Taskbar freezing after connecting to internet

It sound strange and suspicious, there's no information out there about it and the name says nothing, I agree with you it has to be the problem or part of it.

//EDIT: tazmayneo, try to rename the two files, C:\WINDOWS\loader.dll and C:\WINDOWS\updater1.exe and restart windows to see how it work

Both are not in the Windows folder.

Try this:

Go to folder options > veiw and uncheck 'hide protected operating system files'. Click OK and then see if you can find those files.

Still no files.

I just found a file called lbbho, configuration settings or something. I should delete that right?

Yes, run hijack this and fix these entries:


O2 - BHO: C:\WINDOWS\lbbho.dll - {D048ACF8-5F23-4CDB-AB09-519510234B29} - C:\WINDOWS\lbbho.dll
O4 - HKCU\..\Run: [updater.dll] C:\WINDOWS\updater1.exe
O4 - HKCU\..\Run: [loader.dll] C:\WINDOWS\loader.dll

Also, did you follow the instructions in the sight ATNO provided for removing the browser helper object lbbho.dll?
http://www.pestpatrol.com/pestinfo/r/relatedlinks.asp

Yep, I did. But I could not find this HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{efd84954-6b46-42f4-81f3-94ce9a77052d}. It stopped at microsoft. The sub-folders for microsoft are MasterAggregatorForIPP, MediaPlayer, Multimedia, and Windows Media Tool.

I'll try running HiJackThis and getting rid of those.

I suspect some other spyware removal tools you may have used left remnants of these things. After running hijack this, reboot, rescan and post a new log,

Alright, I deleted those files. Although the first one didn't show up. The computer started up fine and connecting to the internet was fine. But the taskbar is still frozen. Here's the new log.

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\DiskeeperLite\DKService.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
C:\WINDOWS\soundman.exe
C:\WINDOWS\System32\sistray.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Documents and Settings\Maybelline Cabrera\My Documents\HiJackThis\HijackThis.exe

O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\en-us\msntb.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM95\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [3Degrees] C:\Program Files\threedegrees\threedegrees.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ Pro (HKLM)
O9 - Extra 'Tools' menuitem: ICQ (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Yahoo! Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/c ... /tt2_x.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/fu ... .0.0.8.cab
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} (Blockwerx Control) - http://mirror.worldwinner.com/games/v47 ... ckwerx.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003 ... scan53.cab
O16 - DPF: {785EA525-5066-495F-ADF6-3B8316515DEF} (Collapse Control) - http://mirror.worldwinner.com/games/v46 ... llapse.cab
O16 - DPF: {78A730D4-0DF3-4B65-8DD2-BFCD433CEE30} - http://www.surfsecret.com/inst/CDRBInstaller.exe
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://mirror.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.napster.com/client/isetup.cab
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} (WordMojo Control) - http://mirror.worldwinner.com/games/v45 ... rdmojo.cab
O16 - DPF: {9DD6A49C-CF35-4544-BF13-34DF413BCF7A} ({9DD6A49C-CF35-4544-BF13-34DF413BCF7A}) - http://195.39.204.19/codebase/Stealthnet.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/C ... 2902546296
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) - http://www.microsoft.com/security/contr ... assCln.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/sh ... wflash.cab
O16 - DPF: {F5820AD3-9B20-423E-B2AA-7AF2B4055746} (CRegistryDownload Class) - http://www.paltalk.com/prod/RegDload.CAB
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D287FC85-B8BB-4446-B3FF-C7D2E3657C16}: NameServer = 202.88.64.61 202.88.64.62

Launch task manager and end this process: sistray.EXE

run hijack this again and fix this item:
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE

Reboot and see if the problem still exists.

Found this: http://www.lafn.org/webconnect/mentor/startup/EZB.HTM

It's also a legitimate program:



It's not really necessary if it is the latter so either way it should be safe to remove this.

More info related to sistray.exe which suggests it could be related to the Prova Virus: http://www.windowsstartup.com/wso/brows ... 00&end=225

Deleted. Started fine, connected fine, taskbar frozen. I'm about to pull my hair out.

What type of graphics card do you have? I'm curious about what sistray.exe was actually doing on your system.

This is where you're going to have to tell me where to go to find that information 'cause I have no clue.

*patience little grasshopper, sooner or later we'll find what's causing you this trouble*

- Right click on your desktop and select properties
- Select Settings tab and click on advanced button
- In the next window select Adapter tab
- There you'll find Adapter Type in the upper left of that window
- Post Adpter Information here too

//EDIT: lol, me too, I was too busy looking at my spelling
Well, now he has two differents ways to get that information

Goto start > run, enter this:

msinfo32.exe

When System info pops up, go to components > Display. On the right side see what's listed beside Name at the top.

*lol I missed your post labrego

AG315E-32 is what it says.