HijackThis log file help

[techack]

I m using HP Pavillion 6910tx..which I bought in Oct 2008 since past few weeks I am repeatedly getting various BSODs..Plz help me by analysing my HijackThis Log file and suggesting possible solutions. I hv done the prelimnary virus n spyware scans.

 

[nobardin]

If you are getting BSOD's look in C:\WINDOWS\minidump and attach 3-4 of the most recent minidumps to your next reply and we will be more than happy to look them over for you.

Also if you believe you are infected then go here https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/ and follow th steps in order, not skipping any.

 

[techack]

I dont think I m infected but still do hv a look at HijackThis log.
Here is the most recent minidump.

 

[nobardin]

Minidump 113008-01
BUGCHECK_STR: 0x50
Probably caused by : WinFl32.sys

WinFl32.sys seems to be a driver file assoicated with a program called "Folder Lock"

Possible solution

If you have the program "Folder Lock" on your computer uninstall it via add/remove programs and see if your system becomes stable.

I would also recommend that you download Ccleaner from here http://www.ccleaner.com/download/downloading scan and clean your computer, then scan and clean the registry with the registry cleaner portion of the program. (the registry cleaner portion may clean up a lot of the junk in the hijackthis log)

After doing the above stated, please post back with a new hijack log and let us know if your system has become stable.

 

[techack]

I hv removed Folder Lock from the PC. I will let you know if I am getting more BSODs. Meanwhile, Here is the new HijackThis log....plz analyse it and also suggest which of the "startup" processes are safe to remove and any other recommendations too.

 

[nobardin]

After looking at your new hijackthis log and doing a google search on entries that seemed odd leads me to believe you may be infected with some spyware/malware. I believe that you should go here https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/ and follow the steps in order without skipping any and see what is found. Just as an example.

Please do not fix these entries as of yet.. this is just an example of the entries that seem suspicious.

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

O1 - Hosts: ::1 localhost

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe

O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

So run through the 8 step malware removal process then report back and let us know the outcome.

 

[techack]

Currently I m no getting any BSoD...(Thanx for helping me out)...I will let you know if I get any BSod within next 4-5 days.

the 1st two entries you quoted are of "UltraSurf" proxy.
while last 2 entries are due to "Tune Up Utilities".

I cannot comment on the other entries