Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser Keeps Freezing


  • This topic is locked This topic is locked
10 replies to this topic

#1 theskytoday

theskytoday

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 10 August 2006 - 08:31 PM

I downloaded a game from yahoo yesterday and used it till the trial time ended. after the trial time was up i deleted the game and uninstalled it. now, whenever i open up a browser it freezes up at random times; i always have to control alt delete to get the window to close and an error pops up. so i uninstalled firefox and the reinistalled it, however it still keeps freezing up. i did a virus scan and my computer came up clean. so i downloaded hijack this and did a scan and log, can someone let me know if you can tell whats wrong?Logfile of HijackThis v1.99.1
Scan saved at 9:21:21 PM, on 8/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\TDispVol.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\dla\DLACTRLW.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\toshiba\ivp\ism\pinger.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\PROGRA~1\AIM\aim.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Documents and Settings\Jen\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshibadirect.com/dpdstart
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\DLACTRLW.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Add to Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: psfus - C:\WINDOWS\SYSTEM32\psqlpwd.dll
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

i appreciate any help!

BC AdBot (Login to Remove)

 


m

#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:00 AM

Posted 14 August 2006 - 08:03 AM

Hello theskytoday,

Welcome to Bleeping Computer :thumbsup:

Sorry about the delay.:flowers: We're all volunteers here, and it's been very busy. If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 theskytoday

theskytoday
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 14 August 2006 - 03:17 PM

i'm pretty sure nothing has changed, as my browsers are still freezing up at random times. thank you for the help!



Logfile of HijackThis v1.99.1
Scan saved at 1:11:48 PM, on 8/14/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\dla\DLACTRLW.exe
C:\toshiba\ivp\ism\pinger.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\RAMASST.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Jen\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshibadirect.com/dpdstart
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\DLACTRLW.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Add to Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: psfus - C:\WINDOWS\SYSTEM32\psqlpwd.dll
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

#4 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:00 AM

Posted 15 August 2006 - 09:03 PM

Hello again,

Use Cleanmgr to clean temporary files:

1. Click > start > run and type cleanmgr and click OK
2. Scan your system for files to remove.
3. Make sure Temporary Files, Temporary Internet Files and Recycle Bin are the only things checked.
4. Click OK to remove those files.
5. Click Yes to confirm deletion.

Please download, install, and update Ewido anti-spyware
  • Load Ewido and then click the Update tab at the top. Under Manual Update click Start update.
  • After the update finishes (the status bar at the bottom will display "Update successful")[list]
  • Click on the Scanner tab at the top and then click on Complete System Scan. This scan can take quite a while to run, so be prepared.
  • Ewido will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. Ewido will display "All actions have been applied" on the right hand side.
  • Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file again (like on the Desktop).
In your reply, please post the report from Ewido and a new HijackThis log. Also let me know how your computer is running now. :thumbsup:

Thanks,
tea

Edited by teacup61, 15 August 2006 - 09:04 PM.

Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#5 theskytoday

theskytoday
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 16 August 2006 - 12:36 AM

well my browser takes longer before it freezes up, but it's still freezing up. I'm not sure the ewido scan worked because when i clicked on "apply recommended action"-or whatever it says, it says "error during cleaning" next to the list of infected files. thank you again for your response!






ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 1:28:02 AM 8/16/2006

+ Scan result:



:mozilla.190:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.39:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.40:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.42:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.43:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.2o7 : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000007.bak -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.166:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Adbrite : Error during cleaning.
:mozilla.167:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Adbrite : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\0000000d.bak -> TrackingCookie.Adbrite : Error during cleaning.
:mozilla.176:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Adjuggler : Error during cleaning.
:mozilla.177:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Adjuggler : Error during cleaning.
:mozilla.159:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.160:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.163:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.164:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.165:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.27:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.28:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.29:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.30:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Advertising : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000005.bak -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.37:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Atdmt : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000006.bak -> TrackingCookie.Atdmt : Error during cleaning.
C:\Documents and Settings\Jen\Cookies\jen@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.115:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Burstnet : Error during cleaning.
:mozilla.88:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.89:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.90:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.91:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.92:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.162:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Com : Error during cleaning.
:mozilla.133:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Coremetrics : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\0000000c.bak -> TrackingCookie.Coremetrics : Error during cleaning.
:mozilla.10:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Doubleclick : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000003.bak -> TrackingCookie.Doubleclick : Error during cleaning.
:mozilla.136:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Euroclick : Error during cleaning.
:mozilla.137:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Euroclick : Error during cleaning.
:mozilla.138:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Euroclick : Error during cleaning.
:mozilla.139:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Euroclick : Error during cleaning.
:mozilla.140:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Euroclick : Error during cleaning.
:mozilla.87:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Falkag : Error during cleaning.
:mozilla.65:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.66:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.67:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.68:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.69:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.70:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Fastclick : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000009.bak -> TrackingCookie.Fastclick : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\0000000a.bak -> TrackingCookie.Fastclick : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000012.bak -> TrackingCookie.Hitbox : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000013.bak -> TrackingCookie.Hitbox : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000014.bak -> TrackingCookie.Hitbox : Error during cleaning.
:mozilla.181:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Hotlog : Error during cleaning.
:mozilla.53:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Mediaplex : Error during cleaning.
:mozilla.54:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Mediaplex : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000008.bak -> TrackingCookie.Mediaplex : Error during cleaning.
:mozilla.24:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Overture : Error during cleaning.
:mozilla.25:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Overture : Error during cleaning.
C:\Documents and Settings\Jen\Cookies\jen@data4.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Jen\Cookies\jen@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\0000000f.bak -> TrackingCookie.Pointroll : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000015.bak -> TrackingCookie.Questionmarket : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000016.bak -> TrackingCookie.Revenue : Error during cleaning.
:mozilla.16:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.17:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.18:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.19:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.187:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Smartadserver : Error during cleaning.
:mozilla.188:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Smartadserver : Error during cleaning.
:mozilla.189:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Smartadserver : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\0000000e.bak -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.182:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Spylog : Error during cleaning.
:mozilla.100:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.101:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.102:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.98:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.99:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Statcounter : Error during cleaning.
:mozilla.114:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Tacoda : Error during cleaning.
:mozilla.116:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Tacoda : Error during cleaning.
:mozilla.117:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Tacoda : Error during cleaning.
:mozilla.118:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Tacoda : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000018.bak -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.175:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Trafic : Error during cleaning.
:mozilla.26:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Tribalfusion : Error during cleaning.
:mozilla.34:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Tribalfusion : Error during cleaning.
:mozilla.35:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Tribalfusion : Error during cleaning.
:mozilla.36:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Tribalfusion : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000004.bak -> TrackingCookie.Tribalfusion : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000017.bak -> TrackingCookie.Webtrendslive : Error during cleaning.
:mozilla.106:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000002.bak -> TrackingCookie.Yieldmanager : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\0000000b.bak -> TrackingCookie.Yieldmanager : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000010.bak -> TrackingCookie.Zedo : Error during cleaning.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\4d8.E75912A001C6C0F6.history\00000011.bak -> TrackingCookie.Zedo : Error during cleaning.


::Report end

Logfile of HijackThis v1.99.1
Scan saved at 1:29:33 AM, on 8/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\dla\DLACTRLW.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\RAMASST.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\toshiba\ivp\netint\netint.exe
C:\toshiba\ivp\ism\pinger.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Jen\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshibadirect.com/dpdstart
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\DLACTRLW.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Add to Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: psfus - C:\WINDOWS\SYSTEM32\psqlpwd.dll
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

#6 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:00 AM

Posted 17 August 2006 - 05:16 AM

Hello,

Ewido worked. Everything it found was in Kaspersky quarantine. :thumbsup:


Could I please see an uninstall list?

Open HijackThis, click Config, click Misc Tools
Click "Open Uninstall Manager"
Click "Save List" (generates uninstall_list.txt)
Click Save, copy and paste the results in your next post.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#7 theskytoday

theskytoday
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 17 August 2006 - 07:13 PM

Adobe Reader 7.0
AOL Instant Messenger
Bejeweled 2 Deluxe
Blasterball 2 Revolution
Bluetooth Stack for Windows by Toshiba
CD/DVD Drive Acoustic Silencer
DVD-RAM Driver
ewido anti-spyware 4.0
FATE
GemMaster Mystic
High Definition Audio Driver Package - KB888111
HijackThis 1.99.1
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB893357)
Hotfix for Windows XP (KB894871)
Hotfix for Windows XP (KB895200)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
InterVideo WinDVD Creator 2
InterVideo WinDVD for TOSHIBA
J2SE Runtime Environment 5.0 Update 4
Kaspersky Internet Security 6.0
Macromedia Flash Player 8
Metamail (Toshiba Registration Utility)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Office OneNote 2003
Microsoft Office Standard Edition 2003
Microsoft Works
Office 2003 Trial Assistant
Otto
Polar Golfer
QuickTime
RealPlayer Basic
Realtek High Definition Audio Driver
SCRABBLE
SD Secure Module
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Sonic DLA
Sonic Encoders
Sonic RecordNow!
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Controls
TOSHIBA Game Console
TOSHIBA Hotkey Utility
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
TOSHIBA SD Memory Card Format
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA TouchPad ON/Off Utility
TOSHIBA TV Tuner 4.0.12.73
TOSHIBA Utilities
TOSHIBA Virtual Sound
TOSHIBA Zooming Utility
Update for Windows Media Player 10 (KB910393)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB912945)
Update Rollup 2 for Windows XP Media Center Edition 2005
Viewpoint Manager (Remove Only)
Viewpoint Media Player
WildTangent Web Driver
Winamp (remove only)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB884018
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885855
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB889673
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890546
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893056
Windows XP Media Center Edition 2005 KB888316
Windows XP Media Center Edition 2005 KB894553
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB908250
WinRAR archiver
World of Warcraft

#8 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:00 AM

Posted 18 August 2006 - 07:54 PM

Hello,

How is it running now?
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#9 theskytoday

theskytoday
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 06 September 2006 - 11:37 PM

hey sorry for taking so long to respond. My browser is still freezing up periodically when I use it, but after about 30sec.-1min it comes out of it, or if i go to my start menu and fiddle around it will unlock itself. Another thing I noticed, though I can't be sure of its relevancy, is that i think my computer locks up internally because my clock is never right. I set the clock all the time but if i leave my computer on for a little while, when I come back its always way behind again.

#10 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:00 AM

Posted 13 September 2006 - 02:43 AM

Could I please see a nw HijackThis log?
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#11 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:00 AM

Posted 27 September 2006 - 01:02 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users