Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Shell Seems to Hangup


  • Please log in to reply
No replies to this topic

#1 Frank Cazabon

Frank Cazabon

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 09 August 2010 - 07:45 AM

Hi,

I've been getting some weird behaviour on my fully patched up to date XP laptop. The Taskbar will become "stuck" in that I cannot access anything on it (or if it is hidden I cannot un-hide it). The clock will stick as well. I can however continue working using Alt+Tab to move between open applications and bringing up Task Manager so that I can start new tasks. Sometimes, after 10 minutes or so, I will then get control of the taskbar back, only for it to then get stuck again some time later. I seem to be able to cause it to happen by trying to paste something onto my desktop.

I use AVG free and I ran malwarebytes to see if it found anything. It did find some problems:

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 11
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\TypeLib\{a2df127a-ec86-43e6-a8b5-b6a9777feeec} (Adware.EcoBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17bbec9a-847b-4c5b-823e-15aeb8d4e962} (Adware.EcoBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{215c72ae-7ab0-48c3-baf5-ba1c08cb4399} (Adware.EcoBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a1056498-d09a-41e4-864b-505edd640d9e} (Adware.EcoBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{a1056498-d09a-41e4-864b-505edd640d9e} (Adware.EcoBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a1056498-d09a-41e4-864b-505edd640d9e} (Adware.EcoBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1056498-d09a-41e4-864b-505edd640d9e} (Adware.EcoBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b922d405-6d13-4a2b-ae89-08a030da4402} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b922d405-6d13-4a2b-ae89-08a030da4402} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b922d405-6d13-4a2b-ae89-08a030da4402} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b922d405-6d13-4a2b-ae89-08a030da4402} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\pdfforge Toolbar\FF\components\pdfforgeToolbarFF.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{b922d405-6d13-4a2b-ae89-08a030da4402} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\SpeedBit Video Downloader\SPFireFox\chrome\content\speedbitvideodownloader\SpeedBitVideoDownloader.dll (Adware.EcoBar) -> Quarantined and deleted successfully.
C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll (Adware.EcoBar) -> Quarantined and deleted successfully.
C:\Program Files\pdfforge Toolbar\WidgiHelper.exe (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
C:\Program Files\pdfforge Toolbar\FF\components\pdfforgeToolbarFF.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
C:\Development\VFP9\VMP2005\PM\GRAPHICS\eyechart.gif (Extension.Mismatch) -> Quarantined and deleted successfully.

While running that AVG then reported a virus: Win32/Elkern.C, which it says it fixed. But the problem still persists.

I have done multiple scans using AVG, BitDefender & TrendMicro and all report that there is no virus.

I have started using MSConfig to do a selective startup but no luck so far.

Someone suggested running ComboFix, but looking at the site here I see that I should not do that unless asked to by someone trained to use it.

Thanks for reading this far!

So what do you suggest I do?

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users