Author Topic: Computer Freezing (Read 630 times)

zephyrbc · « **on:** May 25, 2008, 12:41:06 AM »

Hi,

My computer has started to freeze at random times and I'm not sure why. I thought that this may have been due to overheating, however the computer sometimes freezes when nothing is actually being used. I have checked my fan and it is working fine and I have cleaned all the dust etc from within the case.

I have also scanned the computer with adaware, AVG and spybot and the problem still occurs.

Here is my hijackthis log

Thanks,

Scott

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:45:58 PM, on 5/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Gmail Notifier\gnotify.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
G:\TestW.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\sol.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Ad-Aware 2007\Ad-Watch2007.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 6975 bytes

guestolo · « **Reply #1 on:** May 25, 2008, 01:06:42 AM »

Download [color=\"#008000\"]Deckard's System Scanner (dss.exe)[/color] to your desktop.
Close all applications and windows.
Double-click on dss.exe to run it and follow the prompts.
When the scan is complete, two text files will open; main.txt, which will be maximized and extra.txt, which will be minimized.

Post back just the Whole contents of Main.txt and Extra.txt

zephyrbc · « **Reply #2 on:** May 25, 2008, 01:19:41 AM »

Main

Deckard's System Scanner v20071014.68
Run by Scotty on 2008-05-25 16:22:00
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
54: 2008-05-25 06:22:09 UTC - RP54 - Deckard's System Scanner Restore Point
53: 2008-05-25 04:25:54 UTC - RP53 - Removed ESET NOD32 Antivirus
52: 2008-05-24 08:49:34 UTC - RP52 - System Checkpoint
51: 2008-05-23 00:47:50 UTC - RP51 - System Checkpoint
50: 2008-05-21 23:54:08 UTC - RP50 - System Checkpoint

-- First Restore Point --
1: 2008-04-24 13:10:23 UTC - RP1 - System Checkpoint

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as Scotty.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:23:17 PM, on 5/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Gmail Notifier\gnotify.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
G:\TestW.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Documents and Settings\Scotty\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Scotty.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Ad-Aware 2007\Ad-Watch2007.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 6903 bytes

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 mbmiodrvr - c:\windows\system32\mbmiodrvr.sys <Not Verified; [email protected]; Windows ® 2000 DDK driver>
R4 eamon - c:\windows\system32\drivers\eamon.sys (file missing)
R4 epfwtdir - c:\windows\system32\drivers\epfwtdir.sys (file missing)

S3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - c:\windows\system32\drivers\nsdriver.sys <Not Verified; Lavasoft AB; Ad-Watch Connections>
S3 Ad-Watch Real-Time Scanner (AW Real-Time Scanner) - c:\windows\system32\drivers\awrtpd.sys <Not Verified; Lavasoft AB; Ad-Watch Beta>
S3 Ad-Watch Registry Filter (Ad-Watch Registry Kernel Filter) - c:\windows\system32\drivers\awrtrd.sys <Not Verified; Lavasoft AB; Ad-Watch Registry Protection>

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>

-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: System Interrupt Controller
Device ID: PCI\VEN_1106&DEV_5364&SUBSYS_00000000&REV_00\3&2411E6FE&0&05
Manufacturer:
Name: System Interrupt Controller
PNP Device ID: PCI\VEN_1106&DEV_5364&SUBSYS_00000000&REV_00\3&2411E6FE&0&05
Service:

-- Files created between 2008-04-25 and 2008-05-25 -----------------------------

2008-05-25 15:45:40 0 d-------- C:\Program Files\Trend Micro
2008-05-25 15:23:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-25 15:20:59 0 dr-h----- C:\Documents and Settings\Scotty\Recent
2008-05-25 15:19:16 0 d-------- C:\Program Files\CCleaner
2008-05-25 14:53:55 2944 --a------ C:\WINDOWS\system32\mbmiodrvr.sys <Not Verified; [email protected]; Windows ® 2000 DDK driver>
2008-05-25 14:53:43 0 d-------- C:\Program Files\Motherboard Monitor 5
2008-05-25 14:25:59 0 d-------- C:\WINDOWS\LastGood
2008-05-23 00:06:15 0 d-------- C:\WINDOWS\CSC
2008-05-22 23:28:28 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-05-15 00:21:32 0 d-------- C:\Program Files\Real Alternative
2008-05-15 00:21:32 0 d-------- C:\Documents and Settings\Scotty\Application Data\Real
2008-05-15 00:21:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Real
2008-05-07 10:13:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-05-06 11:42:56 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-06 11:42:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-05-03 10:13:48 0 d--h----- C:\$AVG8.VAULT$
2008-05-03 10:09:53 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-03 10:09:44 0 d-------- C:\Program Files\AVG
2008-05-03 10:09:44 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-02 12:20:40 0 d-------- C:\Documents and Settings\Scotty\Application Data\MSN6
2008-05-02 12:20:40 0 d-------- C:\Documents and Settings\All Users\Application Data\MSN6
2008-05-02 11:50:02 0 d-------- C:\Program Files\Ahead
2008-04-30 11:26:13 0 d-------- C:\Documents and Settings\Scotty\Application Data\AdobeUM
2008-04-29 23:26:02 0 d-------- C:\Program Files\iDump
2008-04-29 01:10:01 164352 --a------ C:\WINDOWS\system32\unrar.dll
2008-04-29 01:09:52 217088 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>
2008-04-29 01:09:51 159839 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-04-29 01:09:51 755027 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-04-29 01:09:51 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-04-29 01:09:51 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-04-29 01:09:45 682496 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivXÂ®>
2008-04-29 01:09:44 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-04-29 01:09:42 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-04-28 21:04:22 0 d-------- C:\Program Files\GameArena
2008-04-28 20:52:15 0 d-------- C:\WINDOWS\system32\LogFiles
2008-04-28 20:43:43 0 d-------- C:\WINDOWS\system32\NtmsData
2008-04-28 20:41:58 0 d-------- C:\Program Files\Call of Duty 4
2008-04-28 19:43:04 0 d-------- C:\Documents and Settings\Scotty\Application Data\LimeWire
2008-04-28 18:11:04 0 d-------- C:\WINDOWS\Cache
2008-04-28 17:14:20 0 d-------- C:\Program Files\VT1708
2008-04-28 16:54:24 0 d-------- C:\Program Files\GIGABYTE
2008-04-28 16:51:06 1160 --a------ C:\WINDOWS\mozver.dat
2008-04-28 16:26:30 0 d-------- C:\Program Files\Ad-Aware 2007
2008-04-28 16:26:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-04-28 16:25:56 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-28 16:12:55 0 d-------- C:\Documents and Settings\Scotty\Application Data\Netscape
2008-04-28 16:12:40 0 d-------- C:\Program Files\ProShowProducer
2008-04-28 16:11:17 0 d-------- C:\Documents and Settings\Scotty\Application Data\Photodex
2008-04-28 13:17:30 0 d-------- C:\Program Files\uTorrent
2008-04-28 13:17:24 0 d-------- C:\Documents and Settings\Scotty\Application Data\uTorrent
2008-04-27 21:32:06 0 d-------- C:\WINDOWS\Sun
2008-04-27 21:32:06 0 d-------- C:\Documents and Settings\Scotty\Application Data\Sun
2008-04-27 17:58:04 0 d-------- C:\Scott
2008-04-27 17:57:46 0 d-------- C:\Documents and Settings\Scotty\Application Data\Adobe
2008-04-27 15:16:46 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-04-27 15:16:00 0 d-------- C:\Documents and Settings\Scotty\Application Data\Media Player Classic
2008-04-27 15:11:25 0 d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-04-27 15:05:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-04-27 14:50:54 0 d-------- C:\WINDOWS\Downloaded Installations
2008-04-27 14:42:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-04-27 14:39:36 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-27 14:39:23 0 d-------- C:\Program Files\SpywareBlaster
2008-04-27 14:38:42 0 d-------- C:\Program Files\Java
2008-04-27 14:37:19 0 d-------- C:\Program Files\Common Files\Java
2008-04-27 14:34:57 0 d-------- C:\Program Files\Microsoft Works
2008-04-27 14:34:42 0 d-------- C:\Program Files\MSBuild
2008-04-27 14:29:12 0 d-------- C:\WINDOWS\SHELLNEW
2008-04-27 14:28:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-04-27 14:27:43 0 d-------- C:\Program Files\LimeWire
2008-04-27 14:27:30 0 dr-h----- C:\MSOCache
2008-04-27 14:24:57 0 d-------- C:\Documents and Settings\Scotty\Application Data\Apple Computer
2008-04-27 14:24:43 0 d-------- C:\Program Files\iPod
2008-04-27 14:24:38 0 d-------- C:\Program Files\iTunes
2008-04-27 14:24:24 0 d-------- C:\Program Files\Bonjour
2008-04-27 14:23:41 0 d-------- C:\Program Files\QuickTime
2008-04-27 14:23:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-04-27 14:23:19 0 d-------- C:\Program Files\Apple Software Update
2008-04-27 14:22:48 0 d-------- C:\Program Files\Common Files\Apple
2008-04-27 14:22:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-04-27 14:09:37 0 d-------- C:\Program Files\Messenger Plus! Live
2008-04-27 14:08:27 0 d-------- C:\WINDOWS\system32\PreInstall
2008-04-27 14:08:25 0 d--h----- C:\WINDOWS\$hf_mig$
2008-04-27 14:00:27 0 d-------- C:\Documents and Settings\Scotty\Contacts
2008-04-27 14:00:06 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-04-27 13:53:30 0 d-------- C:\Program Files\Gmail Notifier
2008-04-27 13:49:29 0 --a------ C:\WINDOWS\nsreg.dat
2008-04-27 13:49:27 0 d-------- C:\Documents and Settings\Scotty\Application Data\Mozilla
2008-04-27 13:44:34 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-04-27 13:44:29 0 d-------- C:\Program Files\Windows Live
2008-04-27 13:44:23 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-04-27 13:40:31 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-04-27 13:39:43 0 d-------- C:\Documents and Settings\LocalService\Start Menu
2008-04-27 13:37:39 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-04-27 13:37:25 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-04-27 13:37:25 0 d-------- C:\WINDOWS\Prefetch
2008-04-27 13:30:00 0 d-------- C:\WINDOWS\provisioning
2008-04-27 13:30:00 0 d-------- C:\WINDOWS\peernet
2008-04-27 13:27:35 0 d-------- C:\WINDOWS\ServicePackFiles
2008-04-27 13:23:00 0 d-------- C:\WINDOWS\EHome
2008-04-27 11:32:13 0 d-------- C:\WINDOWS\system32\appmgmt
2008-04-25 10:13:22 0 d-------- C:\WINDOWS\nview
2008-04-25 10:04:31 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-25 10:03:44 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-04-25 10:03:33 0 d-------- C:\Program Files\VIA
2008-04-25 10:03:24 0 d-------- C:\Program Files\Common Files\InstallShield
2008-04-25 10:02:26 0 d-------- C:\Documents and Settings\Scotty\Application Data\Macromedia
2008-04-25 10:02:22 0 d--hs---- C:\WINDOWS\ftpcache
2008-04-25 08:54:33 0 d-------- C:\Program Files\Common Files\ODBC
2008-04-25 08:54:31 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-04-25 08:54:30 0 dr------- C:\Program Files
2008-04-25 08:54:30 0 d-------- C:\Program Files\Common Files
2008-04-25 08:54:14 0 d--h----- C:\Documents and Settings\All Users\Templates
2008-04-25 08:54:14 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-04-25 08:54:14 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-04-25 08:54:14 0 dr------- C:\Documents and Settings\All Users\Documents
2008-04-25 08:54:14 0 d-------- C:\Documents and Settings\All Users\Desktop
2008-04-25 08:54:13 0 d--h----- C:\Documents and Settings\Default User\Templates
2008-04-25 08:54:13 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-04-25 08:54:13 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-04-25 08:54:13 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-04-25 08:54:13 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-04-25 08:54:13 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-04-25 08:54:13 0 d-------- C:\Documents and Settings\Default User\My Documents
2008-04-25 08:54:13 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-04-25 08:54:13 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-04-25 08:54:13 0 d-------- C:\Documents and Settings\Default User\Desktop
2008-04-25 08:54:13 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-04-25 08:54:04 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-04-25 08:54:04 0 d-------- C:\WINDOWS\system32\CatRoot
2008-04-25 08:53:59 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-04-25 08:53:59 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-04-25 08:53:59 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-04-25 08:53:59 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-04-25 08:53:46 0 d-------- C:\Documents and Settings
2008-04-25 08:50:21 0 d-------- C:\WINDOWS
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\WinSxS
2008-04-25 08:50:21 0 dr------- C:\WINDOWS\Web
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\twain_32
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\wins
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\wbem
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\usmt
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\spool
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\ShellExt
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\Setup
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\ras
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\oobe
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\npp
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\mui
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\inetsrv
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\IME
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\icsxml
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\ias
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\export
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\drivers
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-04-25 08:50:21 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\dhcp
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\config
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\3076
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\2052
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\1054
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\1042
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\1041
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\1037
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\1033
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\1031
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\1028
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system32\1025
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\system
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\security
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\Resources
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\repair
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\mui
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\msapps
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\msagent
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\Media
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\java
2008-04-25 08:50:21 0 d--h----- C:\WINDOWS\inf
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\ime
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\Help
2008-04-25 08:50:21 0 dr--s---- C:\WINDOWS\Fonts
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\Driver Cache
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\Debug
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\Cursors
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\Connection Wizard
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\Config
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\AppPatch
2008-04-25 08:50:21 0 d-------- C:\WINDOWS\addins

-- Find3M Report ---------------------------------------------------------------

2008-04-27 14:52:40 0 d-------- C:\Program Files\Messenger
2008-04-27 13:40:37 0 d--h----- C:\Program Files\WindowsUpdate
2008-04-27 13:30:00 0 d-------- C:\Program Files\Movie Maker
2008-04-27 13:27:10 0 d-------- C:\Program Files\Windows NT
2008-04-25 08:54:13 62 --ahs---- C:\Documents and Settings\Scotty\Application Data\desktop.ini
2008-04-24 23:53:46 0 d-------- C:\Documents and Settings\Scotty\Application Data\WinRAR
2008-04-24 23:10:13 0 d-------- C:\Documents and Settings\Scotty\Application Data\Identities
2008-04-24 23:02:32 0 d-------- C:\Program Files\microsoft frontpage
2008-04-24 23:02:17 0 -rahs---- C:\MSDOS.SYS
2008-04-24 23:02:17 0 -rahs---- C:\IO.SYS
2008-04-24 23:02:17 0 --a------ C:\CONFIG.SYS
2008-04-24 23:02:17 0 --a------ C:\AUTOEXEC.BAT
2008-04-24 23:00:27 0 d-------- C:\Program Files\Common Files\MSSoap
2008-04-24 23:00:05 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-04-24 22:59:46 0 d-------- C:\Program Files\Online Services
2008-04-24 22:59:33 0 d-------- C:\Program Files\MSN Gaming Zone

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [03/07/2007 10:49 AM]
"nwiz"="nwiz.exe" [03/07/2007 10:49 AM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [03/07/2007 10:49 AM]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Gmail Notifier\gnotify.exe" [07/16/2005 07:48 AM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 12:47 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [03/19/2002 05:30 PM]
"Ad-Watch"="C:\Program Files\Ad-Aware 2007\Ad-Watch2007.exe" [05/01/2008 05:04 PM]
"HDAudDeck"="C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe" [05/11/2007 03:47 PM]
"NeroCheck"="C:\WINDOWS\system32\\NeroCheck.exe" [07/09/2001 08:50 PM]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [05/03/2008 10:09 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [04/27/2008 02:06 PM]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [03/30/2006 04:45 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 12:56 AM]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 10:05:26 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2fecd18c-17ee-11dd-9044-806d6172696f}]
AutoRun\command- G:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{465e52aa-1a4c-11dd-94b4-001a4d7f0357}]
AutoRun\command- F:\knmybkuq.exe
explore\Command- F:\knmybkuq.exe
open\Command- F:\knmybkuq.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d8f1011-13f9-11dd-a4e9-001a4d7f0357}]
Auto\command- svr.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL svr.exe

*Newly Created Service* - MBMIODRVR

-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

8520 more entries in hosts file.

-- End of Deckard's System Scanner: finished at 2008-05-25 16:24:06 ------------

Extra

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Core(tm)2 CPU 6320 @ 1.86GHz
CPU 1: Intel® Core(tm)2 CPU 6320 @ 1.86GHz
Percentage of Memory in Use: 27%
Physical Memory (total/avail): 2047.48 MiB / 1480.05 MiB
Pagefile Memory (total/avail): 3940.42 MiB / 3536.66 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1900.6 MiB

C: is Fixed (NTFS) - 74.52 GiB total, 14.25 GiB free.
D: is Fixed (NTFS) - 74.53 GiB total, 74.46 GiB free.
E: is Fixed (NTFS) - 465.76 GiB total, 380.22 GiB free.
F: is CDROM (CDFS)
G: is CDROM (CDFS)
H: is Fixed (FAT32) - 465.64 GiB total, 290.14 GiB free.

\\.\PHYSICALDRIVE0 - MAXTOR STM3500630AS - 465.76 GiB - 1 partition
\PARTITION0 - Installable File System - 465.76 GiB - E:

\\.\PHYSICALDRIVE1 - ST380011A - 74.53 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 74.52 GiB - C:

\\.\PHYSICALDRIVE2 - ST380021A - 74.53 GiB - 1 partition
\PARTITION0 - Installable File System - 74.53 GiB - D:

\\.\PHYSICALDRIVE3 - WD 5000AAK External USB Device - 465.76 GiB - 1 partition
\PARTITION0 - Unknown - 465.75 GiB - H:

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AV: AVG v8.0 (AVG Technologies)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:ÂµTorrent"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Program Files\\Call of Duty 4\\iw3mp.exe"="C:\\Program Files\\Call of Duty 4\\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare(tm) "
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Scotty\Application Data
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=SCOTT
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Scotty
LOGONSERVER=\\SCOTT
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f06
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Scotty\LOCALS~1\Temp
TMP=C:\DOCUME~1\Scotty\LOCALS~1\Temp
USERDOMAIN=SCOTT
USERNAME=Scotty
USERPROFILE=C:\Documents and Settings\Scotty
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

Scotty (admin)

-- Add/Remove Programs ---------------------------------------------------------

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
@BIOS B06.0721.01 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}\SETUP.EXE" -l0x9 -removeonly
ÂµTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
Alt-Tab Task Switcher Powertoy for Windows XP --> MsiExec.exe /I{A7050037-F0EA-4BAB-BCD5-FC05507D6147}
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Call of Duty® 4 - Modern Warfare(tm) --> C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Call of Duty® 4 - Modern Warfare(tm) 1.4 Patch --> C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Call of Duty® 4 - Modern Warfare(tm) 1.5 Multiplayer Patch --> C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
GameArena The Arena --> "C:\Program Files\GameArena\The Arena\UNINSTALL.EXE"
Google Gmail Notifier --> "C:\Program Files\Gmail Notifier\UninstallGmail.exe"
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
iDump (Backing up your iPod) --> C:\Program Files\iDump\uninstall.exe
Image Resizer Powertoy for Windows XP --> MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java(tm) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
K-Lite Codec Pack 3.8.5 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
LimeWire PRO 4.17.1 --> "C:\Program Files\LimeWire\uninstall.exe"
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Ultimate 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ULTIMATER /dll OSETUP.DLL
Microsoft Office Ultimate 2007 --> MsiExec.exe /X{91120000-002E-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Motherboard Monitor 5 --> "C:\Program Files\Motherboard Monitor 5\unins000.exe"
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero - Burning Rom --> MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
NVIDIA Drivers --> C:\WINDOWS\System32\nvudisp.exe UninstallGUI
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
Real Alternative 1.8.0 Lite --> "C:\Program Files\Real Alternative\unins000.exe"
Security Update for Excel 2007 (KB946974) --> msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Microsoft Office Publisher 2007 (KB950114) --> msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Office 2007 (KB947801) --> msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Security Update for Outlook 2007 (KB946983) --> msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster 4.0 --> "C:\Program Files\SpywareBlaster\unins000.exe"
Update for Office 2007 (KB946691) --> msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb950378) --> msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {F6296086-AED5-4EC0-938B-08EA0254F20E}
VIA Platform Device Manager --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VIA Rhine-Family Fast Ethernet Adapter --> Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe

-- Application Event Log -------------------------------------------------------

Event Record #/Type1158 / Success
Event Submitted/Written: 05/25/2008 02:24:31 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type1145 / Success
Event Submitted/Written: 05/25/2008 02:00:42 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type1134 / Error
Event Submitted/Written: 05/25/2008 11:59:07 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application rundll32.exe, version 5.1.2600.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type1108 / Success
Event Submitted/Written: 05/25/2008 09:35:55 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type1094 / Success
Event Submitted/Written: 05/24/2008 05:54:34 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type2474 / Warning
Event Submitted/Written: 05/25/2008 03:30:26 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type2473 / Warning
Event Submitted/Written: 05/25/2008 03:00:51 PM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk3\D during a paging operation.

Event Record #/Type2287 / Warning
Event Submitted/Written: 05/23/2008 09:26:18 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type2247 / Warning
Event Submitted/Written: 05/23/2008 05:48:15 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type2192 / Error
Event Submitted/Written: 05/23/2008 00:07:50 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
AvgLdx86
AvgMfx86
Fips
intelppm

-- End of Deckard's System Scanner: finished at 2008-05-25 16:24:06 ------------

guestolo · « **Reply #3 on:** May 26, 2008, 12:22:25 AM »

Can you let me know about a couple files

I see this one
G:\TestW.exe

and this one

F:\knmybkuq.exe

What drives do your G and F represent
dss.exe says they are CDRom, does that look right to you?

did any of the slowdowns start after you installed AVG8?

zephyrbc · « **Reply #4 on:** May 26, 2008, 03:17:08 AM »

Both drives were DVD drives
G:\TestW.exe
This file was on the motherboard drivers cd so is no problem

and this one

F:\knmybkuq.exe
was just on another disk

AVG 8 has been on my computer for a while now and wasn't causing any problems prior to the problem starting so I dont think it has anything to do with it

Scott

guestolo · « **Reply #5 on:** May 26, 2008, 10:15:39 AM »

Quote

and this one

F:\knmybkuq.exe
was just on another disk

Do you still have that disk?
If so, was it a burnt disk?
Could you scan the file at Virustotal and post back the results, or link to the results page afterwards
http://www.virustotal.com/

zephyrbc · « **Reply #6 on:** May 26, 2008, 11:46:58 PM »

Sorry, No, I dont have that disk now anyway. It was a retail version of a genuine program from a reputable company, so the file in question wasn't a virus.

I've started having problems with my DVD burner as well. It is working fine as a reader but my computer just wont detect it as a burner. I downloaded and installed new drivers from the LG website but I still cant burn anything. Any ideas?

guestolo · « **Reply #7 on:** May 29, 2008, 12:24:52 AM »

Sorry for the delay, I totally forgot about this post, my bad
I will be back on tomorrow and will continue with support if you need it
I'm sure we'll find the problems

zephyrbc · « **Reply #8 on:** June 01, 2008, 06:55:06 PM »

guestolo · « **Reply #9 on:** June 01, 2008, 07:06:46 PM »

Sorry for the delay, let's do the following
I need you to disable your Spyware protections so as they won't interfere with any fixes we try

Please disable Ad-Watch, as it may hinder the removal of some HijackThis entries. You can re-enable it after your computer is clean.

To disable Ad-Watch in Ad-Aware

1. Left-click on the Ad-Watch icon in the system tray to open the program
2. Click the Settings button on the left side of the window.
- Click the button to the left of "Load Ad-Watch on Start up" to change the green check mark to a red x.
3. Click the Status button on the left side of the window.
- Under Protection Status, uncheck all the items to be sure they are a [color=\"red\"]red[/color] X (instead of a [color=\"green\"]green[/color] checkmark)
4. Close or minimize the Ad-Watch window (either will minimize it to the System Tray.
5. Right-Click on the Ad-Watch icon in the System Tray and select "Close Ad-Watch".
6. Click "Yes" in the Confirm Shutdown window

Disable SpybotSD TeaTimer

1. Open Spybot
2. Click on Mode and check Advanced Mode
3. Check yes to next window.
4. Click on Tools in bottom left hand corner.
5.Click on Resident icon.
6. Uncheck Teatimer box.
Click Allow Change box if prompted
7. Close Spybot

Afterwards:
Download this file - Combofix.exe and save it ONLY to your desktop
We'll need it in a bit

Download the Flash_Disinfector.exe from here and save to desktop
http://www.techsupportforum.com/sectools/s...Disinfector.exe
We'll need it in a bit

Print the remainder of these instructions, or save them to text file on desktop for reference
Physically disconnect your Internet cable from the computer
Leave it disconnected till we run all the next tools
Also, temporarily disable your AntiVirus software till we are done with these tools

Run Flash_Disinfector.exe, Follow the prompts
Insert any removable flash drives you may have when prompted

Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
By default it will save a copy to C:\Combofix.txt
I'll need to see this log later
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
Combofix may need to reboot your computer when it's done, allow it too

Afterwards:
Enable AntiVirus and reconnect back to Internet
If you don't have connection at first, simply reboot computer

Post back
1. Post the log from ComboFix
2. Post a fresh Hijackthis log

guestolo · « **Reply #10 on:** July 06, 2008, 08:09:31 PM »

Since the original poster has not returned, I'll lock this topic

TheTechGuide Forum

News:

Author Topic: Computer Freezing (Read 630 times)

zephyrbc

Computer Freezing

guestolo

Computer Freezing

zephyrbc

Computer Freezing

guestolo

Computer Freezing

zephyrbc

Computer Freezing

guestolo

Computer Freezing

zephyrbc

Computer Freezing

guestolo

Computer Freezing

zephyrbc

Computer Freezing

guestolo

Computer Freezing

guestolo

Computer Freezing