Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

What do I do?


  • Please log in to reply

#1
bluehollie

bluehollie

    New Member

  • Member
  • Pip
  • 8 posts
<_< How do I fix my computer? I have been using Windows XP for over 2 years now and have never had and problems until lately. Now, everytime I log on, my computer keeps freezing up. I have ran anti virus scans (infection free) and done everything I know to do but can't seem to get it to stop freezing. Can anyone help me?

Thanks,
bluehollie
  • 0

Advertisements


#2
ditto

ditto

    - i pwn n00bs -

  • Member
  • PipPipPipPip
  • 1,260 posts
Let us take a closer look at what is running on your PC. We'll need you to use a free diagnostic tool (HiJackThis) and post a log back here with the results.

Click the HijackThis Guide in my signature, download it and follow the instructions in the guide.

Most of what it lists will be harmless or even essential, DO NOT delete or modify anything yet! Someone will be along to tell you what steps to take after you post the contents of the scan results.
  • 0

#3
bluehollie

bluehollie

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Here is the HijackThis Log.

Logfile of HijackThis v1.97.7
Scan saved at 9:10:54 PM, on 4/30/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Compaq\Compaq Advisor\bin\compaq-rba.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\COMMON~1\EACCEL~1\EANTHO~1.EXE
C:\Program Files\Acceleration Software\Anti-Virus\defscangui.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ACCELE~1\DOWNLO~1\dguard.exe
C:\PROGRA~1\ACCELE~1\SYSTEM~1\sys_alert.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\VISION~1\ONETOU~2.EXE
C:\PROGRA~1\ACCELE~1\VELOZD~1\velozsys.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\PROGRA~1\INTRIG~1\pcbodyguard.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe
C:\PROGRA~1\AWS\WEATHE~1\Weather.exe
C:\Program Files\eBay\eBay Toolbar\4.2.0.3\ebaytbar.exe
C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\BellSouth\Connection Manager\CManager.exe
C:\PROGRA~1\BROADJ~1\CORREC~1\CCD.exe
C:\PROGRA~1\BROADJ~1\CLIENT~1\CFD.exe
C:\PROGRA~1\ACCELE~1\SCRIPT~1\scan.exe
C:\PROGRA~1\ACCELE~1\VELOZD~1\veloz.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\robin\Local Settings\Temp\Temporary Directory 1 for hjt[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.alltheint....com/search.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.alltheint....com/search.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bellsouth.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alltheinternet.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.alltheint....com/search.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.alltheint....com/search.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.alltheint....com/search.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.stop-sign...rt/homepage.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.alltheint....com/search.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.alltheint....com/search.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://store.presari...&c=3c01&lc=0409
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.alltheint....com/search.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.alltheint....com/search.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Compaq
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://rd.yahoo.com/...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.alltheinternet.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.alltheinternet.com
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
N2 - Netscape 6: user_pref("browser.startup.homepage", "http://www.alltheinternet.com/"); (C:\Documents and Settings\robin\Application Data\Mozilla\Profiles\default\ts1ne2ea.slt\prefs.js)
O2 - BHO: (no name) - {001F2570-5DF5-11d3-B991-00A0C9BB0874} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\eBayBand.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {6ACD11BD-4CA0-4283-A8D8-872B9BA289B6} - C:\PROGRA~1\ACCELE~1\StopSign\webcbrowse0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: eBay Toolbar - {46AE04C0-BCFA-4728-90E7-00EB4A8B3863} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\eBayBand.dll
O4 - HKLM\..\Run: [EanthologyApp] C:\PROGRA~1\COMMON~1\EACCEL~1\EANTHO~1.EXE /b Startup
O4 - HKLM\..\Run: [WebScan] C:\Program Files\Acceleration Software\Anti-Virus\defscangui.exe -k
O4 - HKLM\..\Run: [sginst] C:\PROGRA~1\ACCELE~1\SCRIPT~1\sginst.exe /upd
O4 - HKLM\..\Run: [dguard] C:\PROGRA~1\ACCELE~1\DOWNLO~1\dguard.exe
O4 - HKLM\..\Run: [eanth_critical_update_alert] C:\PROGRA~1\ACCELE~1\SYSTEM~1\sys_alert.exe /Startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Care2GTU] wjview /cp:p "C:\Program Files\Care2GTU\System\Code" Main lp: "C:\Program Files\Care2GTU"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [OneTouch Monitor] C:\PROGRA~1\VISION~1\ONETOU~2.EXE
O4 - HKLM\..\Run: [eMailEncryption] C:\PROGRA~1\ACCELE~1\VELOZD~1\velozsys.exe runstart
O4 - HKLM\..\Run: [LSPFix] C:\Program Files\Common Files\eAcceleration\LSPfix\LSPmonitor.exe normal
O4 - HKLM\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PCBG] C:\PROGRA~1\INTRIG~1\pcbodyguard.exe /start
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [PPWebCap] C:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe
O4 - HKCU\..\Run: [Desktop Weather 3] C:\PROGRA~1\THEWEA~1\The Weather Channel.exe
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKLM\..\RunOnce: [Compaq_RBA] C:\Program Files\Compaq\Compaq Advisor\bin\compaq-rba.exe -z
O4 - Startup: Check for OneTouch Updates.lnk = C:\Program Files\Visioneer OneTouch\WiseUpdt.exe
O4 - Startup: Connection Manager.lnk = C:\Program Files\BellSouth\Connection Manager\CManager.exe
O4 - Global Startup: eBay Toolbar.LNK = C:\Program Files\eBay\eBay Toolbar\4.2.0.3\ebaytbar.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra 'Tools' menuitem: Block This Page (HKLM)
O9 - Extra 'Tools' menuitem: Search the Internet (HKLM)
O9 - Extra button: eBay Toolbar (HKLM)
O9 - Extra 'Tools' menuitem: eBay Toolbar (HKLM)
O9 - Extra 'Tools' menuitem: Free Software Downloads (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O9 - Extra button: Support (HKCU)
O9 - Extra button: WeatherBug (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\asiclayer.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\asiclayer.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\asiclayer.dll
O14 - IERESET.INF: START_PAGE_URL=http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=consumerfav&c=3c01&lc=0409
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg...t/c381/chat.cab
O16 - DPF: Yahoo! Chess - http://download.game...nts/y/ct1_x.cab
O16 - DPF: Yahoo! Klondike Solitaire - http://yog55.games.s...og/y/ks11_x.cab
O16 - DPF: {001F2570-5DF5-11D3-B991-00A0C9BB0874} (eBay Helper Object) - http://download.ebay...ar/eBayTBar.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com...ex/qtplugin.cab
O16 - DPF: {0D3983A9-4E29-4F33-8313-DA22B29D3F87} - https://accounting.q....144/qboax6.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macr...director/sw.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Fun Web Products Installer Start) - http://imgfarm.com/i...etup1.0.0.5.cab
O16 - DPF: {2119776A-F1AD-4FCD-9548-F1E1C615350C} (AxOOdlz Class) - http://www.stop-sign...scandl_cnry.cab
O16 - DPF: {26AFD6EF-C017-4063-B2B1-E515DE98A1B7} - http://download.koda...2_1/install.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weat...Transporter.cab?
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - http://download.yaho...s/yinst0309.cab
O16 - DPF: {53406295-12AB-4F49-824A-C5EAD19365DE} - http://www.compaq.co...tallTrust01.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {5763F8E8-0DD7-4A0F-ADB0-9F64C8F2C349} (Pixami/Snapfish Upload UI Control) - http://www.snapfish....ishUploader.cab
O16 - DPF: {5DA9D8E0-5A57-11CF-9E36-00C0930198C0} (Pegasus ImagN' 32-bit (Windowed) ActiveX Control v4.00) - http://www.cabarrusn...rg/imw32o40.cab
O16 - DPF: {66C643AB-AF09-438E-B1BB-F0B79955CCBA} - http://www.uslocalwe...files/setup.cab
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} - http://216.249.24.14...tiveXImgCtl.CAB
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefend...bitdefender.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} - http://www.installen...gine/isetup.cab
O16 - DPF: {9841D1AE-9C0B-11D3-9452-00105A098C21} (Pegasus PrintPRO Control v2.0) - http://www.cabarrusn...rg/prntpro2.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupd...7634.6613310185
O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} - http://dload.ipbill.com/del/loader.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {B8E71371-F7F7-11D2-A2CE-0060B0FB9D0D} (CDToolCtrl Class) - http://free.aol.com/...5/aolcdt175.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} - http://tools.ebayimg...ol_v1-0-3-0.cab
O16 - DPF: {EE5CA45C-BFAC-48E6-BE6C-3C607620FF43} (IMViewerControl Class) - http://companion.log...1/bin/imvid.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.c...bio5_3_16_0.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredim...er/imloader.cab
O16 - DPF: {FB2961FD-DD24-4F8A-8A92-6F9325FF6F11} (toolbar) - http://www.supaseek....bar/toolbar.cab
  • 0

#4
ditto

ditto

    - i pwn n00bs -

  • Member
  • PipPipPipPip
  • 1,260 posts
Hello again bluehollie,

There are a few things that we need to do so lets go step by step.

First, please Download LSPFix from http://www.cexx.org/lspfix.htm and Run the Program. Disconnect from the Internet and close all Internet Explorer Windows. Check the "I know what I'm doing" Button and remove all traces of [c:\windows\system32\asiclayer.dll or just asiclayer.dll]. Once complete reboot your computer.

After that I will need you to download CWShredder and Spybot Search & Destroy.

CWShredder
Spybot Search & Destroy

Using CWShredder: Download CWShredder to your desktop or other location. Close all browser windows, double click the CWShredder icon to run, then click the Fix -> button.

Using Spybot: Start Spybot S&D using the "Spybot-S&D (easy mode)" link from your Start menu . Click the Search for updates button, if any are found then click the Download Updates button. After all updates are downloaded, click the Check for problems button. When the scan is complete, place a check next to anything marked in red, then click the Fix selected problems button.


Reboot one more time and reply to this post with a new log.

ditto
  • 0

#5
bluehollie

bluehollie

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
ok ditto....I'm a little scared to run that first program because of this paragraph.

Before Downloading, read this:
There is a known issue with using this software in combination with obsolete versions of Lavasoft's popular AD-Aware utility. A known issue in some versions of AD-Aware results in improper removal of pests such as New.Net, CommonName, and WebHancer, resulting in lost Internet access. If LSP-Fix is used subsequently to repair these errors, the system may begin exhibiting crashes in MSAFD.DLL and/or RPCSS. This can be fixed by performing a "hard restore" of Windows' networking components. This involves uninstalling the "Communications" item in Windows setup, deleting the Winsock2 registry key, and reinstalling Communications.

You see, Windows XP was installed on my computer when I bought it and the disk did not come with it so if I loose it, that's it. when it says that it can be fixed by performing a "hard restore" of Windows, it says that I will have to uninstall the communications item in windows setup and restall it. Won't I have to have a Windows XP disk to do that? And another thing. I don't know what you mean by disconnect from the internet. If you don't mind, walk me though it. I'm pretty dumb about these things.

Thanks,
bluehollie
  • 0

#6
Smokey

Smokey

    Member 1K

  • Retired Staff
  • 1,423 posts
Welcome bluehollie <_<

No need to worry :D. Have you even used old versions of Ad-Aware before? If not, go ahead and do what ditto said to clean your system. I would strongly recommend you download this just in case of the unlikely event of you losing your connection:

http://www.spychecke...nsockxpfix.html
  • 0

#7
bluehollie

bluehollie

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
ok.....I'm going to try this. If you don't see me back for a couple days then I'm lost, or maybe dead, because if I mess up this computer anymore, when hubby gets home, he'll kill me. <_<
  • 0

#8
Smokey

Smokey

    Member 1K

  • Retired Staff
  • 1,423 posts
Did you download that program? If you did, then no problem. You can get back on the net in no time in case you lose it (very unlikely). Your PC has a lot of problems <_<. But we can help you fix 'em :D.
  • 0

#9
Smokey

Smokey

    Member 1K

  • Retired Staff
  • 1,423 posts
Well, I gotta get some sleep and will get back with you in the morning. Thanks for sticking with us. <_<
  • 0

#10
bluehollie

bluehollie

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
ok..I did downloaded the program and ran it. Now all the writting on my computer is x's and o's and squares. What now?
  • 0

#11
bluehollie

bluehollie

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Had to restore my system to fix it. It took me forever because I couldn't read it and I was trying to learn a new language....lolol

Finally I got lucky and somehow found system restore.
  • 0

#12
Smokey

Smokey

    Member 1K

  • Retired Staff
  • 1,423 posts
Good job. To completely clean your stystem, we need to see a HJT log.

Click the HijackThis Guide in my signature, download it and follow the instructions in the guide.

Most of what it lists will be harmless or even essential, DO NOT delete or modify anything yet! Someone will be along to tell you what steps to take after you post the contents of the scan results.
  • 0

#13
bluehollie

bluehollie

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
ok....let me try this again. Since I had to restore my computer last night, won't I have to run the LSP-Fix program again? If so, tell me how to disconnect from the internet before I do. I have DSL and I'm always connected when my computer is on.

Really appreciate all your help,
bluehollie
  • 0

#14
bluehollie

bluehollie

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
well, I don't know what I did but my computer is really fast right now and it's not freezing up at this point. I didn't do everything that you guys told me to but I did most of it. Got scared a couple times but I hope the problem is fixed. I'm going to wait a couple days and see what happens. I'll let you know the outcome and will gladly make my donation if things are right.

Thanks for all you help, both of you.........

bluehollie <_<
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP