Computer Keeps Crashing

Hi

My computer keeps crashing (blue screens), I originally posted on the Microsoft forum but  they thought it may be a malware problem so asked me to post here. 

I tried to follow the Virus and Spyware section Guidelines but encountered a few problems...

Re: Step A: Antivirus
I had Avast installed, although it said that it was running correctly it would freeze and blue screen at about 1% every time that I ran it.  I un installed that and installed AVG same problem - seemed to go a little further but came across some files that it could not access, froze, blue screen, etc.  I tried both programs in Safe Mode, they both froze.  So had to give up on the virus check.

Re: Step 3: SUPERAntiSpyware
This froze the first time that I ran it and on the second attempt another blue screen about 15 minutes in.
Also tried it in Safe Mode but it stopped scanning after around 10 minutes.

Not sure if this means anything but it seems to freeze at the same point every time:
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE 12\1033\PPINTL.DLL

Can you help please?  Should I just keep going through the list of programs?

Thank you

[Malware Removal Specialist]

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Download BlueScreenView to your desktop.
BlueScreenView
unzip downloaded file and double click on BlueScreenView.exe to run the program.
when scanning is done, go to EDIT - Select All
Go to FILE - SAVE Selected Items, and save the report as BSOD.txt
Open BSOD.txt in Notepad, copy all of the content, and paste it into your next reply.

Your Guide asked me to run CC Cleaner earlier which I did and the Minidump logs came up and were all deleted at the time.  When I have just tried running the Bluescreen program again there was nothing in the folder.  All that I have are what was in there when I ran it earlier:

==================================================
Dump File         : Mini013012-02.dmp
Crash Time        : 30/01/2012 20:48:43
Bug Check String  : KERNEL_STACK_INPAGE_ERROR
Bug Check Code    : 0x00000077
Parameter 1       : 0x00000001
Parameter 2       : 0xff252525
Parameter 3       : 0x00000000
Parameter 4       : 0xa957fbc8
Caused By Driver  : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+cdb3f
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18533 (vistasp2_gdr.111025-0338)
Processor         : 32-bit
Crash Address     : ntkrnlpa.exe+cdb3f
Stack Address 1   : ntkrnlpa.exe+76c78
Stack Address 2   : ntkrnlpa.exe+344d8
Stack Address 3   : ntkrnlpa.exe+352cc
Computer Name     :
Full Path         : C:\Windows\Minidump\Mini013012-02.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 139,080
==================================================

==================================================
Dump File         : Mini013012-01.dmp
Crash Time        : 30/01/2012 03:01:24
Bug Check String  : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code    : 0x000000d1
Parameter 1       : 0x0804ffeb
Parameter 2       : 0x00000002
Parameter 3       : 0x00000000
Parameter 4       : 0x82a405e5
Caused By Driver  : iastor.sys
Caused By Address : iastor.sys+3a5e5
File Description  : Intel Matrix Storage Manager driver - ia32
Product Name      : Intel Matrix Storage Manager driver
Company           : Intel Corporation
File Version      : 7.6.0.1011
Processor         : 32-bit
Crash Address     : ntkrnlpa.exe+4dfd9
Stack Address 1   : iastor.sys+3a5e5
Stack Address 2   : iastor.sys+3fa06
Stack Address 3   : ntkrnlpa.exe+aa32b
Computer Name     :
Full Path         : C:\Windows\Minidump\Mini013012-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 139,080
==================================================

==================================================
Dump File         : Mini012912-01.dmp
Crash Time        : 29/01/2012 20:33:12
Bug Check String  : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code    : 0x1000008e
Parameter 1       : 0xc0000005
Parameter 2       : 0x82504fdf
Parameter 3       : 0xbebc5b4c
Parameter 4       : 0x00000000
Caused By Driver  : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+b5fdf
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18533 (vistasp2_gdr.111025-0338)
Processor         : 32-bit
Crash Address     : ntkrnlpa.exe+b5fdf
Stack Address 1   : ntkrnlpa.exe+210bb2
Stack Address 2   : ntkrnlpa.exe+4ac7a
Stack Address 3   : ntkrnlpa.exe+49df5
Computer Name     :
Full Path         : C:\Windows\Minidump\Mini012912-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 139,080
==================================================

==================================================
Dump File         : Mini012812-01.dmp
Crash Time        : 28/01/2012 03:40:48
Bug Check String  : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code    : 0x1000008e
Parameter 1       : 0xc0000005
Parameter 2       : 0x824f3e7b
Parameter 3       : 0x8eedab8c
Parameter 4       : 0x00000000
Caused By Driver  : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+ede7b
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18533 (vistasp2_gdr.111025-0338)
Processor         : 32-bit
Crash Address     : ntkrnlpa.exe+ede7b
Stack Address 1   : ntkrnlpa.exe+205693
Stack Address 2   : ntkrnlpa.exe+2058fd
Stack Address 3   : ntkrnlpa.exe+205a4e
Computer Name     :
Full Path         : C:\Windows\Minidump\Mini012812-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 139,080
==================================================

==================================================
Dump File         : Mini012112-01.dmp
Crash Time        : 21/01/2012 21:29:42
Bug Check String  : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code    : 0x1000008e
Parameter 1       : 0xc0000005
Parameter 2       : 0x8253a010
Parameter 3       : 0xba243614
Parameter 4       : 0x00000000
Caused By Driver  : aswSnx.SYS
Caused By Address : aswSnx.SYS+34c4c
File Description  : avast! Virtualization Driver
Product Name      : avast! Antivirus System
Company           : AVAST Software
File Version      : 6.0.1367.0
Processor         : 32-bit
Crash Address     : ntkrnlpa.exe+ee010
Stack Address 1   : fltmgr.sys+1e896
Stack Address 2   : fltmgr.sys+1f805
Stack Address 3   : fltmgr.sys+1ff0b
Computer Name     :
Full Path         : C:\Windows\Minidump\Mini012112-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 139,080
==================================================

==================================================
Dump File         : Mini012012-01.dmp
Crash Time        : 20/01/2012 18:21:46
Bug Check String  : DRIVER_CORRUPTED_EXPOOL
Bug Check Code    : 0x000000c5
Parameter 1       : 0x01437a50
Parameter 2       : 0x00000002
Parameter 3       : 0x00000000
Parameter 4       : 0x8253c770
Caused By Driver  : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+4dfd9
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18533 (vistasp2_gdr.111025-0338)
Processor         : 32-bit
Crash Address     : ntkrnlpa.exe+4dfd9
Stack Address 1   : ntkrnlpa.exe+ee770
Stack Address 2   : ntkrnlpa.exe+ed858
Stack Address 3   : ntkrnlpa.exe+b2626
Computer Name     :
Full Path         : C:\Windows\Minidump\Mini012012-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 139,080
==================================================

==================================================
Dump File         : Mini011712-01.dmp
Crash Time        : 17/01/2012 08:38:13
Bug Check String  : APC_INDEX_MISMATCH
Bug Check Code    : 0x00000001
Parameter 1       : 0x9695e98b
Parameter 2       : 0x00000000
Parameter 3       : 0xffff0000
Parameter 4       : 0x00000000
Caused By Driver  : win32k.sys
Caused By Address : win32k.sys+be98b
File Description  : Multi-User Win32 Driver
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6000.16386 (vista_rtm.061101-2205)
Processor         : 32-bit
Crash Address     : ntkrnlpa.exe+4afe7
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\Mini011712-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 139,080
==================================================

==================================================
Dump File         : Mini010912-01.dmp
Crash Time        : 09/01/2012 20:31:18
Bug Check String  : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code    : 0x1000008e
Parameter 1       : 0xc0000005
Parameter 2       : 0x824d1fdf
Parameter 3       : 0xae129b4c
Parameter 4       : 0x00000000
Caused By Driver  : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+b5fdf
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18533 (vistasp2_gdr.111025-0338)
Processor         : 32-bit
Crash Address     : ntkrnlpa.exe+b5fdf
Stack Address 1   : ntkrnlpa.exe+210bb2
Stack Address 2   : ntkrnlpa.exe+4ac7a
Stack Address 3   : ntkrnlpa.exe+49df5
Computer Name     :
Full Path         : C:\Windows\Minidump\Mini010912-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 139,080
==================================================

==================================================
Dump File         : Mini010712-01.dmp
Crash Time        : 07/01/2012 20:32:21
Bug Check String  : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code    : 0x1000008e
Parameter 1       : 0xc0000005
Parameter 2       : 0x82503fdf
Parameter 3       : 0xbf0f7414
Parameter 4       : 0x00000000
Caused By Driver  : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+b5fdf
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18533 (vistasp2_gdr.111025-0338)
Processor         : 32-bit
Crash Address     : ntkrnlpa.exe+b5fdf
Stack Address 1   : ntkrnlpa.exe+21bd9c
Stack Address 2   : ntkrnlpa.exe+21bee0
Stack Address 3   : ntkrnlpa.exe+2177cd
Computer Name     :
Full Path         : C:\Windows\Minidump\Mini010712-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 139,080
==================================================

==================================================
Dump File         : Mini010512-01.dmp
Crash Time        : 05/01/2012 19:49:45
Bug Check String  : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code    : 0x1000008e
Parameter 1       : 0xc0000005
Parameter 2       : 0x82500770
Parameter 3       : 0xb32aa96c
Parameter 4       : 0x00000000
Caused By Driver  : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+ee770
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.0.6002.18533 (vistasp2_gdr.111025-0338)
Processor         : 32-bit
Crash Address     : ntkrnlpa.exe+ee770
Stack Address 1   : ntkrnlpa.exe+ed858
Stack Address 2   : aswSP.SYS+a176
Stack Address 3   : aswSP.SYS+11ac5
Computer Name     :
Full Path         : C:\Windows\Minidump\Mini010512-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6002
Dump File Size    : 139,080
==================================================

==================================================
Dump File         : Mini120111-01.dmp
Crash Time        : 01/12/2011 03:36:45
Bug Check String  : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code    : 0x1000008e
Parameter 1       : 0xc0000005
Parameter 2       : 0x81cfb886
Parameter 3       : 0x8a5226dc
Parameter 4       : 0x00000000
Caused By Driver  : NETw4v32.sys
Caused By Address : NETw4v32.sys+bfc44
File Description  : Intel® Wireless WiFi Link Driver
Product Name      : Intel® Wireless WiFi Link Adapter
Company           : Intel Corporation
File Version      : 11.5.0.32
Processor         : 32-bit
Crash Address     : ntkrnlpa.exe+ed886
Stack Address 1   : fltmgr.sys+1e892
Stack Address 2   : fltmgr.sys+1f801
Stack Address 3   : fltmgr.sys+1ff07
Computer Name     :
Full Path         : C:\Windows\Minidump\Mini120111-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 6001
Dump File Size    : 139,080
==================================================

[Malware Removal Specialist]

SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!

Download SuperAntispyware Free Edition (SAS)
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
•Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
*********************************************
Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• Please save the log to a location you will remember.
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
*************************************************
Download DDS from HERE or HERE and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.



1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

•Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE .Then post your DDS logs. (DDS.txt and Attach.txt )

Hello,

thanks for your reply,

1) I updated SUPERAntiSpyware again and ran it again, same problem, stopped about 15 minutes in when it got to:
     C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE 12\1033\PPINTL.DLL

     then froze.

2)  I then updated and ran Malwarebytes, same issue, stopped at 7 mins, 57 secs when it got to: 
     C:\PROGRAM Files\MICROSOFT OFFICE\OFFICE 12\Wordcnvpxy.cnv

     then froze.

     I tried it again in Safe Mode, same issue, froze a few minutes in at: C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE 12\XLCPRTID.XML


These are the files from DDS:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 1.6.0_30
Run by Jewelz at 21:41:56 on 2012-02-02
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\system32\AERTSrv.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\AVG\AVG2012\avgui.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Jewelz\Desktop\dds.scr
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://partnerpage.google.com/smallbiz.dell.com/en_uk?hl=en&client=dell-usuk&channel=uk-smb&ibd=2080614
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://partnerpage.google.com/smallbiz.dell.com/en_uk?hl=en&client=dell-usuk&channel=uk-smb&ibd=2080614
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
uRun: [Google Update] "c:\users\Jewelz\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [<NO NAME>]
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{44BF9867-13A7-4C4A-8AB3-0CFE6E2AF744} : DhcpNameServer = 192.168.1.254
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\Jewelz\appdata\roaming\mozilla\firefox\profiles\5ato6w99.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\users\Jewelz\appdata\local\google\update\1.3.21.99\npGoogleUpdate3.dll
.
============= SERVICES / DRIVERS ===============
.
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? gupdate;Google Update Service (gupdate)
R? gupdatem;Google Update Service (gupdatem)
R? MBAMSwissArmy;MBAMSwissArmy
R? McComponentHostService;McAfee Security Scan Component Host Service
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? !SASCORE;SAS Core Service
S? AERTFilters;Andrea RT Filters Service
S? AVGIDSAgent;AVGIDSAgent
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSEH;AVGIDSEH
S? AVGIDSFilter;AVGIDSFilter
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgwd;AVG WatchDog
S? FontCache;Windows Font Cache Service
S? O2MDRDR;O2MDRDR
S? O2SDRDR;O2SDRDR
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
S? SSPORT;SSPORT
.
=============== Created Last 30 ================
.
2012-02-02 21:04:25   40776   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2012-02-02 07:44:35   --------   d-sh--w-   C:\found.000
2012-02-01 22:01:54   --------   d-----w-   c:\users\Jewelz\appdata\roaming\AVG2012
2012-02-01 21:59:58   --------   d--h--w-   c:\programdata\Common Files
2012-02-01 21:58:11   --------   d-----w-   c:\windows\system32\drivers\AVG
2012-02-01 21:58:11   --------   d-----w-   c:\programdata\AVG2012
2012-02-01 21:57:07   --------   d-----w-   c:\program files\AVG
2012-02-01 21:56:09   --------   d-----w-   c:\programdata\MFAData
2012-02-01 02:16:25   56200   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{be294a22-1fdf-4b31-b650-eb71856dd724}\offreg.dll
2012-02-01 02:12:16   6557240   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{be294a22-1fdf-4b31-b650-eb71856dd724}\mpengine.dll
2012-01-25 21:39:47   278528   ----a-w-   c:\windows\system32\schannel.dll
2012-01-25 21:39:45   440192   ----a-w-   c:\windows\system32\drivers\ksecdd.sys
2012-01-25 21:39:44   1259008   ----a-w-   c:\windows\system32\lsasrv.dll
2012-01-25 21:39:43   377344   ----a-w-   c:\windows\system32\winhttp.dll
2012-01-25 21:39:41   72704   ----a-w-   c:\windows\system32\secur32.dll
2012-01-25 21:39:40   9728   ----a-w-   c:\windows\system32\lsass.exe
2012-01-25 15:14:04   476904   ----a-w-   c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2012-01-13 07:52:42   --------   d-----w-   c:\users\Jewelz\appdata\roaming\Maxthon3
2012-01-13 07:52:16   --------   d-----w-   c:\program files\Maxthon3
2012-01-12 19:36:43   --------   d-----w-   c:\users\Jewelz\appdata\local\Apple Computer
2012-01-11 16:49:22   23552   ----a-w-   c:\windows\system32\mciseq.dll
2012-01-11 16:49:22   189952   ----a-w-   c:\windows\system32\winmm.dll
2012-01-11 16:49:20   1205064   ----a-w-   c:\windows\system32\ntdll.dll
2012-01-11 16:49:18   66560   ----a-w-   c:\windows\system32\packager.dll
2012-01-11 16:49:17   376320   ----a-w-   c:\windows\system32\winsrv.dll
2012-01-11 16:49:16   2409784   ----a-w-   c:\program files\windows mail\OESpamFilter.dat
2012-01-11 16:49:13   1314816   ----a-w-   c:\windows\system32\quartz.dll
2012-01-11 16:49:12   497152   ----a-w-   c:\windows\system32\qdvd.dll
.
==================== Find3M  ====================
.
2012-01-12 19:06:54   414368   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 15:24:06   20464   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-12-07 10:08:58   236576   ------w-   c:\windows\system32\MpSigStub.exe
2011-11-23 13:37:27   2043904   ----a-w-   c:\windows\system32\win32k.sys
2011-11-10 05:54:13   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2011-11-08 14:42:19   2048   ----a-w-   c:\windows\system32\tzres.dll
.
============= FINISH: 21:42:41.49 ===============


.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 8.1.0
Apple Application Support
Apple Software Update
AVG 2012
Browser Address Error Redirector
CCleaner
Compatibility Pack for the 2007 Office system
CRON-O-METER 0.9.9
Dell Getting Started Guide
Dell Support Center
Dell Touchpad
DivX Setup
EDocs
Free Mp3 Wma Converter V 2.1
FreeMind
Google Chrome
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Java Auto Updater
Java(TM) 6 Update 30
Java(TM) 6 Update 5
Malwarebytes Anti-Malware version 1.60.1.1000
Maxthon 3
McAfee Security Scan Plus
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft_VC100_CRT_SP1_x86
Miro
Mozilla Firefox 8.0.1 (x86 en-GB)
MSVC80_x86_v2
MSVC90_x86
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nokia Connectivity Cable Driver
Nokia Suite
OpenOffice.org 3.3
Opera 11.60
PC Connectivity Solution
PowerDVD
QuickSet
QuickTime
Realtek High Definition Audio Driver
Roxio Activation Module
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Safari
Samsung ML-1510_700 Series
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Sonic CinePlayer Decoder Pack
Spotify
Spybot - Search & Destroy
SpywareBlaster 4.5
SUPERAntiSpyware
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
VC80CRTRedist - 8.0.50727.6195
Winamp
Winamp Detector Plug-in
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
.
==== End Of File ===========================

Good post. I appreciate it! Thanks for guiding.   

[Malware Removal Specialist]

Save these instructions so you can have access to them while in Safe Mode.

Please click here to download AVP Tool by Kaspersky.

• Save it to your desktop.
• Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
  
• Double click the setup file to run it.
• Click Next to continue.
• Accept the License agreement and click on next.
• It will, by default, install it to your desktop folder. Click Next.
• It will then open a box There will be a tab that says Automatic scan.
• Under Automatic scan make sure these are checked.
• Hidden Startup Objects
  
• System Memory
  
• Disk Boot Sectors.
  
• My Computer.
  
• Also any other drives (Removable that you may have)
  

Leave the rest of the settings as they appear as default.
•Then click on Scan at the to right hand Corner.
•It will automatically Neutralize any objects found.
•If some objects are left un-neutralized then click the button that says Neutralize all
•If it says it cannot be neutralized then choose the delete option when prompted.
•After that is done click on the reports button at the bottom and save it to file name it Kas.
•Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

Note: This tool will self uninstall when you close it so please save the log before closing it.

Hi again,

I downloaded this software, following all instructions, and ran it, it got to 25% before it froze, Just to be sure I ran it another two times didn't get further than 21% the second and 22% the third before freezing.

Any idea what to try next?

Thanks

[Malware Removal Specialist]

Please describe this freezing to me. How long does it last? Do you have to do a hard reboot to get it going again?

Mostly the countdown stops altogether and when I try to click on anything on the screen it's completely non responsive. In other cases it gets to a certain file and does not move, while the countdown continues (I have waited over two hours before) often by this stage the software controls (pause/stop/etc) are unresponsive, if they are not and it allows me to click for instance the stop or pause button the computer then becomes unresponsive.

In both cases I am not able to shut down the computer in the normal way, I try Ctrl+Alt+Del which may let me into the initial screen occasionally but then becomes unresponsive so I have to press the power button on machine.

[Malware Removal Specialist]

Ok. Let's try this to see what's eating up your memory.

Download Process Explorer: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
Unzip ProcessExplorer.zip, and double click on procexp.exe to run the program.
Click on View > Select Colunms.
In addition to already pre-selected options, make sure, the Command Line is selected, and press OK.
Go File>Save As, and save the report as Procexp.txt.
Attach the file to your next reply.

File attached...

[Malware Removal Specialist]

StartupLite

Download StartupLite by MalwareBytes to your Desktop.
Doubleclick StartupLite.exe to launch the program.
Ensure the Disable box is checked.
Click Continue.
A pop up message will tell you the unecessary startup items in your list have been disabled and ask you to restart your computer.
Re-start your computer.
***************************************************
This is going to take some investigation on your part to discover what's causing the freezing. Firstly, AVG is a resource hog and you should consider changing to something like MicroSoft Security Essentials to lighten the load.

URL=http://majorgeeks.com/Microsoft_Security_Essentials_for_Windows_VistaWindows_7_d6242.html]Microsoft Security Essentials for Windows Vista\Windows 7[/URL] - 64 bit Download
Microsoft Security Essentials for Windows XP

Next, keep Task Manager running at all times on your computer. (CTRL+ALT+Delete) When the computer starts to freeze try to open the Task Manager and check to see what process is taking the most memory. Try stopping the process and see what happens.

Thanks for your reply, this is what I have done since your last post:

===== StartupLite =====

Downloaded and ran this program, I recieved 6 pop-up messages as follows:

Error on value: SunJavaUpdatSched. There was an error creating a MSConfig key.

Error on value: Quicktime Task. There was an error creating a MSConfig key.

Error on value: IgFXTray. There was an error creating a MSConfig key.

Error on value: HotkeyScmds. There was an error creating a MSConfig key.

Error on value: Persistence. There was an error creating a MSConfig key.

All actions executed succesfully! Changes will take effect after the system is restarted.

(Restarted as requested)

===== Security Essentials =====

Uninstalled AVG and have now installed Security Essentials which allowed me to run a full scan with the result "No threats were detected on your computer during this scan"

===== SUPERAntiSpyware =====

I attempted to run this program again, with the followng results:

The program stopped (C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE 12\1033\PPINTL.DLL) after approximately 10 minutes.

At this point Windows Task Manager was showing the following:

dwm.exe = 12,652k
SUPERAntiSpyware.exe = 129,444k
explorer.exe = 7,308k

I selected SUPERAntiSpyware in the Task Manager and tried to end the process, I got the rotating green circle which tells you that it is processing the request before "Windows Task Manager (Not responding)" appeared at the top of the screen. All software stopped responding at this stage.

Safe Mode: Retried in Safe Mode, stopped at approximately 10 minutes (at same file as above). Windows Task Manager showed the following:

MSMpeng.exe = 22,172k
SUPERAntiSpyware.exe = 128,328k
System = 15,448k (NT Kernal + System)
Explorer.exe = 11,600k

I selected MSMpeng.exe to end process, machine became unresponsive.
 
In both cases I had to use the power button to restart machine.

===== Malwarebytes =====

I attempted to run this program again:

The program stopped at 11 minutes,37 secs (C:\PROGRAM Files\MICROSOFT OFFICE\OFFICE 12\Wordcnvpxy.cnv)

BSOD then the computer restarted itself.

just before the BSOD Task Manager showed the following:

dwm.exe = 14,108
mbam.exe = 81,548
office.bin = 792

[Malware Removal Specialist]

Download BlueScreenView to your desktop.
BlueScreenView
unzip downloaded file and double click on BlueScreenView.exe to run the program.
when scanning is done, go to EDIT - Select All
Go to FILE - SAVE Selected Items, and save the report as BSOD.txt
Open BSOD.txt in Notepad, copy all of the content, and paste it into your next reply.