HJT.Log Help finish up cleaning

iNTeRNeT-JuNKie

The last entry in my log I cannot get rid of. Please advise me on what to do. Does everything else look okay?
Logfile of HijackThis v1.99.1
Scan saved at 1:17:42 PM, on 8/18/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\America Online 9.0b\waol.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\America Online 9.0b\shellmon.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\TooLz\hijackthis_199\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1101264244\ee\AOLSoftware.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0b\AOL.EXE" -b
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{14145E0B-761F-42E1-B1C5-61BFB52DCC78}: NameServer = 205.188.146.145
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\msvcrtd.exe (file missing)

Here is an Panda Active SCan log as well...

Incident - Status - Location

Adware:adware/azesearch - Not disinfected - Windows Registry

Trogan

Sorry for the delay.

Your computer is unprotected, and that last entry is not good as it is a Backdoor Trojan! This can give intruders complete control of your computer, logging key strokes, stealing information, etc.

You are strongly advised to do the following immediately!:

• Disconnect infected computer from the internet and from any networked computers until the computer can be cleaned.
• Call all of your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.
• From a clean computer, change *all* of your online passwords -- for ISP login, email, banks, financial accounts, PayPal, eBay, online companies, and any online forums or groups you belong to.
  Do NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passwords and transaction information.

Because of its backdoor functionality, your PC is very likely compromised and there is no way to be sure it can ever again be trusted. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be a reformat and reinstall of the OS. However, if you do not have the resources to reinstall your OS and would like me to attempt to clean your machine, I will be happy to do so.

To help you make a more informed decision, please read the following articles:

• Danger: Remote Access Trojans.
• When should I re-format? How should I reinstall?
• How Do I Handle Possible Identify Theft, Internet Fraud and Credit Card Fraud?

Should you have any questions, please feel free to ask

Please let me know your decision and we'll get started with clean up if that's what you choose.

iNTeRNeT-JuNKie

Trogan wrote:

Sorry for the delay.

Your computer is unprotected, and that last entry is not good as it is a Backdoor Trojan! This can give intruders complete control of your computer, logging key strokes, stealing information, etc.

You are strongly advised to do the following immediately!:

• Disconnect infected computer from the internet and from any networked computers until the computer can be cleaned.
• Call all of your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.
• From a clean computer, change *all* of your online passwords -- for ISP login, email, banks, financial accounts, PayPal, eBay, online companies, and any online forums or groups you belong to.
  Do NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passwords and transaction information.

Because of its backdoor functionality, your PC is very likely compromised and there is no way to be sure it can ever again be trusted. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be a reformat and reinstall of the OS. However, if you do not have the resources to reinstall your OS and would like me to attempt to clean your machine, I will be happy to do so.

To help you make a more informed decision, please read the following articles:

• Danger: Remote Access Trojans.
• When should I re-format? How should I reinstall?
• How Do I Handle Possible Identify Theft, Internet Fraud and Credit Card Fraud?

Should you have any questions, please feel free to ask

Please let me know your decision and we'll get started with clean up if that's what you choose.

I would like to attempt a clean up if possible....

Trogan

OK, lets begin:

Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :

• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
• Instead of Windows loading as normal, the Advanced Options Menu should appear;
• Select the first option, to run Windows in Safe Mode, then press Enter.
• Choose your usual account.

• Open the extracted SDFix folder and double click RunThis.bat to start the script.
• Type Y to begin the cleanup process.
• It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
• Press any Key and it will restart the PC.
• When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
• Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
  (Report.txt will also be copied to Clipboard ready for posting back on the forum).
• Finally paste the contents of the Report.txt back on the forum with a new HijackThis log

iNTeRNeT-JuNKie

SDFix: Version 1.100

Run by DaViD on Thu 08/23/2007 at 08:09 AM

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

No Trojan Files Found




Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

Remaining Services:

---

Authorized Application Key Export:

Remaining Files:

---

Files with Hidden Attributes:

C:\Program Files\America Online 9.0\aolphx.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\America Online 9.0\RBM.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0a\aolphx.exe
C:\Program Files\America Online 9.0a\aoltray.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\America Online 9.0b\AOLphx.exe
C:\Program Files\America Online 9.0b\rbm.exe
C:\Program Files\Common Files\Adobe\ESD\DLMCleanup.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Outlook Express\MSIMN.EXE
C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\lock.tmp
C:\Documents and Settings\Justi\Application Data\GTek\GTUpdate\AUpdate\Channels\ch_u1\lock.tmp
C:\Documents and Settings\Justi\Application Data\GTek\GTUpdate\AUpdate\Channels\ch_u2\lock.tmp
C:\Documents and Settings\Justi\Application Data\GTek\GTUpdate\AUpdate\Channels\ch_u3\lock.tmp
C:\Documents and Settings\Justi\Application Data\GTek\GTUpdate\AUpdate\Channels\ch_u4\lock.tmp
C:\WINDOWS\x74ca5e40.tmp

Finished


Logfile of HijackThis v1.99.1
Scan saved at 8:31:38 AM, on 8/23/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\America Online 9.0b\waol.exe
C:\Program Files\America Online 9.0b\shellmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\TooLz\hijackthis_199\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1101264244\ee\AOLSoftware.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0b\AOL.EXE" -b
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{14145E0B-761F-42E1-B1C5-61BFB52DCC78}: NameServer = 205.188.146.145
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

Trogan

I need to see another log from HijackThis.

• Run Hijackthis.
• Click on Open the Misc Tools section.
• Next click on Open uninstall manager.
• Press the Save list button.
• Save the file to your desktop, with the default name of uninstall_list
• Copy & Paste the entire contents of that file in your in your next post.

iNTeRNeT-JuNKie

Ad-Aware SE Personal
Adobe Acrobat 5.0
Adobe Download Manager 1.2 (Remove Only)
Adobe Flash Player ActiveX
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Uninstaller (Choose which Products to Remove)
BCM V.92 56K Modem
Broadcom Management Programs
Dell AIO Printer A940
Dell Digital Jukebox Driver
Dell Media Experience
Dell ResourceCD
Dell Solution Center
DellSupport
DS21Patch
DVD X Copy GOLD v3.0.2 (remove only)
ewido anti-spyware 4.0
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 1.99.1
Intel(R) Extreme Graphics Driver
Internet Explorer Default Page
Internet Explorer Q831167
J2SE Runtime Environment 5.0 Update 8
J2SE Runtime Environment 5.0 Update 9
Jasc Paint Shop Photo Album
Jasc Paint Shop Pro 8 Dell Edition
Learn2 Player (Uninstall Only)
Media Library Management Wizard
Microsoft .NET Framework 1.1
Microsoft Encarta Encyclopedia Standard 2004
Microsoft Money 2004
Microsoft Money 2004 System Pack
Modem Helper
MUSICMATCH® Jukebox
MyDVD
OLYMPUS CAMEDIA Master 4.1
Panda ActiveScan
PowerDVD
Pure Networks Port Magic
QuickTime
RealPlayer Basic
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB920683)
Shockwave
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
Spybot - Search & Destroy 1.4
Update for Windows XP (KB835409)
Update for Windows XP (KB898461)
Viewpoint Media Player
Winamp (remove only)
Windows Installer 3.1 (KB893803)
Windows XP Hotfix - KB842773
Windows XP Hotfix - KB890859
WordPerfect Office 11

Trogan

Hi,

Please do the following...

1. Click Start > Run > type in appwiz.cpl and hit enter. From the list uninstall the following, if present:

ewido anti-spyware 4.0 <-- There is a newer version, which we'll be using.
J2SE Runtime Environment 5.0 Update 8
J2SE Runtime Environment 5.0 Update 9

2. Reboot the computer!

3. Updating Java:

• Download the latest version of Java Runtime Environment (JRE) 6u2.
• Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications."
• Click the "Download" button to the right.
• Check the box that says: "Accept License Agreement."
• The page will refresh.
• Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
• Close any programs you may have running - especially your web browser.
• Then from your desktop double-click on jre-6u2-windows-i586-p.exe to install the newest version.

4. You may wish to Print or Save the following instructions, as the internet will not be available once in Safe Mode!

Please download AVG Anti-Spyware to your Desktop or to your usual Download Folder.
http://www.ewido.net/en/download/

• Install AVG Anti-Spyware by double clicking the installer.
• Follow the prompts. Make sure that Launch AVG Anti-Spyware is checked.
• On the main screen under Your Computer's security.
  • Click on Change state next to Resident shield. It should now change to inactive.
  • Click on Change state next to Automatic updates. It should now change to inactive.
  • Next to Last Update, click on Update now. (You will need an active internet connection to perform this)
  • Wait until you see the Update succesfull message.
• Right-click the AVG Anti-Spyware Tray Icon and uncheck Start with Windows.
• Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.

If you are having problems with the updater, you can use this link to manually update ewido.
AVG Anti-Spyware manual updates.
Download the Full database to your Desktop or to your usual Download Folder and install it by double clicking the file. Make sure that AVG Anti-Spyware is closed before installing the update.

Reboot your computer in Safe Mode.

• If the computer is running, shut down Windows, and then turn off the power.
• Wait 30 seconds, and then turn the computer on.
• Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
• Ensure that the Safe Mode option is selected.
• Press Enter. The computer then begins to start in Safe mode.
• Login on your usual account.

Once in Safe Mode:

Close ALL open Windows / Programs / Folders. Please start AVG Anti-Spyware and run a full scan.

• Click on Scanner on the toolbar.
• Click on the Settings tab.
  • Under How to act?
    • Click on Recommended Action and choose Quarantine from the popup menu.
  • Under How to scan?
    • All checkboxes should be ticked.
  • Under Possibly unwanted software:
    • All checkboxes should be ticked.
  • Under Reports:
    • Select Do not automatically generate reports
  • Under What to scan?
    • Select Scan every file.
• Click on the Scan tab.
• Click on Complete System Scan to start the scan process.
• Let the program scan the machine.
• When the scan has finished, follow the instructions below.
  IMPORTANT : Don't click on the "Save Scan Report" button before you did hit the "Apply all Actions" button.
  • Make sure that Set all elements to: shows Quarantine (1), if not click on the link and choose Quarantine from the popup menu. (2)
  • At the bottom of the window click on the Apply all Actions button. (3)
    
• When done, click the Save Scan Report button. (4)
  • Click the Save Report as button.
  • Save the report to your Desktop.
• Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.

Reboot back into Normal Mode and post a new HijackThis log, along with the AVG Anti-Spyware log.

iNTeRNeT-JuNKie

---

AVG Anti-Spyware - Scan Report

---

+ Created at: 8:00:27 PM 8/24/2007

+ Scan result:



C:\Documents and Settings\DaViD\Cookies\david@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\DaViD\Cookies\david@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\DaViD\Cookies\david@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\DaViD\Cookies\david@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\DaViD\Cookies\david@e-2dj6wfkykjc5aap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\DaViD\Cookies\david@e-2dj6whmiqjcjkfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\DaViD\Cookies\david@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\DaViD\Cookies\david@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\DaViD\Cookies\david@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\DaViD\Cookies\david@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\DaViD\Cookies\david@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\DaViD\Cookies\david@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\DaViD\Cookies\david@specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\DaViD\Cookies\david@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\DaViD\Cookies\david@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.


::Report end



Logfile of HijackThis v1.99.1
Scan saved at 9:09:44 PM, on 8/24/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\America Online 9.0b\waol.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\America Online 9.0b\shellmon.exe
C:\Program Files\Common Files\AOL\1101264244\ee\aolsoftware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\notepad.exe
C:\Program Files\TooLz\hijackthis_199\HijackThis.exe

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1101264244\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0b\AOL.EXE" -b
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{14145E0B-761F-42E1-B1C5-61BFB52DCC78}: NameServer = 205.188.146.145
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

Trogan

I don't see any indication of a Firewall in your HijackThis log. This may be because:

(1.) You are using Windows Firewall or a hardware Firewall.
(2.) You are using a Firewall of an unknown vendor.
(3.) You are using a Firewall, but it is disabled for unknown reasons
(4.) You don't use any firewall at all.

In the case you don't have a Firewall, please download one from the list below - They are Free!

Comodo << I recommend this
Zone Alarm
Sunbelt Kerio PF
Outpost Firewall

You also need to install an Anti-Virus program.

AntiVir << I recommend this
AVG Free Edition
avast! 4 Home Edition

Run a Full System Scan with the chosen Anti-Virus program, and make a note of anything that could not be removed.

Then, post a new HijackThis log and whatever could not be deleted by the virus scan.

iNTeRNeT-JuNKie

My internet explorer has been very inconsistant in loading certain web forums that I visit frequently... These last few days, especially yesterday & today. I have been constantly losing my internet connection.. My cable modem loses signal and an icon pops up indicating that a Network cable is unplugged then my modem proceeds to reset itself.. Would this last instance have had any effects those settings? Could you walk me through a full uninstall of IE and help install the latest version ?

Trogan

I'll help you install IE7, but I would first like to see a new HijackThis log with an Anti-Virus and Firewall programs installed.

As for IE being inconsistent, download WinSock XP Fix. Open the program, and click the Fix button. Reboot the computer afterwards and check if it has helped.

iNTeRNeT-JuNKie

Trogan wrote:

I'll help you install IE7, but I would first like to see a new HijackThis log with an Anti-Virus and Firewall programs installed.

As for IE being inconsistent, download WinSock XP Fix. Open the program, and click the Fix button. Reboot the computer afterwards and check if it has helped.

I used Winsock XP Fix the other day... I read up on the sticky "Slow Computer" I don't think it really helped much...?

I will DL a Anti-Virus & Firewall and post a log as you instructed.

iNTeRNeT-JuNKie

AntiVir PersonalEdition Classic
Report file date: Tuesday, August 28, 2007 20:37

Scanning for 1037656 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 1) [5.1.2600]
Username: DaViD
Computer name: D2RQC241

Version information:
BUILD.DAT : 247 14437 Bytes 5/10/2007 11:55:00
AVSCAN.EXE : 7.0.4.15 282664 Bytes 4/20/2007 21:37:14
AVSCAN.DLL : 7.0.4.4 33832 Bytes 3/27/2007 21:31:54
LUKE.DLL : 7.0.4.11 143400 Bytes 3/27/2007 21:26:04
LUKERES.DLL : 7.0.4.0 10280 Bytes 3/19/2007 21:18:59
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 5/31/2006 23:08:58
ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 7/10/2007 04:35:58
ANTIVIR2.VDF : 6.39.1.43 1542656 Bytes 8/25/2007 04:35:58
ANTIVIR3.VDF : 6.39.1.56 46080 Bytes 8/28/2007 04:35:58
AVEWIN32.DLL : 7.4.1.63 2724352 Bytes 8/29/2007 04:35:59
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2/26/2007 19:36:26
AVPREF.DLL : 7.0.2.1 24616 Bytes 3/27/2007 21:31:50
AVREP.DLL : 7.0.0.1 155688 Bytes 4/16/2007 22:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 8/29/2007 04:35:59
AVREG.DLL : 7.0.1.2 31784 Bytes 3/15/2007 18:05:08
AVEVTLOG.DLL : 7.0.0.18 86056 Bytes 3/27/2007 21:16:05
AVARKT.DLL : 1.0.0.17 278568 Bytes 5/2/2007 20:32:26
NETNT.DLL : 7.0.0.0 7720 Bytes 3/8/2007 20:09:42
RCIMAGE.DLL : 7.0.1.15 2228264 Bytes 3/13/2007 19:46:18
RCTEXT.DLL : 7.0.45.0 86056 Bytes 3/19/2007 21:42:42

Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: Tuesday, August 28, 2007 20:37

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'shellmon.exe' - '1' Module(s) have been scanned
Scan process 'AOLacsd.exe' - '1' Module(s) have been scanned
Scan process 'waol.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'gearsec.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'LEXBCES.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
23 processes with 23 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '6' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\DaViD\My Documents\DL'd\SDFix.exe
[0] Archive type: RAR SFX (self extracting)
--> SDFix\apps\FIXLM.reg
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[WARNING] The file was ignored!
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0022542.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '4704fe84.qua'!
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0022543.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '4704fea2.qua'!
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0022545.exe
[DETECTION] Is the Trojan horse TR/PSW.LDPinch.TAW.202
[INFO] The file was moved to '4704fea9.qua'!
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0022546.exe
[DETECTION] Is the Trojan horse TR/PSW.LDPinch.TAW.216
[INFO] The file was moved to '4704feac.qua'!
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0022720.dll
[DETECTION] Is the Trojan horse TR/Agent.1810432
[INFO] The file was moved to '4704feb6.qua'!
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0022790.exe
[DETECTION] Is the Trojan horse TR/PSW.LDPinch.TAW.216
[INFO] The file was moved to '4704feba.qua'!
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0022791.exe
[DETECTION] Is the Trojan horse TR/PSW.LDPinch.TAW.216
[INFO] The file was moved to '4704ff20.qua'!
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP228\A0024437.exe
[0] Archive type: RAR SFX (self extracting)
--> SDFix\apps\FIXLM.reg
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '4704ff40.qua'!
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP238\A0026517.reg
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '4704ff75.qua'!
C:\WINDOWS\SYSTEM32\ActiveScan\pskavs.dll
[DETECTION] Contains signature of the Windows virus W95/Blumblebee.1738
[INFO] The file was moved to '47400185.qua'!
Begin scan in 'D:\'
Search path D:\ could not be opened!
The device is not ready.

Begin scan in 'E:\'
Search path E:\ could not be opened!
The device is not ready.



End of the scan: Tuesday, August 28, 2007 21:17
Used time: 40:31 min

The scan has been done completely.

4988 Scanning directories
137599 Files were scanned
11 viruses and/or unwanted programs were found
3 classified as suspicious:
0 files were deleted
0 files were repaired
10 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
137585 Files not concerned
2966 Archives were scanned
3 Warnings
0 Notes
0 Hidden objects were found

Trogan

The AntiVir log is fine.

Before we update IE7, I want you to install Service Pack 2 (SP2). Service Pack 1 is no longer receiving Windows Update. Updating to SP2 will automatically update Internet Explorer.

You can download SP2 from Windows Update (Start > All Programs > Windows Update). Once you have done that, post a new HijackThis log please.

iNTeRNeT-JuNKie

Trogan wrote:

The AntiVir log is fine.

Before we update IE7, I want you to install Service Pack 2 (SP2). Service Pack 1 is no longer receiving Windows Update. Updating to SP2 will automatically update Internet Explorer.

You can download SP2 from Windows Update (Start > All Programs > Windows Update). Once you have done that, post a new HijackThis log please.

I ran the update tool, all I see is the following... I don't see anything that says SP2. Do I need to download all of these? Also some of these updates are for IE 6.0


Security Update for Windows XP (KB921883)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in the Server service that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB902400)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A remote code execution security issue has been identified that could allow an attacker to remotely compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB896423)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in the Print Spooler service that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB835732)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
Multiple security issues have been identified that could allow an attacker to compromise a computer running Windows and gain complete control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Windows Malicious Software Removal Tool - August 2007 (KB890830)
Download size: 7.6 MB , 3 minutes
After the download, this tool runs once to check your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove any infection found. If an infection is found, the tool will display a status report the next time you start your computer. A new version of the tool will be offered every month. If you want to manually run the tool on your computer, you can download a copy from the Microsoft Download Center or run an online version from microsoft.com. This tool is not a replacement for an anti-virus product. To help protect your computer, you should use an anti-virus product. Details...
Don't show this update again

Security Update for Windows XP (KB890046)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in Microsoft Agent that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB923414)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in the Server service that could allow a remote user to cause an affected Windows-based system to stop responding. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB924496)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB923191)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB924191)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in the way Microsoft XML Core Services (MSXML) is handled that could allow an attacker to compromise a Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB922819)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to cause Denial of Service conditions on Windows-based systems. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Internet Explorer 6 Service Pack 1 (KB925486)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in the way Vector Markup Language (VML) is handled that could allow an attacker to compromise a computer running Microsoft Windows and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB919007)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in Reliable Multicast Program (PGM) for Microsoft Windows XP-based systems that could result in a denial of service. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB920685)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain access to restricted data. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Cumulative Security Update for Internet Explorer 6 Service Pack 1 (KB918899)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
Security issues have been identified that could allow an attacker to compromise a system running Microsoft Internet Explorer and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB917422)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in the Windows Kernel that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB920670)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB921398)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB922616)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using a vulnerability in HTML Help and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB914388)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A remote code execution security issue has been identified in the DHCP Client service that could allow an attacker to remotely compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB911280)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A remote code execution security issue has been identified in the Routing and Remote Access service that could allow an attacker to remotely compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows Media Player 9 (KB917734)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using Windows Media Player and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Internet Explorer 6 Service Pack 1 (KB918439)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in the way ART images are handled that could allow an attacker to compromise a computer running Microsoft Windows and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB917344)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in the Windows Script Host that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB914798)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in Windows-based systems that could allow an attacker to compromise your system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Once you have installed this item, it cannot be removed. Details...
Don't show this update again

Security Update for Windows XP (KB913580)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in Windows-based systems that could cause the Microsoft Distributed Transaction Coordinator (MSDTC) to stop responding. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB917953)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB908531)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in Windows Explorer that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Cumulative Security Update for Outlook Express 6 Service Pack 1 (KB911567)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using Outlook Express and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB911562)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using Microsoft Data Access Components and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB911927)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows Media Player Plug-in (KB911564)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using the Windows Media Player Plug-in and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB908519)
Typical download size: 182 KB , less than 1 minute
A security issue has been identified that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB912919)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A remote code execution security issue has been identified in the Graphics Rendering Engine that could allow an attacker to remotely compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Update for Windows XP (KB910437)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
Install this update to prevent or resolve an issue in which Windows Update and Automatic Updates can no longer download updates after an Access Violation error occurs when using the Automatic Updates service. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB896424)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A remote code execution security issue has been identified in the Graphics Rendering Engine that could allow an attacker to remotely compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB905749)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in the Plug and Play service that could allow an authenticated attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB905495)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to tamper with the file transfer location on your computer when using the Microsoft Windows FTP (File Transfer Protocol) client. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB900725)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an authenticated attacker to gain access and potentially compromise your Microsoft Windows-based system. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB901017)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using Collaboration Data Objects (CDO) and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB905414)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A denial of service security issue has been identified that could cause the Network Manager service to stop responding on your Windows-based system. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for DirectX 9 for Windows XP (KB904706)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using DirectShow and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB893756)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in the Telephony Application Programming Interface (TAPI) that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB899591)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in the Remote Desktop Protocol (RDP) that could allow an attacker to remotely cause your Microsoft Windows-based system to stop responding. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB899587)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to gain access to sensitive data transmitted through your Microsoft Windows-based system in a domain environment, and to perform denial of service attacks against domain controllers. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB896358)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in the HTML Help component that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB901214)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in the Color Management Module that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB896428)
Typical download size: 470 KB , 1 minute
A security issue in Telnet has been identified that could allow an attacker to learn information about your Windows-based system. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Microsoft Windows (KB898458)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified in the Step-by-Step Interactive Training application that could allow an attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB885835)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows Messenger (KB887472)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB888302)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to remotely read information about your Windows-based system. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB891781)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB873339)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Security Update for Windows XP (KB885836)
Download size: 0 KB , 0 minutes (Downloaded; ready to install)
A security issue has been identified that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Details...
Don't show this update again

Microsoft .NET Framework 1.1 Service Pack 1
Download size: 10.2 MB , 4 minutes
Microsoft .NET Framework 1.1 Service Pack 1 resolves various issues found after the initial release of .NET Framework 1.1. These include both security- and non-security-related issues. After you install this item, you may have to restart your computer. Once you have installed this item, it cannot be removed. Details...
Don't show this update again

Trogan

If those are the Critical updates, you can install them first before getting Service Pack 2. Otherwise get Service Pack 2 from here.

Note: SP2 will take some time to install. Make sure you are not running any programs or have any windows open.

Post a new HijackThis log after SP2 is installed.

iNTeRNeT-JuNKie

Trogan wrote:

If those are the Critical updates, you can install them first before getting Service Pack 2. Otherwise get Service Pack 2 from here.

Note: SP2 will take some time to install. Make sure you are not running any programs or have any windows open.

Post a new HijackThis log after SP2 is installed.

Seems as though I have to install the other updates... Even when I click on the link provided it runs the update tool and still shows me the same updates not including SP2. Either that or wait for 4-6 weeks for a hard copy of in the mail.

Trogan

Install the other updates please.

iNTeRNeT-JuNKie

Trogan wrote:

Install the other updates please.

I did and restarted as told..

I tried installing SP2 and the following errors occured..

SP2 could not back up registry key
HKCR\.DVR-MS
to file C:\Windows\$NtServicePackUninstall$$\reg00013. 5: Access is Denied

SP2 could not back up registry key value
HKCR\.dvr-ms,\'PerceivedType,video\'. 5: Access is denied

SP2 did not install. 5: access is denied

I shut the computer down, restarted and tried to install again.. Same messages popped up. The actual Download file size was 75MB.. After attempting the reinstall twice it used nearly 2GB of space.. Is this normal or do I now have a bunch of files that are copied to the drive not being used by XP? Initial storage usage was 13.2 GB now it's at 15GB of storage used on the Hard Drive. How come this used so much space? I only bring this up because my PC seems to be running slower and I do not have a big HD on the system.

Trogan

First off, I do not know what the error means as I have never come across it. I think, but not entirely sure, if SP2 copied files onto your hard drive.

I don't know what to suggest at the moment.

iNTeRNeT-JuNKie

Trogan wrote:

First off, I do not know what the error means as I have never come across it. I think, but not entirely sure, if SP2 copied files onto your hard drive.

I don't know what to suggest at the moment.

I do not know what to do either.. I will try and get some answers... some how.

iNTeRNeT-JuNKie

iNTeRNeT JuNKie wrote:

I do not know what to do either.. I will try and get some answers... some how.

I have reformatted my hard drive and Reinstalled Xp onto my PC. I could not resolve the issue I was having.. so, I cleaned the HD and started over..

Trogan

Please make sure you get SP2.