of course I am no expert like Raman...but this is what I found about these two entries.O4 - HKLM\..\Run: C:\Documents and Settings\John Cleere\Local Settings\Application Data\Mozilla\Firefox\Profiles\93piclna.default\Cache\D6AA6E0Dd01 11/20/2006 8:10 AM 20.04 KB Hidden from Windows API. C:\Documents and Settings\John Cleere\Local Settings\Application Data\Mozilla\Firefox\Profiles\93piclna.default\Cache\271B0990d01 11/20/2006 8:12 AM 43.79 KB Hidden from Windows API. Source

to open programs. ...John Back to top #4 DaveM59 DaveM59 Bleepin' Grandpa Members 1,355 posts OFFLINE Gender:Male Location:TN USA Local time:01:16 AM Posted 18 November 2006 - 10:56 PM Hi Regards, Dave Back to top #7 jbcleere jbcleere Topic Starter Members 14 posts OFFLINE Local time:12:16 AM Posted 20 November 2006 - 10:50 AM Dave, Physical Memory- 260080 Commit Charge C:\Documents and Settings\John Cleere\Local Settings\Application Data\Mozilla\Firefox\Profiles\93piclna.default\Cache\22DD1EF3d01 11/20/2006 8:12 AM 89.51 KB Hidden from Windows API. C:\Documents and Settings\John Cleere\Local Settings\Application Data\Mozilla\Firefox\Profiles\93piclna.default\Cache\ED8931CAd01 11/20/2006 8:26 AM 19.28 KB Hidden from Windows API. dig this

Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Jump I am guessing the Svchost.exe with 50xxxK usage is the one marked SYSTEM. This is a text file and can be opened with Notepad.Then, since no rootkit scanner is perfect, let's use another one. Join the community here, it only takes a minute.

Die Datenbank der Online-Analyse wird nicht mehr gepflegt. PopupCop v2.0.3.20 (This is the best software you won't be sorry)Logfile of HijackThis v1.97.7Scan saved at 9:26:28 PM, on 4/24/2004Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Stay informed with Comcast Alerts Alerts are an easy, quick way to manage your account and get information - like payment confirmations and your current balance. C:\Documents and Settings\John Cleere\Local Settings\Application Data\Mozilla\Firefox\Profiles\93piclna.default\Cache\5C16E1CDd01 11/20/2006 8:10 AM 330.57 KB Hidden from Windows API.

Also scan your machine frequently with Ewido and make sure your antivirus and firewall are updated.BTW, Ewido has been upgraded and the name changed to AVG Antispyware7.5. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = deacnet.wfu.edu O17 - HKLM\Software\..\Telephony: DomainName = deacnet.wfu.edu O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = deacnet.wfu.edu O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = deacnet.wfu.edu Only fix these 017 entries, if they The PF usage is at 301mb and is about half way up the graph. C:\Documents and Settings\John Cleere\Local Settings\Application Data\Mozilla\Firefox\Profiles\93piclna.default\Cache\5DE6E51Ed01 11/20/2006 8:11 AM 143.61 KB Hidden from Windows API.

Several functions may not work. Do not terminate any process except on my instructions!If you don't see anything with Task Manager, then it's time to run a few more scans. Ewido found some small stuff like tracking cookies. I'm not that good with virus removal.For me, it's simple, running SpyBot, Ad-aware and avast to know more about the infections...

See what happens to CPU usage. https://www.bleepingcomputer.com/forums/t/72080/followed-instructions-please-check-my-hijackthis-log/ Please download Rootkit Revealer here. Accept the agreement, then on the next screen click the Scan button. If you don't see anything unusual when you launch a program or cannot correlate this issue with some other event then go ahead and run those scans now.

Join thousands of tech enthusiasts and participate. http://uberbandwidth.com/please-check/please-check-hjt-log-file.php Back to top #12 DaveM59 DaveM59 Bleepin' Grandpa Members 1,355 posts OFFLINE Gender:Male Location:TN USA Local time:01:16 AM Posted 21 November 2006 - 09:00 AM John, did you manage to I don't know how to run it. If so, is it so bad that you notice lags between keyboard input and when characters appear on screen for example?

Please post a reply here if you spot something, don't go on with the rest of these instructions, just describe the situation. C:\Documents and Settings\John Cleere\Local Settings\Application Data\Mozilla\Firefox\Profiles\93piclna.default\Cache\760058A9d01 11/20/2006 8:32 AM 142.05 KB Hidden from Windows API. His number was 353-214-913001. have a peek here O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file) O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} -

It will create a folder on your desktop. And when you did your prep work for posting the HJT log, did Ewido or the other scans find anything? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}

Thanks.thank you, Technical...but I have the best teachers--and you are one of the very best cojo Logged SpeedyPC Avast Evangelist Massive Poster Posts: 3097 Avast Free AV shall conquer the whole

Logged The best things in life are free. Bitte bedenken Sie, dass viele Funktionen nicht funktionieren werden, solange sie Javascript nicht aktivieren. C:\Documents and Settings\John Cleere\Local Settings\Application Data\Mozilla\Firefox\Profiles\93piclna.default\Cache\08AB6089d01 11/20/2006 8:31 AM 20.54 KB Hidden from Windows API. SpeedyPC Avast Evangelist Massive Poster Posts: 3097 Avast Free AV shall conquer the whole world Can someone please check my HijackThis log file « on: April 24, 2004, 01:42:13 PM »

Open the folder and double click the program icon to run it. The svchost.exe is using the most memory at 53368k, next is firefox at 31840k and then something called vsmon.exe at 11468k. C:\Documents and Settings\John Cleere\Local Settings\Application Data\Mozilla\Firefox\Profiles\93piclna.default\Cache\32298420d01 11/20/2006 8:10 AM 42 bytes Hidden from Windows API. Check This Out Try to borrow another stick of compatible RAM and install it in your machine.

The pagefile usage will depend on how much physical RAM you have. I just wrote something that I'm sure regarding your log file...Cheers !Thanks for the guru but I think this can be handled better by whocares and/or raman.