unknown virus cause fire fox and anti virus,system not working

hello, 3 or 4 day ago i updates AVG anti virus free edition 2012, after it cause my fire fox not working ,when i open the fire fox it appear some red note......win32......i try to scan the OTL log but not respond at firefox setting. so i just have aswMBR and security check

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-17 09:02:59
-----------------------------
09:02:59.125 OS Version: Windows 5.1.2600 Service Pack 2
09:02:59.125 Number of processors: 1 586 0x2F00
09:02:59.125 ComputerName: SOPHIA UserName:
09:03:00.750 Initialize success
09:03:21.609 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-7
09:03:21.609 Disk 0 Vendor: ST3250823AS 3.03 Size: 238475MB BusType: 3
09:03:21.625 Disk 0 MBR read successfully
09:03:21.625 Disk 0 MBR scan
09:03:21.625 Disk 0 unknown MBR code
09:03:21.625 Disk 0 Partition 1 00 0C FAT32 LBA RECOVERY 8202 MB offset 63
09:03:21.640 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 230262 MB offset 16798320
09:03:21.640 Disk 0 scanning sectors +488376000
09:03:21.718 Disk 0 scanning C:\WINDOWS\system32\drivers
09:03:28.140 Service scanning
09:03:39.203 Modules scanning
09:03:45.609 Disk 0 trace - called modules:
09:03:45.625 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
09:03:45.625 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84b8dab8]
09:03:46.125 3 CLASSPNP.SYS[f751105b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-7[0x84b45d98]
09:03:46.125 Scan finished successfully
09:04:03.515 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator.SOPHIA\Desktop\MBR.dat"
09:04:03.515 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.SOPHIA\Desktop\aswMBR.txt"





Results of screen317's Security Check version 0.99.32
Windows XP Service Pack 2 x86
Out of date service pack!!
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
AVG 2012
AVG PC Tuneup
AVG 2012
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
SpywareBlaster 4.4
AVG PC Tuneup
Java(TM) 6 Update 31
Adobe Flash Player 11.2.202.235
Adobe Reader X (10.1.3)
Mozilla Firefox (12.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
``````````End of Log````````````

Windows XP Service Pack 2 x86
Out of date service pack!!
Internet Explorer 8
is that mean i need to upgrade Windws XP? if yes, how to do it? thanks :smile2:

We need to fix the Master Boot Record using aswMBR now.

• Double click aswMBR.exe to run it like before
  
• Once the scan finishes click FixMBR to remove the infection as illustrated below
  

• Once the scan finishes click Save log to save the log to your Desktop
  
  
  
• Copy and paste the contents of aswMBR.txt back here for review
  

Please visit this webpage for a tutorial on downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

See the area: Using ComboFix, and when done, post the log back here.

hello, thank you so much for your help.

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-18 09:37:36
-----------------------------
09:37:36.250 OS Version: Windows 5.1.2600 Service Pack 2
09:37:36.250 Number of processors: 1 586 0x2F00
09:37:36.250 ComputerName: SOPHIA UserName:
09:37:40.359 Initialize success
09:38:00.781 Verifying
09:38:10.796 Disk 0 Windows 501 MBR fixed successfully
09:38:54.156 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator.SOPHIA\Desktop\MBR.dat"
09:38:54.171 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator.SOPHIA\Desktop\aswMBR.txt"


and here Combofix log:
ComboFix 12-05-18.01 - HP_Administrator 05/18/2012 10:38:52.6.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.894.427 [GMT -4:00]
Running from: c:\documents and settings\HP_Administrator.SOPHIA\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Spyware Doctor with AntiVirus *Enabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\intelppm.sys . . . is missing!!
.
.
((((((((((((((((((((((((( Files Created from 2012-04-18 to 2012-05-18 )))))))))))))))))))))))))))))))
.
.
2012-05-17 11:20 . 2012-05-17 11:20 -------- d-----w- c:\documents and settings\HP_Administrator.SOPHIA\Application Data\AVG
2012-05-17 01:46 . 2012-05-17 22:50 -------- d-----w- c:\windows\system32\drivers\AVG
2012-05-17 01:46 . 2012-05-17 01:46 -------- d-----w- C:\$AVG
2012-05-17 00:59 . 2012-05-17 00:59 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Secure Search
2012-05-17 00:46 . 2012-05-17 01:58 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012
2012-05-02 15:55 . 2012-05-02 15:55 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-05-02 15:54 . 2012-05-02 15:54 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2012-05-02 15:54 . 2012-05-02 15:54 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe
2012-04-29 20:07 . 2012-04-29 20:07 -------- d-----w- c:\documents and settings\HP_Administrator.SOPHIA\Local Settings\Application Data\AVG Secure Search
2012-04-19 08:50 . 2012-04-19 08:50 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-04 18:36 . 2012-03-31 02:00 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-04 18:36 . 2011-05-22 13:52 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-02 21:39 . 2012-04-02 21:40 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-02 21:39 . 2011-06-14 22:09 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-19 09:17 . 2012-03-19 09:17 301248 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-02-22 09:25 . 2012-02-22 09:25 235216 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2008-03-02 16:04 . 2008-03-02 16:04 774144 ----a-w- c:\program files\RngInterstitial.dll
2012-05-02 15:54 . 2011-04-06 01:16 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2008-12-12 18:57 . 2006-12-19 21:36 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-05-18_14.25.08 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-01-03 04:31 . 2012-05-18 14:31 1682 c:\windows\system32\KGyGaAvL.sys
- 2009-01-03 04:31 . 2012-05-14 23:04 1682 c:\windows\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-03-07 3558136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-18 339968]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"WT GameChannel"="c:\program files\WildTangent\Apps\GameChannel.exe" [2004-09-13 267216]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-05-26 180269]
"Corel Photo Downloader"="c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe" [2005-11-17 106496]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SpySubtract.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\SpySubtract.lnk
backup=c:\windows\pss\SpySubtract.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
backup=c:\windows\pss\Updates from HP.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-10 12:00 15360 ------w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2004-08-10 18:04 59392 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp]
2005-02-26 05:34 245760 ----a-w- c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
2004-10-14 20:54 253952 ----a-w- c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd]
2004-06-10 21:48 286720 ----a-r- c:\windows\vsnpstd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2005-05-26 17:27 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\HP\\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\\hphver06.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [4/19/2012 4:50 AM 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [1/31/2012 4:46 AM 31952]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [8/11/2009 7:26 PM 130424]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2/22/2012 5:25 AM 235216]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [3/19/2012 5:17 AM 301248]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2/14/2012 4:53 AM 193288]
R2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [4/29/2012 3:09 PM 932736]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [12/23/2011 1:32 PM 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [12/23/2011 1:32 PM 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [12/23/2011 1:32 PM 17232]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [4/30/2012 9:44 AM 5106744]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [3/1/2010 7:07 PM 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [3/30/2012 10:00 PM 257696]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/1/2010 7:07 PM 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [5/2/2012 11:55 AM 129976]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe --> c:\program files\Spyware Doctor\pctsAuxs.exe [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 18:36]
.
2012-05-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
.
2012-05-18 c:\windows\Tasks\AVG PC Tuneup Integrator Start On HP_Administrator Logon.job
- c:\program files\AVG\AVG PC Tuneup\BoostSpeed.exe [2012-05-17 21:20]
.
2012-04-30 c:\windows\Tasks\Easy Internet Sign-up.job
- c:\program files\Easy Internet signup\HPSdpApp.exe [2005-03-04 01:04]
.
2012-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-01 23:06]
.
2012-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-01 23:06]
.
2012-05-17 c:\windows\Tasks\Norton PC Checkup WeekDay Scanner.job
- c:\program files\norton pc checkup\PC_Checkup.exe [2008-06-29 00:13]
.
2012-05-13 c:\windows\Tasks\Norton PC Checkup Weekend Scanner.job
- c:\program files\norton pc checkup\PC_Checkup.exe [2008-06-29 00:13]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
IE: {{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\AVG\AVG2012\avgdtiex.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\HP_Administrator.SOPHIA\Application Data\Mozilla\Firefox\Profiles\dn81n96o.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/firefox
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B612001ee-6152-4b25-a256-68af754ff44c%7D&mid=ce1f812eab9b0c513be5fe8d88f11537-bb19e6764d2ccc05adb41927ad4146d1963ea273&ds=AVG&v=9.0.0.18.1&lang=en&pr=fr&d=2011-10-13%2019%3A10%3A39&sap=ku&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-18 10:50
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4128741535-2639826979-3630802738-1008\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(636)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3052)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2012-05-18 10:52:48
ComboFix-quarantined-files.txt 2012-05-18 14:52
ComboFix2.txt 2012-05-18 14:28
ComboFix3.txt 2011-06-11 18:00
ComboFix4.txt 2010-02-24 00:38
.
Pre-Run: 195,742,785,536 bytes free
Post-Run: 195,714,928,640 bytes free
.
- - End Of File - - D04DE4FF6AA21DD89E95EB963CDC35A4

Please download TDSSKiller from here and save it to your Desktop.

• Doubleclick TDSSKiller.exe to run the tool
  
• Click the Start Scan button
  
• After the scan has finished, click the Close button
  
• Click the Report button and copy/paste the contents of it into your next reply

Note:It will also create a log in the C:\ directory.

14:58:51.0156 0812 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
14:58:51.0484 0812 ============================================================
14:58:51.0484 0812 Current date / time: 2012/05/19 14:58:51.0484
14:58:51.0484 0812 SystemInfo:
14:58:51.0484 0812
14:58:51.0484 0812 OS Version: 5.1.2600 ServicePack: 2.0
14:58:51.0484 0812 Product type: Workstation
14:58:51.0484 0812 ComputerName: SOPHIA
14:58:51.0484 0812 UserName: HP_Administrator
14:58:51.0484 0812 Windows directory: C:\WINDOWS
14:58:51.0484 0812 System windows directory: C:\WINDOWS
14:58:51.0484 0812 Processor architecture: Intel x86
14:58:51.0484 0812 Number of processors: 1
14:58:51.0484 0812 Page size: 0x1000
14:58:51.0484 0812 Boot type: Normal boot
14:58:51.0484 0812 ============================================================
14:58:52.0406 0812 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
14:58:52.0468 0812 ============================================================
14:58:52.0468 0812 \Device\Harddisk0\DR0:
14:58:52.0468 0812 MBR partitions:
14:58:52.0468 0812 \Device\Harddisk0\DR0\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x1005231
14:58:52.0468 0812 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1005270, BlocksNum 0x1C1BB450
14:58:52.0468 0812 ============================================================
14:58:52.0593 0812 C: <-> \Device\Harddisk0\DR0\Partition1
14:58:52.0593 0812 D: <-> \Device\Harddisk0\DR0\Partition0
14:58:52.0593 0812 ============================================================
14:58:52.0593 0812 Initialize success
14:58:52.0593 0812 ============================================================
15:01:59.0031 0888 Deinitialize success

Did it say anything about detecting or removing anything?

it didn't say removing anything , detecting is 0

How is the computer operating overall?

after the avg scan, all the program didn't work. i need to restart computer and it work again.

Are you satisfied with AVG? Would you like a different antivirus?

yes, please give me a different antivirus that suitable with my Window xp. because i also try install Avira [Security Software & Removal Tools- Huge list] last week but it said error not valid WIN 32 APPLICATION .

This is the link to remove AVG: http://www.avg.com/filedir/util/avg_arm_sup_____.dir/avgremover.exe

Do that first.

Then, try to install Avira again.

hello,Dragon Master Jay, i removed AVG and try to download Avira when i try to run, it had a log:
Set up:Avira Free Antivirus requires at least: Windows XP 32 bit SP3
Windows XP 64 bit SP2
Windows server 2003 SP2
So now my computer is running without antivirus, what should i do now? thank you.

Download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

hello

Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 2 x86
Out of date service pack!!
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
AVG 2012
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
SpywareBlaster 4.4
Java(TM) 6 Update 31
Adobe Flash Player 11.2.202.235
Adobe Reader X (10.1.3)
````````````````````````````````
Process Check:
objlist.exe by Laurent
AVG avgwdsvc.exe
AVG avgtray.exe
``````````End of Log````````````

Navigate here to get Service Pack 3 and install it: http://windows.microsoft.com/en-us/windows/help/learn-how-to-install-windows-xp-service-pack-3-sp3

Then, get your antivirus.

hello Dragon Master Jay. i followed the link learn how to install windows sp sp3. for some reason computer reboot and lost some program so i install all again. can i scan Security check again send it to you to make sure the machine ok?



this is the first time i use Avira free antivirus and it take very long to scan, "18 Viruses and/or unwanted programs were found" does that mean it automatic remove tre viruses? the report i have from Avira Free antivirus:

End of the scan: Monday, May 28, 2012 14:06
Used time: 1:55:14 Hour(s)

The scan has been done completely.

19357 Scanned directories
738823 Files were scanned
18 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
8 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
738805 Files not concerned
19563 Archives were scanned
113 Warnings
8 Notes
397698 Objects were scanned with rootkit scan
0 Hidden objects were found

It did not fix anything:

0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
8 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned


Go ahead with Security Check real quick...

hello,this is the results of security checks:



Results of screen317's Security Check version 0.99.41
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java(TM) 6 Update 32
Java version out of date!
Adobe Flash Player 11.2.202.235
Adobe Reader X (10.1.3)
Mozilla Firefox (12.0)
Google Chrome 19.0.1084.46
Google Chrome 19.0.1084.52
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 12% Defragment your hard drive soon!
````````````````````End of Log``````````````````````

Excellent work!

Java Update!

Please download the newest version of Java from Java.com.

Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment). Please uninstall/remove each of them.

Once old versions are gone, please install the newest version.


See this page for more info about malware and prevention.

Secret Link


Anymore questions before this is marked solved?

Thanks you very much Dragon Master Jay, i had new version of Java .what concern me now is my Security check warning[`System Health check`````````````````
Total Fragmentation on Drive C:: 12% Defragment your hard drive soon!]. is my computer has no infection from malware and virus now ?or i should open the new topic at Virus, Spyware & Malware Removal and scan OTL-aswMBR-?THANKS

Can i install PC Tools Firewall Plus?


the machine easy getting adobe crash.

The fragmentation issues should be fine...but if you want to defragment anyway, read this: http://support.microsoft.com/kb/314848

I would say that firewall would be fine!

Thank you very much Dragon Master Jay.

Thanks