Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Malware? Please need help

  • This topic is locked This topic is locked
2 replies to this topic

#1 mark72


  • Members
  • 1 posts
  • Local time:01:03 PM

Posted 01 November 2008 - 02:37 AM


it's a couple of day that I'm fighting with my PC. Every time I reboot a message appears on the scrren: "C:\windows\system32\xtemp1.exe The CPU NTVDM ha encountered an error. CS 0dc8 IP: 0275 ... OP: 63 6b 6772 6 f.
It follows another identical message with xtemp2.exe.
I've read something on the net and it seems to be a malware, but neither with my Norton antivirus neither with Spyboot I solved the problem. Moreover yeserday I was not allowed to make any internet connection to useful sites (i.e. Lavasoft to download updates). I had to use another PC to download Combofix. I used it and at least the internet ploblem seems to be solved, but the strange messages at Windows start-up are still there.

I'll attach the log file produced by Combofix. I hope this could helphttp://www.bleepingcomputer.com/forums/style_images/bc/folder_post_icons/icon9.gif... Thanks!

Attached Files

  • Attached File  log.txt   8.92KB   33 downloads

BC AdBot (Login to Remove)


#2 maranatha


    Whats That !

  • Malware Response Team
  • 1,229 posts
  • Gender:Male
  • Location:Seattle Washington
  • Local time:05:03 AM

Posted 15 November 2008 - 12:24 PM

Hi mark72
Welcome to Bleeping Computer.
I'm maranatha and I will be handling your log to help you get cleaned up. I am a student here at BC so all my posts will be checked by one of our experts, so there may be a slight delay between posts.

Please do this.
  • Download RSIT by random/random and save it to your desktop.
  • Double click RSIT.exe to start the tool.
  • At the disclaimer, please use the drop down box to select 3 months for the file/folder search, then click Continue.
  • If prompted by your firewall to allow RSIT to access the internet, please allow it. It will be updating yourr version of HijackThis.
  • When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
  • Please post the contents of those logs here in your next reply.

Windows7 Professional 64 Bit


I'm going in the wrong direction to be in a hurry!


My help is always free, But I do accept donations.
Donate Here

#3 Shaba



  • Members
  • 7,872 posts
  • Gender:Male
  • Location:Finland
  • Local time:02:03 PM

Posted 21 November 2008 - 02:42 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Microsoft MVP Consumer Security
Posted Image

Posted Image

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users