also @ TechSpot: More evidence of a 7-inch Asus / Google co-developed tablet surfaces

TechSpot

HJT log (after SHeur trojan scare)

Discussion in 'Virus and Malware Removal' started by abanerji, Sep 17, 2007.

Thread Status:
Not open for further replies.

  1. abanerji Newcomer, in training

    Shall be grateful if you please take a look at this log. Thanks.

    Especially, is this line ok?
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    abanerji, Sep 17, 2007
    #1

  2. howard_hopkinso Newcomer, in training

    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll This is the Client Service for NetWare Provider and Authentication Package DLL 5.1.2600.3015, this file is part of the Windows operating system and should NOT be deleted.

    Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O15 - Trusted IP range: http://10.240.240.195

    O17 - HKLM\System\CCS\Services\Tcpip\..\{BEE0BCB6-383E-4851-B2FF-CB5A75B8EB70}: NameServer = 218.248.255.145,61.1.96.71<Only fix this if it doesn`t belong to your ISP.

    Click on the fix checked button.

    Close HJT and reboot your system.


    Other than the above, your HJT log is clean.

    Having said that, you need to rename HijackThis.exe as per these instructions.

    That`s because some malware can hide from HijackThis.exe.

    Regards Howard :)

    This thread is for the use of abanerji only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
    howard_hopkinso, Sep 17, 2007
    #2

  3. abanerji Newcomer, in training

    Thank you, Howard.

    Re O15 and O17, all the three IPs belong to my ISP.

    Regards,
    Ananda
    abanerji, Sep 17, 2007
    #3
Thread Status:
Not open for further replies.