1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer freezing

Discussion in 'Virus & Other Malware Removal' started by android_2099, Nov 25, 2011.

Thread Status:
Not open for further replies.
  1. android_2099

    android_2099 Thread Starter

    Joined:
    Nov 24, 2011
    Messages:
    1
    Hi,

    I just had my computer repaired 3 days ago with the addition of a new motherboard, RAM, PSU and video card. The problem is that my computer is constantly crashing/freezing once its booted up resulting in a manual shutdown. It sould be noted that I haven't used this hard drive for about 5 years and I can't run AVG because before it's able to finish the scan, the computer just freezes. Any help would be appreciated!

    Thanks,
    Aaron

    ------------------------------------------------------
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 8:25:30 PM, on 11/24/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\devldr32.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Creative\ShareDLL\CtNotify.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
    C:\WINDOWS\vVX6000.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\Creative\ShareDLL\MediaDet.Exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
    O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: sploov.exe.lnk = C:\WINDOWS\system32\slpoov.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {4788DE0A-3552-49EA-AC8C-233DA52523B9} (AxLoaderPassword Class) - http://www.blackberry.com/devicesoftware/AxLoader.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1322099201953
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: JFWService - Freedom Scientific BLV Group, LLC - C:\Program Files\Freedom Scientific\JAWS\12.0\jfw.exe
    O23 - Service: JTVNCProxy_12.0 - Unknown owner - C:\Program Files\Freedom Scientific\JAWS\12.0\JTVNCProxy.exe
    O23 - Service: MSCamSvc - Unknown owner - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    --
    End of file - 9554 bytes

    -----------------------------------------------------------
    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
    Run by Peter at 20:19:23 on 2011-11-24
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.466 [GMT -5:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\devldr32.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Creative\ShareDLL\CtNotify.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
    C:\WINDOWS\vVX6000.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\Creative\ShareDLL\MediaDet.Exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    svchost.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\msiexec.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.ca/
    uInternet Settings,ProxyOverride = *.local
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [Disc Detector] c:\program files\creative\sharedll\CtNotify.exe
    mRun: [UpdReg] c:\windows\Updreg.exe
    mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe
    mRun: [AtiPTA] atiptaxx.exe
    mRun: [VX6000] c:\windows\vVX6000.exe
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
    mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
    mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
    StartupFolder: c:\docume~1\peter\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
    StartupFolder: c:\docume~1\peter\startm~1\programs\startup\sploov~1.lnk - c:\windows\system32\slpoov.exe
    uPolicies-explorer: <NO NAME> =
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partygaming\partypoker\RunApp.exe
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
    DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    DPF: {4788DE0A-3552-49EA-AC8C-233DA52523B9} - hxxp://www.blackberry.com/devicesoftware/AxLoader.cab
    DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1322098161453
    DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1322099201953
    DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    TCP: DhcpNameServer = 64.71.255.198
    TCP: Interfaces\{856249AA-9F6B-4DBC-A0E8-EFE5E352BAA7} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{FF532F6C-7762-4396-8571-F80BE50B16FB} : DhcpNameServer = 64.71.255.198
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134608]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
    S2 JFWService;JFWService;c:\program files\freedom scientific\jaws\12.0\jfw.exe [2011-5-20 4542464]
    S3 DCamUSBLTN;M318B Digital Video Camera;c:\windows\system32\drivers\vq318vid.sys [2002-4-22 113632]
    S3 JTVNCProxy_12.0;JTVNCProxy_12.0;c:\program files\freedom scientific\jaws\12.0\JTVNCProxy.exe [2011-5-20 16152]
    S3 PowerBrl;powerBraille System Driver;c:\windows\system32\drivers\powerbrl.sys [2011-5-20 14880]
    S3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\drivers\VX6000Xp.sys [2006-6-29 2383152]
    .
    =============== Created Last 30 ================
    .
    2011-11-25 01:18:03 388096 ----a-r- c:\documents and settings\peter\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-11-25 01:18:03 -------- d-----w- c:\program files\Trend Micro
    2011-11-24 03:53:30 -------- d--h--w- C:\$AVG
    2011-11-24 03:36:15 -------- d-----w- c:\documents and settings\all users\application data\Freedom Scientific
    2011-11-24 03:23:55 -------- d-----w- c:\program files\common files\SafeNet Sentinel
    2011-11-24 03:22:36 -------- d--h--w- c:\program files\Freedom Scientific Installation Information
    2011-11-24 03:22:35 -------- d-----w- c:\windows\system32\HJSMEM
    2011-11-24 03:15:30 -------- d-----w- c:\windows\system32\XPSViewer
    2011-11-24 03:14:45 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
    2011-11-24 03:14:16 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2011-11-24 03:14:16 117760 ------w- c:\windows\system32\prntvpt.dll
    2011-11-24 03:14:15 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2011-11-24 03:14:15 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
    2011-11-24 03:14:14 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
    2011-11-24 03:14:14 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2011-11-24 03:14:12 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
    2011-11-24 03:14:12 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2011-11-24 02:52:50 -------- d-----w- c:\program files\Auslogics
    2011-11-24 02:29:24 -------- d-----w- c:\windows\ie8updates
    2011-11-24 02:20:12 -------- d-----w- c:\documents and settings\peter\application data\AVG2012
    2011-11-24 02:19:01 -------- d--h--w- c:\documents and settings\all users\application data\Common Files
    2011-11-24 02:15:55 -------- d-----w- c:\windows\system32\drivers\AVG
    2011-11-24 02:15:55 -------- d-----w- c:\documents and settings\all users\application data\AVG2012
    2011-11-24 02:15:07 -------- d-----w- c:\program files\AVG
    2011-11-24 02:11:50 -------- d-----w- c:\documents and settings\all users\application data\MFAData
    2011-11-24 02:07:48 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
    2011-11-24 02:06:36 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-11-24 02:04:49 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
    2011-11-24 02:03:32 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
    2011-11-24 02:03:09 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
    2011-11-24 02:02:09 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
    2011-11-24 02:01:50 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
    2011-11-24 02:00:45 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
    2011-11-24 02:00:14 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
    2011-11-24 01:58:01 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
    2011-11-24 01:57:58 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
    2011-11-24 01:57:57 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
    2011-11-24 01:57:57 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
    2011-11-24 01:57:46 105472 -c----w- c:\windows\system32\dllcache\mup.sys
    2011-11-24 01:55:12 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
    2011-11-24 01:53:14 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
    2011-11-24 01:47:34 45568 -c----w- c:\windows\system32\dllcache\wab.exe
    2011-11-24 01:47:29 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
    2011-11-24 01:47:29 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll
    2011-11-24 01:47:29 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
    2011-11-24 01:47:29 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
    2011-11-24 01:47:29 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
    2011-11-24 01:47:29 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
    2011-11-24 01:47:29 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
    2011-11-24 01:47:29 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
    2011-11-24 01:47:29 110592 -c----w- c:\windows\system32\dllcache\services.exe
    2011-11-24 01:38:29 5120 ----a-w- c:\windows\system32\xpsp4res.dll
    2011-11-24 01:38:29 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe
    2011-11-24 01:26:53 -------- d-sh--w- c:\documents and settings\peter\IECompatCache
    2011-11-24 01:25:52 -------- d-sh--w- c:\documents and settings\peter\PrivacIE
    2011-11-24 01:24:08 -------- d-sh--w- c:\documents and settings\peter\IETldCache
    2011-11-24 01:19:46 -------- dc-h--w- c:\windows\ie8
    2011-11-24 00:31:03 476904 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    2011-11-24 00:31:03 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-11-24 00:27:57 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
    2011-11-24 00:27:57 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
    2011-11-24 00:27:54 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
    2011-11-24 00:27:54 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
    2011-11-23 22:27:58 27165 -c--a-w- c:\windows\system32\dllcache\fetnd5.sys
    2011-11-23 22:27:58 27165 ----a-w- c:\windows\system32\drivers\fetnd5.sys
    2011-11-23 22:27:19 5376 -c--a-w- c:\windows\system32\dllcache\viaide.sys
    2011-11-23 22:27:19 5376 ----a-w- c:\windows\system32\drivers\viaide.sys
    2011-11-23 22:23:44 -------- d-----w- C:\~ErdUserProfile.$$$
    2011-11-23 21:55:45 68224 -c--a-w- c:\windows\system32\dllcache\pci.sys
    2011-11-23 21:55:45 68224 ----a-w- c:\windows\system32\drivers\pci.sys
    2011-11-23 21:55:43 37248 -c--a-w- c:\windows\system32\dllcache\isapnp.sys
    2011-11-23 21:55:43 37248 ----a-w- c:\windows\system32\drivers\isapnp.sys
    2011-11-23 21:55:06 -------- d-----w- c:\program files\VIA
    2011-11-23 21:44:49 393088 ----a-w- c:\windows\system32\drivers\senfilt.sys
    2011-11-23 21:44:49 23552 ----a-w- c:\windows\system32\PostProc.dll
    2011-11-23 21:44:48 765952 ----a-w- c:\windows\system\crlds3d.dll
    2011-11-23 21:44:48 141312 ----a-w- c:\windows\system32\drivers\ADIHdAud.sys
    .
    ==================== Find3M ====================
    .
    2011-11-24 03:38:16 73 ----a-w- c:\windows\system32\ssprs.dll
    2011-11-24 03:38:15 205 ----a-w- c:\windows\system32\dbwof8r.dll
    2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
    2011-10-07 11:23:48 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys
    2011-10-04 11:21:42 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
    2011-10-03 07:37:52 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll
    2011-09-26 16:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
    2011-09-26 16:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
    2011-09-26 16:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
    2011-09-13 11:30:10 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
    2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
    .
    ============= FINISH: 20:21:22.32 ===============


    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2011-11-25 00:12:38
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD2500JS-00SGB0 rev.20.06C03
    Running: wlm773qr.exe; Driver: C:\DOCUME~1\Peter\LOCALS~1\Temp\uwgyipob.sys

    ---- System - GMER 1.0.15 ----
    SSDT sptd.sys ZwCreateKey [0xF76F80B0]
    SSDT sptd.sys ZwEnumerateKey [0xF76FD84C]
    SSDT sptd.sys ZwEnumerateValueKey [0xF76FDBEC]
    SSDT sptd.sys ZwOpenKey [0xF76F8090]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xF3696F3C]
    SSDT sptd.sys ZwQueryKey [0xF76FDCC4]
    SSDT sptd.sys ZwQueryValueKey [0xF76FDB44]
    SSDT sptd.sys ZwSetValueKey [0xF76FDD56]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xF3696FE4]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xF3697080]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xF369711C]
    ---- Kernel code sections - GMER 1.0.15 ----
    ? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
    .text USBPORT.SYS!DllUnload F6DD08AC 5 Bytes JMP 871DE1B8
    init C:\WINDOWS\system32\drivers\Senfilt.sys entry point in "init" section [0xF58DFA80]
    ---- Kernel IAT/EAT - GMER 1.0.15 ----
    IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!IoConnectInterrupt] [F770C580] sptd.sys
    IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F770C52C] sptd.sys
    IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7726AB8] sptd.sys
    IAT atapi.sys[ntoskrnl.exe!IoConnectInterrupt] [F770C580] sptd.sys
    IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F76F8ABA] sptd.sys
    IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F76F8C00] sptd.sys
    IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F76F8B82] sptd.sys
    IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F76F972E] sptd.sys
    IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F76F9604] sptd.sys
    IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F770BB9A] sptd.sys
    ---- Devices - GMER 1.0.15 ----
    Device \FileSystem\Ntfs \Ntfs 873D21D8
    AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
    Device \FileSystem\Fastfat \FatCdrom 87136980
    AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    Device \Driver\NetBT \Device\NetBT_Tcpip_{FF532F6C-7762-4396-8571-F80BE50B16FB} 86BE0620
    Device \Driver\usbuhci \Device\USBPDO-0 871DD1D8
    Device \Driver\usbuhci \Device\USBPDO-1 871DD1D8
    Device \Driver\usbuhci \Device\USBPDO-2 871DD1D8
    Device \Driver\usbuhci \Device\USBPDO-3 871DD1D8
    Device \Driver\usbehci \Device\USBPDO-4 871DC980
    AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    Device \Driver\Ftdisk \Device\HarddiskVolume1 873611D8
    Device \Driver\Ftdisk \Device\HarddiskVolume2 873611D8
    Device \Driver\Cdrom \Device\CdRom0 871EB1D8
    Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F7672B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\atapi \Device\Ide\IdePort0 [F7672B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\atapi \Device\Ide\IdePort1 [F7672B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\atapi \Device\Ide\IdePort2 [F7672B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\atapi \Device\Ide\IdePort3 [F7672B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\atapi \Device\Ide\IdeDeviceP2T1L0-12 [F7672B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
    Device \Driver\NetBT \Device\NetBt_Wins_Export 86BE0620
    Device \Driver\NetBT \Device\NetbiosSmb 86BE0620
    AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    Device \Driver\usbuhci \Device\USBFDO-0 871DD1D8
    Device \Driver\usbuhci \Device\USBFDO-1 871DD1D8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 86A361D8
    Device \Driver\usbuhci \Device\USBFDO-2 871DD1D8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector 86A361D8
    Device \Driver\usbuhci \Device\USBFDO-3 871DD1D8
    Device \Driver\usbehci \Device\USBFDO-4 871DC980
    Device \Driver\Ftdisk \Device\FtControl 873611D8
    Device \FileSystem\Fastfat \Fat 87136980
    AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
    AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
    Device \FileSystem\Cdfs \Cdfs 871481D8
    ---- Registry - GMER 1.0.15 ----
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] -1778206943
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 1881822920
    ---- EOF - GMER 1.0.15 ----



    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
    Processor: Intel(R) Pentium(R) 4 CPU 3.06GHz, x86 Family 15 Model 4 Stepping 9
    Processor Count: 2
    RAM: 1023 Mb
    Graphics Card: NVIDIA GeForce2 MX/MX 400 (Microsoft Corporation), 32 Mb
    Hard Drives: C: Total - 39997 MB, Free - 21132 MB; D: Total - 198467 MB, Free - 142415 MB;
    Motherboard: ASUSTeK Computer INC., P5VDC-X
    Antivirus: AVG Anti-Virus Free Edition 2012, Updated: Yes, On-Demand Scanner: Enabled
     

    Attached Files:

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1028355

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice