WTF is fwriyuog.sys?

A friends computer running Win 7 Ult OS, 32 bit intel CPU 4 gig ram, started acting goofy! It boots to a blank screen and stops or goes to my desktop background with no icons and no start bar and stops! Safe Mode boots fine!

A number of spyware proggies and registry proggies and gmer found this, and gmer says it's a rootkit !

I did a google and came up with NOTHING NO WHERE !! you try it!

WHAT THE HELL IS THIS?

thanks

this is registry entry:
[HKEY_LOCAL_MACHINE] \SYSTEM\ControlSet001\services\fwriyuog\\ImagePath

See screen shot attached

Deleted the entry from registry, and now my puter boots up fine and desktop back to normal!

After running a few proggies (KUDOS to Gmer, Hitmanpro, RFA, and Killbox) and all things pointed to this EVIL program!

AllMusicConverter_4.2.9-Setup.exe

I would recommend you do not download and you will save yourself 4 hours of agony!

It looks like I'm not out of the woods yet!!

Just getting ready to leave this guys house and I do a hard reboot, and it's back !! Even though I've found the original offending program and deleted/uninstalled it, the rootkit it contained and installed, is still present and active!

Checked the registry and sure enough . . .

[HKEY_LOCAL_MACHINE] \SYSTEM\ControlSet001\services\fwriyuog\\ImagePath

. . . is in the registry. I removed it and did a registry search for fwriyuog and it shows up in Legacy entries which I CAN'T remove!

Now how the sam hill did it return? I deleted the above program earlier, where did it return from?

Did a system restore back three software installs, and still at boot up, in normal mode, blank screen and lockup! Safe mode boots fine!

Now I'm thinking this rootkit is in a separate partition on the HARD drive and it's still active. So after deleting all partitions and reformatting the largest one (440gb) I will reinstall win 7 ultimate tomorrow!

getting some sleep, it's been a long day!

thanks all

OK here's an update, I posted above all of my advaces in this problem and this is where I'm at now!

. . . on to the problem(s) at hand

Now I not only re-formatted the whole drive I also bought a new 1TB drive as a damage control item (in case I throw the original out the window) !

After reformatting ad re-installing Win7Ult 32 bit I don't have the same problem but yet they are similar! Go figure! (I also tried Win7Ult 64 bit and the new WD 1TB 7200 drive)

After a successful install, randomly at boot up, it might go fine or it can go black or it can go to a Win7 light blue screen with the 4 color MS Flag logo and then freeze! If it does boot up ok and go to the desktop WITH all of the Icons, if it goes to sleep it will come back with the light blue Win7 screen with the MS logo/flag and be locked/froze!

An F8 at boot up (SAFE MODE with Networking) ALWAYS brings you to the desk top with ICONS!

I tried going back to a Windows XP Pro install and got an install error!

So at this point I'm reloading Win7Ult 64bit and will run it in safe mode!

What I've tried to solve this . . .

2 different hard drives both fresh,re-formatted with NOTHING on them! nfg

I tried swapping and eliminating ram modules to ensure there's no memory problem! nfg

Cleared CMOS. nfg

Tried proper shutdowns (versus yanking the power plug after a successful bootup) nfg

Looked for overheating issues nfg (air blew dust out of everywhere including my ears)

One thing I am REALLY curious about with this DELL Vostro 420 is the CPU! It is a Intel Q6600 2.4ghz that is a supposed 64 bit cpu but yet dell shipped it with a 32 bit Win XP OS!

How is that possible? You can't load Win7 32 bit OS on to a current Intel I3, I5, I7 or any other current 64 bit cpu cause it will tell you that you have the wrong OS Architecture and halt the install!

Not with this cpu???

So at this point I'm stumped, the rootkit is gone (was it EVER there?) according to Gmer and the funky file name "fwriyuog" it was. But that can't be the issue now!

Any thoughts?

thanks

RIGHT NOW I'm looking into a video card issue! I'm running out of possibilities! 8^(

OK, success!

What I had was multiple problems occurring at multiple times!

Talk about a test from geek computer god!

Initially, the rootkit WAS the problem! As time and frustration progressed other mitigating factors came into play!

Of two dvd/cd rom drives (one a blu-ray) only one worked consistently! The blu-ray for some reason did not like the Win XP install CD nor either of the Win 7 Ult 32/64 install DVD's! Even after burning new fresh copies of ALL of the above at the slowest possible speed 4x!

Then we have the mysterious Intel Q6600 64/32 bit CPU. Try and install a 32 bit OS on ANY desktop laptop with a 64 bit CPU and it won't happen! Not with this CPU either installs fine.
(Not so much as a problem more as a confusing factor to sidetrack my mind!)

Last and foremost either of the Win7 Ult installs, 32 or 64 bit, did not like the ATI Radeon HD video card. Even after d/ling the LATEST Win 7 drivers random video errors occurred. Blank screen, Desktop lockup, even if a good bootup ocurred as soon as screen saver initiated you had lockup NOTHING functioned except power down!

It was the safe mode operation that pointed the way . . . why did the box work fine when no drivers were loaded? I was thinking the rootkit had returned when in actuality it was the change of OS to Win7 that was causing the similar symptoms. Do a Google and you will see this is a common problem with Win 7 Ult installs! But who would Google this if you thought the rootkit had returned?. After reformatting the old drive and then installing a new one, where the hell was the rootkit hiding to return from?

The final cure was to disable the ATI device in hardware and let the Dell run on generic drivers!

I believe a new video card is on my friends agenda! Although not necessary as the box is running fine and he is not a gamer needing 3D and such!

Whewwwwwww!

ok and i have been informed that a 32 bit os CAN go into a 64 bit cpu system.

i stand corrected

Well, beings that "fwriyuog" was not found anywhere on the internet, granted it was a "generated" file name, I didn't expect to have much input with a few exceptions from other sites.

That being the case I'm not normally one to sit around and wait for somebody else to fix my problem. Granted that whatever input is received can be helpful and can point you in the right direction, but there was a time issue here.

If had not been AT my friends house, I would not have slept until I solved it!

But beings my friends wife(who got in at 10pm and needed to get up at 6am) was practicing her Philadelphia Phillies southpaw arm explicating colorful epithets and I decided to call it a night!

Tenacity(persistence x 10) is sometimes a monkey on your back, and this Dell Vostro 420 was NOT going to win!