1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

NTVDM CPU error (recurring)

Discussion in 'Virus & Other Malware Removal' started by f4LLiN, Oct 6, 2008.

Thread Status:
Not open for further replies.
  1. f4LLiN

    f4LLiN Thread Starter

    Joined:
    Oct 6, 2008
    Messages:
    1
    Hi there. In a recent virusscan using Antivir, it found 5 infected files - I told antivir to delete them all. Since then I get a popup window with a heading of "16 bit MS-DOS Subsystem" and then "C:\DOCUME~1\MYNAME\sdsdsd.exe The NTVDM CPU has encountered an illegal instruction. CS:07ba IP:da69 OP:ba 07 06 36 01 Choose 'Close' to terminate the application." It gives me the option or close. This happens every few minutes, minimizing any full screen program that might be running. Any help would be appreciated.

    Here is my HijackThis log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 5:06:35 PM, on 10/6/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Apps\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\Explorer.EXE
    C:\Apps\AntiVir PersonalEdition Classic\sched.exe
    C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\PROGRA~1\ESRI\License\arcgis9x\ARCGIS.exe
    C:\games\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Apps\BitMeter\BitMeter2.exe
    C:\Apps\VirtuaWin\VirtuaWin.exe
    C:\Apps\VirtuaWin\modules\WinList.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
    C:\Games\Steam\Steam.exe
    C:\Apps\mIRC\mirc.exe
    C:\Apps\Mozilla Firefox\firefox.exe
    C:\apps\FREEDO~1\fdm.exe
    C:\Apps\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Apps\AntiVir PersonalEdition Classic\avscan.exe
    C:\apps\WinRAR\WinRAR.exe
    C:\DOCUME~1\WALTER~1.WAL\LOCALS~1\Temp\Rar$EX58.687\www.GamesPeru.com_BNetEditor_2031\BNetEditor.exe
    C:\apps\WinRAR\WinRAR.exe
    C:\apps\WinRAR\WinRAR.exe
    C:\apps\WinRAR\WinRAR.exe
    c:\apps\antivir personaledition classic\avcenter.exe
    C:\WINDOWS\system32\cmd.exe
    C:\WINDOWS\system32\notepad.exe
    C:\HijackThis\HijackThis.exe

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\apps\Free Download Manager\iefdm2.dll
    O4 - HKLM\..\Run: [avgnt] "C:\Apps\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] "c:\games\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
    O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EA Downloader\Core.exe -silent
    O4 - S-1-5-18 Startup: Xfire.lnk = C:\Apps\Xfire\xfire.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: Xfire.lnk = C:\Apps\Xfire\xfire.exe (User 'Default user')
    O4 - Startup: Xfire.lnk = C:\Apps\Xfire\xfire.exe
    O4 - Global Startup: Bitmeter2.lnk = C:\Apps\BitMeter\BitMeter2.exe
    O4 - Global Startup: VirtuaWin.lnk = C:\Apps\VirtuaWin\VirtuaWin.exe
    O8 - Extra context menu item: Download all with Free Download Manager - file://C:\apps\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\apps\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Download video with Free Download Manager - file://C:\apps\Free Download Manager\dlfvideo.htm
    O8 - Extra context menu item: Download with Free Download Manager - file://C:\apps\Free Download Manager\dllink.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\games\Poker\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\games\Poker\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1199731351984
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7CE2C026-36D2-434A-9BA7-013468279FD3}: NameServer = 192.168.0.1
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Apps\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Apps\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: ArcGIS License Manager - Unknown owner - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\games\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

    --
    End of file - 6390 bytes
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/756625

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice