Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help needed - Appreciate


  • This topic is locked This topic is locked
2 replies to this topic

#1 frankpretec

frankpretec

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:07 PM

Posted 15 March 2005 - 01:38 PM

Dear Merijn,

I found out your website on Google search providing Hijackthis tutorial. I ran this program and got a log file but I am not sure about several entried. Could you please help me with it?

Here's the URL of my log:

http://www.hijackthis.de/logfiles/37d5d2b0...06bca1b692.html

Entries I have questions about:

O4 - HKLM\....\Run:[MsmqIntCert] regsrv32 /s mqrt.dll( I think I should fix this one? )

O4 - HKLM\...\Run:[NvCplDaemon] RUNDLL32.EXE NVQTwk, NvCplDaemon initialize
( I think I should fix this one? )

O20 - Winlogon Notify Vavlogon - D:\WINNT\system32\\Navlogon.dll ( should I fix this one? )

O23 - Service: IA Analysing( IACtrl ) -......( should be fine, but not sure )

O23 - Service: IMSrvP - D:\WINNT\PointDev\IMSrv.exe ...( should be fine, but not sure )

O23 - Service: System Commander 7 MBR check ( WinMBR ) Unknown owner C:\SC\WINMBR.EXE
( Should I fix this one? )

Thanks.

Frank

BC AdBot (Login to Remove)

 


#2 ddeerrff

ddeerrff

    Retired


  • Malware Response Team
  • 2,724 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upper Midwest, US
  • Local time:11:07 PM

Posted 15 March 2005 - 05:57 PM

The hijackthis.de scanner is not particularly accurate or up to date.

You have HijackThis running from a temporary or zip folder. Any backup files HJT creates during the repair process will not be secure if left in this folder.

Create a folder on the C: drive called C:\HJT. (You appear to be booting from the D: drive. D:\HJT is an OK location too.) You can do this by going to My Computer (Windows key+e) then double click on C: then right click and select New then Folder and name it HJT. Unzip HijackThis into this folder. Please delete any other copies of HijackThis and run HJT only from this new folder. If required a tutorial is here: Hijackthis Folder Tutorial

Post your full HijackThis log to this thread.
Derfram
~~~~~~

#3 ddeerrff

ddeerrff

    Retired


  • Malware Response Team
  • 2,724 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upper Midwest, US
  • Local time:11:07 PM

Posted 30 March 2005 - 11:51 AM

Due to inactivity, this thread will now be closed. If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.
Derfram
~~~~~~




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users