GDHW ? What on EArf?

What process is it that is using all of the CPU time? You did not even tell us an OS.

Are you a game player?

Did you read and run (as required before posting): READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

 

Let's do a few things.


Download and run AutoStart Viewer save a log from it and post as an attachment.

Also follow the below steps exactly:

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).

 

Well other than the fact that you did not follow my directions for installing and using HJT and the fact that it does not look like you ran all of the READ ME FIRST, your logs are clean. It does not look to me like you are having a malware problem. It may be that the problem is something related to your game installation or some other problem on your PC.

Perhaps you should check over in the Gaming Forum.

 

No! You are running it from the ZIP file using Winrar as shown in your log:

C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Nhan\LOCALS~1\Temp\Rar$EX00.812\HijackThis.exe

Also you did not exit browsers: C:\Program Files\Mozilla Firefox\firefox.exe

There are online scanners in the READ ME FIRST that are supposed to be run. They were Trend Micro and Symantec and yesterday they were changed to BitDefender and RavAntivirus. If they were run they would show in your HJT log in the O16 section.

If I do not see them, that means they were not run. If you had problems running them, your should have said something.


I'm not sure why your PC is restarting. Try the all the online scans including the ones in the Alternative scans section of the READ ME FIRST to see if any problems are detected. If you cannot do them in safe mode, do them in normal boot mode.

 

You did not ask for help two weeks ago and that is a long time to go in the malware world. When you said you ran the READ ME FIRST you should have run ALL the steps NOW. Not two weeks ago.

What do you mean the won't work? You said nothing about that when you posted for help. Also you said was

Run the online scans below now:

do an online scan at Bitdefender <-- agree to the license and then select Scan
do an online scan at RavAntivirus <-- select Auto Clean then click Scan My PC
<LI>Trend Micro's Free Online Virus Scan

 

Did you run it in normal or safe boot mode?

Is there a C:\WINDOWS\tqp.exe file on your PC? If so, try booting in safe mode and deleting
it.

Have you tried searching your PC for anything named GDHW? Make sure Windows search is configured properly as below:

Click Search and the Select "All files and folders"
Enter the filename in the "All or part of the file name:" box
Now select "More advanced options"
Make sure the following check boxes are checked:
- Search system folders
- Search hidden files and folders
- Search subfolders
Then click the Search button.


Also have you tried search your registry for any hits on GDHW?

 

It is not necessary to search in safe mode. Did you configure the options as I gave before doing search? They are not the defaults. Windows will not look in all folders unless you configure it properly.

You could use the built in Registry Editor called regedit to search your registry but let's try the below because it is usually faster.

Download the Registry Search Tool from here:

http://www.billsway.com/vbspage/vbsfiles/RegSrch.zip

Unzip to your Desktop and double click on regsrch.vbs
(if you have script protection, please allow this to run)

In the dialog that opens enter the following:

GDHW

Press 'OK'

The search will run for a while then alert you when it is finished.

Press 'OK' and copy the contents of the WordPad window and post in this thread.

 

What file did not delete? I did give any recent directions to delete anything. Are you talking about the registry key found by RegSrch? That's not a file. It is information stored in your registry. And RegSrch just looks for information in your registry. It does not do anything else. And for this particular item, it is not a problem. MRU = Most Recently Used. All it is telling you is that your had run a search to look for GDHW.

As far as I can tell there are no malware related issues on you PC. You may need to look into software, driver, or hardware problems. Maybe even heat problems. But those discussions belong in other forums.

Did you ever try to manually delete the C:\WINDOWS\tqp.exe file as I requested in message # 12?

 

From what I can tell, it does not look like any visible form of malware. But it could have to do with some application on your computer. Possibly even a game.