Home > Help Me > Help Me With HJT Log Please.

Help Me With HJT Log Please.

Any help would be greatly appreciated.Logfile of HijackThis v1.99.1Scan saved at 1:01:17 AM, on 9/7/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16512)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\System32\CTSvcCDA.exeC:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exeC:\PROGRA~1\McAfee\MSC\mcmscsvc.exec:\program files\common files\mcafee\mna\mcnasvc.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcods.exeC:\PROGRA~1\McAfee\MSC\mcpromgr.exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exec:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exeC:\Program Files\McAfee\MPF\MPFSrv.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\McAfee\MPS\mps.exec:\PROGRA~1\mcafee.com\agent\mcagent.exeC:\Program Files\McAfee\MPS\mpsevh.exeC:\Program That will clean up the 018 lines.http://www.logitech.com/index.cfm/494/3041&cl=us,en?osid=1&file=It can probably be unistalled as it is a update notification. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Register And it freezes and a ctrl/alt/delete shows a program called "Quick" running then - ending it unfreezes explorer.So far I have - run scandisk and it has fixed errors.

Once reported, our moderators will be notified and the post will be reviewed. Kozierok. The time now is 01:36 AM. Rather, HijackThis looks for the tricks and methods used by malware to infect your system and redirect your browser.Not everything that shows up in the HijackThis logs is bad stuff and https://www.cnet.com/forums/discussions/hjt-log-please-help-me-92899/

Nintendo Switch review: Hands on with the intuitive modular console and its disappointing games… 1995-2015: How technology has changed the world in 20 years Here's what should be coming to Adobe Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_4.DLLO3 - Toolbar: Popup Eliminator - {86BCA93E-457B-4054-AFB0-E428DA1563E1} - C:\PROGRAM FILES\POPUP ELIMINATOR\PETOOLBAR401.DLL (file missing)O3 - Toolbar: rzillcgthjx - {5996aaf3-5c08-44a9-ac12-1843fd03df0a} - C:\WINDOWS\APPLICATION DATA\CKSTPRLLNQUL.DLL What to do:If you don't Please provide your comments to help us improve this solution. Hence I decided to use Hijackthis to thoroughly check.

The second part of the line is the owner of the file at the end, as seen in the file's properties.Note that fixing an O23 item will only stop the service They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".[*]Click on this link to see a list of programs that should be disabled. List 10 Free Programs for Finding the Largest Files on a Hard Drive Article Why keylogger software should be on your personal radar Get the Most From Your Tech With Our If you are asked to reboot the machine choose Yes.NOTE: If OTMOVEITE reboots, before you can get the ruslts they can be found hereC:\_OTMoveIt\MovedFiles\********_******.log(where "********_******" is the "date_time")* Please download ComboFix

Budfred ..... If you didn't add the listed domain to the Trusted Zone yourself, have HijackThis fix it.O16 - ActiveX Objects (aka Downloaded Program Files)What it looks like: O16 - DPF: Yahoo! Trend MicroCheck Router Result See below the list of all Brand Models under . http://www.pcguide.com/vb/showthread.php?42389-Hjt-Log-Please-Help-And-Advise Pacman's Startup List can help with identifying an item.N1, N2, N3, N4 - Netscape/Mozilla Start & Search pageWhat it looks like:N1 - Netscape 4: user_pref "browser.startup.homepage", "www.google.com"); (C:\Program Files\Netscape\Users\default\prefs.js)N2 - Netscape

Spyware removal software such as Adaware or Spybot S&D do a good job of detecting and removing most spyware programs, but some spyware and browser hijackers are too insidious for even If you know that this is a program you use, then it's OK.Close all open applications. Please consider a donation to The PC Guide Tip Jar. Others.

Read the all-new, FREE 200-page online guide: How to Build Your Own PC! NOTE: Using robot software to mass-download the site degrades the server and is prohibited. http://www.hijackthis.de/ You may have to register before you can post: click the register link above to proceed. O7 - Regedit access restricted by AdministratorWhat it looks like:O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1What to do:Always have HijackThis fix this, unless your system administrator has put this restriction into place.O8 - Extra All rights reserved. Copyright 1997-2013 Charles M.

Please see important note at the bottom regarding a vulnerabilty in Sun Java that may be the source of this infection. That may cause it to stall**I will require:OTMOVEIT2 resultscombofix log HJT logThanks Navigation  Message Index Next page Previous page Go to full version Feedback Home Vundo/VirtuMonde is an adware program that downloads and displays popup advertisements, often seen as Winfixer. bobbydee: System Report oldman: We'll try to get rid of moe money in safe mode.* Please download OTMoveIt2 by OldTimer.Save it to your desktop.

Using the site is easy and fun. What is HijackThis? In the Toolbar List, 'X' means spyware and 'L' means safe. TechSpot Account Sign up for free, it takes 30 seconds.

Article What Is A BHO (Browser Helper Object)? HijackThis.de Security HijackThis log file analysis HijackThis opens you a possibility to find and fix nasty entries on your computer easier.Therefore it will scan special Please try again.Forgot which address you used before?Forgot your password?

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) Safe This entry is not running from the System32 folder, so it is probably nasty.

Tick the checkbox of the malicious entry, then click Fix Checked.   Check and fix the hostfile Go to the "C:\Windows\System32\Drivers\Etc" directory, then look for the hosts file. Disruptive posting: Flaming or offending other usersIllegal activities: Promote cracked software, or other illegal contentOffensive: Sexually explicit or offensive languageSpam: Advertisements or commercial links Submit report Cancel report Track this discussion For information on the program click here.We ask that you post publicly so people with similar questions may benefit from the conversation.Was your question answered? When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run.

Facebook Google+ Twitter YouTube Subscribe to TechSpot RSS Get our weekly newsletter Search TechSpot Trending Hardware The Web Culture Mobile Gaming Apple Microsoft Google Reviews Graphics Laptops Smartphones CPUs Storage Cases Click Open the Misc Tools section.   Click Open Hosts File Manager.   A "Cannot find the host file" prompt should appear. Already have an account? In the most cases this is the result of trojans.

I am a paying customer just like you! They are desktop components.