Help with my HJT log please

By AnFboy1892
Mar 11, 2006
Topic Status:
Not open for further replies.
  1. I have several problems: Whenever I CTRL+ALT+DELETE there are no tabs on my window. Also, It says my computer is no longer registered to me. Also, because of something on my computer I cannot run ad-aware or other anti-spyware/adware programs, even online free virus scans. My last hope is HTJ will help out, maybe some /regedit help? /shrug.

    Attached Files:

  2. BeetleTX330

    BeetleTX330 Newcomer, in training

    Hi. You definitely have some bad things in the HJT log. You also have a few things that I always disable, even if they're not BAD (it's just that they don't server ENOUGH of a needed purpose, IMHO).

    I've hit TAB and put an XX in front of what I know to be bad. I've hit TAB and put two asterisks (**) in front of the ones I'd disable because they're not necessary.

    Lastly, I use Sysinternals "AutoRuns" app to disable stuff -- it does a really good job and is easy to use (a side note, when you first run AutoRuns, hit the ESCape button and go to Options and checkmark "Hide Microsoft Entries", then refresh the list). Once the list is up, you can selectively uncheckmark the entries you don't want to start up.
  3. AnFboy1892

    AnFboy1892 Newcomer, in training Topic Starter

    Hey

    Thank you Beetle,

    I removed the suggested items. I'm going to reboot in safemode and make a fresh HJT log then try the sysinternals.
  4. AnFboy1892

    AnFboy1892 Newcomer, in training Topic Starter

    Ok

    Here's the updated HJT log.
  5. BeetleTX330

    BeetleTX330 Newcomer, in training

    I see that the following line is still present and shouldn't be:
    O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun

    I also see:
    O4 - HKLM\..\RunServices: [windrv] C:\WINDOWS\System32\windrv32.exe
    ...which I must have missed the first time around. It's bad too, see:
    http://www.greatis.com/appdata/d/w/windrv32.exe_Removal.htm

    I don't see a problem with the rest of the list BUT that's not a guarantee that one of those has been compromised. Also, these remaining bad listings may be powerful enough to combat your removal techniques and re-install themselves (which may explain why "cfgmgr52" is back).

    If you haven't yet, go to http://housecall.trendmicro.com and run their online anti-virus/malware scanner in case YOUR anti-virus software has been compromised (which is the first thing viruses do nowadaze).
  6. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.