This topic is locked
i scaned with hijack this and here is my log..
O3 - Toolbar: stfngdvw - {CE27F2E4-ED57-4453-8997-27C9E6F49AD9} - C:\WINDOWS\stfngdvw.dll
O3 - Toolbar: vnbptxlf - {3AB99368-48AF-4A01-B845-2904204948B5} - C:\WINDOWS\vnbptxlf.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [jdgf894jrghoiiskd] C:\DOCUME~1\Owner\LOCALS~1\Temp\winlogan.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [updreg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1645.exe 61A847B5BBF72813349F3D466188719AB689201522886B092CBD44BD8689220221DD325762EA4EBF
968951185EFC412806867680AEDE604D64C2661373FF15E6DCD66A47
O4 - HKLM\..\Run: [quicktime task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [nvmediacenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [kernelfaultcheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [indexsearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ctxfireg] CTxfiReg.exe
O4 - HKLM\..\Run: [ybrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [0455b9ed] rundll32.exe "C:\WINDOWS\system32\iubhkovs.dll",b
O4 - HKLM\..\Run: [ntuser] C:\WINDOWS\system32\drivers\svchost.exe
O4 - HKLM\..\Run: [BM07668a71] Rundll32.exe "C:\WINDOWS\system32\hxqwioui.dll",s
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunServices: [Microsoft Updates] wkssvrs.exe
O4 - HKCU\..\Run: [microsoft works update detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [jwiqmvdl] C:\WINDOWS\system32\mrofqbqf.exe
O4 - HKCU\..\Run: [jnskdfmf9eldfd] C:\DOCUME~1\Owner\LOCALS~1\Temp\csrssc.exe
O4 - HKCU\..\Run: [jdgf894jrghoiiskd] C:\DOCUME~1\Owner\LOCALS~1\Temp\winlogan.exe
O4 - HKCU\..\Run: [aip] C:\WINDOWS\aip.exe
O4 - HKCU\..\Run: [ntuser] C:\WINDOWS\system32\drivers\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [Zj48TX8VTP] C:\Documents and Settings\All Users\Application Data\huhqjazw\hafivgdk.exe
O4 - HKUS\.DEFAULT\..\Run: [Microsoft Updates] wkssvr.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [Spyware Doctor] (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [ntuser] C:\WINDOWS\system32\drivers\svchost.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [autoload] C:\Documents and Settings\LocalService\Local Settings\Application Data\windowsupdate.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [Jnskdfmf9eldfd] C:\WINDOWS\TEMP\csrssc.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [xrtocrmp] C:\WINDOWS\system32\gtkjchoj.exe (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.co.../sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.co...iaSmartScan.cab
O21 - SSODL: AlrtService - {6881b700-7bca-4c7c-8b9a-a81b8c878862} - C:\WINDOWS\Installer\{6881b700-7bca-4c7c-8b9a-a81b8c878862}\AlrtService.dll
O21 - SSODL: RamRam - {a95810c3-0735-45b6-a15d-a1c161f5c81b} - C:\WINDOWS\Installer\{a95810c3-0735-45b6-a15d-a1c161f5c81b}\RamRam.dll
O21 - SSODL: sxfnewqb - {1C556045-7C30-4E3D-BF1D-C2B05D1449C3} - C:\WINDOWS\sxfnewqb.dll
O21 - SSODL: RomSetup - {dc2ad0dd-1e54-48c3-8c22-09ec3f5cc80e} - C:\WINDOWS\Resources\RomSetup.dll
O21 - SSODL: zip - {be64ee06-8d80-42ea-b9e3-0efb5c62ed63} - C:\WINDOWS\Installer\{be64ee06-8d80-42ea-b9e3-0efb5c62ed63}\zip.dll
O22 - SharedTaskScheduler: jhsf8d984jief8dsfus98jkefn - {C5AF49A2-94F3-42BD-F434-2604812C897D} - C:\WINDOWS\system32\jfiehayd.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Task Scheduler (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\svchost.exe
O23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS\System32\WFXSVC.EXE
if someone can help me out here that would be appreciated.
thanks
Edited by whitewlf930, 15 April 2008 - 08:37 AM.
Sign In
Create Account
