Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware? Please need help


  • This topic is locked This topic is locked
2 replies to this topic

#1 mark72

mark72

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:03 PM

Posted 01 November 2008 - 02:37 AM

Hi,

it's a couple of day that I'm fighting with my PC. Every time I reboot a message appears on the scrren: "C:\windows\system32\xtemp1.exe The CPU NTVDM ha encountered an error. CS 0dc8 IP: 0275 ... OP: 63 6b 6772 6 f.
It follows another identical message with xtemp2.exe.
I've read something on the net and it seems to be a malware, but neither with my Norton antivirus neither with Spyboot I solved the problem. Moreover yeserday I was not allowed to make any internet connection to useful sites (i.e. Lavasoft to download updates). I had to use another PC to download Combofix. I used it and at least the internet ploblem seems to be solved, but the strange messages at Windows start-up are still there.

I'll attach the log file produced by Combofix. I hope this could helphttp://www.bleepingcomputer.com/forums/style_images/bc/folder_post_icons/icon9.gif... Thanks!

Attached Files

  • Attached File  log.txt   8.92KB   33 downloads


BC AdBot (Login to Remove)

 


#2 maranatha

maranatha

    Whats That !


  • Malware Response Team
  • 1,229 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Seattle Washington
  • Local time:05:03 AM

Posted 15 November 2008 - 12:24 PM

Hi mark72
Welcome to Bleeping Computer.
I'm maranatha and I will be handling your log to help you get cleaned up. I am a student here at BC so all my posts will be checked by one of our experts, so there may be a slight delay between posts.

Please do this.
  • Download RSIT by random/random and save it to your desktop.
  • Double click RSIT.exe to start the tool.
  • At the disclaimer, please use the drop down box to select 3 months for the file/folder search, then click Continue.
  • If prompted by your firewall to allow RSIT to access the internet, please allow it. It will be updating yourr version of HijackThis.
  • When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
  • Please post the contents of those logs here in your next reply.
Thanks
maranatha

Windows7 Professional 64 Bit

 

I'm going in the wrong direction to be in a hurry!


unite_mo.jpg


My help is always free, But I do accept donations.
Donate Here


#3 Shaba

Shaba

    Koutsi


  • Members
  • 7,872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:02:03 PM

Posted 21 November 2008 - 02:42 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Microsoft MVP Consumer Security
Posted Image

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users