Inactive pc crashing when starting browser

should i post like this?



ComboFix 10-08-17.04 - Administrator 08/18/2010 17:04:19.4.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.516 [GMT -6:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_cerc6


((((((((((((((((((((((((( Files Created from 2010-07-18 to 2010-08-18 )))))))))))))))))))))))))))))))
.

2010-08-10 21:53 . 2010-08-10 21:53 -------- d-----w- c:\documents and settings\Administrator\Application Data\U3
2010-08-10 21:28 . 2010-08-10 21:28 -------- d-----w- c:\program files\Trend Micro
2010-08-10 21:22 . 2010-08-10 21:22 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE
2010-08-10 20:07 . 2010-08-10 20:07 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE
2010-08-10 20:06 . 2010-08-10 20:06 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Yahoo!
2010-08-09 21:26 . 2010-08-09 21:26 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-08-09 21:26 . 2009-04-06 21:32 15504 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-09 21:26 . 2009-04-06 21:32 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-09 21:26 . 2010-08-12 22:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-09 21:26 . 2010-08-09 21:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-09 21:24 . 2010-08-09 21:24 3158262 ----a-w- c:\documents and settings\Administrator\Application Data\CVS\CVS Viewer\PhotoViewer_intro.exe
2010-08-09 21:24 . 2010-08-09 21:24 1214464 ----a-w- c:\documents and settings\Administrator\Application Data\CVS\CVS Viewer\exiv2.exe
2010-08-08 20:15 . 2010-08-08 20:15 1244648 ----a-w- c:\documents and settings\Administrator\Application Data\MSNInstaller\msnauins.exe
2010-08-08 20:15 . 2010-08-08 20:15 -------- d-----w- c:\documents and settings\Administrator\Application Data\MSNInstaller
2010-08-04 16:11 . 2010-08-09 21:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\CVS
2010-08-04 16:11 . 2010-08-04 16:11 -------- d-sh--w- c:\windows\ftpcache
2010-08-01 22:45 . 2010-08-01 22:45 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
2010-08-01 22:45 . 2010-08-01 22:45 -------- d-----w- c:\documents and settings\LocalService\Application Data\Yahoo!
2010-07-25 19:01 . 2010-07-25 19:01 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2010-07-22 20:29 . 2010-07-22 20:29 242896 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtdix.sys
2010-07-22 20:29 . 2010-07-22 20:29 216200 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgldx86.sys
2010-07-22 20:28 . 2010-07-22 20:28 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-22 20:27 . 2010-07-22 20:27 1690464 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.dll
2010-07-22 20:27 . 2010-07-22 20:27 1038688 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.exe
2010-07-22 20:27 . 2010-07-22 20:27 813336 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avginet.dll
2010-07-22 20:27 . 2010-07-22 20:27 624920 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgiproxy.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-18 15:59 . 2010-03-18 03:18 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-08-11 15:51 . 2010-03-18 04:24 -------- d-----w- c:\program files\Lavasoft
2010-08-11 15:51 . 2010-03-18 04:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-07-22 20:28 . 2009-12-23 21:52 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-22 20:28 . 2009-12-23 21:52 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-06-30 12:31 . 2008-04-14 12:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:22 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-23 13:44 . 2008-04-14 12:00 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2008-04-14 12:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2008-04-14 12:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2009-10-15 20:03 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41 . 2008-04-14 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-02 15:05 . 2009-12-23 21:52 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
.

((((((((((((((((((((((((((((( SnapShot@2010-08-17_18.10.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-18 23:12 . 2010-08-18 23:12 16384 c:\windows\temp\Perflib_Perfdata_760.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829} "= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829} "= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate "= "c:\windows\system32\Macromed\Flash\FlashUtil10d.exe" [2009-10-28 257440]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5} "= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-22 20:28 12536 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-07-22 16:14 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG9_TRAY]
2010-07-22 20:28 2065760 ----a-w- c:\progra~1\AVG\AVG9\avgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCMSMMSG]
2003-08-29 10:59 122880 ----a-w- c:\windows\BCMSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DW6]
2009-10-08 19:13 818288 ----a-w- c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-03-31 15:37 136176 ----atw- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2005-10-19 14:59 126976 ----a-w- c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2005-10-19 14:59 155648 ----a-w- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 11:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PD0630 STISvc]
2005-06-05 17:01 36864 ----a-r- c:\windows\system32\P0630Pin.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe "=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe "=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe "=
"c:\\Program Files\\SightSpeed\\SightSpeed.exe "=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe "=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12/23/2009 3:52 PM 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [12/23/2009 3:52 PM 243024]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [7/22/2010 2:28 PM 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [7/22/2010 2:28 PM 308136]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [4/19/2004 3:01 PM 6656]
S3 P0630VID;Creative WebCam Live!;c:\windows\system32\drivers\P0630Vid.sys [3/31/2010 2:20 PM 91841]
.
Contents of the 'Scheduled Tasks' folder

2010-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1454471165-1417001333-500Core.job
- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-03-31 15:37]

2010-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1454471165-1417001333-500UA.job
- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-03-31 15:37]

2010-08-18 c:\windows\Tasks\User_Feed_Synchronization-{899B1AF7-6C37-4AF9-AD25-32A53F5F5D08}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 10:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-18 17:13
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977 "=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,12,8d,07,a1,50,8d,42,af,46,fb,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81 "=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,18,12,8d,07,a1,50,8d,42,af,46,fb,\

[HKEY_USERS\S-1-5-21-1715567821-1454471165-1417001333-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977 "=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,84,59,fa,98,1c,2e,8a,4a,bc,69,c1,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81 "=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,99,e5,2a,28,ed,26,68,41,9a,79,c6,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25 "=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,84,59,fa,98,1c,2e,8a,4a,bc,69,c1,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1264)
c:\windows\system32\WININET.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2010-08-18 17:18:16 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-18 23:18
ComboFix2.txt 2010-08-18 15:49
ComboFix3.txt 2010-08-18 14:46
ComboFix4.txt 2010-08-17 18:13

Pre-Run: 28,326,682,624 bytes free
Post-Run: 28,257,296,384 bytes free

- - End Of File - - 31DE95361B7AF353214819A49894ECC9

 

all updated, and fixed, thanks much, close thread.