Did you run that log in Safe Mode or have you disabled a bunch of stuff in msconfig?? There is no sign of infection there, how did you determine that you are infected??
There are a couple of things you can try, but more info would be good... If you disabled programs in msconfig, please do a Normal boot and post a fresh log from that.... Meanwhile:
Please download, install, and update the NEW free version of Ewido trojan scanner:
- When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
- When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
- From the main ewido screen, click on update in the left menu, then click the Start update button.
- After the update finishes (the status bar at the bottom will display "Update successful")
- Click on the Scanner button in the left menu, then click on Complete System Scan. This scan can take quite a while to run.
- If ewido finds anything, it will pop up a notification. We have been finding some cases of false positives with the new version of Ewido, so we need to step through the fixes one-by-one. If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, pcAnywhere and the game "Risk" have been flagged), select "none" as the action. DO NOT check "Perform action with all infections". If you are unsure of an entry, select "none" for the time being. I'll see that in the log you will post later and let you know if ewido needs to be run again.
- When the scan finishes, click on "Save Report". This will create a text file. Make sure you know where to find this file again.
Launch Notepad, and copy/paste the box below into a new text file. Save it as Export.bat and save it on your Desktop.
regedit /e HKCURun.txt "HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr entVersion\Run"
regedit /e HKLMRun.txt "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Cur rentVersion\Run"
copy HKLMRun.txt + HKCURun.txt = Output.txt
del /q HKLMRun.txt
del /q HKCURun.txt
del /q Output.txt
Locate Export.bat on your Desktop and double-click on it. This will open Notepad with some text in it. Post that.
Post the HJT log, the Ewido log and the Export.bat log... You will probably need to do that across several posts...