1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer freeze up

Discussion in 'Earlier Versions of Windows' started by eureal, Feb 13, 2005.

Thread Status:
Not open for further replies.
Advertisement
  1. eureal

    eureal Thread Starter

    Joined:
    Feb 4, 2005
    Messages:
    9
    O/S Windows Me
    700 mhz
    192 mb ram


    Only recently I have experienced a total freeze up of my computer when attempting to perform maintenance in normal operating mode. The defrag., has reached as high as 95% completion and then freezes, forcing me to manually shut down the computer. I have gotten around this by running the maintenance programs in the "safe mode" but should this be necessary?
    It is not something I have had to do in the past!!!
    Thanks
     
  2. robert2513

    robert2513

    Joined:
    Jun 6, 2003
    Messages:
    183
    Hi.

    Have you checked your computer for viruses and adware/spyware?

    Robert2513
     
  3. eureal

    eureal Thread Starter

    Joined:
    Feb 4, 2005
    Messages:
    9
    I do this daily using Ad-Aware and AVG. Nothing shows in either quarantine volt.
     
  4. robert2513

    robert2513

    Joined:
    Jun 6, 2003
    Messages:
    183
    Ok.

    Download and run the program HijackThis and post the report. Then we will go from there.
     
  5. lucus

    lucus

    Joined:
    Dec 27, 2004
    Messages:
    160
    when i start my pc up my background comes up with no icons or taskbar and a message pops up saying msgsrv32 has performed an illegal operation, i click close and then another message pops up saying explorer has performed an illegal operation. the only way i can get into my pc is if i start it in safe mode, the msgsrv32 message still pops up but i can close it, i would put the windows 98 disk in it but the drives dont work in safe mode. please help me.
     
  6. robert2513

    robert2513

    Joined:
    Jun 6, 2003
    Messages:
    183
    I did some research on the problem and here is what I found out.

    Msgsrv32 is a program that loads Windows drivers when you boot up and unloads them when you shut down.

    One fix is to reinstall/update drivers such as sound card, modem, etc. This can be done by following the these steps:

    Reinstalling Drivers
    1.) Restart computer in Safe Mode.
    2.) Right-click on My Computer and go to properties.
    3.) Click the Device Manager Tab.
    4.) Click the plus sign next to the device you wish to remove.
    i.e. If you want to remove the sound card, click the plus sigh next to Sound, Video, and game controllers.
    5.) Right click the name of your soundcard and click remove. Click Yes.
    6.) You will get a prompt to restart the computer. Do so and see what happens.

    To update the drivers, you will have to go to the manufacture's website and download them and install them.

    Hope this fixes the problem. Good Luck.
    Robert2513
     
  7. zxor38

    zxor38

    Joined:
    May 12, 2004
    Messages:
    140
    Lucus ...nextr time in safe mode look for system tools in the menu communications menu
    go to system information...once in there go to tool tab at top click it and find sys file checker it will scan the entire harddrive and find the problem

    em....
     
  8. eureal

    eureal Thread Starter

    Joined:
    Feb 4, 2005
    Messages:
    9
    Logfile of HijackThis v1.99.0
    Scan saved at 15:41:39, on 14/02/2005
    Platform: Windows ME (Win9x 4.90.3000)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\COMPAQ\CPQINET\CPQINET.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
    C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACRORD32.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\LEXBCES.EXE
    C:\WINDOWS\SYSTEM\RPCSS.EXE
    C:\WINDOWS\SYSTEM\LEXPPS.EXE
    C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
    C:\WINDOWS\RUNDLL32.EXE
    C:\MY DOCUMENTS\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redirectors/presario/deskredir.dll?c=3c00&s=consumer&LC=1009
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c00&s=search&LC=1009
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.shaw.ca/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c00&s=searchbar&LC=1009
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c00&s=search&LC=1009
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c00&s=searchbar&LC=1009
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL (file missing)
    O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button Support\eaclean.exe
    O4 - HKLM\..\Run: [CPQInet] c:\compaq\CPQInet\CpqInet.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
    O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
    O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
    O9 - Extra button: Translate - {06FE5D05-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avbabelfish&c=3c00&LC=1009 (file missing)
    O9 - Extra 'Tools' menuitem: AV &Translate - {06FE5D05-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avbabelfish&c=3c00&LC=1009 (file missing)
    O9 - Extra button: (no name) - {06FE5D02-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avlinksearch&c=3c00&LC=1009 (file missing)
    O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL - {06FE5D02-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avlinksearch&c=3c00&LC=1009 (file missing)
    O9 - Extra button: (no name) - {06FE5D03-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avhostsearch&c=3c00&LC=1009 (file missing)
    O9 - Extra 'Tools' menuitem: Find Other Pages on this &Host - {06FE5D03-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avhostsearch&c=3c00&LC=1009 (file missing)
    O9 - Extra button: (no name) - {06FE5D04-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=altavista&c=3c00&LC=1009 (file missing)
    O9 - Extra 'Tools' menuitem: AV Live - {06FE5D04-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=altavista&c=3c00&LC=1009 (file missing)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
    O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab
    O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -
    O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/bgn/partners/shockwave/excavation/install.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4299/mcfscan.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/158000251f881a961a03/netzip/RdxIE601.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab
    O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://play09.pogo.com/game/deluxe/zuma/popcaploader_v5.cab
    O16 - DPF: Phlinx by pogo - http://game4.pogo.com/applet-6.0.3.28/flinger/flinger-ob-assets.cab
    O16 - DPF: Mah Jong Garden by pogo - http://game4.pogo.com/applet-6.0.3.28/mahjong/mahjong-ob-assets.cab
    O16 - DPF: Pai Gow by pogo - http://game3.pogo.com/applet-6.0.3.28/paigow/paigow-ob-assets.cab
    O16 - DPF: Jigsaw Detective by pogo - http://game3.pogo.com/applet-6.0.3.28/jigsaw/jigsaw-ob-assets.cab
    O16 - DPF: Aces Up! by pogo - http://game3.pogo.com/applet-6.0.3.28/aces/aces-ob-assets.cab
    O16 - DPF: Word Whomp Whackdown by pogo - http://whackdown.pogo.com/applet-6.0.3.28/whackdown/whackdown-ob-assets.cab
    O16 - DPF: Fortune Bingo by pogo - http://superbingo.pogo.com/applet-6.0.3.28/superbingo/superbingo-ob-assets.cab
    O16 - DPF: Sweet Tooth TM by pogo - http://sweettooth.pogo.com/applet-6.0.3.28/sweettooth/sweettooth-ob-assets.cab
    O16 - DPF: WordJong by pogo - http://wordjong.pogo.com/applet-6.0.3.28/wordjong/wordjong-ob-assets.cab
    O16 - DPF: Tri-Peaks by pogo - http://game4.pogo.com/applet-6.0.3.28/peaks/peaks-ob-assets.cab
    O16 - DPF: Pop Fu by pogo - http://popfu.pogo.com/applet-6.0.3.28/popfu/popfu-ob-assets.cab
    O16 - DPF: Jungle Gin by pogo - http://gin.pogo.com/applet-6.0.3.28/gin/gin-ob-assets.cab
    O16 - DPF: Perfect Pair Solitaire by pogo - http://waterwheel.pogo.com/applet-6.0.3.28/waterwheel/waterwheel-ob-assets.cab
    O16 - DPF: Squelchies by pogo - http://squelchies.pogo.com/applet-6.0.3.28/squelchies/squelchies-ob-assets.cab
    O16 - DPF: Hearts by pogo - http://hearts.pogo.com/applet-6.0.3.28/hearts/hearts-ob-assets.cab
    O16 - DPF: Video Poker by pogo - http://vpoker.pogo.com/applet-6.0.3.28/videopoker2/videopoker-ob-assets.cab
    O16 - DPF: Word Whomp by pogo - http://game5.pogo.com/applet-6.0.3.28/wordwhomp/wordwhomp-ob-assets.cab
    O16 - DPF: Multiline Slots by pogo - http://game6.pogo.com/applet-6.0.3.28/mlslots/mlslots-ob-assets.cab
    O16 - DPF: Dice Derby by pogo - http://checkeredflag.pogo.com/applet-6.0.3.35/checkeredflag/checkeredflag-ob-assets.cab
    O16 - DPF: Poppit TM by pogo - http://game5.pogo.com/applet-6.0.3.35/poppit/poppit-ob-assets.cab
    O16 - DPF: Greenback Bayou by pogo - http://greenback.pogo.com/applet-6.0.3.35/greenback/greenback-ob-assets.cab
     
  9. RAM-PAGE

    RAM-PAGE Banned

    Joined:
    Dec 19, 2004
    Messages:
    2,355
  10. Bob Cerelli

    Bob Cerelli

    Joined:
    Nov 2, 2002
    Messages:
    22,468
    From your Hijack This log, it you have a lot of spyware that needs to be removed. I don't think a general file cleanup is going to do much good in this case.

    You need to download a good Spyware and Trojan Removal program.

    Spybot Search and Destroy:
    http://www.safer-networking.org/index.php?page=spybotsda

    SpySweeper:
    http://www.webroot.com/wb/products/spysweeper/index.php
    This will also protect your home page from being hijacked.

    Ad-Aware:
    http://www.lavasoft.de/

    With any of the above three programs, just like with Anti-Virus software, should have the latest updates installed before doing a scan.

    CWShredder:
    http://www.spywareinfo.com/downloads/tools/CWShredder.exe

    KazaaBeGone
    http://www.spywareinfo.com/~merijn/files/kazaabegone.zip

    Programs that can help prevent getting infected:

    Spyware Blaster
    http://www.javacoolsoftware.com/spywareblaster.html

    Spyware Guard
    http://www.wilderssecurity.net/spywareguard.html
     
  11. eureal

    eureal Thread Starter

    Joined:
    Feb 4, 2005
    Messages:
    9
    I see that I have 21 different "pogo" entries on the log file. What would be the adverse effect of removing these? Does this stop me from playing "pogo" games from the internet in the future?
    Thanks-----Lorne
     
  12. Bob Cerelli

    Bob Cerelli

    Joined:
    Nov 2, 2002
    Messages:
    22,468
    What were the results of the various spyware scans?
     
  13. eureal

    eureal Thread Starter

    Joined:
    Feb 4, 2005
    Messages:
    9
    I use Ad-Aware daily and for the most part may pick up 3-10 data miners usually in the area of 2-3 kb. The odd time, one will be 498 bytes, one of which came yesterday.I have no idea if this is relevant.

    My AVG VIRUS SCANNER picked up one virus back in Feb 1st and has been clean since.

    Thanks
     
  14. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/330139

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice