1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Screen blinking/distortion while performing actions

Discussion in 'Virus & Other Malware Removal' started by josgba2002, Dec 22, 2011.

Thread Status:
Not open for further replies.
  1. josgba2002

    josgba2002 Thread Starter

    Joined:
    Dec 22, 2011
    Messages:
    1
    Hi. I have a computer with certain problems. I enter to Windows XP but at any action performed (example, click on start menu, open a windows), display blinks/flicker, or suffer distortion. Nothing of this happens on safe mode. I'll appreciate any help.

    There is a image showing distortion on "all programs" from start menu:

    [​IMG]

    Sorry my bad english. I'm from latam!

    There are reports:

    HJT


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 08:42:16 a.m., on 22/12/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    F:\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://WwW.FullWarez.Info/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = .::WindowsRD v2::.
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Archivos de programa\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Archivos de programa\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] "C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICIO LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SERVICIO LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
    O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Servicio de red')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
    O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O22 - SharedTaskScheduler: Precargador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Demonio de caché de las categorías de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Servicio del administrador de discos lógicos (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Registro de sucesos (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Servicio de actualización de Google (gupdate) (gupdate) - Unknown owner - C:\Archivos de programa\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Archivos de programa\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Administrador de sesión de Ayuda de escritorio remoto (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Tarjeta inteligente (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
    O23 - Service: Registros y alertas de rendimiento (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
    O23 - Service: Instantáneas de volumen (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: Adaptador de rendimiento de WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
    O23 - Service: Servicio de uso compartido de red del Reproductor de Windows Media (WMPNetworkSvc) - Unknown owner - C:\Archivos de programa\Windows Media Player\WMPNetwk.exe

    --
    End of file - 5675 bytes

    DDS


    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702
    Run by Administrador at 8:42:31 on 2011-12-22
    Microsoft Windows XP Professional 5.1.2600.3.1252.58.3082.18.511.264 [GMT -8:00]
    .
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    svchost.exe
    F:\HijackThis.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uWindow Title = .::WindowsRD v2::.
    uDefault_Page_URL = hxxp://WwW.FullWarez.Info/
    uSearch Page = hxxp://www.google.com.MX
    uSearch Bar = hxxp://www.google.com/ie_rsearch.html
    uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
    mSearchAssistant = hxxp://www.google.com/ie_rsearch.html
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\archivos de programa\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\archivos de programa\google\googletoolbarnotifier\5.7.7018.1622\swg.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\archivos de programa\google\google toolbar\GoogleToolbar_32.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [swg] "c:\archivos de programa\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    mRun: [SoundMan] SOUNDMAN.EXE
    mRun: [Malwarebytes' Anti-Malware] "c:\archivos de programa\malwarebytes' anti-malware\mbamgui.exe" /starttray
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
    dRunOnce: [IE8] rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart
    dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32
    mPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
    dPolicies-explorer: NoSMHelp = 1 (0x1)
    dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
    IE: E&xportar a Microsoft Excel - c:\archiv~1\micros~2\office12\EXCEL.EXE/3000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\archiv~1\micros~2\office12\REFIEBAR.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    IFEO: dotnet3.exe - c:\windows\microsoft.net\framework\v2.0.50727\DotNetFxInstallBlock.exe
    IFEO: dotnet3[1].exe - c:\windows\microsoft.net\framework\v2.0.50727\DotNetFxInstallBlock.exe
    IFEO: dotnet3[2].exe - c:\windows\microsoft.net\framework\v2.0.50727\DotNetFxInstallBlock.exe
    IFEO: dotnetfx.exe - c:\windows\microsoft.net\framework\v2.0.50727\DotNetFxInstallBlock.exe
    IFEO: dotnetfx3.exe - c:\windows\microsoft.net\framework\v2.0.50727\DotNetFxInstallBlock.exe
    .
    Note: multiple IFEO entries found. Please refer to Attach.txt
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 tidnet;TID NDIS Protocol Driver;c:\windows\system32\drivers\tidnet.sys [2008-6-12 19200]
    R2 MBAMService;MBAMService;c:\archivos de programa\malwarebytes' anti-malware\mbamservice.exe [2011-8-27 366152]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-27 22216]
    S2 gupdate;Servicio de actualización de Google (gupdate);c:\archivos de programa\google\update\GoogleUpdate.exe [2011-11-25 136176]
    S3 gupdatem;Google Update Servicio (gupdatem);c:\archivos de programa\google\update\GoogleUpdate.exe [2011-11-25 136176]
    S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\drivers\ewdcsc.sys [2011-10-19 24448]
    S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2011-10-19 100480]
    .
    =============== Created Last 30 ================
    .
    2011-12-22 16:21:59 604253 -c--a-w- c:\windows\system32\dllcache\vmodem.sys
    2011-12-22 16:20:58 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys
    2011-12-22 16:19:59 54826 -c--a-w- c:\windows\system32\dllcache\otcsercb.sys
    2011-12-22 16:18:59 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
    2011-12-22 16:17:59 46080 -c--a-w- c:\windows\system32\dllcache\esunib.dll
    2011-12-22 16:16:59 44032 -c--a-w- c:\windows\system32\dllcache\cnusd.dll
    2011-12-22 16:12:07 14080 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys
    2011-12-22 16:11:59 9728 -c--a-w- c:\windows\system32\dllcache\brcoinst.dll
    2011-12-20 02:31:25 -------- d-----w- c:\windows\system32\wbem\repository\FS
    2011-12-20 02:31:25 -------- d-----w- c:\windows\system32\wbem\Repository
    2011-12-13 00:53:19 -------- d-----w- c:\documents and settings\administrador\Tracing
    2011-12-13 00:44:46 -------- d-----w- c:\archivos de programa\Microsoft SQL Server Compact Edition
    2011-12-13 00:43:56 -------- d-----w- c:\archivos de programa\Microsoft
    2011-12-12 23:39:55 -------- d-----w- c:\archivos de programa\archivos comunes\Windows Live
    2011-12-02 12:22:54 -------- d--h--r- C:\AHCache
    2011-12-02 12:22:43 -------- d-----w- C:\3b523eba683e1edafe5d174f
    2011-11-26 05:39:09 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-11-26 05:25:04 -------- d-sh--w- c:\documents and settings\administrador\PrivacIE
    .
    ==================== Find3M ====================
    .
    2011-12-19 02:11:32 90112 ----a-w- c:\windows\DUMP4f39.tmp
    2011-12-17 17:01:19 90112 ----a-w- c:\windows\DUMP4892.tmp
    2011-12-17 17:00:11 98304 ----a-w- c:\windows\DUMP4845.tmp
    2011-12-17 16:56:37 98304 ----a-w- c:\windows\DUMP4844.tmp
    2011-12-17 16:54:38 98304 ----a-w- c:\windows\DUMP47e6.tmp
    2011-12-17 05:18:00 98304 ----a-w- c:\windows\DUMP51b9.tmp
    2011-12-16 19:06:40 90112 ----a-w- c:\windows\DUMP4601.tmp
    2011-12-16 19:05:47 98304 ----a-w- c:\windows\DUMP43fe.tmp
    2011-12-16 19:03:49 98304 ----a-w- c:\windows\DUMP441d.tmp
    2011-12-16 19:01:51 90112 ----a-w- c:\windows\DUMP53ae.tmp
    2011-12-16 15:19:22 98304 ----a-w- c:\windows\DUMP43b0.tmp
    2011-12-16 15:17:44 90112 ----a-w- c:\windows\DUMP447b.tmp
    2011-12-16 07:22:12 98304 ----a-w- c:\windows\DUMP50bf.tmp
    2011-12-16 07:16:50 90112 ----a-w- c:\windows\DUMP4cb8.tmp
    2011-12-15 08:39:26 90112 ----a-w- c:\windows\DUMP5851.tmp
    2011-12-15 03:41:49 90112 ----a-w- c:\windows\DUMP4e5e.tmp
    2011-12-14 15:40:39 90112 ----a-w- c:\windows\DUMP5b8d.tmp
    2011-12-13 16:23:03 90112 ----a-w- c:\windows\DUMP54e6.tmp
    2011-12-13 01:57:13 90112 ----a-w- c:\windows\DUMP53ad.tmp
    2011-12-03 00:45:05 90112 ----a-w- c:\windows\DUMP4630.tmp
    2011-12-02 12:54:27 98304 ----a-w- c:\windows\DUMP448a.tmp
    .
    ============= FINISH: 8:43:03,62 ===============

    ark.txt


    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit quick scan 2011-12-22 08:44:02
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 MAXTOR_STM3802110A rev.3.AAK
    Running: 0dz5hdxt.exe; Driver: C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\pxtdrpoc.sys


    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Ntfs \Ntfs sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)
    AttachedDevice \FileSystem\Fastfat \Fat sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)
    AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

    ---- EOF - GMER 1.0.15 ----
     

    Attached Files:

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1032446

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice