Pages: 1

 

2007-04-18 05:00:59
Sup3r_Dr4gon
Boat sig is not there anymore
+214|6336|Australia
As the title says, my computer is half freezing. If your wondering what the hell half freezing is, it's the best term I could come up with for my problem.
Randomly when I'm on the computer, I suddenly can't access the start bar, or icons on the desktop. If I'm on the net, I'll be able to still surf sites, but If I minimize it, I can't bring it up again. CTRL+ALT+DEL still works, but I can't find anything suspicious that could be causing it. The only thing that seems to fix it is a restart.

Karma for help.
2007-04-18 10:37:17
EvilMonkeySlayer
Member
+82|6661
Sounds like the explorer process is messing up. A typical explanation for this is spyware or malicious software has been installed.

Best download hijackthis and post the log.
2007-04-18 10:44:44
King_County_Downy
shitfaced
+2,791|6606|Seattle

Try unplugging your CD ROM. Sounds like a long shot, but I've seen that before. It could also be malware as the evil monkey said. What programs do you use for malware protection?
Sober enough to know what I'm doing, drunk enough to really enjoy doing it
2007-04-19 02:43:18
Sup3r_Dr4gon
Boat sig is not there anymore
+214|6336|Australia

EvilMonkeySlayer wrote:

Sounds like the explorer process is messing up. A typical explanation for this is spyware or malicious software has been installed.

Best download hijackthis and post the log.
http://hjt-data.trend-braintree.com/hjt … rt=3701845

Is that right?


King_County_Downy wrote:

Try unplugging your CD ROM. Sounds like a long shot, but I've seen that before. It could also be malware as the evil monkey said. What programs do you use for malware protection?
I have microsoft antivirus and NOD32. I have sygate as a firewall, if thats relevant.
2007-04-19 03:23:58
HeimdalX
Member
+37|6660

Sup3r_Dr4gon wrote:

EvilMonkeySlayer wrote:

Sounds like the explorer process is messing up. A typical explanation for this is spyware or malicious software has been installed.

Best download hijackthis and post the log.
http://hjt-data.trend-braintree.com/hjt … rt=3701845

Is that right?


King_County_Downy wrote:

Try unplugging your CD ROM. Sounds like a long shot, but I've seen that before. It could also be malware as the evil monkey said. What programs do you use for malware protection?
I have microsoft antivirus and NOD32. I have sygate as a firewall, if thats relevant.
2 antivirus programs running at the same time? Try turning one off. You can still manually scan with each one separately.
2007-04-19 04:29:39
EvilMonkeySlayer
Member
+82|6661

HeimdalX wrote:

Sup3r_Dr4gon wrote:

EvilMonkeySlayer wrote:

Sounds like the explorer process is messing up. A typical explanation for this is spyware or malicious software has been installed.

Best download hijackthis and post the log.
http://hjt-data.trend-braintree.com/hjt … rt=3701845

Is that right?


King_County_Downy wrote:

Try unplugging your CD ROM. Sounds like a long shot, but I've seen that before. It could also be malware as the evil monkey said. What programs do you use for malware protection?
I have microsoft antivirus and NOD32. I have sygate as a firewall, if thats relevant.
2 antivirus programs running at the same time? Try turning one off. You can still manually scan with each one separately.
The log file isn't coming up here ("Unable to display report. Please try again later"), save the actual log file and post it here. (as a link to click on, since the text output is usually very long)

Also, ditto on the anti-virus thing. You may as well uninstall/disable the MS one. It supposedly isn't all that good at detecting viruses anyway.
2007-04-19 14:14:44
Sup3r_Dr4gon
Boat sig is not there anymore
+214|6336|Australia
Index    % of PCs with item    Code    Data
1    1.1%    O2    EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
2    0.0%    O2    (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\system32\tmp17.tmp.dll
3    0.0%    O2    (no name) - {838606b6-0c8a-40f9-8c54-ecb1fcbb0da7} - C:\WINDOWS\system32\dmdder.dll
4    2.0%    O20   
5    0.0%    O20    dmdder - C:\WINDOWS\SYSTEM32\dmdder.dll
6    50.7%    O22    Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
7    49.1%    O22    Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
8    16.9%    O23    Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
9    11.0%    O23    ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
10    4.1%    O23    NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
11    0.2%    O23    Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
12    1.1%    O3    EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
13    56.4%    O4    [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
14    14.1%    O4    [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
15    3.7%    O4    [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
16    2.2%    O4    [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
17    1.9%    O4    [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
18    1.1%    O4    [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
19    0.4%    O4    [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
20    0.1%    O4    [Regscan] C:\WINDOWS\System32\regscan.exe
21    0.1%    O4    [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
22    0.0%    O4    [Fraps] E:\BACKUP3\FRAPS\FRAPS.EXE
23    44.5%    O9    Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
24    43.8%    O9    Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
25    87.7%    P01    C:\WINDOWS\Explorer.EXE
26    85.6%    P01    C:\WINDOWS\system32\svchost.exe
27    85.6%    P01    C:\WINDOWS\system32\lsass.exe
28    85.5%    P01    C:\WINDOWS\system32\winlogon.exe
29    85.5%    P01    C:\WINDOWS\system32\services.exe
30    85.4%    P01    C:\WINDOWS\System32\smss.exe
31    82.2%    P01    C:\WINDOWS\system32\spoolsv.exe
32    59.6%    P01    C:\WINDOWS\system32\ctfmon.exe
33    21.0%    P01    C:\WINDOWS\system32\Ati2evxx.exe
34    14.8%    P01    C:\Program Files\Messenger\msmsgs.exe
35    10.1%    P01    C:\WINDOWS\system32\wscntfy.exe
36    4.2%    P01    C:\Program Files\Eset\nod32krn.exe
37    3.7%    P01    C:\Program Files\Eset\nod32kui.exe
38    3.4%    P01    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
39    2.3%    P01    C:\Program Files\Analog Devices\Core\smax4pnp.exe
40    1.5%    P01    C:\Program Files\Analog Devices\SoundMAX\smax4.exe
41    1.2%    P01    C:\Documents and Settings\Owner\Desktop\HiJackThis_v2.exe
42    0.8%    P01    C:\Program Files\Sygate\SPF\smc.exe
43    0.3%    P01    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe

There we go, that should be it.

And the MS one isn't actually running, it's only installed. I have NOD32 as my main one.

EDIT: I just noticed something - it occurs when I close windows media player 11 after listening to some music. Is this some kind of bug, or is it still spyware/adware related?

Last edited by Sup3r_Dr4gon (2007-04-19 14:27:58)

2007-04-19 15:17:33
EvilMonkeySlayer
Member
+82|6661

Sup3r_Dr4gon wrote:

2    0.0%    O2    (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\system32\tmp17.tmp.dll - DODGY
3    0.0%    O2    (no name) - {838606b6-0c8a-40f9-8c54-ecb1fcbb0da7} - C:\WINDOWS\system32\dmdder.dll - DODGY
5    0.0%    O20    dmdder - C:\WINDOWS\SYSTEM32\dmdder.dll - DODGY
20    0.1%    O4    [Regscan] C:\WINDOWS\System32\regscan.exe TROJAN VIRUS
I'd do the backup option then tick the entries for those four and delete them immediately. Plus, delete the files themselves.

By the way, this is essentially what you should have posted. (as a link like I have for example) That way there is everything that can be checked.

EDIT: Oh hey, I just noticed you're from Australia. Cool, where about? I've been to Aus twice now (technically 3 times and i've got the passport stamps to prove it) and i'm off again next year for my brothers wedding. He's marrying an Aussie lass.

Last edited by EvilMonkeySlayer (2007-04-19 15:28:21)

2007-04-19 15:40:03
Jameseyy
Banned
+108|6237|Scotland!
I had the same problem ages ago on my old computer, fixed it when I ran spybot and xoftspy so I guess it was spyware.
2007-04-20 11:26:48
Sup3r_Dr4gon
Boat sig is not there anymore
+214|6336|Australia
Well, I deleted those files, and I haven't had the problem return so far.

Thanks to everyone who helped.
2007-04-20 13:02:16
unnamednewbie13
Moderator
+2,053|6781|PNW

I'd kill browseui. But your best bet is to run some malware killing apps, such as spybot and adaware. Finish it up with a smitfraudfix. Tap the F8 key repeatedly while your computer boots up to get into safe mode, which is the best way to run such apps.

Last edited by unnamednewbie13 (2007-04-20 13:03:59)

 

Pages: 1

Board footer

Privacy Policy - © 2024 Jeff Minard