Hello all, I am using a Compaq laptop with Vista.
Today I got a error trying to get online saying globalroot\systemroot\system32\MSIVX (followed by a bunch of letters)/dll is not made to run on windows...
My computer no longer registers my dvd drive, and I get a bunch or Notron popups saying many different things are being blocked...
From searching these forums this is what I understand to do, I have posted the rootrepeal log and the gmer log.
(Both start with large fonts so you can go down to the gmer if it is all that is required)
Please let me know what else I can do to find help for this issue, and thank you very much.
RootRepeal log:
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Time: 2009/07/06 20:23
Program Version: Version 1.3.0.0
Windows Version: Windows Vista SP1
==================================================
Drivers
-------------------
Name: aujasnkj.sys
Image Path: C:\Users\ADMINI~1\AppData\Local\Temp\aujasnkj.sys
Address: 0x9E35E000 Size: 81664 File Visible: No Signed: -
Status: -
Name: dump_atapi.sys
Image Path: C:\Windows\System32\Drivers\dump_atapi.sys
Address: 0x8DFC5000 Size: 32768 File Visible: No Signed: -
Status: -
Name: dump_dumpata.sys
Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys
Address: 0x8DFBA000 Size: 45056 File Visible: No Signed: -
Status: -
Name: hjgruirqykaeam.sys
Image Path: C:\Windows\system32\drivers\hjgruirqykaeam.sys
Address: 0x8C5CF000 Size: 163840 File Visible: - Signed: -
Status: Hidden from Windows API!
Name: MSIVXvjuseetuxvptyivwdwmbroboxnpppmsn.sys
Image Path: C:\Windows\system32\drivers\MSIVXvjuseetuxvptyivwdwmbroboxnpppmsn.sys
Address: 0x8DA0D000 Size: 180224 File Visible: - Signed: -
Status: Hidden from Windows API!
Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0x9E37E000 Size: 49152 File Visible: No Signed: -
Status: -
Stealth Objects
-------------------
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: wininit.exe (PID: 504) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: services.exe (PID: 548) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: lsass.exe (PID: 560) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: lsm.exe (PID: 568) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruittxtwncs.dll]
Process: svchost.exe (PID: 716) Address: 0x003a0000 Size: 57344
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: svchost.exe (PID: 716) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: nvvsvc.exe (PID: 776) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: winlogon.exe (PID: 800) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: svchost.exe (PID: 832) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: svchost.exe (PID: 884) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: WinMgmtR.dll]
Process: svchost.exe (PID: 944) Address: 0x00420000 Size: 8192
Object: Hidden Module [Name: RacAgent.exe]
Process: svchost.exe (PID: 944) Address: 0x00dc0000 Size: 28672
Object: Hidden Module [Name: winlogon.exe]
Process: svchost.exe (PID: 944) Address: 0x02180000 Size: 323584
Object: Hidden Module [Name: winlogon.exe]
Process: svchost.exe (PID: 944) Address: 0x024d0000 Size: 323584
Object: Hidden Module [Name: wevtapi.dll]
Process: svchost.exe (PID: 944) Address: 0x74e80000 Size: 258048
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: svchost.exe (PID: 944) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: ci.dll]
Process: svchost.exe (PID: 944) Address: 0x32f10000 Size: 913408
Object: Hidden Module [Name: adtschema.dll]
Process: svchost.exe (PID: 944) Address: 0x6bb20000 Size: 606208
Object: Hidden Module [Name: WinMgmtR.dll]
Process: svchost.exe (PID: 944) Address: 0x71790000 Size: 8192
Object: Hidden Module [Name: tquery.dll]
Process: svchost.exe (PID: 944) Address: 0x717d0000 Size: 1589248
Object: Hidden Module [Name: schedsvc.dll]
Process: svchost.exe (PID: 944) Address: 0x73000000 Size: 606208
Object: Hidden Module [Name: MpEvMsg.dll]
Process: svchost.exe (PID: 944) Address: 0x74370000 Size: 57344
Object: Hidden Module [Name: profsvc.dll]
Process: svchost.exe (PID: 944) Address: 0x74420000 Size: 163840
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: svchost.exe (PID: 988) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: svchost.exe (PID: 1020) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: SLsvc.exe (PID: 1116) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: svchost.exe (PID: 1160) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: svchost.exe (PID: 1276) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: WLANExt.exe (PID: 1436) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: spoolsv.exe (PID: 1504) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: ccSvcHst.exe (PID: 1576) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: svchost.exe (PID: 1768) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: mDNSResponder.exe (PID: 256) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: LSSrvc.exe (PID: 1252) Address: 0x10000000 Size: 32768
Object: Hidden Module [Name: hjgruicnjicxgf.dll]
Process: svchost.exe (PID: 1908) Address: 0x10000000 Size: 32768