One thing that happens is when the computer starts up. About 4 to 5 pop ups come up with
the similar message of an error trying to run something.
Heres a hijackthis log-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:00:48 PM, on 1/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rhrc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O2 - BHO: (no name) - {018DB482-7B62-5DE0-1486-552755FCBF9C} - C:\WINDOWS\system32\ynpbwq.dll (file missing)
O2 - BHO: (no name) - {08DDB645-7DF4-587A-D7BA-56A70D5DE299} - C:\WINDOWS\system32\nakfe.dll (file missing)
O2 - BHO: (no name) - {09BB20EC-B258-C3DF-2C25-CFCE6BBFBB99} - C:\WINDOWS\System32\adfre.dll (file missing)
O2 - BHO: (no name) - {0BBD75E8-B658-C389-2C25-CFCE6BBEEACB} - C:\WINDOWS\System32\vsdq.dll (file missing)
O2 - BHO: (no name) - {0DDBB783-7C33-04B6-1486-552755FCBFCD} - C:\WINDOWS\system32\sdgkurr.dll (file missing)
O2 - BHO: (no name) - {1060F535-32D3-4257-A7DD-1043B364F699} - C:\WINDOWS\system32\ngw.dll (file missing)
O2 - BHO: (no name) - {17E7AD32-63D1-4C01-A33D-1EE338EFADCF} - C:\WINDOWS\system32\wqsyo.dll (file missing)
O2 - BHO: (no name) - {30A3A947-38F8-1D7E-88AF-1763716FD599} - C:\WINDOWS\system32\noxy.dll (file missing)
O2 - BHO: (no name) - {30DC7C60-BD85-9459-A03D-9E2B55CF8AC9} - C:\WINDOWS\system32\gpme.dll (file missing)
O2 - BHO: (no name) - {32DB1653-D2E1-F36A-C55B-F8CD5A6D82CF} - C:\WINDOWS\system32\gfafnr.dll (file missing)
O2 - BHO: (no name) - {336D1D8A-D76B-A2EE-1A66-FB8DBE22829E} - C:\WINDOWS\system32\ujxym.dll (file missing)
O2 - BHO: (no name) - {389E0C71-96C0-E017-E449-B919160F839C} - C:\WINDOWS\System32\zytszbn.dll (file missing)
O2 - BHO: (no name) - {391a72a1-108d-435a-875e-5b9048e11657} - C:\WINDOWS\system32\bxdo.dll
O2 - BHO: (no name) - {3DEBBBE3-700F-03D0-7710-0CB26D6A84C5} - C:\WINDOWS\system32\wvbu.dll (file missing)
O2 - BHO: (no name) - {3EB9BEE2-2100-0582-7710-0CB26D6A84C5} - C:\WINDOWS\system32\iyvaeiv.dll (file missing)
O2 - BHO: (no name) - {40B2AF36-60D1-4607-A33D-1EE338EEFBCE} - C:\WINDOWS\system32\tfqrmno.dll (file missing)
O2 - BHO: (no name) - {440F325C-FBE5-8A6A-C1DB-808ADFA5F3C4} - C:\WINDOWS\System32\hhjfepx.dll (file missing)
O2 - BHO: (no name) - {489719DA-856D-A5B7-1906-AD58137FF29A} - C:\WINDOWS\system32\jtoa.dll (file missing)
O2 - BHO: (no name) - {4C966D50-F2E1-8536-CC1B-DCEF490AA09B} - C:\WINDOWS\System32\bdechfv.dll (file missing)
O2 - BHO: (no name) - {5343B90C-71EF-5533-C33B-5E0796A0BBC0} - C:\WINDOWS\system32\vdsuj.dll (file missing)
O2 - BHO: (no name) - {58AD42F9-DA4D-F39A-6FF1-F2AD7C7FB7C1} - C:\WINDOWS\system32\vxvkhbe.dll (file missing)
O2 - BHO: (no name) - {5D5D9065-56D0-7A07-A19D-74D58A72B1CA} - C:\WINDOWS\system32\nnly.dll (file missing)
O2 - BHO: (no name) - {653910DB-D364-F5BF-1A66-FB8DBE2283C4} - C:\WINDOWS\system32\wuyhazj.dll (file missing)
O2 - BHO: (no name) - {666F1C8E-803E-F1EC-1A66-FB8DBE228399} - C:\WINDOWS\system32\klgiusg.dll (file missing)
O2 - BHO: (no name) - {6CC36C15-A2F6-D17C-852F-DF7F101886CA} - C:\WINDOWS\System32\tsip.dll (file missing)
O2 - BHO: (no name) - {80C0F530-3ED1-1E00-F288-151346DB6E90} - C:\WINDOWS\system32\brad.dll (file missing)
O2 - BHO: (no name) - {82AFC98F-026D-21E6-1C26-2FF078C96E97} - C:\WINDOWS\system32\vceiu.dll (file missing)
O2 - BHO: (no name) - {8497A663-69DB-4F02-F288-151346DA3AC3} - C:\WINDOWS\system32\winyi.dll (file missing)
O2 - BHO: (no name) - {87FA9A8F-5739-2FE5-1C26-2FF078C96DC1} - C:\WINDOWS\system32\opestyqx.dll (file missing)
O2 - BHO: (no name) - {91CA3F3F-A089-D55A-FC48-89EA19EB2498} - C:\WINDOWS\system32\poch.dll (file missing)
O2 - BHO: (no name) - {999124F8-BF4A-C1CA-3CF4-927B408879C2} - C:\WINDOWS\System32\ocl.dll (file missing)
O2 - BHO: (no name) - {9C137440-BEAB-C922-D17A-CA3EC4247397} - C:\WINDOWS\System32\szkzx.dll (file missing)
O2 - BHO: (no name) - {A37C6440-A5A4-8E76-D09A-D40FA7931991} - C:\WINDOWS\System32\jdm.dll (file missing)
O2 - BHO: (no name) - {ABE26C86-A969-8EEE-1C86-855A623E47CB} - C:\WINDOWS\System32\thu.dll (file missing)
O2 - BHO: (no name) - {B0697F1A-E8FE-C72B-F1A9-B0DECBB70EC8} - C:\WINDOWS\system32\rkk.dll (file missing)
O2 - BHO: (no name) - {C3108EB2-430A-35D3-2265-6B7490D479C2} - C:\WINDOWS\system32\busbpxlh.dll (file missing)
O2 - BHO: (no name) - {CD49B6DC-7863-5EBE-1D86-05E2997773C4} - C:\WINDOWS\system32\yebaxa.dll (file missing)
O2 - BHO: (no name) - {DD0537FD-FE1A-82C1-3254-D83F847637C0} - C:\WINDOWS\System32\scmird.dll (file missing)
O2 - BHO: (no name) - {E012E019-7CF8-5078-D9DA-5017C68508C4} - C:\WINDOWS\system32\tizw.dll (file missing)
O2 - BHO: (no name) - {E53E7D1E-B9AA-C121-F1A9-B0DECBB70FCA} - C:\WINDOWS\system32\hci.dll (file missing)
O2 - BHO: (no name) - {E7656B20-A0C5-D146-B51C-8C7AE0E30E90} - C:\WINDOWS\system32\rzooxpfq.dll (file missing)
O2 - BHO: (no name) - {E76E7917-B4AC-9420-F1A9-B0DECBB709C8} - C:\WINDOWS\system32\orfvjgb.dll (file missing)
O2 - BHO: (no name) - {E8DECCAB-5B49-23CE-6B91-24800F3E04C3} - C:\WINDOWS\system32\ctome.dll (file missing)
O2 - BHO: (no name) - {EB72754B-BAFE-9F7F-89AF-97ABAC74509B} - C:\WINDOWS\system32\qbaism.dll (file missing)
O2 - BHO: (no name) - {F949E9D2-7C63-59B0-13A6-07F2C80413C5} - C:\WINDOWS\system32\irvsfo.dll (file missing)
O2 - BHO: (no name) - {FA7A3C08-A2BE-8268-CB3B-8EBAAD3447C2} - C:\WINDOWS\system32\cqxybnhp.dll (file missing)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Yunguyo.exe] C:\WINDOWS\System32\Yunguyo.exe
O4 - HKLM\..\Run: [test3] C:\WINDOWS\System32\test3.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [VBouncer] C:\PROGRA~1\VBOUNCER\VirtualBouncer.exe
O4 - HKLM\..\Run: [u3ri4ko5] C:\Program Files\u3ri4ko5\u3ri4ko5.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [TBPS] C:\PROGRA~1\Toolbar\TBPS.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [Smapp] Smtray.exe
O4 - HKLM\..\Run: [salm] c:\program files\180searchassistant\salm.exe
O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [OSS] c:\windows\system32\ossproxy.exe -boot
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [MediaGateway.exe] C:\WINDOWS\System32\MediaGateway.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min
O4 - HKLM\..\Run: [CreateCD50] C:\PROGRA~1\COMMON~1\ADAPTE~1\CreateCD\CREATE~1.EXE -r
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\bxxs5.dll,DllRun
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [AUNPS2] RUNDLL32 AUNPS2.DLL,_Run@16
O4 - HKLM\..\Run: [AltPayments] "C:\Program Files\AltPayments\AltPayments.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.EXE 1
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Spyware Begone] c:\freescan\freescan.exe -FastScan
O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner\RegClean.exe"
O4 - HKCU\..\Run: [PrivacyScanner] C:\Program Files\Privacy Champion\pscan.exe
O4 - HKCU\..\Run: [MyDailyHoroscope] C:\PROGRA~1\MYDAIL~1\MYDAIL~1.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [eZWO] C:\PROGRA~1\Web Offer\wo.exe
O4 - HKCU\..\Run: [eZmmod] C:\PROGRA~1\ezula\mmod.exe
O4 - HKCU\..\Run: [Eruo] "C:\Program Files\ebre\rhrc.exe" -vt rbnd
O4 - HKCU\..\Run: [CMSystem] "C:\Program Files\CMSystem\CMSystem.exe"
O4 - HKCU\..\Run: [CMAPP] "C:\Program Files\CMAPP\Client\cmappclient.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: ihl.exe
O4 - Startup: AdDestroyer.lnk = C:\Program Files\AdDestroyer\AdDestroyer.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: 4Google2.lnk = C:\Program Files\4Google2\4google2.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Search - http://edits.mywebse...html?p=ZNfox000
O8 - Extra context menu item: &플래쉬겟으로 모두 받기 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &플래쉬겟으로 받기 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewid...oOnlineScan.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1127436662072
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1127436645478
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload....GPlugin9USA.cab
O20 - AppInit_DLLs: c:\windows\system32\winlogon.dll ping.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\System32\npkcsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O24 - Desktop Component 0: (no name) - http://us.i1.yimg.co...lue/shd_r_1.gif
O24 - Desktop Component 1: (no name) - http://perso.wanadoo...a_Naruto_43.jpg
--
End of file - 16040 bytes
thanks for any help
Sign In
Create Account
