Solve : Viruses preventing internet access? – InterviewSolution

InterviewSolution

1.	Solve : Viruses preventing internet access?
Answer» I recently started using a laptop that had not accessed the internet for a number of years and now have multiple viruses and malware. I am unable to access the internet. I followed your very useful guide and ran all off the programmes that you recommended although I was not able to verify version of Java. However here are 3 logs that you asked for. I hope that you can help Many thanks Logfile of Trend MICRO HijackThis v2.0.2 Scan saved at 13:46:34, on 29/10/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Program Files\AVG\AVG9\avgam.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Apoint\Apoint.exe C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe C:\WINDOWS\system32\ICO.EXE C:\Program Files\Apoint\Apntex.exe C:\WINDOWS\System32\ezSP_Px.exe C:\Program Files\Sony\HotKey Utility\HKserv.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\PowerPanel\Program\PcfMgr.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Sony\HotKey Utility\HKWnd.exe C:\Program Files\Trend Micro\HijackThis\sniper.exe.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.sony-europe.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.sony-europe.com/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\SWG.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Winamp Agent] C:\WINDOWS\System32\winamp.exe O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Internet Security Service] msq23.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Tjii321] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\fjidg.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [XP HOT Rebild] Win15763.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Windows Service Agent] msngear.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [XP HOT Rebild] Win15763.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [XP HOT Rebild] Win15763.exe (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: PowerPanel.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - RES://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll/cmsidewiki.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/ O15 - Trusted Zone: .Sony-europe.com O15 - Trusted Zone: .Sonystyle-europe.com O15 - Trusted Zone: .Vaio-link.com O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NET Service - Unknown owner - C:\WINDOWS\wmssvc.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe -- End of file - 6648 bytes Malwarebytes' Anti-Malware 1.41 Database version: 2775 Windows 5.1.2600 Service Pack 3 29/10/2009 13:24:22 mbam-log-2009-10-29 (13-24-22).txt Scan type: Quick Scan Objects scanned: 91082 TIME elapsed: 15 minute(s), 41 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 153 Registry Values Infected: 16 Registry Data Items Infected: 3 Folders Infected: 1 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{0026a548-2a19-e8a0-b03e-b8692a75086e} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{4014c362-2da7-40f3-1c21-53e8844cd087} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{494feb7f-6626-1241-41d8-59e22db24fc2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{4a167404-9a8f-6684-ef47-19fb5bd943ef} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{4aa4deb6-f141-b724-8bcf-4995a82419f6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{4f2d630b-cd4c-1206-edf4-4ed3900b1398} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{52287b95-3257-ccf7-3b86-b73978b045a2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{54e27eda-9b99-0e27-7246-db3cdd577165} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{555b79e9-da80-976e-4918-fe9c20d88a6f} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{575e02ab-d638-2559-43ab-60df97b0d256} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5be00a73-5a3e-77a2-c459-9289e7ffbb15} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{62e182ee-072e-85df-552c-319b98b64e6c} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6eaf3580-b150-6d5f-d7bb-cc0ec951a6cf} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{71ad80f1-0996-b6ac-8140-3e7ee8b8e5dd} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{78138571-f4a5-1948-2df6-7e7eb47a2658} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{796977ed-d431-7ff4-f3cb-2abebc687630} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7d708fbb-fdad-d4ed-7b5a-fe8d0ffa7493} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{83ea0f26-e3a8-f644-2e66-1bec818fd94b} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{83f033b6-3e4f-b858-069e-1dea757a732d} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{84485e16-b0ee-b618-6d56-157a7afc754c} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{007196c5-0dd4-0764-f61e-200f74eee57c} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{00a77f45-682b-8de9-9e19-e2c9f51d8388} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{03f7ef8a-104d-1443-9f1b-069899745744} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{06f57557-ab6c-8a55-4922-73547511b8d2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{0737e842-2bbe-ee74-78d8-d848bdf721c1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{0a82e0cd-c707-c66f-56d8-bfeeec72b3ff} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{0bd9d438-2b62-1078-724b-e27ebd7f7a8f} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{101e4c4f-a301-ad71-148e-584f7618a0ac} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{18a58aed-3730-309f-8879-665f0274dea3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1bb5d22a-38e3-3cdd-6fc2-017e4b687843} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1c64f2c7-c016-2c06-7a72-aed0431edcd1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1fcb9023-a1d4-188c-5ae1-f34b8e87832b} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{20d10bf1-3113-e7b7-0a47-a5b469034db2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{26a2097d-fe7e-31e3-eb0d-b476cc974da8} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2b74af48-6a85-7222-6651-ebbae148c5b3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2bbbb93e-c8e8-c1ee-093f-ea211a62b27b} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2c7a5774-0575-3c1c-1789-b8c3e1cd9dde} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2c8e43e7-2fba-9397-cc7a-e85829069bc6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2ef89262-692c-51d0-cd84-c415d73f84eb} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{308e81ed-7218-8209-0b65-409e8a527503} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3246bb5c-f56c-50ce-9dc1-4568a444bf1f} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{35400ed6-5cb6-5fb6-f0b9-af184fd63763} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3676c97e-85f8-4fe1-4ff3-5761ebcb649d} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{37fa2744-03c3-5eaa-90c6-d685e5878db2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3b050b5f-44dd-d258-faa3-6ad723dde51d} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3c0749de-9d0d-1b9a-52e6-2c347fdd15a9} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{4222e084-9879-6354-96e0-20c15acdc125} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{49bc4b7d-a77b-dcf4-c29b-8f5040d7c9a5} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{4c80fdd5-398a-c978-c78b-16a1293dd4de} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{4d9b3ad6-f9c1-0739-3a6e-3d55d45a69e3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5064a943-ef53-7aca-9c6f-789e5941e345} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{541c14fc-a3aa-c18e-dbf1-600a7fa7940b} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5820f447-ef2b-74e0-e561-3a3ca71075cb} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5b228e8b-e361-d45f-80a9-90e145c6c2d7} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5ced4913-56fe-6e51-1317-1e58d66e1241} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5d55721c-cee0-48e2-fd94-8bdf511364b1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5df14f9d-6ed4-da4a-49a4-40f085a9bb86} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{60f07540-55bc-ac34-166a-67b6fa4dd197} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6455a07b-5629-2d89-9412-b3a2dd705bde} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6756a72c-5fd9-3e32-6951-6704aef8dd60} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{68342826-c702-235f-df6b-edbd264885ab} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{68905909-f475-dd43-8fe8-914e341aefd6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6a546779-bfd6-74a9-cb09-cf82cd486f69} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6b4fb954-58b2-e021-8ce4-02b6166ff436} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6c3ec276-e5ab-b2f5-9ff2-dc2ea9780271} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6cc6ddd2-220b-8f89-077a-058ce7a629e7} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6d6ec02c-6636-9df9-b412-c5bef8504f38} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{717b6b22-f136-7aeb-2a9c-c75beaaeaf04} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7364e5e6-0af3-c425-05b1-95e8c0eaa106} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{73bc1c09-7b64-bf93-ccaa-03c17312cd1a} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{75175df7-ef56-52a0-8766-55465e7173e2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{75dd56ad-165b-691c-92c1-76e7dfe84602} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{76126225-3758-4fe5-19e1-0942b74619ef} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7d2e936c-285c-5a66-3fe8-b76b480783c6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{80314aca-04e4-b2f8-6bb3-7d4a764f3c5f} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{82fc74de-cca4-17f1-fa1e-760dc404a317} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{83b5d292-a22f-1b4a-d7f2-07b54755fff0} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8472f7ab-e15f-6e7a-d99b-11c50742533c} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8b6b6af7-467c-32f0-1c1f-cf0ab649d65e} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8bf6f24d-2c3c-d83a-e9ae-ec1c4f01daee} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8ce16525-b646-eee9-9681-39d46032b080} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8fbe6833-4b81-d3d0-bd98-7b192c046cc5} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{917c9db7-a28b-cb00-adaf-6908c65b70ad} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{91fb423f-5099-7870-a17c-a31006b70863} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{920d60b8-bb03-71f7-3edf-e3410301f4e0} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9238d60c-a78b-0639-7e0d-921aa5100090} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{924e3d0d-2679-ef9b-71b4-113a38f4b786} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{92c756df-e46f-0ce9-9fc2-b05bcac48d54} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{947195ed-fe5b-e80b-bbd1-00fbdb017f03} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9615ef71-014f-8973-b235-6bb870093e0e} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{96186c85-0e8a-d7d6-b8ce-58925a368a34} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9639a854-6a08-a929-ea74-6658559553e1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{96b5c05d-0a64-92d1-38dc-46a95c6a77b6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{983cb576-f105-8bc6-0db8-f2c0dd84beed} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{99e96e31-813c-416a-b501-37dcd14c1253} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9b995423-493c-874a-b498-af856be7a7b2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9c8c2a58-0fad-af7c-cdb7-4cdc59e8e5a3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9e929e0c-fd56-322e-be5e-49024fc954a7} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9eebbedb-d9b2-5cea-1b37-c835ee0ca7f2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a18ce63e-6c47-00a5-8688-927b7eb5e2b5} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a1c155bc-81b7-7e44-b517-235d34bd11e6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a1eb21b0-93cb-6a56-c7f3-d8bac1c6d9e4} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a2f6940d-2e6a-c73b-077d-01a6fdd1a521} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a414ebbb-bf4e-ffc8-f54b-c8c3f10a23df} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a444da5e-8020-74a6-f83a-e1d4431f9c12} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a56129f2-22a9-26de-9d0f-9ffe9585f22b} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a572761a-8c09-6f81-8a7d-33a5fee989b9} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a783a33d-30b6-c96d-115c-30bfa0b79cbc} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{addf57d7-6c02-b77d-9604-a850006b4601} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{afa58b0d-4c3d-e90b-cf64-00ce780ba5ba} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{b2c11550-352d-2588-2b00-55b92a5ae1a2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{b467c6cb-1f46-9988-ccde-83fd25de8439} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{b4a25a27-47a8-fd48-fce0-12dbcd6aebf3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{bc0a87f3-9cd1-9f24-fe1e-b5a1f17cdcb9} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{be85b5d4-67b1-3948-ca69-c91bd476994b} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c039a8ae-771a-2609-abe9-6ff57a8e39b3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c1c97595-b998-b9a8-eeba-a15a7b78460f} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c4c08c4b-ad9b-37b1-8f3f-ad38323512c3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c57c74a9-abb0-e9f3-8c85-ddd33cad0cc8} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c63463b7-3e71-3e14-49fb-17c35c7dfe07} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c90c53c1-6e23-3684-a3d6-61b8f8daf4e4} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ca776317-17bb-7877-01fa-d15cfee0c200} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{cc64b45d-d6fc-76b2-d06f-cef1ad314b4d} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{cccb4f66-1595-c87f-4318-95e99ecc105a} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{cd201855-6c54-fcc8-84e8-f1b657d49d38} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d2498b94-25f7-a0bb-f8cd-f0f9ff4dfdc3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d6189896-ad1c-e3b2-afe6-4b692e91b20f} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d72366d6-ca69-61dd-540c-aca7b20fa09a} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d8583457-f929-f1b1-f466-b04b4de7b055} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{deda84e9-967e-0e2e-ade2-fdbfbd314aab} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e24dd253-11ff-70cb-86ac-3b55bdc76f9c} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e3a921e8-e1f6-b9be-6302-bae80924fce7} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e3fb3d9b-a958-33c1-23b9-c8414ec3d98d} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e52fa195-5a6f-2177-f3bd-b37d3644acc2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e59d9298-124d-2169-bc13-ea9ed9a48dc0} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e6c4d142-adfb-1690-e3b7-17999ebda1fa} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e81e3309-bdd5-bc2f-852a-715db42797f9} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e995a142-7914-3fe8-d60b-ad05b1ee5efc} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ea871865-08d6-d09d-46fd-1f353eb479fc} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{eb14f04f-488b-81f4-9203-a1a7c1eae661} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ede6231f-aaa4-ff23-82a0-3d3059ce3d55} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{effb84cb-2818-00ba-cef5-914848b920ae} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f059511f-ed8f-4e6d-1ca0-71d619afb174} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f148a717-4004-f18a-39bf-324236ea4566} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3d1f763-6168-a4aa-ae26-04f83b3404b0} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f47cf54f-845e-6ca5-3c6b-ee10c17d4ad5} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f59b9001-7b62-fc18-c39a-959985d05ed7} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f699592f-1b83-75da-afef-3f2e360fbe28} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f78fd0b0-9278-dac5-18a8-abcd9b80b615} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f81fab34-f8b8-bd27-049c-5fbb17c7926a} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f83557ed-5fd1-739a-99ec-11ba129bf0ce} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f9c5784c-c3b6-dd55-1c3f-f4ae48481fe8} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSWindows (Worm.Allaple) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\12cfg515-k641-55sf-n66p (Worm.AutoRun) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tjii321 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Internet Security Service (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Service Agent (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\XP HOT Rebild (Backdoor.IRCBot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Internet Security Service (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Local Security Authority Service (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Logon Application (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Network Firewall (Trojan.Proxy) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Service Agent (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\XP HOT Rebild (Backdoor.IRCBot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\Internet Security Service (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\Windows Service Agent (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\XP HOT Rebild (Backdoor.IRCBot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\WaitToKillServiceT (Malware.Trace) -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556 (TrojanProxy.Slenugga) -> Quarantined and deleted successfully. Files Infected: C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556\Desktop.ini (TrojanProxy.Slenugga) -> Quarantined and deleted successfully. SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 10/29/2009 at 12:34 PM Application Version : 4.29.1004 Core RULES Database Version : 4162 Trace Rules Database Version: 1978 Scan type : Complete Scan Total Scan Time : 01:45:56 Memory items scanned : 446 Memory threats detected : 0 Registry items scanned : 6793 Registry threats detected : 1 File items scanned : 30415 File threats detected : 2 Trojan.SpooISV HKLM\Software\Microsoft\Windows\CurrentVersion\Run#Spooler SubSystem App [ C:\WINDOWS\System32\spooIsv.exe ] Trojan.Agent/Gen-IRCBot C:\SYSTEM VOLUME INFORMATION\_RESTORE{1FB459EE-1793-4DBE-AB65-8261B67D74B9}\RP241\A0034712.EXE C:\SYSTEM VOLUME INFORMATION\_RESTORE{1FB459EE-1793-4DBE-AB65-8261B67D74B9}\RP241\A0034752.EXE re-run the malware and post a clean logMalwarebytes' Anti-Malware (MBAM) If you already have Malwarebytes be sure to check for updates before scanning! You are running an older version. The newest one should be database 3070 Thank you for the responses. Unfortuna\tely, because I cannot access the internet I am unable to download updates to the 2 software packages. I have run both again, plus HiJack This and the 3 log files are below. SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 11/01/2009 at 02:12 PM Application Version : 4.29.1004 Core Rules Database Version : 4162 Trace Rules Database Version: 1978 Scan type : Quick Scan Total Scan Time : 01:04:22 Memory items scanned : 405 Memory threats detected : 0 Registry items scanned : 387 Registry threats detected : 0 File items scanned : 8404 File threats detected : 0 Malwarebytes' Anti-Malware 1.41 Database version: 2775 Windows 5.1.2600 Service Pack 3 01/11/2009 16:54:48 mbam-log-2009-11-01 (16-54-48).txt Scan type: Full Scan (C:\\|D:\\|) Objects scanned: 217638 Time elapsed: 3 hour(s), 4 minute(s), 24 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\System Volume Information\_restore{1FB459EE-1793-4DBE-AB65-8261B67D74B9}\RP241\A0034685.exe (Backdoor.Rbot) -> Quarantined and deleted successfully. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:56:50, on 01/11/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Apoint\Apoint.exe C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe C:\WINDOWS\system32\ICO.EXE C:\WINDOWS\System32\ezSP_Px.exe C:\Program Files\Sony\HotKey Utility\HKserv.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Sony\HotKey Utility\HKWnd.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Orange Mobile Partner\Orange Mobile Partner.exe C:\Program Files\PowerPanel\Program\PcfMgr.exe C:\Program Files\AVG\AVG9\avgam.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Trend Micro\HijackThis\sniper.exe.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.sony-europe.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.sony-europe.com/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Winamp Agent] C:\WINDOWS\System32\winamp.exe O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Internet Security Service] msq23.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Tjii321] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\fjidg.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [XP HOT Rebild] Win15763.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Windows Service Agent] msngear.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [XP HOT Rebild] Win15763.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [XP HOT Rebild] Win15763.exe (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: PowerPanel.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll/cmsidewiki.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/ O15 - Trusted Zone: .Sony-europe.com O15 - Trusted Zone: .Sonystyle-europe.com O15 - Trusted Zone: .Vaio-link.com O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NET Service - Unknown owner - C:\WINDOWS\wmssvc.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe -- End of file - 6040 bytes

Discussion

No Comment Found

Related InterviewSolutions