My Comp keeps getting stuck....

Science & Technology Information Technology, Gaming, Machines, Gadgets
1

and its getting annoying. Anyone know of any possible way to make it stop getting stuck? And although I have popup blocker I keep getting popup ads. And in my fave’s I keep getting other junk added in anyway to stop that? My comp always gets stuck what do I do???

2

Re: My Comp keeps getting stuck…

There could be several reasons behind it!
Do you have a firewall?
Do you have anti-virus software?
Hijack it and post the log!

3

Re: My Comp keeps getting stuck…

Sounds like a spyware/malware/junkware

run hujack this and post the log file here, so we can help you eliminate the pop ups and sucher annoyances.

If you dont know what I am talking about, get Hijackthis from here:

http://www.spywareinfo.com/~merijn/downloads.html

Its pretty much self explainatory.

You can also try booting into “SAFE MODE” and empty all ‘TEMP’ folders.

C:\WINDOWS\TEMP

and in

C:\Documents and Settings{your username}\Local Settings\Temp

4

Re: My Comp keeps getting stuck....

well i have ad-aware and spybot and I use both of them almost weekly. I also tried running my anti-virus...but still the samething happens. I don't know how to check for the firewall problem...so explain plz.
What exactly is spyware?

hi every1, .....ooopps
5

Re: My Comp keeps getting stuck....

so u want me to list everything here? Cuz there is a lot of stuff that came up.

6

Re: My Comp keeps getting stuck....

yes, you can save all that comes up. there is a button at the bottom, to save a log file. Then copy/paste that here.

7

Re: My Comp keeps getting stuck…

It all saved on notepad and its really long…but here it is:

Logfile of HijackThis v1.99.1
Scan saved at 8:33:03 PM, on 4/29/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32
vsvc32.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\Java\j2re1.4.2_05\bin\jucheck.exe
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\WINDOWS\pgtaff.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
c:\progra~1\intern~1\iexplore.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Noreen\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.jusnprgnujlwtyqcjokm.net/WlnENe7hbgJP885Fr4thhoGtS_jAzd3asbPisMD6LhwFqdRbvn9AMIQFEVmLdOYw.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us8l.hpwis.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us8l.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {AF793060-CE2C-50A5-ED2B-C43275C9821C} - C:\DOCUME~1\Noreen\APPLIC~1\MAILRU~1\Okay First.exe
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1601.0\en-us\msntb.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM..\Run: [UpdateManager] “C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe” /r
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM..\Run: [HPHUPD05] c:\Program Files\HP{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM..\Run: [HP Software Update] “C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe”
O4 - HKLM..\Run: [HP Component Manager] “C:\Program Files\HP\hpcoretech\hpcmpmgr.exe”
O4 - HKLM..\Run: [ccApp] “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”
O4 - HKLM..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM..\Run: [TkBellExe] “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM..\Run: [MessengerPlus3] “C:\Program Files\Messenger Plus! 3\MsgPlus.exe”
O4 - HKLM..\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM..\Run: [DataLayer] C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM..\Run: [THIRD BIND SOFTWARE VIEW] C:\Documents and Settings\All Users\Application Data\0164thirdbind\Free bolt.exe
O4 - HKCU..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU..\Run: [BackupNotify] C:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU..\Run: [pgtaff] C:\WINDOWS\pgtaff.exe
O4 - HKCU..\Run: [Multi Bind] C:\DOCUME~1\Noreen\APPLIC~1\RDRCUR~1\Bias Global.exe
O4 - HKCU..\Run: [MessengerPlus3] “C:\Program Files\Messenger Plus! 3\MsgPlus.exe” /WinStart
O4 - HKCU..\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin
pjpi142_05.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin
pjpi142_05.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://us8l.hpwis.com
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O18 - Filter: text/html - {E64E4E60-EF13-4C79-A159-119762E18181} - C:\WINDOWS\System32\lmf32.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus
avapsvc.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
vsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

8

Re: My Comp keeps getting stuck....

Is lsass.exe ......

The SasserWorm?

9

Re: My Comp keeps getting stuck....

^ no clue

10

Re: My Comp keeps getting stuck....

Its actually a system process of the Microsoft Windows security mechanisms. It specifically deals with local security and login policies. But, it also can be sasser.worm. Depend on where its located, if its located in c:\windows\System32 then its not, otherwise it is.

11

Re: My Comp keeps getting stuck…

C:\WINDOWS\pgtaff.exe
AdRotator adware variant
This is a nasty process! You should fix it and try to delete it manually!

O4 - HKCU..\Run: [pgtaff] C:\WINDOWS\pgtaff.exe
fix this

O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm

fix this

O14 - IERESET.INF: START_PAGE_URL=http://us8l.hpwis.com
fix it

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yah...utocomplete.cab

fix it
O18 - Filter: text/html - {E64E4E60-EF13-4C79-A159-119762E18181} - C:\WINDOWS\System32\lmf32.dll
fix it
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
not neccessary tou have this

I hope I am right, gizzy bhai back me up please, and correct me if i m wrong.

12

Re: My Comp keeps getting stuck....

I'll look into it tomorrow morning.

13

Re: My Comp keeps getting stuck....

Thanks P and G I really appreciate ur guys help :)

14

Re: My Comp keeps getting stuck....

Hard working people, them!! :Salute:

15

Re: My Comp keeps getting stuck....

I haven't cleaned it yet I want to make sure Gizzy bhai looks into it first so I don't delete something that was imp.

16

Re: My Comp keeps getting stuck....

Check the following as well:
O4 - HKLM..\Run: [THIRD BIND SOFTWARE VIEW] C:\Documents and Settings\All Users\Application Data\0164thirdbind\Free bolt.exe
O4 - HKCU..\Run: [Multi Bind] C:\DOCUME~1\Noreen\APPLIC~1\RDRCUR~1\Bias Global.exe
Your name is Noreen?

17

Re: My Comp keeps getting stuck....

^ Thanks...no my name is not Noreen thats my sis name. When my uncle setup the labtop he put it under her name cuz it was suppose to be hers...but now its not. LOL. :D She has another one.

Now Hiring: GS Newspaper Department Heads
18

Re: My Comp keeps getting stuck…

oye umar dekho aur harkatien dekho :stuck_out_tongue: :hoonh: should i tell these ppl ur reall age :stuck_out_tongue:

I know we are hard working ppl or hardly working ppl, I don’t know I think something along these lines. :stuck_out_tongue:

pyarii u r welcome, I don’t want to mess up ur comp, but I m sure I am rite, but I need gizzy bhai and this dumbo tofi to read it over first.

19

Re: My Comp keeps getting stuck…

there are 2 entries with (http://us8l.hpwis.com) in them: these are HP related something. But I chose to have them deleted, coz if I was you I would delete them, but since you are not me, you can keep them or delete them :stuck_out_tongue:

You can safely delete all the following entries:

C:\WINDOWS\pgtaff.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.jusnprgnujlwtyqcjokm.net…IQFEVmLdOYw.htm

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us8l.hpwis.com

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us8l.hpwis.com/

O2 - BHO: (no name) - {AF793060-CE2C-50A5-ED2B-C43275C9821C} - C:\DOCUME~1\Noreen\APPLIC~1\MAILRU~1\Okay First.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost

O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1601.0\en-us\msntb.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll

O4 - HKCU..\Run: [pgtaff] C:\WINDOWS\pgtaff.exe
O4 - HKCU..\Run: [Multi Bind] C:\DOCUME~1\Noreen\APPLIC~1\RDRCUR~1\Bias Global.exe
O4 - HKLM..\Run: [THIRD BIND SOFTWARE VIEW] C:\Documents and Settings\All Users\Application Data\0164thirdbind\Free bolt.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

O14 - IERESET.INF: START_PAGE_URL=http://us8l.hpwis.com

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yah…utocomplete.cab

O18 - Filter: text/html - {E64E4E60-EF13-4C79-A159-119762E18181} - C:\WINDOWS\System32\lmf32.dll

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus
avapsvc.exe (file missing)

20

Re: My Comp keeps getting stuck…

**Name:**NavLogon
**Filename:****NavLogon.dll**
**Description:**Part of the Norton Antivirus product. Unsure as to what it does.
**File Location:**%System%
**Startup Type:**This program uses the Winlogon Notify key to automatically start. This key is used to run certain programs when specific actions occur such as computer starting up, a user logging in or logging off, or a computer shutting down.
**Note:**%System% is a variable that refers to the Windows System folder. By default this is C:\Windows\System for Windows 95/98/ME, C:\Winnt\System32 for Windows NT/2000, or C:\Windows\System32 for Windows XP.