1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer Freezes for odd reason

Discussion in 'Games' started by Doomsday123, Jan 14, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. Doomsday123

    Doomsday123 Thread Starter

    Joined:
    Jul 1, 2002
    Messages:
    505
    When playing Diablo 2 Expansion pack on single player it freezes up after about 10 minutes of freeze. It wont respond to Ctrl+Alt+Delete, or even Holding down the power button for 15 seconds. My computer teacher said that the program might be conflicting with the processor to make it go hay-wire. COuld use some help =) thanks =)
     
  2. Doomsday123

    Doomsday123 Thread Starter

    Joined:
    Jul 1, 2002
    Messages:
    505
    I upgraded to DirectX 9.0 runtime and when it seemed to freeze I pressed Alt+Tab and it minumized after about a minute or so. I just re-entered Diablo 2 and it seemed to be fine. I dont know what is wrong still. Could someone help me plz? thx
     
  3. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    35,660
    Hiya

    What do you have running in the background:

    Go to Run and type MSINFO32
    On the left choose Software Enviroment, then Startup Programs. Copy/paste the list here.

    Regards

    eddie
     
  4. Doomsday123

    Doomsday123 Thread Starter

    Joined:
    Jul 1, 2002
    Messages:
    505
    E-Color Startup Group "C:\Program Files\E-Color\Registration\SonnReg.exe"
    3Deep Startup Group "C:\Program Files\E-Color\3Deep\3Deepctl.exe"
    E-Color Indicator Startup Group "C:\Program Files\E-Color\E-Color Indicator\TICIcon.exe"
    SCPopup Startup Group "C:\Program Files\SHARP\PixLab Lite Pack\SCPopup.exe"
    GStartup Startup Group "C:\Program Files\Common Files\GMT\GMT.exe" /startup
    Microsoft Office Startup Group "C:\Program Files\Microsoft Office\Office\OSA9.EXE" -b -l
    aaqhpy.exe Common Startup Group C:\WINDOWS\SYSTEM\fil\aaqhpy.exe
    run Win.ini C:\WINDOWS\SYSTEM\aaqhpy.exe
    Yahoo! Pager Registry (Per-User Run) C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    Shell32 Registry (Per-User Run) Shell32.exe
    msnmsgr Registry (Per-User Run) "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
    ScanRegistry Registry (Machine Run) C:\WINDOWS\scanregw.exe /autorun
    TaskMonitor Registry (Machine Run) C:\WINDOWS\taskmon.exe
    SystemTray Registry (Machine Run) SysTray.Exe
    NvCplDaemon Registry (Machine Run) RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    nwiz Registry (Machine Run) nwiz.exe /install
    Gainward Registry (Machine Run) C:\WINDOWS\TBPanel.exe /A
    CriticalUpdate Registry (Machine Run) C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
    C-Media Mixer Registry (Machine Run) Mixer.exe /startup
    FileFreedom_Plugin Registry (Machine Run) C:\PROGRAM FILES\FILEFREEDOM\wtm.exe
    Disc Detector Registry (Machine Run) C:\Program Files\Creative\ShareDLL\CtNotify.exe
    AudioHQ Registry (Machine Run) C:\Program Files\Creative\SBPCI512\AudioHQ\AHQTB.EXE
    PromulGate Registry (Machine Run) "C:\Program Files\DelFin\PromulGate\PgMonitr.exe"
    SaveNow Registry (Machine Run) C:\PROGRA~1\SAVENOW\SaveNow.exe
    MediaLoads Installer Registry (Machine Run) "C:\Program Files\DownloadWare\dw.exe" /H
    New.net Startup Registry (Machine Run) rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup
    Windows Explorer Update Build 1142 Registry (Machine Run) explorer32.exe
    LoadPowerProfile Registry (Machine Run) Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    Shell32 Registry (Machine Run) Shell32.exe
    RunDLL32 Registry (Machine Run) C:\WINDOWS\SYSTEM\aaqhpy.exe
    HPDJ Taskbar Utility Registry (Machine Run) C:\WINDOWS\SYSTEM\hpztsb05.exe
    LoadQM Registry (Machine Run) loadqm.exe
    CMESys Registry (Machine Run) "C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE"
    Synchronization Agent Registry (Machine Service) C:\WINDOWS\START MENU\PROGRAMS\ACCESSORIES\SYSTEM TOOLS\AGENT\SYNCAGENT.EXE
    Windows Explorer Update Build 1142 Registry (Machine Service) explorer32.exe
    LoadPowerProfile Registry (Machine Service) Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    Shell32 Registry (Machine Service) Shell32.exe
    RunDLL32 Registry (Machine Service) C:\WINDOWS\SYSTEM\aaqhpy.exe
     
  5. Doomsday123

    Doomsday123 Thread Starter

    Joined:
    Jul 1, 2002
    Messages:
    505
    Ive got it to play for like 20 minutes and then it shuts off and displayes this message.

    "UNHANDLED EXEPTION:
    ACCESS_VIOLATION (c0000005)"

    Then when i try to go to the Internet after it shuts down it tells me.

    "This program has formed an illegal operation and will be shut down.

    If the problem persist contact the program vendor."
     
  6. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    35,660
    Okay, lets see.....

    E-Color: This is what it for:

    http://www.colorific.com/

    Corrects lighting, shading and color for all your 2D and 3D games. Not sure, maybe keep.

    E-Color Indicator: as above

    SCPopup: Looks like its to do with your ViewCam:

    http://www.sharp.net.au/product_sales/viewcam/vlwd650e.htm

    GStartup: Gator spyware variant. See end.

    Microsoft Office: Resource hog that launches common MS Office components to help speed up the launch of Office programs. Some users claim there's no difference with or without it but it isn't required anyway.

    aaqhpy.exe: not sure.

    Yahoo! Pager: Yahoo! Messenger allows you to send instant messages. Using Yahoo! Messenger, you can see when friends are online and chat back and forth with them, like having a real conversation. Available via Start -> Programs. Not needed.

    msnmsgr: not sure.

    ScanRegistry: keep

    TaskMonitor: The Task Monitor checks the disk-access patterns of programs when they are started and stores this information in log files in the Applog folder. Task Monitor also records the number of times you use a program. The Disk Defragmenter tool uses this information to optimize your hard disk so that programs that you use frequently are loaded faster. Not required - but can be useful

    SystemTray: keep

    NvCplDaemon: Intializes the clock and memory settings on nVidia based graphics cards. Disable if you overclock your card

    nwiz: Associated with the newer versions of nVidia graphics cards drivers. Allows you to immensely improve desktop layouts by setting preferences and optimizations. However, this isn't necessary for the operation of your system

    Gainward: Configuration utility for Gainward graphics cards. Not required unless you use non-default settings. Available via Start -> Settings -> Control Panel

    CriticalUpdate: MS Windows Critical Update Notification. If you want to keep Windows up-to-date, check the Windows Update site. Not needed.

    C-Media Mixer: C-Media produce audio chipsets that are often found on popular motherboards with on-board audio. Provides System Tray access to change audio settings. Available via Start -> Settings -> Control Panel or Start -> Programs. Not needed.

    FileFreedom_Plugin: FileFreedom peer-to-peer sharing program. Not needed.

    Disc Detector: For Creative sound cards. Detects when you insert a CD, DVD, etc. Not needed.

    AudioHQ: For Creative Soundblaster Live! series soundcards. System tray application for SB Live! functions. Available via Start -> Programs. Not needed.

    PromulGate: Adware based media viewer by The Delfin Project, see end.

    SaveNow: Advertising spyware. Installed as part of the Kazaa Media Desktop bundle for example. See end.

    MediaLoads Installer: Medialoads is advertising software - running DownloadWare as its executable. Installed as a bundle with Kazaa Media Desktop. See end

    New.net: Advertising spyware, see end.

    Windows Explorer Update Build 1142: Added as a result of the KaZaA based KWBOT VIRUS!, see end

    LoadPowerProfile: keep

    Shell32: Not sure, may be due to virus.

    RunDLL32: This loads the System Tray icon used to change display settings, change the clock rate and memory speed for nVidia based graphics cards. This is unnecessary since you can easily configure these settings the way you want them in the Display Properties and not have to mess with them again. Not needed.

    HPDJ Taskbar Utility: Ghostscript device driver for printers understanding Hewlett-Packard's Printer Command Language

    http://home.t-online.de/home/Martin.Lottermoser/pcl3.html

    OR

    Creates 1 or all 3 icons on taskbar. The 1st one has a yellow border around it warning that ink is low on the printer. The second one is HP Device Detection Software and the 3rd one is about a card being inserted into the Hp printer

    Not sure

    LoadQM: Loads the MSN Queue Manager. Note that disabling this can sometimes prevent internet sharing working on Win2K Pro SP2. Reports also suggest that removing it will re-enable internet access - hence the "users choice" recommendation. If you have problems leave it, otherwise I recommend you disable it

    CMESys: Part of Gator advertising spyware, see end

    Synchronization Agent: http://support.microsoft.com/default.aspx?scid=KB;en-us;q256139

    Not needed.



    Okay, as you have a Virus, I would get that sorted first of all. Update your Antivirus, or do an online scan here:

    http://housecall.antivirus.com/housecall/start_corp.asp

    This is all about the virus:

    http://securityresponse.symantec.com/avcenter/venc/data/w32.kwbot.worm.html

    Then, when its all clear, you can sort out the spyware. I'm assuming you have Kazaa. There is a spyware free one, called KazaaLite:

    http://www.kazaalite.com/

    Now, uninstall the version you have at the moment, and also, in AddRemove in the Control Panel, see if you can see any references to Gator, SaveNow, MediaLoads Installer and PromulGate

    Don't worry if they're not there, but if they are, uninstall.

    Then run Spybot, available here:

    http://tomcoyote.com/SPYBOT/


    As for new.net, have a look at this, on how to remove it:

    http://cexx.org/newnet.htm

    http://cexx.org/newnetfix2.htm


    After thats all been done, and its clear, you can sort out the MSCONFIG stuff. Go to Run and type in MSCONFIG, startup tab. Uncheck the ones you don't want, apply and restart.


    To prevent any other files being downloaded by mistake, go to Tools | Internet Options. Advanced tab. Under Browsing, look for Enable Install on Demand. Untick, apply and OK.


    As for the other error, click Details, and copy/paste the contents here.

    Regards

    eddie
     
  7. lafn

    lafn

    Joined:
    Jan 5, 2003
    Messages:
    43
    why cant something be done to these annoying people that make gator and newnet? gator installs without permission, it ask and you so no, and it says well what you dont know wont hurt..
    I hate these sites....
     
  8. IgneousPrime

    IgneousPrime

    Joined:
    Aug 21, 2002
    Messages:
    405
    I would NOT recommend downloading Kazaa Lite. I downloaded it once and it just ruined my whole computer. It edited the HOSTS file so I couldn't play a few games and I took hours repairing it. But it's your choice to download it or not. Might not have the same stuff as I did...but...go for it.
     
  9. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    35,660
    Ah, never knew it caused any other problems.

    I use WinMX www.winmx.com

    No problems so far :)

    eddie
     
  10. Doomsday123

    Doomsday123 Thread Starter

    Joined:
    Jul 1, 2002
    Messages:
    505
    It found these infected files,

    BKDR SUB7.22A
    BKDR LITH.102.A
    BKDR LITH.102.A
    BKDR LITH.102.A
    BKDR LITH.102.E
    BKDR LITH.102.A
    BKDR LITH.102.A
    BKDR SUB7.22A
    BKDR SUB7.22A
    BKDR SUB7.22A
    BKDR LITH.102.A
    BKDR NBSPY
    BKDR SUB7.22A

    Should i delete them or what?
     
  11. Doomsday123

    Doomsday123 Thread Starter

    Joined:
    Jul 1, 2002
    Messages:
    505
    Save Now is in the startup menu in msconfig. I didnt see it in the add/remove hardware. Also i MediaLoad is there but you said to uninstall MediaLoad Installer, should I unistall MediaLoad too??
     
  12. IgneousPrime

    IgneousPrime

    Joined:
    Aug 21, 2002
    Messages:
    405
    Woah. Lots of Trojan viruses,make sure to back them up before deleting them! :D
     
  13. Doomsday123

    Doomsday123 Thread Starter

    Joined:
    Jul 1, 2002
    Messages:
    505
    Back up the trojan before deleting the trojan?? wont that just keep the trojan??
     
  14. Doomsday123

    Doomsday123 Thread Starter

    Joined:
    Jul 1, 2002
    Messages:
    505
    Also I did another Virus Scan and this is what turned up.

    c:\EXPLORER.EXE is infected with SubSeven Server 2.1

    c:\Program Files\NetBus Pro\NBHelp.dll is infected with Backdoor.Trojan

    c:\WINDOWS\TEMP$01.EXE is infected with SubSeven Server 2.1

    c:\WINDOWS\nsrp.exe is infected with Backdoor.Trojan

    c:\WINDOWS\Desktop\Dakota\Games\Other\d2maphack_42\d2maphack2.0.exe is infected with Trojan Horse

    c:\WINDOWS\Desktop\Dakota\Games\Other\d2maphack_42
    \server.exe is infected with Trojan Horse

    c:\WINDOWS\SYSTEM\srv_capture.dll is infected with Backdoor.Trojan

    c:\WINDOWS\SYSTEM\srv_funstuff.dll is infected with Backdoor.Trojan

    c:\WINDOWS\SYSTEM\srv_multimedia.dll is infected with Backdoor.Trojan

    c:\WINDOWS\SYSTEM\srv_portscan.dll is infected with Backdoor.Trojan

    c:\WINDOWS\SYSTEM\srv_pwinfo.dll is infected with Backdoor.Trojan

    c:\WINDOWS\SYSTEM\Shell32.exe is infected with Backdoor.Trojan

    c:\WINDOWS\SYSTEM\aaqhpy.exe is infected with SubSeven Server 2.1

    c:\WINDOWS\SYSTEM\mweohmm.exe is infected with SubSeven Server 2.1

    c:\WINDOWS\SYSTEM\fil\aaqhpy.exe is infected with SubSeven Server 2.1

    Any suggestions???
    What should I do???
     
  15. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    35,660
    Blimey, 3 trojans!!

    Okay, which program did you use, Housecall or your own?

    I would clean up the PC, as having those on your system won't do it any good.

    Also, I think what IgneousPrime meant, was to backup any important files, just in case things went wrong, as in documents that you need.

    This is about them:

    Backdoor.Trojan

    SubSeven 2.0 Server

    You have the updated version, by the looks of it.

    Trojan Horse is a generic name.


    Let whichever program you're using, to clean up the files. If you do this, reboot, and run it again, they should be removed. If not, let us know

    eddie
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/113322

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice