Explorer.exe freezes computer
- Thread starter Habylab
- Start date
- Status
Bobbye
Posts: 16,313 +36
Habylab
Posts: 264 +0
I would appreciate a reply, as I have (maybe Wasted/)spent time in scanning this. I feel, personally that only a Hijackthis log is useful, as the scans can be done by the users wishes. If they don't want to, and could possibly solve there problem, that i up to then. But by uploading the log file is just time-wasting, as they can just say whether they have scanned or not.
I'm not having a go, but I feel it is not useful. I am happy if you tell me otherwise, as I am sure I am missing a big point here!
I'm not having a go, but I feel it is not useful. I am happy if you tell me otherwise, as I am sure I am missing a big point here!
Bobbye
Posts: 16,313 +36
The only process of any significance was this one which was removed by Mbam:
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.
gaopdxserv.sys is considered to be a Rootkit. Hidden files show be shown and Rootrepeal run. However, I didn't suggest it because:
It appears there are 5 users on the system and you have given very little specific information. I suggest you check the Event Log for any Errors that correspond to the time of the freezes.
The thread subject is: "Explorer.exe freezes computer." The path you gave is "start --> My Computer and my computer freezes for 10-5 seconds.."
This tells me nothing.
1. Is there any error message? If so, what?
2. Does the function proceed after the 5-10 second freeze?
3. What feature are you trying to access in My Computer?
4. Have you tried doing a right click on Start> Explore?
5. Is the problem only with opening the antivirus program? You have a full Norton suite. Do the other parts of it work?
6. Have you tried launching the program from All Programs?
7. an you update the program?
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.
gaopdxserv.sys is considered to be a Rootkit. Hidden files show be shown and Rootrepeal run. However, I didn't suggest it because:
and took issue with the additional scans.
It appears there are 5 users on the system and you have given very little specific information. I suggest you check the Event Log for any Errors that correspond to the time of the freezes.
The thread subject is: "Explorer.exe freezes computer." The path you gave is "start --> My Computer and my computer freezes for 10-5 seconds.."
This tells me nothing.
1. Is there any error message? If so, what?
2. Does the function proceed after the 5-10 second freeze?
3. What feature are you trying to access in My Computer?
4. Have you tried doing a right click on Start> Explore?
5. Is the problem only with opening the antivirus program? You have a full Norton suite. Do the other parts of it work?
6. Have you tried launching the program from All Programs?
7. an you update the program?
Habylab
Posts: 264 +0
1. No error messages
2. 10 seconds and then computer is fine
3. I just click my computer, then freeze
4. Thats worse!
5. Nope, thats fine.
6 & 7. Yeah up to date.
By the way, I only have 1 user(Apart from a program created one), myself, and have previously had 2. How do I clean this up??
2. 10 seconds and then computer is fine
3. I just click my computer, then freeze
4. Thats worse!
5. Nope, thats fine.
6 & 7. Yeah up to date.
By the way, I only have 1 user(Apart from a program created one), myself, and have previously had 2. How do I clean this up??
Bobbye
Posts: 16,313 +36
I haven't used Chrome yet, but see 5 Chrome entries in the HijackThis log. But they are all the same:
C:\Documents and Settings\Harry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
Do you have 5 different profiles set for name of 'Harry'?
I'd like you to do two things:
1) Check the Event Viewer to see if there is any Error corresponding to the time of the freeze:
Start> Run> type in eventvwr
Your logs are clean- only the one entry for gaopdxserv.sys which was removed. Let's make sure:
Update and run Malware bytes again. Follow that with Combofix:
2) Please download ComboFix. HERE:
With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
Please disable all security programs, such as antiviruses, antispywares, and firewalls.
Also disable your internet connection.
Attach the report and log. Paste any corresponding Error from the Event Log. I think your problem is mechanical but we will make sure.
C:\Documents and Settings\Harry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
Do you have 5 different profiles set for name of 'Harry'?
I'd like you to do two things:
1) Check the Event Viewer to see if there is any Error corresponding to the time of the freeze:
Start> Run> type in eventvwr
There is a question in my mind whether you are having an actual 'freeze' or whether you are experiencing a prolonged load time.
Your logs are clean- only the one entry for gaopdxserv.sys which was removed. Let's make sure:
Update and run Malware bytes again. Follow that with Combofix:
2) Please download ComboFix. HERE:
With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
Please disable all security programs, such as antiviruses, antispywares, and firewalls.
Also disable your internet connection.
Attach the report and log. Paste any corresponding Error from the Event Log. I think your problem is mechanical but we will make sure.
Bobbye
Posts: 16,313 +36
I'm going to request another helper check the Combofix log. It appears that you ran it previously and that both times, there were a great number of deletions. There are numerous files on the system that I don't recognize.
I also see these:
2009-03-30 16:18 . 2008-09-29 18:31 -------- d-----w c:\program files\Sophos Anti-Rootkit
2008-12-10 21:12 -------- d-----w c:\program files\Mozilla Thunderbird 3 Beta 1
2009-03-29 12:15 . 2008-10-15 16:13 -------- d-----w c:\program files\Mozilla Firefox 3.1 Beta 1
You are also using a file sharing programs:
c:\program files\Dropbox\DropboxExt.dll
c:\\Program Files\\uTorrent\\uTorrent.exe"=
Looks like 4/17/09 was a very busy day for you!
I also see these:
2009-03-30 16:18 . 2008-09-29 18:31 -------- d-----w c:\program files\Sophos Anti-Rootkit
2008-12-10 21:12 -------- d-----w c:\program files\Mozilla Thunderbird 3 Beta 1
2009-03-29 12:15 . 2008-10-15 16:13 -------- d-----w c:\program files\Mozilla Firefox 3.1 Beta 1
You are also using a file sharing programs:
c:\program files\Dropbox\DropboxExt.dll
c:\\Program Files\\uTorrent\\uTorrent.exe"=
Looks like 4/17/09 was a very busy day for you!
Bobbye
Posts: 16,313 +36
Habylab, please Edit your post to add comments rather that posting a new reply. That can be done if there is not another reply. You have 3 replies above, almost like talking to yourself!
I have ask for someone to review your Combofix log- we have all been very busy with malware cleaning! I strongly advise you not to keep running special programs if you are not advised to.
I have ask for someone to review your Combofix log- we have all been very busy with malware cleaning! I strongly advise you not to keep running special programs if you are not advised to.
Habylab
Posts: 264 +0
What do you mean by special programs??
Anyway, computer BSOD's on start-up after windows loading comes up. Now doing a CHKDSK /R
EDIT: Arghhh, Managed to fix it with "Last good configuration" After 2 hours of CHKDSK!!!
EDIT: Norton is playing up now. In the morning after, today, it claimed not have been updated for 20 days, and browser and intrusion protection were off. Intrusion is on, but Browser protection isn't. Also, Chrome wont start anymore.
Double post, sorry, wrong tab!
Anyway, computer BSOD's on start-up after windows loading comes up. Now doing a CHKDSK /R
EDIT: Arghhh, Managed to fix it with "Last good configuration" After 2 hours of CHKDSK!!!
EDIT: Norton is playing up now. In the morning after, today, it claimed not have been updated for 20 days, and browser and intrusion protection were off. Intrusion is on, but Browser protection isn't. Also, Chrome wont start anymore.
Double post, sorry, wrong tab!
Bobbye
Posts: 16,313 +36
You refer to a problem with the AV:
but when I ask you about it specifically, you say:
I told you that:
I had you run multiple malware programs which showed nothing with the exception of some questionable entries in Combofix, but you tell me:
I am closing this thread, at least for my help. If you can get focused on what the actual problem(s) is, I suggest you start a thread in the appropriate forum> most likely Windows OS.
If you are going to get any help to resolve your problems, you need to focus on the specific problems. You are randomy running malware programs on your own. The original problem was that there was a slight delay in either startup or opening a program.
I asked what you were tryig to do when you clicked on My Computer.
- Status
Similar threads
