Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware Infection


  • This topic is locked This topic is locked

#1
jmcconkey

jmcconkey

    Member

  • Member
  • PipPip
  • 61 posts
Hello,

I posted a message under the Windows XP forum, and they suggested I move to this forum. The message I posted there was regarding the following windows popup that I kept getting every 1 - 2 minutes:

EVENT VIEWER ENTRY:

Application popup: 16 bit MS-DOS Subsystem : C:\DOCUME~1\donkey\LOCALS~1\Temp\cmd.exe
The NTVDM CPU has encountered an illegal instruction.
CS:0567 IP:023e OP:63 68 65 2f 31 Choose 'Close' to terminate the application.

For more information, see Help and Support Center at http://go.microsoft....link/events.asp.


They had me do the following:

1. Clean the perfetch and run disk cleanup. This did not help any.

Then they had me do the following:

1. Run Winsockxpfix and then XPFIX.exe

The did not help either. It actually made my PC not be able to obatain a IP address via DHCP. I had to manually enter the IP. The internet then worked.

I then went to the Malware Removal Guide. I downloaded and ran ATF Cleaner.

I then downloaded AVG Antispyware software. I rebooted into Safe mode and ran the software. It found Backdoor.HAXdoor. It moved it to Quarentine.

I then rebooted into normal mode, and now my PC is SO slow starting up its not funny, and it absolutly will not connect to the internet at all. I am using a differnt PC to send this message. I have no clue whats going on!

I ran a HijackThis and saved the log, but I have no way of posting it until I can get the internet connect back.

I looked at the Services in control panel, and I notice a lot that have "automatic" are not running.

Can anyone help me?

Thanks
  • 0

Advertisements


#2
jmcconkey

jmcconkey

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts
Also, I fgort to mention. I belive that I have and issue because I see REGSCAN.exe as a registry entry. I beleive that is a problem as well.
  • 0

#3
Fenor

Fenor

    Trusted Tech

  • Retired Staff
  • 5,236 posts
He has two malware topics open. He is currently be helped at the other one, which can be found at the link below:

http://www.geekstogo...s...=143970&hl=

Fenor
  • 0






Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP