Home > My Hijack > My Hijack This Log 01-18-08

My Hijack This Log 01-18-08

However it has been running for about an hour and is still stuck at the following:Scanning for infected files . . .This typically doesn't take more than 10 minutesHowever, scan times Windows loaded as well as her CD!Scratched my head for a second and tried to open Itunes. Also, have you tried any online scans or spyware scans? Join the community here. his comment is here

as i've said.. at which point i'd highly recommend running memtest86+ ) download link for the burnable ISO : easy as downloading, extracting and then loading up any program that can burn Every log file should be copy/pasted in your next reply.Step 1I see you are running Teatimer.I suggest you to disable it because it can interfere with the changes you'll make on Figure out what brand/model of hardrive you have (may be listed in the device manager) let me know which one you got... [/ QUOTE ] Don't think I've done a checkdsk iNegro01-22-08, 08:31 AMDo this NDT. Make sure all other windows are closed and to let it run uninterrupted.Please tick the Scan All users. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Jump Path: C:\Windows\winsxs\Manifests\ Status: Locked to the Windows API!

  1. It detected AND deleted a bunch of cookies AND a Trojan.Poweliks.E which was in the VirtMem Region Dump file path.
  2. Path: C:\Windows\winsxs\x86_microsoft-windows-http-api_31bf3856ad364e35_6.0.6001.18356_none_f57c34d19d6ef507\$$DeleteMe.httpapi.dll.01caa1536038d45a.0092 Status: Locked to the Windows API!
  3. The original file name would have been different. ..Microsoft MVP Consumer Security 2007-2015 Microsoft MVP Reconnect 2016Windows Insider MVP 2017Member of UNITE, Unified Network of Instructors and Trusted EliminatorsIf I have
  4. Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O3 - Toolbar:
  5. Path: C:\Windows\winsxs\x86_microsoft-windows-s..icensing-slc-client_31bf3856ad364e35_6.0.6001.18000_none_c51f5aefa5ed5be4\$$DeleteMe.SLC.dll.01caa1535d3a599a.004a Status: Locked to the Windows API!
  6. You may also want to unplug the computer and completely recheck all connections in the system to make sure everything is snug and well connected (cables) unplugging them and plugging them
  7. I am not supposed to help with HJT logs yet, as I am still learning but if it was on my machine this is what I would do. 1) Download Taskkiller
  8. Uninstall Ad-ware 2007, AVG, Spyware doctor, and Trojan Hunter.

Disabled it and waalaa... If you use defense+ you will have to answer a ton of pop-up about which programs are allowed to do what, on your computer. iNegro01-23-08, 12:18 AMYour TCP Window is actually set to 63888 and your speed to the US is almost 800 kbps. That would be a nightmare in more ways than one.

Read this before Cleaning or Formatting Then if you decide to attempt to clean your system follow Viruses/Spyware/Malware, preliminary removal instructions exactly and post the requested logs as attachments. Your system overheating or bad ram generally only cause system instability and not sluggish computer performance. Share this post Link to post Share on other sites Maniac    Forum Deity Experts 22,799 posts Location: Bulgaria, EU ID: 10   Posted April 17, 2012 Let's try this one And its not plug-in joan200101-18-08, 12:20 AMAnd its still fluctuating :( trogers01-18-08, 12:26 AMIve replaced my modem at the top of a big speaker.

Please re-enable javascript to access full functionality. Path: C:\Windows\winsxs\Catalogs\ Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\$$DeleteMe.rpcss.dll.01caa1536019e27a.008a Status: Locked to the Windows API! Please re-enable javascript to access full functionality.

Path: C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\$$DeleteMe.lsass.exe.01caa153596cc73a.0005 Status: Locked to the Windows API! m0le is a proud member of UNITE Back to top #4 m0le m0le Can U Dig It? Jan 19, 2008 #24 (You must log in or sign up to reply here.) Show Ignored Content Topic Status: Not open for further replies. C:\system Volume Information\...\a0025371.exe Detection Started by Confused Angel , Jan 18 2008 09:14 PM Please log in to reply 12 replies to this topic #1 Confused Angel Confused Angel Members 5

Run another Hijackthis and use it to fix those entries with 'file missing' or 'no file'. this content Not that we know brusko is using credit cards so forth. The different TCP Window shown by TCP Analyzer may be due to a web proxy of your ISP. And to think this all started doing a simple defrag last Thursday eve and next day got these **** GG errors saying memory can't be read!

Path: C:\Windows\winsxs\Catalogs\ Status: Locked to the Windows API! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! In the meantime, I've installed ZoneAlarm... weblink Also someone was suggesting a TTL of 128 and RWIN of 65536..

trogers01-18-08, 10:12 PMWhat operating system are you using? Sharlanna02-08-2008, 03:59 PMEverything is running great! Uninstall Ad-ware 2007, AVG, Spyware doctor, and Trojan Hunter.

Triple6 replied Feb 13, 2017 at 10:45 PM "TSG Coffee and Café with...

trogers01-18-08, 09:39 AMSee if these settings let you get a connection. Edit: Thread closed due to lack of response. Share this post Link to post Share on other sites copmill    New Member Topic Starter Members 15 posts Location: Chongqing, China Interests: Software Development, Computers, Cars ID: 7   Posted if a single error occurs, you've got faulty memory..

This is frustrating to say the least. Nothing I do seems to be fixing this problem! Path: C:\Windows\winsxs\x86_microsoft-windows-msauditevtlog_31bf3856ad364e35_6.0.6001.18000_none_c7427a4e786d74bc\$$DeleteMe.adtschema.dll.01caa1535e23a05a.0073 Status: Locked to the Windows API! check over here pixie...

Path: C:\System Volume Information\{a807a0b2-110c-11df-8743-00256447277d}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Once we are sure that the trojans have been removed, if the computer is still slow you can try the repair install from your windows XP CD. joan200101-18-08, 12:13 AMIve replaced my modem at the top of a big speaker. Path: C:\Windows\winsxs\x86_microsoft-windows-crypt32-dll_31bf3856ad364e35_6.0.6001.18000_none_5b6fc1dbddd3c6da\$$DeleteMe.crypt32.dll.01caa1535e2d25da.0076 Status: Locked to the Windows API!

no more memory errors! iNegro01-18-08, 09:58 PM TCP Analyzer Results Tested on: 01.18.2008 21:50 IP address: TCP options string: 020405ac01010402 MSS: 1452 MTU: 1492 TCP Window: 32768 (NOT multiple of MSS) RWIN I'm sorry guys, I've been at this 12 hours a day for 5 days now and can't think straight. joan200101-18-08, 12:27 AMLatest Speed log trogers01-18-08, 12:38 AMLatest Speed log This is after you relocated your modem away from the speaker?

When the Press any key to boot from CD message is displayed on your screen, press a key to start your computer from the Windows XP CD. 2. DDS (Ver_09-12-01.01) - NTFSx86 Run by ben at 18:32:34.79 on Wed 02/03/2010 Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_17 Microsoft Windows Vista„ Home Basic 6.0.6002.2.1252.1.1033.18.3032.1698 [GMT -6:00] SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} I'ma noob and VERY tired at this point. Realtime scanners slow your system down and can cause conflicts with each other.

Scan for possible malware. Path: C:\Windows\winsxs\x86_microsoft-windows-dhcp-client-dll_31bf3856ad364e35_6.0.6001.18000_none_d75a29a02e8fcf7a\$$DeleteMe.dhcpcsvc6.dll.01caa1535bfdc2ba.000f Status: Locked to the Windows API! Name: Ntfs.sys Image Path: C:\Windows\System32\Drivers\Ntfs.sys Address: 0x89C04000 Size: 1114112 File Visible: - Signed: - Status: Hidden from the Windows API! Malware Response Instructor 34,451 posts OFFLINE Gender:Male Location:London, UK Local time:03:55 AM Posted 24 December 2009 - 05:41 AM Since this issue appears to be resolved ...

Norton is notorious for leaving stuff behind which can cause problems although this has been blocking connection to the iTunes store.When iTunes is not running, you should have iTunes Heleper.exe and