TechSpot

HijackThis Logs for review

By wlknaack
Sep 19, 2005
  1. I am helping a friend clean-out and secure his computer, with an additional objective to free-up RAM. His system is Pentium 3, Windows XP Home, with 256MB RAM, which we increased to the maximum 384MB allowable on the system. The pagefile has been set to 1.5 X RAM, minimum and maximum.

    We uninstalled Norton Internet Security and removed all remaining files (with the exception of the process shown in the attached HijackThis Logs, which we will remove after someone reviews the attached logs). In addition to the installation of a D-Link Router, HijackThis, Spy Guard and SpywareBlaster, and the clean-up tool CCleaner, the following security software has been installed:

    CWShredder, Spybot Search & Destroy, Ad-Aware SE Personal, Microsoft AntiSpyware, A2, AVG AntiVirus and Kerio Firewall.

    Using CCleaner and Spybot Search and Destroy, the invalid entries in the Registry were cleaned out. The above five spyware detection and removal programs, along with AVG AntiVirus, were run sequentially in "normal" mode, and all issues found were removed or quarantined. The system was rebooted in safe mode, and the same five spyware detection and removal programs, along with AVG AntiVirus, were run again. Upon completion, and while still in safe mode, a scan was performed in HijackThis and the log, hijackthis safemode 091805.txt, is attached.

    The system was rebooted into "normal" mode and a scan was performed in HijackThis and the log, hijackthis 091805.txt is attached.

    I would appreciate a review of the logs so we can finish the clean-up, and proceed with down-sizing the start-up menu. Any ideas anyone has to improve the RAM usage (i.e. increase unused RAM in "idle" mode) will be welcome. Also, can someone tell me if all those "018-protocol" entries for the Logitech wireless mouse are necessary?

    Your help will be sincerely appreciated.
     
  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    To get rid of those O18 entries, UNinstall the Logitech Desktop Messenger, who needs it?

    Other than that, boot in Safe Mode, run HJT and 'fix':
    R3 - Default URLSearchHook is missing
    O16 - DPF: {4129EA54-F04E-11D3-BF96-00C04F0E7BE2} - http://www107.coolsavings.com/download/cscmv4X.cab

    Don't bother to post HJT-logs from normal mode, only from safe-mode please.
     
  3. wlknaack

    wlknaack TS Rookie Topic Starter Posts: 143

    Reply to RealBlackStuff

    Many thanks! Will do!
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...