Tech Support Guy banner

Solved: Computer Freezes all the Time?

1222 Views 12 Replies 3 Participants Last post by  Lucky5tar
I have recently custom built my own computer. I have decided to put Windows XP Corporate Edition (SP1) on it. I then upgraded that to SP3.

A few days ago, I had my friend come over and hook up his laptop to my computer (ethernet) so we can play a game together. We werent detecting each other so we decided to put the firewall off (of course, I had my internet off). But then, I got my computer hooked up to the internet while forgetting to put the firewall back on (gah... stupid me).

To my huge surprise (sarcasm) my computer got infected with a malware or two. I honestly forgot what they're called but one of them was called rogue. something. A few of my desktop icons got deleted and sometimes I wouldnt c the start button or the computer wouldnt detect the main harddrive and various other errors. It also gave me fake anti virus ads (of course, I didnt click on any).

I installed many different programs to remove it but none were successful, except Malwarebytes' Anti-Malware.

Now, my computer has been so unstable that I dont even feel like it's a new computer. I am exhausted and frustrated. I tried a registry clean using RegCure, thinking that maybe something got messed up in the registry, but still, that was unsucessful. I don't know what to do anymore so I seek your help, computer geniuses! (heh :))

Ps: I'm not sure if this is the right place to post this thread so if an administrator could please move it to where it should be, I would be very thankful.

Here are my computer specifications (taken from DxDiag, I'm a little lazy lol):

Time of this report: 9/22/2008, 12:51:44
Machine name: *sensored*
Operating System: Windows XP Professional (5.1, Build 2600) Service Pack 3 (2600.xpsp.080413-2111)
Language: English (Regional Setting: English)
System Manufacturer: System manufacturer
System Model: Maximus Extreme
BIOS: BIOS Date: 07/23/08 17:14:32 Ver: 08.00.12
Processor: Intel(R) Core(TM)2 Duo CPU E8500 @ 3.16GHz (2 CPUs)
Memory: 3328MB RAM
Page File: 911MB used, 4299MB available
Windows Dir: C:\WINDOWS
DirectX Version: DirectX 9.0c (4.09.0000.0904)
DX Setup Parameters: Not found
DxDiag Version: 5.03.2600.5512 32bit Unicode

HijackThis Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:07:58 PM, on 9/22/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 SP3 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
C:\Program Files\ASUS\AI Direct Link\AsShare.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\PowerISO\SCDEmuApp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Documents and Settings\Ziad Maalouf\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Razer\DeathAdder\razertra.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [Launch Direct Link] "C:\Program Files\ASUS\AI Direct Link\AsShare.exe"
O4 - HKLM\..\Run: [Launch As Cmd Runner] "C:\Program Files\ASUS\AI Direct Link\AsCmd.exe" -reg
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [SCDEmuApp.exe] C:\Program Files\PowerISO\SCDEmuApp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ziad Maalouf\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\System32\PSIService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

End of file - 10196 bytes
See less See more
Not open for further replies.
1 - 13 of 13 Posts
You could start by first making sure all system files are in order. To do this click on Start button, click on Run, in the Run box type cmd then click OK. In the command window type sfc /scannow then press Enter key. You may be asked to insert your Windows CD at this point. A progress bar will appear, let it finish then reboot your computer.

This checks and replaces missing or corrupted system files and is always worth doing first. If the probem persists it's obviously something else causing the problem.
You could start by first making sure all system files are in order. To do this click on Start button, click on Run, in the Run box type cmd then click OK. In the command window type sfc /scannow then press Enter key. You may be asked to insert your Windows CD at this point. A progress bar will appear, let it finish then reboot your computer.

This checks and replaces missing or corrupted system files and is always worth doing first. If the probem persists it's obviously something else causing the problem.
Thank you for your reply. I honestly am a little confused as to how to do this. I put the CD in my DVD Drive (which is my only CD Drive). Windows XP somehow installed a Floppy Drive and a CD Drive for me. I have neither. When I try to run the scan, it constantly asks me to insert my CD, which I have done.

As I have previously mentioned, the Windows XP CD is a Windows XP Corporate Edition SP1. My current version of Windows XP is SP3 though. Is that why it keeps asking me to insert the disk?
You can change the sourcepath to XP files so that Windows doesn't ask for the CD. You can change the sourcepath via a Registry fix.

Select and Copy the text between the dotted lines only and paste into Notepad. Save the file from Notepad as Sourcepath.reg Double click or right click on Sourcepath.reg and you will be asked if you want to merge into the Registry, click Yes or OK.

Windows Registry Editor Version 5.00


Another method is Insert Windows XP CD and copy \i386 folder to hard drive.
Location does not have to be on C:\ drive.

Enter the location where you copied the i386 folder
Example: A valid entry would be "D:\My XP Install"as shown below.
Change this to wherever you copy the i386 folder.
Please Note: - Don't include the i386 folder itself in
the sourcepath

Windows Registry Editor Version 5.00

"SourcePath"="D:\My XP Install"
See less See more
If you are not confident doing this, download the Zip attachment below. Unzip to your desktop then just double click or right click on the Sourcepath.reg to merge into the registry. This version changes the sourcepath to C:\Windows, the default path to your installation files.


Gah for some reason it tells me invalid Windows XP CD although I merged sourcepath.reg to my registry :/
Try the second option above copying the i386 folder from your Windows CD to a folder on your hard drive. Don't forget to change the sourcepath in the second example to wherever you copy the i386 folder. Remember don't include the i386 folder in the sourcepath. Are you confident to make a new Sourcepath.reg file as described? Let me know how you go on.

Also check and see if you have a folder named ServicPackFiles in Windows folder. you should have a i386 folder in there also
It's also possible the i386 folder is in C: rather than C:\Windows. Check it out, it just might be a path error, though what I gave you is usually the default path.
I tried running the scan again. Only 5% of it (approximately) runs before it asks me to insert the disk.

I did what you told me to do (to my knowledge of course). I copied the I386 folder to my D:/ drive and renamed it to "My XP Install" and merged the registry with the line u wrote.
Did you look for the original i386 folder on your computer? It should be either in C: or C:\Windows. Also look for a folder named ServicePackFiles. In ServicePackFiles there should be another i386 folder and a folder named ServicePackCache. Find all these and let me know the path to each one. Oh and by the way you dont rename the i386 folder, you put the i386 folder into a folder named "My XP Install" (without the quotes).
With the amount of problems you have, I'd say the most sensible thing to do would be to backup important files and reformat your HDD.

You will have to reinstall programs again, but your PC will literally run as good as new.

Btw a lack of a firewall wasn't nessecarily the cause of your malware, it is far more likely you installed something you shouldn't have done.
Well. I booted the computer with the XP CD in it and formatted my C:/ drive. It really got frustrating how I couldn't do anything. My computer is back to life now heh except I have to reinstall quite a few things. Thank you guys for all the help!
Yea, it's for the best. A lot of people don't like re-formatting, but working in the IT industry myself it really is faster and more effective to reformat.
1 - 13 of 13 Posts
Not open for further replies.