0

I ran ESET. It found two threats, which I deleted. It didn't save any logfile.

I ran HJT, and it gave me a new logfile. I still can't run it in regular mode, so I ran it in safe mode again.

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 1:51:17 PM, on 3/30/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1FD79A59-37B1-459B-9097-09F9FAB8A523} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "c:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: PictureMover.lnk = C:\Program Files\PictureMover\Bin\PictureMover.exe
O13 - Gopher Prefix:
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - https://wimpro2.cce.hp.com/ChatEntry/downloads/sysinfo.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsVista.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--
End of file - 6504 bytes

0

Are you still having problems? Have you tried your email? Try it and see what happens.
The ESET log will be located at C:\Program Files\EsetOnlineScanner\log.txt. did you look there for it?

0

Yes, I searched for it and couldn't find it. I tried my email, it works so far. But, I noticed that another of those spam emails was sent out this morning around 10:30. Facebook is working right now. My computer won't go to my favorite forum. This is all in safe mode. Going to check in regular mode ...

0

Safe mode will tell you nothing. Critical drivers required by the infection likely are not loaded in safe mode and there fore the infection would not be working.

0

Oh, ok. This forum still looks strange. Photobucket is working again, though. Facebook working. Email working. I have this nagging feeling like something isn't quite right.

I'm using Avast and I'd like to change to something better.

0

Avast is one of the best there is so you will have to really look to find something else better. Avira is probably the best.
Post a screen shot of the forum since you say photobucket is working now.

0

I don't remember which mode I was in, but it looks like that all the time, no matter what mode I am in.

0

Do this for me, give me an Uninstall list generated by HiJackThis. To get this do the following:
Start HijackThis
Click on the Misc Tools button
Click on the Open Uninstall Manager button.
Click on the Save list... button and specify where you would like to save this file, save to the desktop. When you press Save button a notepad will open with the contents of that file. Go up to Edit, Select All, then Copy.
Come back here open a reply and paste that list into the reply.

0

ActiveCheck component for HP Active Support Library
Ad-Aware
Ad-Aware
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.6
avast! Antivirus
Compatibility Pack for the 2007 Office system
CyberLink DVD Suite Deluxe
CyberLink DVD Suite Deluxe
ESET Online Scanner v3
Hardware Diagnostic Tools
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Demo
HP Driver Diagnostics
HP MediaSmart DVD
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP MediaSmart Music/Photo/Video
HP MediaSmart SmartMenu
HP Recovery Manager RSS
HP Total Care Advisor
HP Total Care Setup
HP Update
HPAsset component for HP Active Support Library
Java(TM) 6 Update 16
Java(TM) 6 Update 7
Juno Preloader
LabelPrint
LabelPrint
LightScribe System Software 1.14.25.1
LightScribe Template Labeler
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Office Home and Student 60 day trial
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Works
Mozilla Firefox (3.6.2)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee Reveal
My HP Games
NetZero Preloader
Norton Internet Security
NVIDIA Drivers
OGA Notifier 2.0.0048.0
PictureMover
Power2Go
Power2Go
PowerDirector
PowerDirector
Python 2.5.2
Realtek High Definition Audio Driver
sp41099
SPORE Creature Creator Trial Edition
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Player Firefox Plugin

Yep, looks normal in IE.

0

If it looks normal in IE then the problem lies probably with Firefox. I would recommend removing it entirely and reinstalling it.

You show two Anti-virus programs on there Avast and Norton. That is a giant no-no, could be the reason for the infections. Two av programs work against each other. Though there don't seem to be Norton listings in the HJT log, there could be "something" there that is hurting Avast and it's protection.
Your Java is also way out of date, current version is version 6 update 19. Don't know if this would make a difference in viewing this forum or not.

0

That is very strange about Norton. It came with a free trial when I got my computer. I used it and when it ended, I removed it and downloaded Avast. Norton doesn't show up on my uninstall programs list...


I'll try the advice with FF.

0

It may just be the name left over. Do a search on the computer for Norton using the Start, Search function. First look for Norton and delete all found and then look for Symantec and delete all found.

0

I can't find anything (except for the attach list for dds and the list I just gave you for norton. Can't find anything for symantec either.

I uninstalled and reinstalled Firefox and now the forum displays properly. I guess everything is OK now.

Now, I want to try Avira. Should I uninstall Avast and then install Avira. Or should I disable Avast, instal Avira and then uninstall Avast?

I also need to start thinking about what other programs I need to keep in addition to the antivirus program.

0

First download Avira and save it to the desktop.

Then go OFFLINE, if you have to disconnect the cord from the computer. Uninstall Avast. Install Avira. Then go back online and update it. Then do a FULL SYSTEM scan with it. Allow it to remove everything it finds and report back here the findings.

0

Ok. I'll do that first thing in the morning after I take the kiddos to school! Depending on how long the scan takes, I may not be able to report the findings until after my son's Easter egg hunt (after lunch).

0

Never mind, Easter Egg hunt in on Thursday. I'll take care of this in the morning.

0

Avira AntiVir Personal
Report file date: Wednesday, March 31, 2010 08:28

Scanning for 1867270 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows Vista
Windows version : (Service Pack 2) [6.0.6002]
Boot mode : Normally booted
Username : Sarah
Computer name : HOFFMAN

Version information:
BUILD.DAT : 10.0.0.561 32098 Bytes 3/18/2010 15:46:00
AVSCAN.EXE : 10.0.2.3 433832 Bytes 3/7/2010 22:57:10
AVSCAN.DLL : 10.0.2.2 45928 Bytes 3/2/2010 17:48:47
LUKE.DLL : 10.0.2.3 104296 Bytes 3/7/2010 23:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 04:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 14:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 00:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 22:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 21:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 16:29:03
VBASE005.VDF : 7.10.4.204 2048 Bytes 3/5/2010 16:29:03
VBASE006.VDF : 7.10.4.205 2048 Bytes 3/5/2010 16:29:03
VBASE007.VDF : 7.10.4.206 2048 Bytes 3/5/2010 16:29:03
VBASE008.VDF : 7.10.4.207 2048 Bytes 3/5/2010 16:29:03
VBASE009.VDF : 7.10.4.208 2048 Bytes 3/5/2010 16:29:03
VBASE010.VDF : 7.10.4.209 2048 Bytes 3/5/2010 16:29:03
VBASE011.VDF : 7.10.4.210 2048 Bytes 3/5/2010 16:29:03
VBASE012.VDF : 7.10.4.211 2048 Bytes 3/5/2010 16:29:03
VBASE013.VDF : 7.10.4.242 153088 Bytes 3/8/2010 20:43:21
VBASE014.VDF : 7.10.5.17 99328 Bytes 3/10/2010 20:24:21
VBASE015.VDF : 7.10.5.44 107008 Bytes 3/11/2010 22:41:40
VBASE016.VDF : 7.10.5.69 92672 Bytes 3/12/2010 14:25:53
VBASE017.VDF : 7.10.5.91 119808 Bytes 3/15/2010 14:39:58
VBASE018.VDF : 7.10.5.121 112640 Bytes 3/18/2010 18:01:24
VBASE019.VDF : 7.10.5.122 2048 Bytes 3/18/2010 18:01:24
VBASE020.VDF : 7.10.5.123 2048 Bytes 3/18/2010 18:01:24
VBASE021.VDF : 7.10.5.124 2048 Bytes 3/18/2010 18:01:24
VBASE022.VDF : 7.10.5.125 2048 Bytes 3/18/2010 18:01:24
VBASE023.VDF : 7.10.5.126 2048 Bytes 3/18/2010 18:01:24
VBASE024.VDF : 7.10.5.127 2048 Bytes 3/18/2010 18:01:24
VBASE025.VDF : 7.10.5.128 2048 Bytes 3/18/2010 18:01:24
VBASE026.VDF : 7.10.5.129 2048 Bytes 3/18/2010 18:01:24
VBASE027.VDF : 7.10.5.130 2048 Bytes 3/18/2010 18:01:24
VBASE028.VDF : 7.10.5.131 2048 Bytes 3/18/2010 18:01:24
VBASE029.VDF : 7.10.5.132 2048 Bytes 3/18/2010 18:01:24
VBASE030.VDF : 7.10.5.133 2048 Bytes 3/18/2010 18:01:25
VBASE031.VDF : 7.10.5.134 16384 Bytes 3/18/2010 18:01:25
Engineversion : 8.2.1.194
AEVDF.DLL : 8.1.1.3 106868 Bytes 2/13/2010 17:16:21
AESCRIPT.DLL : 8.1.3.18 1024378 Bytes 3/17/2010 16:09:47
AESCN.DLL : 8.1.5.0 127347 Bytes 2/25/2010 23:38:41
AESBX.DLL : 8.1.2.1 254323 Bytes 3/17/2010 16:09:47
AERDL.DLL : 8.1.4.3 541043 Bytes 3/17/2010 16:09:47
AEPACK.DLL : 8.2.1.0 426356 Bytes 3/2/2010 20:01:39
AEOFFICE.DLL : 8.1.0.41 201083 Bytes 3/17/2010 16:09:46
AEHEUR.DLL : 8.1.1.13 2470262 Bytes 3/17/2010 16:09:46
AEHELP.DLL : 8.1.10.2 237941 Bytes 3/17/2010 16:09:46
AEGEN.DLL : 8.1.2.2 373107 Bytes 3/17/2010 16:09:45
AEEMU.DLL : 8.1.1.0 393587 Bytes 11/10/2009 14:04:22
AECORE.DLL : 8.1.12.3 188789 Bytes 3/17/2010 16:09:45
AEBB.DLL : 8.1.0.3 53618 Bytes 9/10/2009 17:15:06
AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/14/2010 17:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 1/14/2010 17:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 2/18/2010 21:47:40
AVREG.DLL : 10.0.1.2 52072 Bytes 1/29/2010 16:47:41
AVSCPLR.DLL : 10.0.2.3 83304 Bytes 3/7/2010 23:02:30
AVARKT.DLL : 10.0.0.13 227176 Bytes 3/7/2010 22:48:41
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/26/2010 14:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 1/28/2010 17:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/16/2010 20:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 2/19/2010 19:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 18:10:20
RCTEXT.DLL : 10.0.46.0 97128 Bytes 3/5/2010 15:09:41

Configuration settings for the scan:
Jobname.............................: Short system scan after installation
Configuration file..................: c:\program files\avira\antivir desktop\setupprf.dat
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Wednesday, March 31, 2010 08:28

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avconfig.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avshadow.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'WMIADAP.EXE' - '1' Module(s) have been scanned
Scan process 'setup.exe' - '1' Module(s) have been scanned
Scan process 'msiexec.exe' - '1' Module(s) have been scanned
Scan process 'presetup.exe' - '1' Module(s) have been scanned
Scan process 'avira_antivir_personal_en.exe' - '1' Module(s) have been scanned
Scan process 'hphc_service.exe' - '1' Module(s) have been scanned
Scan process 'TrustedInstaller.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'PresentationFontCache.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'HPAdvisor.exe' - '1' Module(s) have been scanned
Scan process 'sidebar.exe' - '1' Module(s) have been scanned
Scan process 'DVDAgent.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'SmartMenu.exe' - '1' Module(s) have been scanned
Scan process 'CLMLSvc.exe' - '1' Module(s) have been scanned
Scan process 'TSMAgent.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'Dwm.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '1' Module(s) have been scanned
Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'AAWService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!

Start scanning boot sectors:

Starting to scan executable files (registry).
The registry was scanned ( '493' files ).

End of the scan: Wednesday, March 31, 2010 08:29
Used time: 00:23 Minute(s)

The scan has been done completely.

0 Scanned directories
990 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
990 Files not concerned
3 Archives were scanned
0 Warnings
0 Notes

0

Oh wait, maybe that wasn't the right thing to post. I'm scanning the computer again.

0

It didn't find anything again.


Avira AntiVir Personal
Report file date: Wednesday, March 31, 2010 08:31

Scanning for 1867270 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows Vista
Windows version : (Service Pack 2) [6.0.6002]
Boot mode : Normally booted
Username : SYSTEM
Computer name : HOFFMAN

Version information:
BUILD.DAT : 10.0.0.561 32098 Bytes 3/18/2010 15:46:00
AVSCAN.EXE : 10.0.2.3 433832 Bytes 3/7/2010 22:57:10
AVSCAN.DLL : 10.0.2.2 45928 Bytes 3/2/2010 17:48:47
LUKE.DLL : 10.0.2.3 104296 Bytes 3/7/2010 23:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 04:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 14:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 00:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 22:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 21:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 16:29:03
VBASE005.VDF : 7.10.4.204 2048 Bytes 3/5/2010 16:29:03
VBASE006.VDF : 7.10.4.205 2048 Bytes 3/5/2010 16:29:03
VBASE007.VDF : 7.10.4.206 2048 Bytes 3/5/2010 16:29:03
VBASE008.VDF : 7.10.4.207 2048 Bytes 3/5/2010 16:29:03
VBASE009.VDF : 7.10.4.208 2048 Bytes 3/5/2010 16:29:03
VBASE010.VDF : 7.10.4.209 2048 Bytes 3/5/2010 16:29:03
VBASE011.VDF : 7.10.4.210 2048 Bytes 3/5/2010 16:29:03
VBASE012.VDF : 7.10.4.211 2048 Bytes 3/5/2010 16:29:03
VBASE013.VDF : 7.10.4.242 153088 Bytes 3/8/2010 20:43:21
VBASE014.VDF : 7.10.5.17 99328 Bytes 3/10/2010 20:24:21
VBASE015.VDF : 7.10.5.44 107008 Bytes 3/11/2010 22:41:40
VBASE016.VDF : 7.10.5.69 92672 Bytes 3/12/2010 14:25:53
VBASE017.VDF : 7.10.5.91 119808 Bytes 3/15/2010 14:39:58
VBASE018.VDF : 7.10.5.121 112640 Bytes 3/18/2010 18:01:24
VBASE019.VDF : 7.10.5.122 2048 Bytes 3/18/2010 18:01:24
VBASE020.VDF : 7.10.5.123 2048 Bytes 3/18/2010 18:01:24
VBASE021.VDF : 7.10.5.124 2048 Bytes 3/18/2010 18:01:24
VBASE022.VDF : 7.10.5.125 2048 Bytes 3/18/2010 18:01:24
VBASE023.VDF : 7.10.5.126 2048 Bytes 3/18/2010 18:01:24
VBASE024.VDF : 7.10.5.127 2048 Bytes 3/18/2010 18:01:24
VBASE025.VDF : 7.10.5.128 2048 Bytes 3/18/2010 18:01:24
VBASE026.VDF : 7.10.5.129 2048 Bytes 3/18/2010 18:01:24
VBASE027.VDF : 7.10.5.130 2048 Bytes 3/18/2010 18:01:24
VBASE028.VDF : 7.10.5.131 2048 Bytes 3/18/2010 18:01:24
VBASE029.VDF : 7.10.5.132 2048 Bytes 3/18/2010 18:01:24
VBASE030.VDF : 7.10.5.133 2048 Bytes 3/18/2010 18:01:25
VBASE031.VDF : 7.10.5.134 16384 Bytes 3/18/2010 18:01:25
Engineversion : 8.2.1.194
AEVDF.DLL : 8.1.1.3 106868 Bytes 2/13/2010 17:16:21
AESCRIPT.DLL : 8.1.3.18 1024378 Bytes 3/17/2010 16:09:47
AESCN.DLL : 8.1.5.0 127347 Bytes 2/25/2010 23:38:41
AESBX.DLL : 8.1.2.1 254323 Bytes 3/17/2010 16:09:47
AERDL.DLL : 8.1.4.3 541043 Bytes 3/17/2010 16:09:47
AEPACK.DLL : 8.2.1.0 426356 Bytes 3/2/2010 20:01:39
AEOFFICE.DLL : 8.1.0.41 201083 Bytes 3/17/2010 16:09:46
AEHEUR.DLL : 8.1.1.13 2470262 Bytes 3/17/2010 16:09:46
AEHELP.DLL : 8.1.10.2 237941 Bytes 3/17/2010 16:09:46
AEGEN.DLL : 8.1.2.2 373107 Bytes 3/17/2010 16:09:45
AEEMU.DLL : 8.1.1.0 393587 Bytes 11/10/2009 14:04:22
AECORE.DLL : 8.1.12.3 188789 Bytes 3/17/2010 16:09:45
AEBB.DLL : 8.1.0.3 53618 Bytes 9/10/2009 17:15:06
AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/14/2010 17:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 1/14/2010 17:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 2/18/2010 21:47:40
AVREG.DLL : 10.0.1.2 52072 Bytes 1/29/2010 16:47:41
AVSCPLR.DLL : 10.0.2.3 83304 Bytes 3/7/2010 23:02:30
AVARKT.DLL : 10.0.0.13 227176 Bytes 3/7/2010 22:48:41
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/26/2010 14:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 1/28/2010 17:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/16/2010 20:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 2/19/2010 19:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 18:10:20
RCTEXT.DLL : 10.0.46.0 97128 Bytes 3/5/2010 15:09:41

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Wednesday, March 31, 2010 08:31

Starting search for hidden objects.

The scan of running processes will be started
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'vssvc.exe' - '49' Module(s) have been scanned
Scan process 'avscan.exe' - '79' Module(s) have been scanned
Scan process 'avscan.exe' - '29' Module(s) have been scanned
Scan process 'avcenter.exe' - '91' Module(s) have been scanned
Scan process 'firefox.exe' - '103' Module(s) have been scanned
Scan process 'avgnt.exe' - '53' Module(s) have been scanned
Scan process 'sched.exe' - '56' Module(s) have been scanned
Scan process 'avshadow.exe' - '33' Module(s) have been scanned
Scan process 'avguard.exe' - '64' Module(s) have been scanned
Scan process 'hphc_service.exe' - '42' Module(s) have been scanned
Scan process 'PresentationFontCache.exe' - '29' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '64' Module(s) have been scanned
Scan process 'ehmsas.exe' - '19' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '29' Module(s) have been scanned
Scan process 'ehtray.exe' - '26' Module(s) have been scanned
Scan process 'HPAdvisor.exe' - '139' Module(s) have been scanned
Scan process 'sidebar.exe' - '65' Module(s) have been scanned
Scan process 'DVDAgent.exe' - '55' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '16' Module(s) have been scanned
Scan process 'jusched.exe' - '54' Module(s) have been scanned
Scan process 'SmartMenu.exe' - '88' Module(s) have been scanned
Scan process 'CLMLSvc.exe' - '54' Module(s) have been scanned
Scan process 'TSMAgent.exe' - '54' Module(s) have been scanned
Scan process 'rundll32.exe' - '31' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '13' Module(s) have been scanned
Scan process 'Explorer.EXE' - '144' Module(s) have been scanned
Scan process 'Dwm.exe' - '31' Module(s) have been scanned
Scan process 'taskeng.exe' - '61' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '37' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '33' Module(s) have been scanned
Scan process 'unsecapp.exe' - '28' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '62' Module(s) have been scanned
Scan process 'svchost.exe' - '9' Module(s) have been scanned
Scan process 'svchost.exe' - '50' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'spoolsv.exe' - '81' Module(s) have been scanned
Scan process 'AAWService.exe' - '54' Module(s) have been scanned
Scan process 'svchost.exe' - '89' Module(s) have been scanned
Scan process 'rundll32.exe' - '45' Module(s) have been scanned
Scan process 'svchost.exe' - '86' Module(s) have been scanned
Scan process 'SLsvc.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '150' Module(s) have been scanned
Scan process 'svchost.exe' - '96' Module(s) have been scanned
Scan process 'svchost.exe' - '69' Module(s) have been scanned
Scan process 'svchost.exe' - '33' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '24' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'winlogon.exe' - '30' Module(s) have been scanned
Scan process 'lsm.exe' - '22' Module(s) have been scanned
Scan process 'lsass.exe' - '59' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '343' files ).


Starting the file scan:

Begin scan in 'C:\' <HP>
Begin scan in 'D:\' <FACTORY_IMAGE>


End of the scan: Wednesday, March 31, 2010 09:30
Used time: 58:42 Minute(s)

The scan has been done completely.

22648 Scanned directories
489139 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
489139 Files not concerned
2621 Archives were scanned
0 Warnings
0 Notes
420212 Objects were scanned with rootkit scan
0 Hidden objects were found

0

Any other advice on other programs I should have in addition to Avira? I also have AdAware. Do I need a firewall too or do I have one built in with Vista?

0

I would Uninstall AdAware, just isn't the program it used to be. I would add SpywareBlaster for extra protection. Excellent program and an added plus, it doesn't run in the background.

From Javacool Software :

SpywareBlaster doesn't scan for and clean spyware--it prevents it from being installed in the first place. SpywareBlaster prevents the installation of ActiveX-based spyware, adware, dialers, browser hijackers, and other potentially unwanted programs. It can also block spyware/tracking cookies in IE, Mozilla Firefox, Netscape, and many other browsers, and restrict the actions of spyware/ad/tracking sites.

Just download, install, update, enable all protection and close the program. This is the free version so manual updates are required. Just check every week or so for updates. If any are available, install, enable and close the program. Great program, I never run a computer without it.
As far as firewalls, you can stick with the built in Vista one if you wish, there are other free ones out there also. The choice is yours really.

Be sure also to use proper browser settings for more security:
In Firefox go to Tools, Options. On the Content Tab put a check mark in Block Pop-up Windows; Privacy Tab, Allow 1st Party Cookies, NO check mark in 3rd Party cookies, Keep browsing history for 7 days, unless of course you have some reason to want to keep it longer; Security Tab, put check marks in the first three choices, you can also have it remember your passwords if you wish.

On IE and even though you don't use this often you should set it up anyway as there are times it must be used:
Tools, Internet Options. On the General Tab click Browsing History Settings. Then use these settings: Dot in Everytime I visit the page, Disk Space to use, I use 15, Days to keep in history, 7 days.
Next go to the Privacy Tab. Put a Check mark in Turn on Pop-up Blocker. Also in the middle there click the Advanced Button. When that opens Put a check mark in Override Automatic Cookie Handling, and a dot in Accept 1st Party Cookies, Block 3rd Party cookies and Always allow session cookies.

I would also suggest adding Web Of Trust to both browsers. This is an added bit of protection where you will get a warning on whether a website you are visiting is trusted or not. If the site is trusted the Web icon shows green, if it is questionable it shows yellow and if it is not to be trusted it shows Red. You can click on the WOT icon and it will give you exact reasons why the site is not trusted. Doesn't block anything, just gives you that extra bit of information you can use.

Edited by jholland1964: n/a

0

Thank you so much! I did all of that. I feel much better. Hopefully I can keep my computer clean now!

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.