Could someone take a look at my HJT log? I just ran one to make sure everything was okay, I have never run one before, so I thought it would be a good idea. Thanks!
I think the admins usually only check the logs of people with probable infections. I scanned ur log with hijackthis.de/ and it looks squeeky clean as far as this scan can show. Hope this makes you feel safer 
The admins/moderators generally don’t get involved in the HJT logs, though it does happen on occasion. For the most part it is the forum members with experience of the logs that help as you have on a number of occasions. The hijackthis.de site gives a good start point, backed up with the usual googling, etc.
This HJT entry is redundant and probably not a problem and could be fixed.
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
Have you uninstalled MSN Messenger as there is a missing file being reported (check if it is there)
O9 - Extra button: Windows Live Messenger - {B8E99280-3C35-4d50-8595-BDD33A756A4B} - %Programfiles%\MSN Messenger\msnmsgr.exe (file missing)
O9 - Extra ‘Tools’ menuitem: Windows Live Messenger - {B8E99280-3C35-4d50-8595-BDD33A756A4B} - %Programfiles%\MSN Messenger\msnmsgr.exe (file missing)
If you have uninstalled MSN Messenger you can fix the above.
Also you don’t appear to have an active firewall running, what firewall are you using ?
Other than that I don’t see anything obvious.
yeah david, i noticed those things as well, but they arent harmful so i didnt mention them. Go pack Go, if you need a firewall i would suggest either zone alarm free, comodo, or PC Tools Firewall. If you have little or limited knowledge, i would probably recommend zone alarm.
Hi philly12,
HijackThis can also be used as sort of crap cleaner, and this case as DavidR proposes. it can be used to clean remainders of previous installs. Some users will additionally use HJT for that reason. Of course you should read a good manual where all the findings of HJT are explained, so you can make a well-founded decision what to fix. As part of a normal malware cleaning routine people also are asked to use ATF-Cleaner or CCleaner or ClearProg, because cleaning out the Augias stable of your temp files will enhance the performance of your machine and can be helpful against malware.
For people that are learning to work HJT I can recommend freefixer: http://www.freefixer.com/
This is a general purpose removal tool, to get a good view of what is there and to cleanse computers in a savvy way there is StartDreck: http://ben.cheetham.me.uk/download/niksoft/startdreck217.zip
A further nice program in combination with HijackThis is runscanner:
http://www.runscanner.net/download.aspx?version=1.6.1.0
, and a spyware process analyzer like XRayPC: http://www.x-raypc.com/download.php
I like people to get the feel of these programs to get an understanding what they have on their computers, if in trouble they can always ask people in our forums to evaluate.
polonus
Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below. [b]
O23 - Service: TYWAERVRAY - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\TYWAERVRAY.exe (file missing)
[/b]Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis.
@echo off sc stop TYWAERVRAY sc delete TYWAERVRAY exitNext you will need to create the batch fix to do that copy and paste [b]ALL[/b] of the above in the quote box to a notepad file. Then in the text file go to [b]FILE > SAVE AS [/b] and in the dropdown box select [b]SAVE AS TYPE [/b] to[b] ALL FILES [/b] Then in the [b]FILE NAME [/b] box type [b]fix.bat[/b]
This will create a batch file
http://img524.imageshack.us/img524/9383/batmp6.jpg
Then run fix.bat by double clicking you may see a black box appear this is normal
Sorry, i’m just curious what fixing that entry did? It was listed as “Fuzzy Algorithmcheck (3.51 / 5.00), Safe” so i figured it was okay. Google isnt really helping me. What is this file anyway?
I’ve notice the “Fuzzy Algorithmcheck” misclassify a malware entry as safe before.
I uninstalled MSN Messenger, but that is because it was changed to Windows Live Messenger, so I don’t know if that would change anything. I noticed that TYWAERVRAY is in my services.msc and is set to Manual. Also, I have Windows Firewall, I know no outbound protection.
I removed the four items that were suggested. I was wondering what this entry is:
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
Thanks
the 04 entry you asked about looks like it is this, but wait for conformation from an admin:
"Windows errors related to dumprep.exe ?
dumprep.exe forms a part of Microsoft Windows XP (and later versions), in-built fault logging software. Upon serious errors this program will write the details to a text file and request the information be sent to Microsoft. This program is a non-essential system process, and is installed for third party use. Check that dumprep.exe is stable on your computer."