Hijackthis for John

L

Lliam

New Member
Hi johnb35, here's that log you asked for when I was on annoyances.org
Mike

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:15:03, on 20/06/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\AVG\AVG9\avgchsvx.exe
D:\Program Files\AVG\AVG9\avgrsx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\System32\SCardSvr.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\VTTimer.exe
D:\PROGRA~1\AVG\AVG9\avgtray.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\System32\alg.exe
D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\AVG\AVG9\avgwdsvc.exe
D:\WINDOWS\system32\cisvc.exe
D:\WINDOWS\system32\dllhost.exe
d:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
D:\Program Files\AVG\AVG9\avgnsx.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\IObit\IObit Security 360\IS360srv.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\tcpsvcs.exe
d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
D:\WINDOWS\System32\snmp.exe
D:\WINDOWS\System32\snmptrap.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\dllhost.exe
D:\WINDOWS\System32\vssvc.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Program Files\AVG\AVG9\avgemc.exe
D:\WINDOWS\System32\dmadmin.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\Program Files\Windows Media Player\WMPNetwk.exe
D:\Program Files\Trusteer\Rapport\bin\RapportService.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Microsoft Office\Office\WINWORD.EXE
D:\WINDOWS\system32\cidaemon.exe
D:\WINDOWS\system32\msiexec.exe
D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=...e.com/default.aspx&lc=2057&id=64855&mkt=en-gb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [AVG9_TRAY] D:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [SmartRAM] "D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Internet Explorer.lnk = D:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Smart Defrag.lnk = D:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5869/mcfscan.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: IS360service - IObit - D:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - D:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

--
End of file - 6910 bytes
 
Last edited:
For johnb35

Hi johnb35, here's that other log you asked for when I was on annoyances.org
Mike


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4219

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

20/06/2010 19:03:37
mbam-log-2010-06-20 (19-03-37).txt

Scan type: Quick scan
Objects scanned: 203751
Time elapsed: 15 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\Homepage (Hijack.Homepage) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 
Ok, I don't see anything bad out in the open but lets go deeper in your system.

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Combofix should never take more that 20 minutes including the reboot if malware is detected.


In your next reply please post:
  • The ComboFix log
  • A fresh HiJackThis log
  • An update on how your computer is running
 
Ok John, the combo log.
---------------------------------

ComboFix 10-06-20.03 - Alan Davis 21/06/2010 11:20:31.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.446.133 [GMT 1:00]
Running from: d:\documents and settings\Alan Davis\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\windows\explorer(2).exe
d:\windows\system32\_000007_.tmp.dll
d:\windows\system32\_000014_.tmp.dll

.
((((((((((((((((((((((((( Files Created from 2010-05-21 to 2010-06-21 )))))))))))))))))))))))))))))))
.

2010-06-20 17:38 . 2010-04-29 14:39 38224 -c--a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2010-06-20 17:38 . 2010-04-29 14:39 20952 -c--a-w- d:\windows\system32\drivers\mbam.sys
2010-06-20 17:13 . 2010-06-20 17:13 -------- d-----w- d:\program files\Trend Micro
2010-06-09 10:36 . 2010-06-19 17:26 83448 -c--a-w- d:\documents and settings\LocalService.NT AUTHORITY.000\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-06-09 09:21 . 2010-05-06 10:41 743424 -c----w- d:\windows\system32\dllcache\iedvtool.dll
2010-06-09 09:20 . 2010-06-15 11:37 -------- dc-h--w- d:\windows\$hf_mig$
2010-06-04 07:24 . 2010-06-04 07:24 -------- d-----w- d:\program files\Secunia
2010-06-01 15:03 . 2010-06-01 17:03 -------- dc----w- d:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2010-06-01 15:03 . 2010-06-01 15:08 -------- d-----w- d:\program files\Spybot - Search & Destroy
2010-06-01 14:51 . 2010-06-18 12:36 -------- dc--a-w- d:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2010-06-01 14:51 . 2010-06-18 12:34 -------- d-----w- d:\program files\SpywareBlaster
2010-05-30 09:03 . 2010-06-03 16:56 -------- dc----w- d:\windows\Internet Logs
2010-05-29 16:12 . 2008-04-13 15:12 116224 -c--a-w- d:\windows\system32\dllcache\xrxwiadr.dll
2010-05-29 16:12 . 2001-08-17 21:36 23040 -c--a-w- d:\windows\system32\dllcache\xrxwbtmp.dll
2010-05-29 16:12 . 2008-04-13 15:12 18944 -c--a-w- d:\windows\system32\dllcache\xrxscnui.dll
2010-05-29 16:12 . 2001-08-17 21:37 27648 -c--a-w- d:\windows\system32\dllcache\xrxftplt.exe
2010-05-29 16:12 . 2001-08-17 21:37 4608 -c--a-w- d:\windows\system32\dllcache\xrxflnch.exe
2010-05-29 16:12 . 2001-08-17 21:37 99865 -c--a-w- d:\windows\system32\dllcache\xlog.exe
2010-05-29 16:11 . 2001-08-17 11:11 16970 -c--a-w- d:\windows\system32\dllcache\xem336n5.sys
2010-05-29 16:11 . 2004-08-03 21:29 19455 -c--a-w- d:\windows\system32\dllcache\wvchntxx.sys
2010-05-29 16:11 . 2008-04-13 09:46 19200 -c--a-w- d:\windows\system32\dllcache\wstcodec.sys
2010-05-29 16:11 . 2004-08-03 21:29 12063 -c--a-w- d:\windows\system32\dllcache\wsiintxx.sys
2010-05-29 16:11 . 2008-04-13 15:12 8192 -c--a-w- d:\windows\system32\dllcache\wshirda.dll
2010-05-29 16:11 . 2008-04-13 09:36 8832 -c--a-w- d:\windows\system32\dllcache\wmiacpi.sys
2010-05-29 16:11 . 2004-08-03 21:31 154624 -c--a-w- d:\windows\system32\dllcache\wlluc48.sys
2010-05-29 16:09 . 2001-08-17 11:13 16925 -c--a-w- d:\windows\system32\dllcache\w940nd.sys
2010-05-29 16:09 . 2001-08-17 11:13 19016 -c--a-w- d:\windows\system32\dllcache\w926nd.sys
2010-05-29 16:09 . 2001-08-17 11:13 19528 -c--a-w- d:\windows\system32\dllcache\w840nd.sys
2010-05-29 16:09 . 2006-02-28 12:00 48256 -c--a-w- d:\windows\system32\dllcache\w32.dll
2010-05-29 16:09 . 2001-08-17 12:28 64605 -c--a-w- d:\windows\system32\dllcache\vvoice.sys
2010-05-29 16:09 . 2001-08-17 12:28 397502 -c--a-w- d:\windows\system32\dllcache\vpctcom.sys
2010-05-29 16:09 . 2001-08-17 12:28 604253 -c--a-w- d:\windows\system32\dllcache\vmodem.sys
2010-05-29 16:09 . 2001-08-17 11:14 249402 -c--a-w- d:\windows\system32\dllcache\vinwm.sys
2010-05-29 16:09 . 2001-08-17 12:49 24576 -c--a-w- d:\windows\system32\dllcache\viairda.sys
2010-05-29 16:09 . 2008-04-13 15:12 53760 -c--a-w- d:\windows\system32\dllcache\vfwwdm32.dll
2010-05-29 16:07 . 2001-08-17 21:36 94720 -c--a-w- d:\windows\system32\dllcache\umaxud32.dll
2010-05-29 16:07 . 2001-08-17 21:36 28160 -c--a-w- d:\windows\system32\dllcache\umaxu40.dll
2010-05-29 16:07 . 2001-08-17 21:36 26624 -c--a-w- d:\windows\system32\dllcache\umaxu22.dll
2010-05-29 16:07 . 2001-08-17 21:36 69632 -c--a-w- d:\windows\system32\dllcache\umaxu12.dll
2010-05-29 16:07 . 2001-08-17 21:36 50688 -c--a-w- d:\windows\system32\dllcache\umaxscan.dll
2010-05-29 16:07 . 2001-08-17 12:58 22912 -c--a-w- d:\windows\system32\dllcache\umaxpcls.sys
2010-05-29 16:07 . 2001-08-17 21:36 50176 -c--a-w- d:\windows\system32\dllcache\umaxp60.dll
2010-05-29 16:07 . 2001-08-17 21:36 47616 -c--a-w- d:\windows\system32\dllcache\umaxcam.dll
2010-05-29 16:07 . 2001-08-17 21:36 211968 -c--a-w- d:\windows\system32\dllcache\um54scan.dll
2010-05-29 16:07 . 2001-08-17 21:36 216064 -c--a-w- d:\windows\system32\dllcache\um34scan.dll
2010-05-29 16:07 . 2001-08-17 12:52 36736 -c--a-w- d:\windows\system32\dllcache\ultra.sys
2010-05-29 16:07 . 2001-08-17 12:48 11520 -c--a-w- d:\windows\system32\dllcache\twotrack.sys
2010-05-29 16:07 . 2006-02-28 12:00 14336 -c--a-w- d:\windows\system32\dllcache\tsprof.exe
2010-05-29 16:05 . 2001-08-17 11:14 123995 -c--a-w- d:\windows\system32\dllcache\tjisdn.sys
2010-05-29 16:05 . 2006-02-28 12:00 185344 -c--a-w- d:\windows\system32\dllcache\thawbrkr.dll
2010-05-29 16:05 . 2001-08-17 11:51 138528 -c--a-w- d:\windows\system32\dllcache\tgiulnt5.sys
2010-05-29 16:05 . 2001-08-17 13:56 81408 -c--a-w- d:\windows\system32\dllcache\tgiul50.dll
2010-05-29 16:05 . 2008-04-13 09:40 149376 -c--a-w- d:\windows\system32\dllcache\tffsport.sys
2010-05-29 16:05 . 2006-02-28 12:00 19464 -c--a-w- d:\windows\system32\dllcache\tdspx.sys
2010-05-29 16:05 . 2001-08-17 11:13 17129 -c--a-w- d:\windows\system32\dllcache\tdkcd31.sys
2010-05-29 16:05 . 2006-02-28 12:00 21896 -c--a-w- d:\windows\system32\dllcache\tdipx.sys
2010-05-29 16:05 . 2001-08-17 11:13 37961 -c--a-w- d:\windows\system32\dllcache\tdk100b.sys
2010-05-29 16:05 . 2006-02-28 12:00 13192 -c--a-w- d:\windows\system32\dllcache\tdasync.sys
2010-05-29 16:05 . 2001-08-17 12:49 30464 -c--a-w- d:\windows\system32\dllcache\tbatm155.sys
2010-05-29 16:05 . 2001-08-17 12:52 7040 -c--a-w- d:\windows\system32\dllcache\tandqic.sys
2010-05-29 16:05 . 2001-08-17 11:50 36640 -c--a-w- d:\windows\system32\dllcache\t2r4mini.sys
2010-05-29 16:04 . 2001-08-17 13:56 172768 -c--a-w- d:\windows\system32\dllcache\t2r4disp.dll
2010-05-29 16:04 . 2001-08-17 13:07 32640 -c--a-w- d:\windows\system32\dllcache\symc8xx.sys
2010-05-29 16:04 . 2001-08-17 13:07 16256 -c--a-w- d:\windows\system32\dllcache\symc810.sys
2010-05-29 16:04 . 2001-08-17 13:07 30688 -c--a-w- d:\windows\system32\dllcache\sym_u3.sys
2010-05-29 16:04 . 2001-08-17 13:07 28384 -c--a-w- d:\windows\system32\dllcache\sym_hi.sys
2010-05-29 16:04 . 2001-08-17 21:36 94293 -c--a-w- d:\windows\system32\dllcache\sxports.dll
2010-05-29 16:04 . 2001-08-17 12:50 103936 -c--a-w- d:\windows\system32\dllcache\sx.sys
2010-05-29 16:04 . 2001-08-17 13:02 3968 -c--a-w- d:\windows\system32\dllcache\swusbflt.sys
2010-05-29 16:04 . 2001-08-17 21:36 10240 -c--a-w- d:\windows\system32\dllcache\swpidflt.dll
2010-05-29 16:04 . 2001-08-17 21:36 10240 -c--a-w- d:\windows\system32\dllcache\swpdflt2.dll
2010-05-29 16:04 . 2001-08-17 21:36 53760 -c--a-w- d:\windows\system32\dllcache\sw_wheel.dll
2010-05-29 16:04 . 2001-08-17 21:36 41472 -c--a-w- d:\windows\system32\dllcache\sw_effct.dll
2010-05-29 16:03 . 2008-04-13 09:46 15232 -c--a-w- d:\windows\system32\dllcache\streamip.sys
2010-05-29 16:03 . 2001-08-17 21:36 155648 -c--a-w- d:\windows\system32\dllcache\stlnprop.dll
2010-05-29 16:03 . 2001-08-17 21:36 53248 -c--a-w- d:\windows\system32\dllcache\stlncoin.dll
2010-05-29 16:03 . 2001-08-17 11:18 285760 -c--a-w- d:\windows\system32\dllcache\stlnata.sys
2010-05-29 16:03 . 2001-08-17 12:51 16896 -c--a-w- d:\windows\system32\dllcache\stcusb.sys
2010-05-29 16:03 . 2001-08-17 11:11 48736 -c--a-w- d:\windows\system32\dllcache\srwlnd5.sys
2010-05-29 16:03 . 2006-02-28 12:00 101376 -c--a-w- d:\windows\system32\dllcache\srusbusd.dll
2010-05-29 16:03 . 2001-08-17 21:36 99328 -c--a-w- d:\windows\system32\dllcache\srusd.dll
2010-05-29 16:03 . 2001-08-17 21:36 24660 -c--a-w- d:\windows\system32\dllcache\spxupchk.dll
2010-05-29 16:03 . 2001-08-17 12:51 61824 -c--a-w- d:\windows\system32\dllcache\speed.sys
2010-05-29 16:03 . 2001-08-17 21:36 106584 -c--a-w- d:\windows\system32\dllcache\spdports.dll
2010-05-29 16:03 . 2001-08-17 13:07 19072 -c--a-w- d:\windows\system32\dllcache\sparrow.sys
2010-05-29 16:01 . 2001-08-17 21:36 45568 -c--a-w- d:\windows\system32\dllcache\smb3w.dll
2010-05-29 16:00 . 2001-08-17 13:56 252032 -c--a-w- d:\windows\system32\dllcache\sis300iv.dll
2010-05-29 16:00 . 2001-08-17 11:50 101760 -c--a-w- d:\windows\system32\dllcache\sis300ip.sys
2010-05-29 16:00 . 2006-02-28 12:00 18944 -c--a-w- d:\windows\system32\dllcache\simptcp.dll
2010-05-29 16:00 . 2001-07-21 13:29 161568 -c--a-w- d:\windows\system32\dllcache\sgsmusb.sys
2010-05-29 16:00 . 2001-07-21 13:29 18400 -c--a-w- d:\windows\system32\dllcache\sgsmld.sys
2010-05-29 16:00 . 2001-08-17 11:51 98080 -c--a-w- d:\windows\system32\dllcache\sgiulnt5.sys
2010-05-29 16:00 . 2001-08-17 21:36 386560 -c--a-w- d:\windows\system32\dllcache\sgiul50.dll
2010-05-29 16:00 . 2001-08-17 11:19 36480 -c--a-w- d:\windows\system32\dllcache\sfmanm.sys
2010-05-29 16:00 . 2001-08-17 12:53 6784 -c--a-w- d:\windows\system32\dllcache\serscan.sys
2010-05-29 16:00 . 2001-08-17 12:48 17664 -c--a-w- d:\windows\system32\dllcache\sermouse.sys
2010-05-29 16:00 . 2001-08-17 21:36 26112 -c--a-w- d:\windows\system32\dllcache\EXCH_seos.dll
2010-05-29 16:00 . 2001-08-17 12:53 6912 -c--a-w- d:\windows\system32\dllcache\seaddsmc.sys
2010-05-29 16:00 . 2008-04-13 09:45 11520 -c--a-w- d:\windows\system32\dllcache\scsiscan.sys
2010-05-29 15:58 . 2001-08-17 13:56 210496 -c--a-w- d:\windows\system32\dllcache\s3mvirge.dll
2010-05-29 15:57 . 2001-08-17 11:12 37563 -c--a-w- d:\windows\system32\dllcache\rlnet5.sys
2010-05-29 15:57 . 2001-08-17 21:36 86097 -c--a-w- d:\windows\system32\dllcache\reslog32.dll
2010-05-29 15:57 . 2001-08-17 21:36 23040 -c--a-w- d:\windows\system32\dllcache\EXCH_regtrace.exe
2010-05-29 15:57 . 2006-02-28 12:00 14848 -c--a-w- d:\windows\system32\dllcache\register.exe
2010-05-29 15:57 . 2001-08-17 12:51 19584 -c--a-w- d:\windows\system32\dllcache\rasirda.sys
2010-05-29 15:57 . 2001-08-17 12:28 714762 -c--a-w- d:\windows\system32\dllcache\r2mdmkxx.sys
2010-05-29 15:57 . 2001-08-17 12:28 899146 -c--a-w- d:\windows\system32\dllcache\r2mdkxga.sys
2010-05-29 15:57 . 2001-08-17 21:36 41472 -c--a-w- d:\windows\system32\dllcache\qvusd.dll
2010-05-29 15:57 . 2001-08-17 12:53 3328 -c--a-w- d:\windows\system32\dllcache\qv2kux.sys
2010-05-29 15:57 . 2006-02-28 12:00 9728 -c--a-w- d:\windows\system32\dllcache\query.exe
2010-05-29 15:57 . 2006-02-28 12:00 16384 -c--a-w- d:\windows\system32\dllcache\quser.exe
2010-05-29 15:57 . 2001-08-17 12:52 49024 -c--a-w- d:\windows\system32\dllcache\ql1280.sys
2010-05-29 15:57 . 2001-08-17 12:52 40448 -c--a-w- d:\windows\system32\dllcache\ql1240.sys
2010-05-29 15:55 . 2001-08-17 21:36 121344 -c--a-w- d:\windows\system32\dllcache\phvfwext.dll
2010-05-29 15:54 . 2001-08-17 11:11 30282 -c--a-w- d:\windows\system32\dllcache\pcntn5hl.sys
2010-05-29 15:54 . 2001-08-17 11:12 26153 -c--a-w- d:\windows\system32\dllcache\pcmlm56.sys
2010-05-29 15:54 . 2004-08-03 21:31 29502 -c--a-w- d:\windows\system32\dllcache\pca200e.sys
2010-05-29 15:54 . 2001-08-17 11:12 30495 -c--a-w- d:\windows\system32\dllcache\pc100nds.sys
2010-05-29 15:54 . 2001-08-17 21:36 41984 -c--a-w- d:\windows\system32\dllcache\ovui2rc.dll
2010-05-29 15:54 . 2001-08-17 21:36 44544 -c--a-w- d:\windows\system32\dllcache\ovui2.dll
2010-05-29 15:54 . 2001-08-17 13:05 25216 -c--a-w- d:\windows\system32\dllcache\ovsound2.sys
2010-05-29 15:54 . 2001-08-17 21:36 39424 -c--a-w- d:\windows\system32\dllcache\ovcoms.exe
2010-05-29 15:54 . 2001-08-17 21:36 20480 -c--a-w- d:\windows\system32\dllcache\ovcomc.dll
2010-05-29 15:54 . 2001-08-17 13:05 351616 -c--a-w- d:\windows\system32\dllcache\ovcodek2.sys
2010-05-29 15:54 . 2001-08-17 21:36 116736 -c--a-w- d:\windows\system32\dllcache\ovcodec2.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-21 10:10 . 2009-12-29 21:06 -------- dc----w- d:\documents and settings\All Users.WINDOWS\Application Data\avg9
2010-06-20 17:58 . 2010-04-19 15:37 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2010-06-20 17:13 . 2010-06-20 17:13 388096 -c--a-r- d:\documents and settings\Alan Davis\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-06-19 14:53 . 2009-12-29 22:03 -------- d-----w- d:\program files\Windows Live Safety Center
2010-06-16 18:59 . 2010-03-06 16:30 -------- dc----w- d:\documents and settings\Alan Davis\Application Data\SolSuite
2010-06-07 17:07 . 2010-06-07 17:07 434176 -c--a-w- d:\documents and settings\All Users.WINDOWS\Application Data\Trusteer\Rapport\store\exts\RapportMS\17053\RapportMS.dll
2010-06-03 09:32 . 2010-06-03 09:32 29512 -c--a-w- d:\documents and settings\All Users.WINDOWS\Application Data\avg9\update\backup\avgmfx86.sys
2010-06-03 09:32 . 2010-06-03 09:32 242896 -c--a-w- d:\documents and settings\All Users.WINDOWS\Application Data\avg9\update\backup\avgtdix.sys
2010-06-03 09:29 . 2009-12-29 21:07 242896 -c--a-w- d:\windows\system32\drivers\avgtdix.sys
2010-06-03 09:29 . 2009-12-29 21:07 29584 -c--a-w- d:\windows\system32\drivers\avgmfx86.sys
2010-06-01 10:10 . 2010-04-15 11:41 -------- dc----w- d:\documents and settings\All Users.WINDOWS\Application Data\ParetoLogic
2010-06-01 08:46 . 2010-05-17 10:42 -------- d-----w- d:\program files\IObit
2010-05-31 13:38 . 2009-12-31 22:43 -------- dc----w- d:\documents and settings\All Users.WINDOWS\Application Data\PCPitstop
2010-05-29 10:25 . 2009-12-30 23:51 -------- d--h--w- d:\program files\InstallShield Installation Information
2010-05-29 10:23 . 2010-05-29 10:23 503808 -c--a-w- d:\documents and settings\Alan Davis\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3dc192d6-n\msvcp71.dll
2010-05-29 10:23 . 2010-05-29 10:23 61440 -c--a-w- d:\documents and settings\Alan Davis\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-51012cb3-n\decora-sse.dll
2010-05-29 10:23 . 2010-05-29 10:23 499712 -c--a-w- d:\documents and settings\Alan Davis\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3dc192d6-n\jmc.dll
2010-05-29 10:23 . 2010-05-29 10:23 348160 -c--a-w- d:\documents and settings\Alan Davis\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3dc192d6-n\msvcr71.dll
2010-05-29 10:23 . 2010-05-29 10:23 12800 -c--a-w- d:\documents and settings\Alan Davis\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-51012cb3-n\decora-d3d.dll
2010-05-29 10:17 . 2010-01-01 04:37 -------- d-----w- d:\program files\Common Files\InstallShield
2010-05-26 11:21 . 2010-05-17 10:42 -------- dc----w- d:\documents and settings\Alan Davis\Application Data\IObit
2010-05-18 10:30 . 2010-05-17 15:32 -------- dc----w- d:\documents and settings\All Users.WINDOWS\Application Data\IObit
2010-05-18 10:27 . 2010-01-01 03:37 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2010-05-18 10:27 . 2010-05-06 19:07 -------- d-----w- d:\program files\SUPERAntiSpyware
2010-05-18 10:18 . 2010-04-07 17:21 -------- dc----w- d:\documents and settings\All Users.WINDOWS\Application Data\Radialpoint
2010-05-17 10:31 . 2010-05-17 10:31 -------- d-----w- d:\program files\DLLToys
2010-05-14 13:24 . 2010-05-14 13:24 61440 -c--a-w- d:\documents and settings\Alan Davis\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-4da5da50-n\decora-sse.dll
2010-05-14 13:24 . 2010-05-14 13:24 503808 -c--a-w- d:\documents and settings\Alan Davis\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6baae37a-n\msvcp71.dll
2010-05-14 13:24 . 2010-05-14 13:24 499712 -c--a-w- d:\documents and settings\Alan Davis\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6baae37a-n\jmc.dll
2010-05-14 13:24 . 2010-05-14 13:24 348160 -c--a-w- d:\documents and settings\Alan Davis\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6baae37a-n\msvcr71.dll
2010-05-14 13:24 . 2010-05-14 13:24 12800 -c--a-w- d:\documents and settings\Alan Davis\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-4da5da50-n\decora-d3d.dll
2010-05-12 09:48 . 2009-02-07 16:40 -------- d-----w- d:\program files\AMD
2010-05-12 09:47 . 2010-05-12 09:47 -------- dc----w- d:\documents and settings\Alan Davis\Application Data\InstallShield
2010-05-10 12:21 . 2010-05-10 12:21 -------- dc----w- d:\documents and settings\Alan Davis\Application Data\Yahoo!
2010-05-06 10:41 . 2006-02-28 12:00 916480 -c--a-w- d:\windows\system32\wininet.dll
2010-05-05 18:33 . 2010-05-05 18:33 60416 -c--a-w- d:\windows\ALCFDRTM.EXE
2010-05-03 14:09 . 2010-05-03 14:10 411368 -c--a-w- d:\windows\system32\deployJava1.dll
2010-05-03 14:09 . 2010-05-03 14:09 -------- d-----w- d:\program files\Java
2010-05-03 14:06 . 2010-05-03 14:06 79488 -c--a-w- d:\documents and settings\Alan Davis\Application Data\Sun\Java\jre1.6.0_20\gtapi.dll
2010-05-03 14:06 . 2010-05-03 14:06 152576 -c--a-w- d:\documents and settings\Alan Davis\Application Data\Sun\Java\jre1.6.0_20\lzma.dll
2010-05-02 05:22 . 2006-02-28 12:00 1851264 -c--a-w- d:\windows\system32\win32k.sys
2010-05-01 10:58 . 2010-05-01 10:58 -------- dc----w- d:\documents and settings\Alan Davis\Application Data\ElevatedDiagnostics
2010-04-26 17:55 . 2010-04-26 17:55 -------- dc----w- d:\documents and settings\All Users.WINDOWS\Application Data\ParetoLogic Anti-Spyware
2010-04-23 19:14 . 2010-04-23 19:14 503808 -c--a-w- d:\documents and settings\Guest\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-623b512c-n\msvcp71.dll
2010-04-23 19:14 . 2010-04-23 19:14 499712 -c--a-w- d:\documents and settings\Guest\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-623b512c-n\jmc.dll
2010-04-23 19:14 . 2010-04-23 19:14 12800 -c--a-w- d:\documents and settings\Guest\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-576e15ba-n\decora-d3d.dll
2010-04-23 19:14 . 2010-04-23 19:14 61440 -c--a-w- d:\documents and settings\Guest\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-576e15ba-n\decora-sse.dll
2010-04-23 19:14 . 2010-04-23 19:14 348160 -c--a-w- d:\documents and settings\Guest\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-623b512c-n\msvcr71.dll
2010-04-23 18:43 . 2010-04-23 18:43 -------- dc----w- d:\documents and settings\Guest\Application Data\TreeCardGames
2010-04-23 15:43 . 2010-04-23 15:43 -------- dc----w- d:\documents and settings\Guest\Application Data\Malwarebytes
2010-04-20 05:30 . 2006-02-28 12:00 285696 -c--a-w- d:\windows\system32\atmfd.dll
2010-04-19 09:29 . 2010-01-01 20:52 49869 -c--a-w- d:\windows\nsreg.dat
2010-04-18 15:32 . 2010-04-18 15:32 63488 -c--a-w- d:\windows\xobglu16.dll
2010-04-18 15:32 . 2010-04-18 15:32 23552 -c--a-w- d:\windows\xobglu32.dll
2010-04-18 00:51 . 2009-12-29 20:32 76487 -c--a-w- d:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-14 10:46 . 2010-04-14 10:46 86016 -c--a-w- d:\documents and settings\All Users.WINDOWS\Application Data\NOS\Adobe_Downloads\arh.exe
2010-04-09 10:21 . 2009-12-29 20:43 24816 -c--a-w- d:\documents and settings\Alan Davis\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-08 12:14 . 2010-04-08 12:13 125704416 -c--a-w- d:\documents and settings\Alan Davis\Application Data\Virgin Media\HUB\downloads\VirginMediaSecurity_9.41.exe.dir\VirginMediaSecurity_9.exe
2010-04-07 19:13 . 2010-04-07 19:13 79488 -c--a-w- d:\documents and settings\Alan Davis\Application Data\Sun\Java\jre1.6.0_19\gtapi.dll
2010-04-07 19:13 . 2010-04-07 19:13 152576 -c--a-w- d:\documents and settings\Alan Davis\Application Data\Sun\Java\jre1.6.0_19\lzma.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 3"="d:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-05-26 2346192]
"SmartRAM"="d:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2010-05-10 198864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2006-09-21 53248]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"S3Trayp"="S3trayp.exe" [2007-09-30 200704]
"AVG9_TRAY"="d:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-03 2065248]
"SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

d:\documents and settings\Alan Davis\Start Menu\Programs\Startup\
Internet Explorer.lnk - d:\program files\Internet Explorer\iexplore.exe [2009-12-29 638816]

d:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Microsoft Office.lnk - d:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-18 65588]
Smart Defrag.lnk - d:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-6-1 2708312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-03-15 10:25 12464 -c--a-w- d:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\D\0autocheck autochk /p \??\D\0autocheck autochk /p \??\D\0autocheck autochk *

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R0 pavboot;pavboot;d:\windows\system32\drivers\pavboot.sys [14/05/2010 11:40 28552]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;d:\windows\system32\drivers\avgldx86.sys [29/12/2009 22:07 216200]
R1 AvgTdiX;AVG Free Network Redirector;d:\windows\system32\drivers\avgtdix.sys [29/12/2009 22:07 242896]
R1 RapportBuka;RapportBuka;d:\windows\system32\drivers\RapportBuka.sys [01/03/2010 13:26 390528]
R1 RapportKELL;RapportKELL;d:\program files\Trusteer\Rapport\bin\RapportKELL.sys [07/06/2010 18:07 59240]
R1 RapportPG;RapportPG;d:\program files\Trusteer\Rapport\bin\RapportPG.sys [07/06/2010 18:07 166632]
S3 PSI;PSI;d:\windows\system32\drivers\psi_mf.sys [28/05/2010 12:04 14896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder

2010-06-20 d:\windows\Tasks\SmartDefrag.job
- d:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-06-01 15:48]

2010-06-21 d:\windows\Tasks\User_Feed_Synchronization-{A67EEFA4-D7A6-41EC-83B8-CEBD81C46DAE}.job
- d:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1271671252&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=2057&id=64855&mkt=en-gb
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-21 11:29
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2010-06-21 11:40:22
ComboFix-quarantined-files.txt 2010-06-21 10:40

Pre-Run: 71,981,985,792 bytes free
Post-Run: 71,981,985,792 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
timeout=2
[operating systems]
d:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
c:\$win_nt$.~bt\BOOTSECT.DAT="Microsoft Windows XP Setup"

- - End Of File - - F565640AE3FE7E8074F4DBFC297E53F9
 
And Hijack log.
---------------------------

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:48:20, on 21/06/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\AVG\AVG9\avgchsvx.exe
D:\Program Files\AVG\AVG9\avgrsx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\System32\SCardSvr.exe
D:\WINDOWS\system32\VTTimer.exe
D:\WINDOWS\system32\svchost.exe
D:\PROGRA~1\AVG\AVG9\avgtray.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\System32\alg.exe
D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
D:\Program Files\AVG\AVG9\avgwdsvc.exe
D:\WINDOWS\system32\cisvc.exe
D:\WINDOWS\system32\dllhost.exe
d:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
D:\Program Files\AVG\AVG9\avgnsx.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\IObit\IObit Security 360\IS360srv.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\tcpsvcs.exe
d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
D:\WINDOWS\System32\snmp.exe
D:\WINDOWS\System32\snmptrap.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\dllhost.exe
D:\WINDOWS\System32\vssvc.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Program Files\AVG\AVG9\avgemc.exe
D:\WINDOWS\System32\dmadmin.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\Program Files\Trusteer\Rapport\bin\RapportService.exe
D:\WINDOWS\system32\cidaemon.exe
D:\Program Files\Windows Media Player\WMPNetwk.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\notepad.exe
D:\WINDOWS\explorer.exe
D:\Program Files\internet explorer\iexplore.exe
D:\Program Files\internet explorer\iexplore.exe
D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=...e.com/default.aspx&lc=2057&id=64855&mkt=en-gb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [AVG9_TRAY] D:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 3] "D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [SmartRAM] "D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Internet Explorer.lnk = D:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Smart Defrag.lnk = D:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5869/mcfscan.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: IS360service - IObit - D:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - D:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

--
End of file - 6563 bytes
 
Please rerun hijackthis and place checks next to the following entries.

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SmartRAM] "D:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m You really don't need this running as these type of programs cause more issues than anything
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Internet Explorer.lnk = D:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Smart Defrag.lnk = D:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe

Then click on fix checked at the bottom. Reboot your system and let me know how things are. Are you still having any issues?
 
Ok John, my browser still takes ages to launch and it's still playing up.
It flickers and the e icon changes to a white blank square but it doesn't seem to last very long this time just a few seconds instead of minutes. I'm still getting spyware. All in all there's a slight improvement in the speed but it's still slow. Here's a copy of 'Belarcs' computer's profile for you to look at maybe you might find some errors.
==========================================================

System Security Status CIS Benchmark Score
Available only for Windows 2000, XP Pro, and 2003



Virus Protection
Up-to-date



Microsoft Security Updates
Up-to-date







Computer Profile Summary
Computer Name: Retired-349b3e4 (in MSHOME) — Alan's Computer
Profile Date: 21 June 2010 13:28:48
Advisor Version: 8.1e
Windows Logon: Alan Davis


Plan for your next computer refresh...click for Belarc's System Management products

Operating System System Model
Windows XP Home Edition Service Pack 3 (build 2600)Install Language: English (United States)System Locale: English (United Kingdom) Winfast Enclosure Type: Desktop
Processor a Main Circuit Board b
1.80 gigahertz AMD Sempron128 kilobyte primary memory cache256 kilobyte secondary memory cache64-bit readyNot hyper-threaded Board: Winfast K8M890-8237 Serial Number: WY9V64000691Bus Clock: 200 megahertzBIOS: Phoenix Technologies, LTD 641W1P24 08/30/2006
Drives Memory Modules c,d
93.03 Gigabytes Usable Hard Drive Capacity81.80 Gigabytes Hard Drive Free SpaceHL-DT-ST DVD-RAM GH22NP20 [CD-ROM drive]3.5" format removeable media [Floppy drive]MAXTOR STM380211AS [Hard drive] (80.02 GB) -- drive 0, SMART Status: HealthyST313030A [Hard drive] (13.02 GB) -- drive 1, s/n 7BA04DR5, rev 3.07, SMART Status: Healthy 448 Megabytes Usable Installed MemorySlot 'A0' has 512 MBSlot 'A1' is Empty
Local Drive Volumes

Network Drives
None detected
Users (mouse over user name for details) Printers
local user accounts last logon
Administrator 25/05/2010 08:59:46 (admin)
Alan Davis 21/06/2010 13:12:30 (admin)
Guest 25/04/2010 10:17:59
local system accounts
HelpAssistant 21/06/2010 13:13:31
SUPPORT_388945a0 never
Marks a disabled account; Marks a locked account Epson Stylus COLOR 440 ESC/P 2 on LPT1:
Microsoft Shared Fax Driver on SHRFAX:
Microsoft XPS Document Writer on XPSPort:

Controllers Display
Standard floppy disk controllerPrimary IDE Channel [Controller] (2x)Secondary IDE Channel [Controller] (2x)Standard Dual Channel PCI IDE ControllerVIA Bus Master IDE Controller VIA Chrome9 HC IGP Family [Display adapter]LG L194W [Monitor] (19.1"vis, February 2007)
Bus Adapters Multimedia
VIA Rev 5 or later USB Universal Host Controller (4x)VIA USB Enhanced Host Controller Realtek AC'97 Audio for VIA (R) Audio Controller
Virus Protection [Back to Top] new Group Policies
AVG Anti-Virus Free Version 9.0
Virus Definitions Version Up To Date
Realtime File Scanning On
None discovered
Communications Other Devices
Communications cable between two computers [Modem]
Realtek RTL8139/810x Family Fast Ethernet NIC
primary Auto IP Address: 82.37.168.13 / 21
Gateway: 82.37.168.1
Dhcp Server: 62.31.176.115
Physical Address: 00:15:58:71:B7:69

Networking Dns Servers: 194.168.4.100194.168.8.100
Standard 101/102-Key or Microsoft Natural PS/2 KeyboardPS/2 Compatible MouseUSB Root Hub (5x)


new Network Map (mouse over IP address for physical address) [Back to Top]
IP Device Type Device Details Device Roles
82.37.168.1 Router Cpc2-wals3-0-0-gw,cpc2-wals3-0-0-gw.wolv.cable.virginmedia.com, Cisco Gateway
82.37.168.4 Cpc2-wals3-0-0-cust3,cpc2-wals3-0-0-cust3.wolv.cable.virginmedia.com
82.37.168.13 Windows XP Workstation Retired-349b3e4 (in MSHOME),retired-349b3e4.cable.virginmedia.net
82.37.168.70 Cpc2-wals3-0-0-cust69,cpc2-wals3-0-0-cust69.wolv.cable.virginmedia.com
82.37.168.196 Network Device Cpc2-wals3-0-0-cust195,cpc2-wals3-0-0-cust195.wolv.cable.virginmedia.com, Linksys
82.37.168.197 Cpc2-wals3-0-0-cust196,cpc2-wals3-0-0-cust196.wolv.cable.virginmedia.com
82.37.168.198 System Cpc2-wals3-0-0-cust197,cpc2-wals3-0-0-cust197.wolv.cable.virginmedia.com, Asustek



Missing Microsoft Security Hotfixes [Back to Top]
All required security hotfixes (using the 06/08/2010 Microsoft Security Bulletin Summary) have been installed.


Software Licenses [Back to Top]

Belarc - Advisor 5d741930
Microsoft - Internet Explorer 76477-OEM-0052563-30320 (Key: P4DC8-WHBY6-PGG69-KHXF8-7K48Y)e
Microsoft - Office 2000 Professional 50083-270-3116692-02776
Microsoft - PowerShell 89383-100-0001260-04309
Microsoft - WebFldrs XP 12345-111-1111111-82810
Microsoft - Windows Support Tools 12345-111-1111111-78656
Microsoft - Windows XP Home Edition 76477-OEM-0052563-30320 (Key: P4DC8-WHBY6-PGG69-KHXF8-7K48Y)e



new Software Versions & Usage (mouse over i for details, click i for location) [Back to Top]
ı i 123 Free Solitaire i Acrobat_com ı i AVG Internet Security Version 9.0.0.825 ı i Belarc, Inc. - Advisor Version 8.1e i Cinematronics - 3D Pinball Version 5.1.2600.5512 ıı i ContextMenu.exe ı i IObit - Advanced SystemCare 3 Version 3.6.0.0 i IObit - Auto Shutdown Version 1.0.0.0 i IObit - Backup Genius Version 1.0.0.0 ıı i IObit - Cloned Files Finder Version 1.0.0.0 ıı i IObit - Context Menu Manager Version 1.0.0.0 ı i IObit - Disk Cleaner Version 2.0.2.0 ı i IObit - Disk Doctor Version 1.0.0.0 ıı i IObit - Disk Explorer Version 1.0.0.0 i IObit - File Shredder Version 1.0.0.0 ıı i IObit - Game Booster Version 1.0.0.0 ıı i IObit - IE Security Assistant Version 1.0.0.0 ıı i IObit - Internet Booster Version 1.0.0.0 i IObit - Registry Defrag Version 1.0.0.0 i IObit - Shortcut Fixer Version 1.0.0.0 ı i IObit - Smart Defrag Version 1.4.0.0 ı i IObit - Smart RAM Version 1.0.0.0 ıı i IObit - Startup Manager Version 1.0.0.0 i IObit - System Backup Version 1.0.0.0 i IObit - System File Scan Version 1.0.0.0 ıı i IObit - System Information Version 1.0.0.0 i IObit - Win Manager Version 1.0.0.0 ı i IObit Security 360 Version 1.1.0.0 ı i IObit Security 360 Version 1.4.1.0 ıı i IObit Uninstaller Version 1.1.0.0 ı i Malwarebytes' Anti-Malware Version 1.46.0001 i Microsoft (R) Windows Script Host Version 5.7.0.18066 i Microsoft Clip Gallery Version 5.1.00.1221 ı i Microsoft Corporation - Windows Installer - Unicode Version 3.1.4001.5512 i Microsoft Corporation - Windows Movie Maker Version 2.1.4027.0 ı i Microsoft Corporation - Windows® Internet Explorer Version 8.00.6001.18702 i Microsoft Corporation - Windows® NetMeeting® Version 3.01 i Microsoft Corporation - Zone.com Version 1.2.626.1 i Microsoft Data Access Components Version 3.525.1132.0 ı i Microsoft Office 2000 Version 9.0.2717 i Microsoft Outlook Version 9.0.2416 i Microsoft PowerPoint for Windows Version 9.0.2716 ıı i Microsoft® .NET Framework Version 2.0.50727.3053 i Microsoft® .NET Framework Version 3.0.6920.1427 i Microsoft® Access Version 9.0.2719 i Microsoft® Fax Server Version 5.2.1776.0 ıı i Microsoft® Windows® Operating System Version 11.0.5721.5145 ı i Safer Networking Limited - Spybot - Search & Destroy Version 1, 5, 2, 0 i Safer Networking Limited - Spybot - Search & Destroy Version 1, 6, 0, 0 ı i Safer Networking Limited - SpyBot-S&D Version 1, 6, 2, 0 ı i Secunia PSI Version 1.5.0.2 ıı i SKLAB - DLL Toys Jan 2006 ı i SolSuite ı i SpywareBlaster Version 4.03 ı i Sun Microsystems, Inc. - Java(TM) Platform SE 6 U20 Version 6.0.200.2 ı i Sun Microsystems, Inc. - Java(TM) Platform SE Auto Updater 2 0 Version 2.0.2.1 ı i Trend Micro Inc. - HijackThis Version 2.00.0004 ı i Trusteer Ltd. - Rapport Version 3.5.1004.17

i Mouse over to see details, click to see where software is installed.
ı Marks software last used within the past 7 days.
ıı Marks software last used within the past 90 days, but over 7 days ago.
ııı Marks software last used within the past year, but over 90 days ago.
ıııı Marks software last used over 1 year ago.
Unmarked software lacks the data to determine last use.

Audit your security posture...click for Belarc's System Management products

Installed Microsoft Hotfixes [Back to Top]
.NET Framework 2.0 Service Pack 2
KB958481 on 09/04/2010 (details...)
KB974417 on 10/04/2010 (details...)
KB976765 on 09/06/2010 (details...)
KB979909 on 09/06/2010 (details...)
KB980773 on 09/06/2010 (details...)
.NET Framework 3.0 Service Pack 2
KB958483 on 09/04/2010 (details...)
KB976769 on 09/06/2010 (details...)
.NET Framework 3.5 SP1
KB958484 on 09/04/2010 (details...)
KB963707 on 10/04/2010 (details...)
WGA
SP0
KB892130 on 30/12/2009 (details...)
Windows Media Format 11 SDK
SP0
KB929399 on 17/04/2010 (details...)
Windows Media Player 11
SP0
KB939683 on 18/04/2010 (details...)
KB954154_WM11 on 17/04/2010 (details...)
Windows Media Player
SP0
KB952069_WM9 on 01/01/2010 (details...)
KB954155_WM9 on 01/01/2010 (details...)
KB968816_WM9 on 01/01/2010 (details...)
KB973540_WM9 on 01/01/2010 (details...)
KB973540_WM9L on 01/01/2010 (details...)
KB978695_WM9 on 09/06/2010 (details...)
KB979402_WM9 on 14/04/2010 (details...)
Windows PowerShell 1.0
SP3
KB926139-V2 on 01/05/2010 (details...)
Windows XP
SP-1
KB909520 on 06/05/2010 (details...)
SP0
KB941569 on 17/04/2010 (details...)
KB971961-IE8 on 19/04/2010 (details...)
KB976662-IE8 on 19/04/2010 (details...)
KB978207-IE8 on 30/04/2010 (details...)
KB980182-IE8 on 19/04/2010 (details...)
KB980302-IE8 on 19/04/2010 (details...)
KB981332-IE8 on 17/04/2010 (details...)
KB982381-IE8 on 09/06/2010 (details...)
KB982632-IE8 on 15/06/2010 (details...)
SP10
MSCOMPPACKV1 on 17/04/2010 (Microsoft Compression Client Pack 1.0 for Windows XP)
KB971513 on 06/05/2010 (details...)
SP3
KB926139-V2 (details...)
KB936929[SP] on 01/01/2010 (details...)
SP4
KB923561 on 01/01/2010 (details...)
KB938464-V2 on 18/05/2010 (details...)
KB946648 on 01/01/2010 (details...)
KB950762 on 01/01/2010 (details...)
KB950974 on 01/01/2010 (details...)
KB951066 on 01/01/2010 (details...)
KB951376-V2 on 01/01/2010 (details...)
KB951748 on 01/01/2010 (details...)
KB951978 on 01/01/2010 (details...)
KB952004 on 01/01/2010 (details...)
KB952287 on 01/01/2010 (details...)
KB952954 on 01/01/2010 (details...)
KB954459 on 18/05/2010 (details...)
KB954550-V5 on 09/04/2010 (details...)
KB954600 on 18/05/2010 (details...)
KB955069 on 01/01/2010 (details...)
KB955759 on 06/01/2010 (details...)
KB956572 on 01/01/2010 (details...) Reinstall!
KB956744 on 01/01/2010 (details...)
KB956802 on 01/01/2010 (details...)
Windows XP
SP4 (continued)
KB956803 on 01/01/2010 (details...)
KB956844 on 01/01/2010 (details...)
KB957097 on 01/01/2010 (details...)
KB958644 on 01/01/2010 (details...)
KB958687 on 01/01/2010 (details...)
KB958869 on 01/01/2010 (details...)
KB959426 on 01/01/2010 (details...)
KB960225 on 01/01/2010 (details...)
KB960803 on 01/01/2010 (details...)
KB960859 on 01/01/2010 (details...)
KB961118 on 10/04/2010 (details...)
KB961371-V2 on 01/01/2010 (details...)
KB961501 on 01/01/2010 (details...)
KB967715 on 01/01/2010 (details...)
KB968389 on 01/01/2010 (details...)
KB968537 on 18/05/2010 (details...)
KB969059 on 01/01/2010 (details...)
KB969947 on 01/01/2010 (details...)
KB970238 on 01/01/2010 (details...)
KB970430 on 01/01/2010 (details...)
KB971468 on 10/02/2010 (details...)
KB971486 on 01/01/2010 (details...) Reinstall!
KB971557 on 01/01/2010 (details...)
KB971633 on 01/01/2010 (details...)
KB971657 on 01/01/2010 (details...)
KB971737 on 01/01/2010 (details...)
KB971961 on 01/01/2010 (details...)
KB972270 on 13/01/2010 (details...)
KB973346 on 18/05/2010 (details...)
KB973354 on 01/01/2010 (details...)
KB973507 on 01/01/2010 (details...)
KB973525 on 31/12/2009 (details...)
KB973687 on 01/01/2010 (details...)
KB973815 on 01/01/2010 (details...)
KB973869 on 01/01/2010 (details...)
KB973904 on 01/01/2010 (details...)
KB974112 on 01/01/2010 (details...)
KB974318 on 01/01/2010 (details...)
KB974392 on 01/01/2010 (details...)
KB974571 on 01/01/2010 (details...)
KB975467 on 01/01/2010 (details...)
KB975560 on 10/02/2010 (details...)
KB975561 on 10/03/2010 (details...)
KB975562 on 09/06/2010 (details...)
KB975713 on 10/02/2010 (details...)
KB976002-V5 on 24/02/2010 (details...)
KB976098-V2 on 01/01/2010 (details...)
KB976325 on 01/01/2010 (details...)
KB977165 on 10/02/2010 (details...) Reinstall!
KB977816 on 14/04/2010 (details...)
KB977914 on 10/02/2010 (details...)
KB978037 on 10/02/2010 (details...)
KB978251 on 10/02/2010 (details...)
KB978262 on 10/02/2010 (details...)
KB978338 on 14/04/2010 (details...)
KB978542 on 13/05/2010 (details...)
KB978601 on 14/04/2010 (details...)
KB978706 on 10/02/2010 (details...)
KB979306 on 24/02/2010 (details...)
KB979309 on 14/04/2010 (details...)
KB979482 on 09/06/2010 (details...)
KB979559 on 09/06/2010 (details...)
KB979683 on 14/04/2010 (details...) Reinstall!
KB980195 on 09/06/2010 (details...)
KB980218 on 09/06/2010 (details...)
KB980232 on 14/04/2010 (details...)
KB981793 on 26/05/2010 (details...)
Windows
SP1
IDNMITIGATIONAPIS on 01/01/2010 (Microsoft Internationalized Domain Names Mitigation APIs)
NLSDOWNLEVELMAPPING on 01/01/2010 (Microsoft National Language Support Downlevel APIs)

Click here to see all available Microsoft security hotfixes for this computer. Marks a security hotfix (using the 06/08/2010 Microsoft Security Bulletin Summary)
Marks a security hotFix that fails verification (a security vulnerability)
Marks a hotfix that verifies correctly
Marks a hotfix that fails verification (note that failing hotfixes need to be reinstalled)
Unmarked hotfixes lack the data to allow verification


a. Processor clock speed is measured at computer start-up, and on laptops may be impacted by power option settings.b. Data may be transferred on the bus at one, two, or four times the Bus Clock rate.c. Memory slot contents may not add up to Installed Memory if some memory is not recognized by Windows.d. Memory slot contents is reported by the motherboard BIOS. Contact system vendor if slot contents are wrong.e. This is the manufacturer's factory installed product key rather than yours. You can change it to your product key here http://go.microsoft.com/fwlink/?LinkId=45668 for Windows, or here http://support.microsoft.com/?kbid=895456 for Office.
 
Please download Ccleaner from here.

http://www.filehippo.com/download_ccleaner/

Click on where it says download latest version top right, install the program and set the options that are checked in the attached image and then click on run cleaner.

Then reboot and then let me know if running Ccleaner has helped any. If not, it may be time to reinstall windows. When was the last time you did a fresh install?
 

Attachments

  • ccleaner.JPG
    ccleaner.JPG
    76.3 KB · Views: 170
Done that John, my computer seems to have speeded up and my browser is noticeably faster. I reinstalled xp home edition 18 mnths ago I tried to reinstall 3 mnths ago but the system wouldn't let me it said the os was newer than the one I was trying to install.
 
It wouldn't let you because you weren't booting to the install cd you were actually trying to reinstall windows while inside of windows and it won't let you.

So, does it seem like everything is back to normal? Anything else you need help with?

You should run Ccleaner at least once a month if not more to keep your system cleaned out of old temp files and such, you would be surprised at how much speed it brings back to your computer and browswer.
 
Thanks for your help John, I really appreciate it. I'll do the ccleaner once a week and try and keep my machine clean. Thanx again john.
 
Your welcome. I would also suggest staying at this forum for your computer help instead of annoyances.org as you'll get better help here.
 
John, when I booted up this morning from Hibernation, I got the blue screen so I had to do a normal bootup, now whats wrong with the dam thing?
 
Lliam said:
John, when I booted up this morning from Hibernation, I got the blue screen so I had to do a normal bootup, now whats wrong with the dam thing?
Click to expand...

Continue to use the system and let me know if it happens again. However as said by gamglingman we need the stop code from the blue screen. Hibernation doesn't work too well on most machines and a lot of people complain about this coming back from hibernating.
 
the b/screen started with, a fatal error etc and if this is the first time etc and then the following code.

STOP: 0x00000077(0x000000E, 0X000000E, 0X00000000, 0X0CFDE000) A full dump was not saved.
 
John, my computer clock stopped at 11.49 today and the machine slowed down. I logged off and then back on now everything seems to be ok. Is this a weared m/c or what?
 
Possibility of 2 things here.

1. The cmos battery may be going out and needs to be replaced. How old is this machine and has the battery ever been replaced?

2. Your hard drive may be going out. One of the parameters of the stop code suggests either bad hard drive or controller. Which in this case you would should do a check disk on the drive or a drive diagnostic by download the drive makers utility and running it. What brand of hard drive is it?
 
The M/c is 4yrs old I've never changed the battery I don't know if this is the right info you wanted John,

STM380211AS [Hard drive] (80.02 GB) -- drive 0, SMART Status: Healthy. ST313030A [Hard drive] (13.02 GB) -- drive 1, s/n 7BA04DR5, rev 3.07, SMART Status: Healthy 448 Megabytes Usable Installed MemorySlot 'A0' has 512 MBSlot 'A1' is Empty
Local Drive Volumes
 
Last edited:
John, The following Automatic Update:

Microsoft .Net Framework 3.5 SP1 and NET Framework 2.0 SP2 Update for Windows Server 2003 and Windows XP x86 (KB982524)

This update has already been installed but Auto updates keeps sending it thru to install again and again………. What’s wrong now?
 
You must log in or register to reply here.
Back
Top