I discovered my Vista-running laptop had a malware problem earlier this evening - I forgot the name but it was like Vista Security Center or something "official" sounding. I used a program to kill the process, but found a process called ave.exe instead (which I killed). Anyway, I was able to run Malwarebytes and my system seems to be clean. I ran HijackThis just to be sure (the log is below). The programs I typically have running are Google Chrome, Log Me In, Launchy, RocketDock and Prey (in addition to the MSE). I installed Avast but when I tried to start the program, it wouldn't start. I'm thinking I should probably uninstall the program (I have Microsoft Security Essentials installed; I just downloaded AVG, but haven't installed that yet - not sure if I should stick with MSE or try AVG). So... is my system clean? Anything I should fix? Thanks in advance for your help! Lulu ----------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:17:44 AM, on 4/28/2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18349) Boot mode: Normal Running processes: C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\RocketDock\RocketDock.exe C:\Program Files (x86)\Launchy\Launchy.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Prey\cron.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe C:\Windows\SysWOW64\conime.exe C:\Users\Lulu\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe C:\Users\Lulu\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {340a88cd-3114-4558-b9d1-50fb1d5d0a77} - mudupani.dll (file missing) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Show Xmlbar Toolbar - {6B896ADB-4A82-46e2-858C-13134782CE34} - C:\Program Files (x86)\Xmlbar\FLV Downloader\IEBar\xbietb.dll O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [Prey Laptop Tracker] c:\Prey\cron.exe --log O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Lulu\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [siniratija] Rundll32.exe "zowolage.dll",s (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup:
