Hi Carla and welcome to AO. Awesome thread you started. Enjoy the greenies.
Since I'm pretty new to Hijack This as well, I posted below a few of the things I spotted in your log that either raised huge red flags or I wasn't sure what was - I'd love someone to tell me what these 'mystery calls' are.
Like I said before, I'm new to Hijack This, so don't 'fix' any of these until someone who knows more confirms!!!O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
The (no file) entries raised the red flags, as did the one that's /installquiet. I don't know what nwiz or tfswctrl are though...
Thanks for the input and hope that helps a bit.
[edit] Did a bit of googling and found http://www.neuber.com/taskmanager/process/nwiz.exe.html regarding nwiz.exe - the general consensus was that it belonged to NVidia, and probably isn't malware. The same site told me that tfswctrl.exe wasn't either - at this url http://www.neuber.com/taskmanager/pr...wctrl.exe.html
However these are both forums. I'm still curious if anyone knows for sure.. [/edit]
Reply With Quote