Jdub Posted January 1, 2009 ID:43952 Share Posted January 1, 2009 As you can see, there are a couple of more problems that just the above .dll. I've noticed that Mal only recognizes the ones running under HKUS and doesn't seem to see the others. I can remove all the files with Hijack, but of course they regenerate immediately. Any help would be greatly appreciated. Also, is there a reason by Mal makes it so difficult to contact them?R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankO2 - BHO: (no name) - {1972b45b-9bf0-4e15-9965-c7f8c36f4d33} - C:\WINDOWS\system32\popujubi.dll (file missing)O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXEO4 - HKLM\..\Run: [tejiyunese] Rundll32.exe "C:\WINDOWS\system32\nefavega.dll",sO4 - HKUS\S-1-5-19\..\Run: [tejiyunese] Rundll32.exe "C:\WINDOWS\system32\nefavega.dll",s (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [tejiyunese] Rundll32.exe "C:\WINDOWS\system32\nefavega.dll",s (User 'NETWORK SERVICE')O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dllO20 - AppInit_DLLs: C:\WINDOWS\system32\kefuguhi.dll,C:\WINDOWS\system32\jiremeye.dllO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dllO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exeO23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe Link to post Share on other sites More sharing options...
sjb007 Posted January 2, 2009 ID:44228 Share Posted January 2, 2009 Hi there JdubYour logs are incomplete....Please follow the instructions as set out here, once done reply back with the resulting logs so we can continue cleansing the system -> Pre- HJT Post Instructions Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 4, 2009 Root Admin ID:44714 Share Posted January 4, 2009 Please provide feedback on this post otherwise we'll close the post, thanks Link to post Share on other sites More sharing options...
Recommended Posts