You need to do some housekeeping before we go forward:
You have multiple antivirus programs running: RAV, Norton and Avira:
Toolbar: Norton AntiVirus
Service: Avira AntiVir Scheduler
- This can cause a conflict that makes you more vulnerable,
- This can slow you down.
Your main AV appears to be
RAV - rav.exe is a Beijing Rising Technology Co., Ltd.\r belonging to Rising AntiVirus 2008\r from Beijing Rising Technology Co., Ltd.
If this is current and updating, you will need to remove left over entries from Norton and Avira:
Please download the Norton Removal Toolhttp://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039 and save to your desktop.
Boot into Safe Mode
- Restart your computer and start pressing the F8 key on your keyboard.
- Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.
Double-click on the Norton Removal Tool and Run.
When finished, remove Avira:
To uninstall Avira:
- Start> Settings> Control Panel> Add or Remove Programs (Windows 2000/ XP) or Start - Control Panel - Uninstall a program (Windows Vista / 7)
- Wait for the list of installed programs to load, then click the name of the Avira program.
- Click Remove next to the program's name (Windows 2000 / XP) or in the menu above the list (Windows Vista / 7).
- Press Yes, to confirm the removal and then OK.
- . Click Next until Finish. The software is removed.
Two programs are out of date and present additional vulnerabilities. Please update both now:
- Visit this Adobe Reader site often and make sure you have the most current update. Uninstall any earlier updates as they are vulnerabilities.
- Check this site often.Java Updates Stay current as most updates are for security. Uninstall any earlier versions in Add/Remove Programs.
P2P or 'file sharing: P2P Warning:
I notice that you are using
Limewire
Note: Even if you are using a "safe" P2P program, it is only the program that is safe. I suggest that you uninstall
Limewire for the following reasons:
- As long as you are using file sharing networks and programs which are from sources that are not documented, you cannot verity that a download is legitimate.
- Malware writers use these program to include malicious content.
- Fie sharing is usually unmonitored and there is a danger that your private files might be accessed.
- The 'sharing' also includes malware that the shared system has on it.
- Files that are illegal can be spread through file sharing.
Please read the information on
P2P Warning to help you better understand these dangers.
When you have finished the housekeeping:
Please download ComboFix
HERE:
- With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
- Please disable all security programs, such as antiviruses, antispywares, and firewalls. Also disable your internet connection.
- Run Combo-Fix.exe and follow the prompts.
(Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later.)
- Wait for the scan to be completed.
- If it requires a reboot, please do it.
• After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt)
Notes:
1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Please attach the report to your next reply.
Rescan with HijackThis and
paste log into next reply.
You are also at great risk having so many Active X processes running (016) You have uploaders for almost everything on the internet running.