HI I was wondering if anyone can help me with this and what i need to delete etc .. some things i just dont need and my system seems much slower these days .. also my net connection 4mb ono line in valencia spain..

<<hjt attached by valis>>

maybe this will help too ...


<<startup list attached by valis>>

OS Name Microsoft Windows XP Professional
Version 5.1.2600 Service Pack 2 Build 2600
OS Manufacturer Microsoft Corporation
System Name NOMOREPE-5F9DC3
System Manufacturer AOPEN_
System Model AWRDACPI
System Type X86-based PC
Processor x86 Family 6 Model 8 Stepping 6 GenuineIntel ~866 Mhz
BIOS Version/Date Award Software International, Inc. 6.00 PG, 27/03/2001
SMBIOS Version 2.2
Windows Directory F:\WINDOWS
System Directory F:\WINDOWS\system32
Boot Device \Device\HarddiskVolume1
Locale United Kingdom
Hardware Abstraction Layer Version = "5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)"
User Name NOMOREPE-5F9DC3\Giles
Time Zone Romance Standard Time
Total Physical Memory 192.00 MB
Available Physical Memory 9.57 MB
Total Virtual Memory 2.00 GB
Available Virtual Memory 1.96 GB
Page File Space 594.96 MB
Page File F:\pagefile.sys



i know i need to upfate this lot ... one day when i have some money i will

what else ..

i run emaule too .. i take it this is spyware free? .. i know its slows everything down when i use it, ive come to espect that over the years but is it normal?

I also have windows media player 11 .. does that run in the background scanning for music etc even when its not open?

Ipod etc came when quicktime was installed .. but i cant seem to remove the, .. is it possible to find quicktime without all the **** it sems to put on.

finally ...


Should i trust my anti virus software .. its a beta version from Kapersky


thank for any help in educating me

giles




i feel this also is important .. my startup list



Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only



I feel really guilty putting up all this ..


and finally alternate data streams .. Now i believe thats all the info anyone could want


E:\found.000\file0049.chk : $J (128313856 bytes)
E:\found.000\file0049.chk : $Max (32 bytes)




thats all ... once again thanks in advancved for anyone who takes the time to make sense of this

giles

Attached Files

	hjt.txt (11.3 KB, 4 views)
	startup.txt (5.8 KB, 0 views)

hi giles, and welcome to the forum. if you could click on the prework link in my signature, that will have you go through some preliminary steps that will clean out some of the nasties in there, and should leave you with two logs, one from AVG (be sure to choose 'quarantine' on all the items it finds) and one from HJT. If you could then attach the two logs, we can get started.

Beta kaspersky should be fine, but once we get you cleaned up we can discuss other options. FWIW, when you do the prework, the AVG is the antispyware I've used for about 2.5 years now.....good stuff, IMO.

Thanks,

v

that was quick .. thanks ..

by the way the ink to avg 7.5 trial in prefetch appears to be a bad link .. just so you are aware ... going to get it from net and will post log here when done

thanks

giles

AVG Anti-Virus and Internet Security - Trial Versions theres your link

giles, I attached the startup list and hjt log as .txt files; helps keep things manageable.....once I check out the avg log, I'll delve in, but I didn't see TOO much untoward in that hjt log....

now then ... i have installed avg and rebooted ... start up is incredibly slooow ... as before


09/03/2007 23:28:47 Intrusion.Win.MSSQL.worm.Helkern 59.191.61.209 UDP 1434


this is something which kapersky keeps picking up ... btw, it was falshing away there while i typed so .. one wonders what i sjoud do .. its nice to see it picking it up but as its a frequent thing, the same attack but differnt ports, but how do i know if this person isnt getting in on other attempts ..


back to the avg log you need


the wee icon is on the bllue bar as it should be, but its greyed out. when try to asscess panle for avg im told the administrator has disallowed this .. im logged in as an admin ... ?


hmmmn .. looks like the balls back in your court im perplexed once again .. far too many times today


thanks

giles