Mobile Technologies Web Technologies Digital Marketing Creative Design Career Talk Medical General Tech Interviews Internet Of Things

Embark on a journey of knowledge! Take the quiz and earn valuable credits.

Take A Quiz

Challenge yourself and boost your learning! Start the quiz now to earn credits.

Take A Quiz

Unlock your potential! Begin the quiz, answer questions, and accumulate credits along the way.

Take A Quiz

Popular Categories

All
Interview Questions
QuestionBank
Quantitative Aptitude
Engineering
Govt Exams
Digital Marketing
Management
Interviews

Solve : Viruses preventing internet access?

SOFTWARE Computer viruses and spyware in Software . 3 years ago

  0   0   0   0   0 tuteeHUB earn credit +10 pts
5 Star Rating 1 Rating

I recently started using a laptop that had not accessed the internet for a number of years and now have multiple viruses and malware.

I am unable to access the internet.

I followed your very useful guide and ran all off the programmes that you recommended although I was not able to verify version of Java.

However here are 3 logs that you asked for.

I hope that you can help

Many thanks

Logfile of Trend MICRO HijackThis v2.0.2
Scan saved at 13:46:34, on 29/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\PowerPanel\Program\PcfMgr.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Trend Micro\HijackThis\sniper.exe.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.sony-europe.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.sony-europe.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\SWG.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Winamp Agent] C:\WINDOWS\System32\winamp.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Internet Security Service] msq23.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Tjii321] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\fjidg.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [XP HOT Rebild] Win15763.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Windows Service Agent] msngear.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [XP HOT Rebild] Win15763.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [XP HOT Rebild] Win15763.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PowerPanel.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - RES://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/
O15 - Trusted Zone: *.Sony-europe.com
O15 - Trusted Zone: *.Sonystyle-europe.com
O15 - Trusted Zone: *.Vaio-link.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NET Service - Unknown owner - C:\WINDOWS\wmssvc.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 6648 bytes

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

29/10/2009 13:24:22
mbam-log-2009-10-29 (13-24-22).txt

Scan type: Quick Scan
Objects scanned: 91082
TIME elapsed: 15 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 153
Registry Values Infected: 16
Registry Data Items Infected: 3
Folders Infected: 1
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{0026a548-2a19-e8a0-b03e-b8692a75086e} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4014c362-2da7-40f3-1c21-53e8844cd087} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{494feb7f-6626-1241-41d8-59e22db24fc2} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4a167404-9a8f-6684-ef47-19fb5bd943ef} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4aa4deb6-f141-b724-8bcf-4995a82419f6} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4f2d630b-cd4c-1206-edf4-4ed3900b1398} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{52287b95-3257-ccf7-3b86-b73978b045a2} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{54e27eda-9b99-0e27-7246-db3cdd577165} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{555b79e9-da80-976e-4918-fe9c20d88a6f} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{575e02ab-d638-2559-43ab-60df97b0d256} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5be00a73-5a3e-77a2-c459-9289e7ffbb15} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{62e182ee-072e-85df-552c-319b98b64e6c} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6eaf3580-b150-6d5f-d7bb-cc0ec951a6cf} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{71ad80f1-0996-b6ac-8140-3e7ee8b8e5dd} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{78138571-f4a5-1948-2df6-7e7eb47a2658} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{796977ed-d431-7ff4-f3cb-2abebc687630} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7d708fbb-fdad-d4ed-7b5a-fe8d0ffa7493} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83ea0f26-e3a8-f644-2e66-1bec818fd94b} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83f033b6-3e4f-b858-069e-1dea757a732d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84485e16-b0ee-b618-6d56-157a7afc754c} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{007196c5-0dd4-0764-f61e-200f74eee57c} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a77f45-682b-8de9-9e19-e2c9f51d8388} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{03f7ef8a-104d-1443-9f1b-069899745744} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{06f57557-ab6c-8a55-4922-73547511b8d2} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0737e842-2bbe-ee74-78d8-d848bdf721c1} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0a82e0cd-c707-c66f-56d8-bfeeec72b3ff} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0bd9d438-2b62-1078-724b-e27ebd7f7a8f} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{101e4c4f-a301-ad71-148e-584f7618a0ac} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{18a58aed-3730-309f-8879-665f0274dea3} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1bb5d22a-38e3-3cdd-6fc2-017e4b687843} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1c64f2c7-c016-2c06-7a72-aed0431edcd1} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1fcb9023-a1d4-188c-5ae1-f34b8e87832b} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20d10bf1-3113-e7b7-0a47-a5b469034db2} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{26a2097d-fe7e-31e3-eb0d-b476cc974da8} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b74af48-6a85-7222-6651-ebbae148c5b3} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2bbbb93e-c8e8-c1ee-093f-ea211a62b27b} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2c7a5774-0575-3c1c-1789-b8c3e1cd9dde} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2c8e43e7-2fba-9397-cc7a-e85829069bc6} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2ef89262-692c-51d0-cd84-c415d73f84eb} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{308e81ed-7218-8209-0b65-409e8a527503} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3246bb5c-f56c-50ce-9dc1-4568a444bf1f} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35400ed6-5cb6-5fb6-f0b9-af184fd63763} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3676c97e-85f8-4fe1-4ff3-5761ebcb649d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{37fa2744-03c3-5eaa-90c6-d685e5878db2} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3b050b5f-44dd-d258-faa3-6ad723dde51d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3c0749de-9d0d-1b9a-52e6-2c347fdd15a9} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4222e084-9879-6354-96e0-20c15acdc125} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{49bc4b7d-a77b-dcf4-c29b-8f5040d7c9a5} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4c80fdd5-398a-c978-c78b-16a1293dd4de} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4d9b3ad6-f9c1-0739-3a6e-3d55d45a69e3} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5064a943-ef53-7aca-9c6f-789e5941e345} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{541c14fc-a3aa-c18e-dbf1-600a7fa7940b} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5820f447-ef2b-74e0-e561-3a3ca71075cb} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5b228e8b-e361-d45f-80a9-90e145c6c2d7} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5ced4913-56fe-6e51-1317-1e58d66e1241} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5d55721c-cee0-48e2-fd94-8bdf511364b1} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5df14f9d-6ed4-da4a-49a4-40f085a9bb86} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{60f07540-55bc-ac34-166a-67b6fa4dd197} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6455a07b-5629-2d89-9412-b3a2dd705bde} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6756a72c-5fd9-3e32-6951-6704aef8dd60} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{68342826-c702-235f-df6b-edbd264885ab} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{68905909-f475-dd43-8fe8-914e341aefd6} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6a546779-bfd6-74a9-cb09-cf82cd486f69} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6b4fb954-58b2-e021-8ce4-02b6166ff436} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6c3ec276-e5ab-b2f5-9ff2-dc2ea9780271} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6cc6ddd2-220b-8f89-077a-058ce7a629e7} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6d6ec02c-6636-9df9-b412-c5bef8504f38} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{717b6b22-f136-7aeb-2a9c-c75beaaeaf04} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7364e5e6-0af3-c425-05b1-95e8c0eaa106} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{73bc1c09-7b64-bf93-ccaa-03c17312cd1a} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{75175df7-ef56-52a0-8766-55465e7173e2} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{75dd56ad-165b-691c-92c1-76e7dfe84602} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{76126225-3758-4fe5-19e1-0942b74619ef} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7d2e936c-285c-5a66-3fe8-b76b480783c6} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{80314aca-04e4-b2f8-6bb3-7d4a764f3c5f} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{82fc74de-cca4-17f1-fa1e-760dc404a317} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83b5d292-a22f-1b4a-d7f2-07b54755fff0} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8472f7ab-e15f-6e7a-d99b-11c50742533c} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8b6b6af7-467c-32f0-1c1f-cf0ab649d65e} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8bf6f24d-2c3c-d83a-e9ae-ec1c4f01daee} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ce16525-b646-eee9-9681-39d46032b080} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8fbe6833-4b81-d3d0-bd98-7b192c046cc5} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{917c9db7-a28b-cb00-adaf-6908c65b70ad} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{91fb423f-5099-7870-a17c-a31006b70863} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{920d60b8-bb03-71f7-3edf-e3410301f4e0} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9238d60c-a78b-0639-7e0d-921aa5100090} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{924e3d0d-2679-ef9b-71b4-113a38f4b786} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{92c756df-e46f-0ce9-9fc2-b05bcac48d54} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{947195ed-fe5b-e80b-bbd1-00fbdb017f03} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9615ef71-014f-8973-b235-6bb870093e0e} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{96186c85-0e8a-d7d6-b8ce-58925a368a34} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9639a854-6a08-a929-ea74-6658559553e1} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{96b5c05d-0a64-92d1-38dc-46a95c6a77b6} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{983cb576-f105-8bc6-0db8-f2c0dd84beed} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{99e96e31-813c-416a-b501-37dcd14c1253} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9b995423-493c-874a-b498-af856be7a7b2} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9c8c2a58-0fad-af7c-cdb7-4cdc59e8e5a3} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9e929e0c-fd56-322e-be5e-49024fc954a7} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9eebbedb-d9b2-5cea-1b37-c835ee0ca7f2} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a18ce63e-6c47-00a5-8688-927b7eb5e2b5} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a1c155bc-81b7-7e44-b517-235d34bd11e6} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a1eb21b0-93cb-6a56-c7f3-d8bac1c6d9e4} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a2f6940d-2e6a-c73b-077d-01a6fdd1a521} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a414ebbb-bf4e-ffc8-f54b-c8c3f10a23df} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a444da5e-8020-74a6-f83a-e1d4431f9c12} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a56129f2-22a9-26de-9d0f-9ffe9585f22b} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a572761a-8c09-6f81-8a7d-33a5fee989b9} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a783a33d-30b6-c96d-115c-30bfa0b79cbc} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{addf57d7-6c02-b77d-9604-a850006b4601} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{afa58b0d-4c3d-e90b-cf64-00ce780ba5ba} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b2c11550-352d-2588-2b00-55b92a5ae1a2} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b467c6cb-1f46-9988-ccde-83fd25de8439} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b4a25a27-47a8-fd48-fce0-12dbcd6aebf3} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bc0a87f3-9cd1-9f24-fe1e-b5a1f17cdcb9} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{be85b5d4-67b1-3948-ca69-c91bd476994b} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c039a8ae-771a-2609-abe9-6ff57a8e39b3} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c1c97595-b998-b9a8-eeba-a15a7b78460f} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c4c08c4b-ad9b-37b1-8f3f-ad38323512c3} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c57c74a9-abb0-e9f3-8c85-ddd33cad0cc8} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c63463b7-3e71-3e14-49fb-17c35c7dfe07} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c90c53c1-6e23-3684-a3d6-61b8f8daf4e4} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ca776317-17bb-7877-01fa-d15cfee0c200} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cc64b45d-d6fc-76b2-d06f-cef1ad314b4d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cccb4f66-1595-c87f-4318-95e99ecc105a} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cd201855-6c54-fcc8-84e8-f1b657d49d38} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d2498b94-25f7-a0bb-f8cd-f0f9ff4dfdc3} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d6189896-ad1c-e3b2-afe6-4b692e91b20f} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d72366d6-ca69-61dd-540c-aca7b20fa09a} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d8583457-f929-f1b1-f466-b04b4de7b055} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{deda84e9-967e-0e2e-ade2-fdbfbd314aab} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e24dd253-11ff-70cb-86ac-3b55bdc76f9c} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e3a921e8-e1f6-b9be-6302-bae80924fce7} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e3fb3d9b-a958-33c1-23b9-c8414ec3d98d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e52fa195-5a6f-2177-f3bd-b37d3644acc2} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e59d9298-124d-2169-bc13-ea9ed9a48dc0} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e6c4d142-adfb-1690-e3b7-17999ebda1fa} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e81e3309-bdd5-bc2f-852a-715db42797f9} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e995a142-7914-3fe8-d60b-ad05b1ee5efc} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ea871865-08d6-d09d-46fd-1f353eb479fc} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{eb14f04f-488b-81f4-9203-a1a7c1eae661} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ede6231f-aaa4-ff23-82a0-3d3059ce3d55} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{effb84cb-2818-00ba-cef5-914848b920ae} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f059511f-ed8f-4e6d-1ca0-71d619afb174} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f148a717-4004-f18a-39bf-324236ea4566} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f3d1f763-6168-a4aa-ae26-04f83b3404b0} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f47cf54f-845e-6ca5-3c6b-ee10c17d4ad5} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f59b9001-7b62-fc18-c39a-959985d05ed7} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f699592f-1b83-75da-afef-3f2e360fbe28} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f78fd0b0-9278-dac5-18a8-abcd9b80b615} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f81fab34-f8b8-bd27-049c-5fbb17c7926a} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f83557ed-5fd1-739a-99ec-11ba129bf0ce} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f9c5784c-c3b6-dd55-1c3f-f4ae48481fe8} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSWindows (Worm.Allaple) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\12cfg515-k641-55sf-n66p (Worm.AutoRun) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tjii321 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Internet Security Service (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Service Agent (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\XP HOT Rebild (Backdoor.IRCBot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Internet Security Service (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Local Security Authority Service (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Logon Application (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Network Firewall (Trojan.Proxy) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Service Agent (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\XP HOT Rebild (Backdoor.IRCBot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\Internet Security Service (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\Windows Service Agent (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\XP HOT Rebild (Backdoor.IRCBot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\WaitToKillServiceT (Malware.Trace) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556 (TrojanProxy.Slenugga) -> Quarantined and deleted successfully.

Files Infected:
C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556\Desktop.ini (TrojanProxy.Slenugga) -> Quarantined and deleted successfully.
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/29/2009 at 12:34 PM

Application Version : 4.29.1004

Core RULES Database Version : 4162
Trace Rules Database Version: 1978

Scan type : Complete Scan
Total Scan Time : 01:45:56

Memory items scanned : 446
Memory threats detected : 0
Registry items scanned : 6793
Registry threats detected : 1
File items scanned : 30415
File threats detected : 2

Trojan.SpooISV
HKLM\Software\Microsoft\Windows\CurrentVersion\Run#Spooler SubSystem App [ C:\WINDOWS\System32\spooIsv.exe ]

Trojan.Agent/Gen-IRCBot
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1FB459EE-1793-4DBE-AB65-8261B67D74B9}\RP241\A0034712.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1FB459EE-1793-4DBE-AB65-8261B67D74B9}\RP241\A0034752.EXE
re-run the malware and post a clean logMalwarebytes' Anti-Malware (MBAM)

If you already have Malwarebytes be sure to check for updates before scanning!
You are running an older version. The newest one should be database 3070
Thank you for the responses.

Unfortuna\tely, because I cannot access the internet I am unable to download updates to the 2 software packages.

I have run both again, plus HiJack This and the 3 log files are below.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/01/2009 at 02:12 PM

Application Version : 4.29.1004

Core Rules Database Version : 4162
Trace Rules Database Version: 1978

Scan type : Quick Scan
Total Scan Time : 01:04:22

Memory items scanned : 405
Memory threats detected : 0
Registry items scanned : 387
Registry threats detected : 0
File items scanned : 8404
File threats detected : 0

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

01/11/2009 16:54:48
mbam-log-2009-11-01 (16-54-48).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 217638
Time elapsed: 3 hour(s), 4 minute(s), 24 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\System Volume Information\_restore{1FB459EE-1793-4DBE-AB65-8261B67D74B9}\RP241\A0034685.exe (Backdoor.Rbot) -> Quarantined and deleted successfully.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:56:50, on 01/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Orange Mobile Partner\Orange Mobile Partner.exe
C:\Program Files\PowerPanel\Program\PcfMgr.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Trend Micro\HijackThis\sniper.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.sony-europe.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.sony-europe.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\C-Major Audio\stacmon.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Winamp Agent] C:\WINDOWS\System32\winamp.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Internet Security Service] msq23.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Tjii321] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\fjidg.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [XP HOT Rebild] Win15763.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Windows Service Agent] msngear.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [XP HOT Rebild] Win15763.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [XP HOT Rebild] Win15763.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PowerPanel.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/
O15 - Trusted Zone: *.Sony-europe.com
O15 - Trusted Zone: *.Sonystyle-europe.com
O15 - Trusted Zone: *.Vaio-link.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NET Service - Unknown owner - C:\WINDOWS\wmssvc.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

--
End of file - 6040 bytes

Previous Next

Posted on 18 May 2022, this text provides information on SOFTWARE related to Computer viruses and spyware in Software. Please note that while accuracy is prioritized, the data presented might not be entirely correct or up-to-date. This information is offered for general knowledge and informational purposes only, and should not be considered as a substitute for professional advice.

Take Quiz To Earn Credits!

Turn Your Knowledge into Earnings.

tuteehub_quiz

Tuteehub forum answer Answers

Post Answer

No matter what stage you're at in your education or career, TuteeHub will help you reach the next level that you're aiming for. Simply,Choose a subject/topic and get started in self-paced practice sessions to improve your knowledge and scores.

Explore Other Libraries

Blogs Tutorials Question Bank Feeds Careernews