Tech Support Forum - View Single Post - The nvctrl.exe monster that won't die

sUBs · 02-22-2006, 07:34 PM

Have HijackThis fix these entries. They should go easily now that we have nuetralised the files.

O4 - HKLM\..\Run: [a1cdd0ce23c] C:\WINDOWS\System32\a1cdd0ce23c.exe
O4 - HKCU\..\Run: [a1cdd0ce23c] C:\WINDOWS\System32\a1cdd0ce23c.exe
O23 - Service: WindowInstallSystem (a1cdd0ce23csvr) - Unknown owner - C:\WINDOWS\a1cdd0ce23c.exe (file missing)

Then, locate those three files we renamed. They should be named as:

C:\WINDOWS\a1cdd0ce23c.exe.ren
C:\WINDOWS\a1cdd0ce23c.ini.ren
rundll32.exe.ren

Zip/Archived all 3 files & place the zipped file as an attachment in your next post. I would like send them in to the lab so that we may know more of it. You may delete them once you have done so.

Please let me know how your machine is behaving now.

02-22-2006, 07:34 PM	#19 (permalink)
sUBs Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy Join Date: May 2005 Posts: 24,326 OS: N/A	Have HijackThis fix these entries. They should go easily now that we have nuetralised the files. O4 - HKLM\..\Run: [a1cdd0ce23c] C:\WINDOWS\System32\a1cdd0ce23c.exe O4 - HKCU\..\Run: [a1cdd0ce23c] C:\WINDOWS\System32\a1cdd0ce23c.exe O23 - Service: WindowInstallSystem (a1cdd0ce23csvr) - Unknown owner - C:\WINDOWS\a1cdd0ce23c.exe (file missing) Then, locate those three files we renamed. They should be named as: C:\WINDOWS\a1cdd0ce23c.exe.ren C:\WINDOWS\a1cdd0ce23c.ini.ren rundll32.exe.ren Zip/Archived all 3 files & place the zipped file as an attachment in your next post. I would like send them in to the lab so that we may know more of it. You may delete them once you have done so. Please let me know how your machine is behaving now. __________________ Question - what have you done for the community today?