Page 1 of 4 1234 LastLast
Results 1 to 10 of 32

Thread: My Log, Thanks A Ton!

  1. #1
    Junior Member
    Join Date
    May 2009
    Posts
    18

    Default My Log, Thanks A Ton!

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 4:42:20 PM, on 5/22/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18226)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\system32\WerCon.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
    O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files\Jumpstart\jswtrayutil.exe"
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/reso...PUplden-us.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
    O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: pinger - Unknown owner - C:\TOSHIBA\IVP\ISM\pinger.exe
    O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
    O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

    --
    End of file - 8502 bytes

    Thanks again.
    I think I saved this right but If I did something wrong correct me thanks.

  2. #2
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    Welcome to Safer Networking, I wish to be sure you have viewed and understand this information.
    "BEFORE you POST" (READ this Procedure before Requesting Assistance) http://forums.spybot.info/showthread.php?t=288
    All advice given is taken at your own risk.
    Please make sure you have read this information so we are on the same page.
    I think I saved this right but If I did something wrong correct me thanks.
    Well, you posted a HijackThis log and gave us no reason for posting it?

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  3. #3
    Junior Member
    Join Date
    May 2009
    Posts
    18

    Default

    I believe my computer is infected with malware

  4. #4
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    This HJT log is showing no malware, unless you can provide me with more information than:
    I believe my computer is infected with malware
    I will not be able to help you. I would like to know:

    1) Why to you think this.

    2) What symptoms of malware do you have.

    http://www.microsoft.com/windows/ie/...s/malware.mspx
    http://www.malwarehelp.org/symptoms-of-infection.html

    3) What error messages, if any are you receiving, post those word for word.

    4) What does McAfee report, please provide details.
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  5. #5
    Junior Member
    Join Date
    May 2009
    Posts
    18

    Default

    When my computer starts up I can only run half of the programs. My firewall won't start up and neither will network and sharing center. (my computer won't hook up to the internet. There are several other programs that won't start and it won't allow me to uninstall and programs.

  6. #6
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    Do an online scan with Kaspersky Online Scanner

    http://www.kaspersky.com/virusscanner


    1. Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
    2. Click on the Accept button and install any components it needs.
    3. The program will install and then begin downloading the latest definition files.
    4. After the files have been downloaded on the left side of the page in the Scan section select My Computer
    5. This will start the program and scan your system.
    6. The scan will take a while, so be patient and let it run.
    7. Once the scan is complete, click on View scan report
    8. Now, click on the Save Report as button.
    9. Save the file to your desktop.
    10. Copy and paste that information in your next post

    Post also an uninstall list: Open Hijackthis.
    Click the "Open the Misc Tools" section Button.
    Click the "Open Uninstall Manager" Button.
    Click the "Save list..." Button.
    Save it to your desktop. Copy and paste the contents into your reply.
    Image: http://img.bleepingcomputer.com/tuto...nstall-man.jpg

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  7. #7
    Junior Member
    Join Date
    May 2009
    Posts
    18

    Default

    The computer having these problems can't connect to the internet. Do you have a different program I can download on this PC so i can throw it on a jump drive and put it on that PC?
    Thanks a ton

  8. #8
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    We can give combofix a try, if combofix needs to install Recovery Console, it will not be able to do so if it can not get online and that will have to be done later.

    A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own. This tool is not a toy and not for everyday use

    Download ComboFix from here:

    Link 1

    * IMPORTANT !!! Save ComboFix.exe to your Desktop

    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
    • See this Link for programs that need to be disabled and instruction on how to disable them.
    • Remember to re-enable them when we're done.

    • Double click on ComboFix.exe & follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Click on Yes, to continue scanning for malware.

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply along with a New Hijackthis log.

    *If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.

    Tutorial if needed
    http://www.bleepingcomputer.com/comb...o-use-combofix
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  9. #9
    Junior Member
    Join Date
    May 2009
    Posts
    18

    Default

    ComboFix 09-05-28.01 - Tori 05/28/2009 16:09.1 - NTFSx86
    Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2813.1922 [GMT -7:00]
    Running from: E:\ComboFix.exe
    SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    * Resident AV is active

    .

    ((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-28 )))))))))))))))))))))))))))))))
    .

    2009-05-23 00:20 . 2009-05-23 04:40 -------- d-----w c:\programdata\Spybot - Search & Destroy
    2009-05-23 00:20 . 2009-05-23 00:21 -------- d-----w c:\program files\Spybot - Search & Destroy
    2009-05-22 23:25 . 2009-05-22 23:25 -------- d-----w c:\program files\Trend Micro
    2009-05-21 01:01 . 2009-04-15 20:07 89104 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090520.003\NAVENG.SYS
    2009-05-21 01:01 . 2009-04-15 20:07 876144 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090520.003\NAVEX15.SYS
    2009-05-21 01:01 . 2009-04-15 20:07 750 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090520.003\hub.scr
    2009-05-21 01:01 . 2009-04-15 20:07 371248 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090520.003\EECTRL.SYS
    2009-05-21 01:01 . 2009-04-15 20:07 259368 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090520.003\ECMSVR32.DLL
    2009-05-21 01:01 . 2009-04-15 20:07 177520 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090520.003\NAVENG32.DLL
    2009-05-21 01:01 . 2009-04-15 20:07 1181040 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090520.003\NAVEX32A.DLL
    2009-05-21 01:01 . 2009-04-15 20:07 101936 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090520.003\ERASER.SYS
    2009-05-21 01:01 . 2009-04-15 20:07 2414128 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090520.003\CCERASER.DLL
    2009-05-15 21:42 . 2009-05-15 21:42 73728 ----a-w c:\users\Tori\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner-stub.exe
    2009-05-15 21:42 . 2009-05-15 21:42 499712 ----a-w c:\users\Tori\AppData\Roaming\LimeWire\browser\xulrunner\MSVCP71.DLL
    2009-05-15 21:42 . 2009-05-15 21:42 348160 ----a-w c:\users\Tori\AppData\Roaming\LimeWire\browser\xulrunner\msvcr71.dll
    2009-05-15 21:42 . 2009-05-15 21:42 102400 ----a-w c:\users\Tori\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner.exe
    2009-05-15 21:40 . 2009-05-21 00:26 -------- d-----w c:\program files\LimeWire
    2009-05-07 01:01 . 2009-04-15 20:07 1181040 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090506.002\NAVEX32A.DLL
    2009-05-07 01:01 . 2009-04-15 20:07 89104 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090506.002\NAVENG.SYS
    2009-05-07 01:01 . 2009-04-15 20:07 876144 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090506.002\NAVEX15.SYS
    2009-05-07 01:01 . 2009-04-15 20:07 750 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090506.002\hub.scr
    2009-05-07 01:01 . 2009-04-15 20:07 371248 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090506.002\EECTRL.SYS
    2009-05-07 01:01 . 2009-04-15 20:07 259368 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090506.002\ECMSVR32.DLL
    2009-05-07 01:01 . 2009-04-15 20:07 2414128 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090506.002\CCERASER.DLL
    2009-05-07 01:01 . 2009-04-15 20:07 177520 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090506.002\NAVENG32.DLL
    2009-05-07 01:01 . 2009-04-15 20:07 101936 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090506.002\ERASER.SYS

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-05-21 01:30 . 2008-05-05 18:49 -------- d-----w c:\program files\Common Files\Symantec Shared
    2009-05-21 01:25 . 2009-04-16 06:31 -------- d-----w c:\program files\Norton Security Scan
    2009-05-21 00:20 . 2009-05-15 21:41 -------- d-----w c:\users\Tori\AppData\Roaming\LimeWire
    2009-05-15 21:42 . 2009-05-15 21:41 8462336 ----a-w c:\users\Tori\AppData\Roaming\LimeWire\browser\xulrunner\xul.dll
    2009-05-13 22:38 . 2008-12-25 00:01 -------- d-----w c:\program files\McAfee
    2009-05-13 10:01 . 2008-11-20 21:26 -------- d-----w c:\programdata\Microsoft Help
    2009-05-13 10:00 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
    2009-04-23 01:02 . 2009-04-23 01:02 -------- d-----w c:\programdata\Symantec
    2009-04-15 20:07 . 2009-04-23 01:02 371248 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\eeCtrl.sys
    2009-04-15 20:07 . 2009-04-23 01:02 101936 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\ERASER.sys
    2009-04-15 20:07 . 2009-04-23 01:02 259368 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\ecmsvr32.dll
    2009-04-15 20:07 . 2009-04-23 01:02 89104 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\naveng.sys
    2009-04-15 20:07 . 2009-04-23 01:02 876144 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\navex15.sys
    2009-04-15 20:07 . 2009-04-23 01:02 2414128 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\cceraser.dll
    2009-04-15 20:07 . 2009-04-23 01:02 177520 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\naveng32.dll
    2009-04-15 20:07 . 2009-04-23 01:02 1181040 ----a-w c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\navex32a.dll
    2009-03-19 15:08 . 2009-03-19 15:08 499712 ----a-w c:\windows\system32\msvcp71.dll
    2009-03-19 15:08 . 2009-03-19 15:08 348160 ----a-w c:\windows\system32\msvcr71.dll
    2009-03-17 03:38 . 2009-04-14 23:48 13824 ----a-w c:\windows\system32\apilogen.dll
    2009-03-17 03:38 . 2009-04-14 23:48 24064 ----a-w c:\windows\system32\amxread.dll
    2009-03-03 04:46 . 2009-04-14 23:48 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
    2009-03-03 04:46 . 2009-04-14 23:48 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
    2009-03-03 04:40 . 2009-04-14 23:48 827392 ----a-w c:\windows\system32\wininet.dll
    2009-03-03 04:39 . 2009-04-14 23:48 183296 ----a-w c:\windows\system32\sdohlp.dll
    2009-03-03 04:39 . 2009-04-14 23:48 551424 ----a-w c:\windows\system32\rpcss.dll
    2009-03-03 04:39 . 2009-04-14 23:48 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
    2009-03-03 04:37 . 2009-04-14 23:48 78336 ----a-w c:\windows\system32\ieencode.dll
    2009-03-03 04:37 . 2009-04-14 23:48 98304 ----a-w c:\windows\system32\iasrecst.dll
    2009-03-03 04:37 . 2009-04-14 23:48 44032 ----a-w c:\windows\system32\iasdatastore.dll
    2009-03-03 04:37 . 2009-04-14 23:48 54784 ----a-w c:\windows\system32\iasads.dll
    2009-03-03 03:04 . 2009-04-14 23:48 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
    2009-03-03 02:38 . 2009-04-14 23:48 17408 ----a-w c:\windows\system32\iashost.exe
    2009-03-03 02:28 . 2009-04-14 23:48 26624 ----a-w c:\windows\system32\ieUnatt.exe
    2008-11-20 22:48 . 2008-11-20 22:48 14 --sh--r c:\windows\System32\drivers\fbd.sys
    2008-11-20 22:48 . 2008-11-20 22:48 5 --sh--r c:\windows\System32\drivers\taishop.sys
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-23 39408]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-07 1029416]
    "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-02-06 431456]
    "HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-11-01 54608]
    "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-06-16 448080]
    "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 716800]
    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-05-05 29744]
    "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-11-02 582992]
    "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-04-08 6037504]
    "NDSTray.exe"="NDSTray.exe" [BU]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{DC6EA002-AF22-4748-8D0B-525DA2BB0513}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "{E26E46F6-B3C0-4E63-A57E-AE1A52204585}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
    "{B5FAA5FC-428D-41AA-B52D-A9B38B925842}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "c:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"= c:\toshiba\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine
    "c:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"= c:\toshiba\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger

    R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\System32\drivers\jswpslwf.sys [11/20/2008 2:55 PM 20384]
    R2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [4/17/2008 12:19 AM 40960]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [5/22/2009 5:20 PM 1153368]
    R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [12/3/2007 6:03 PM 126976]
    R3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys [5/5/2008 11:06 AM 7168]
    S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [5/5/2008 11:34 AM 29744]
    S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\Jumpstart\jswpsapi.exe [11/20/2008 2:55 PM 954368]
    .
    Contents of the 'Scheduled Tasks' folder

    2009-05-15 c:\windows\Tasks\McDefragTask.job
    - c:\progra~1\mcafee\mqc\QcConsol.exe [2008-12-25 21:32]

    2009-05-01 c:\windows\Tasks\McQcTask.job
    - c:\progra~1\mcafee\mqc\QcConsol.exe [2008-12-25 21:32]
    .
    - - - - ORPHANS REMOVED - - - -

    HKCU-Run-TOSCDSPD - TOSCDSPD.EXE
    HKLM-Run-jswtrayutil - c:\program files\Jumpstart\jswtrayutil.exe
    HKLM-Run-cfFncEnabler.exe - cfFncEnabler.exe
    SafeBoot-procexp90.Sys


    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.myspace.com/
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-05-28 16:14
    Windows 6.0.6001 Service Pack 1 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:000000b5
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'Explorer.exe'(5956)
    c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    c:\program files\Spybot - Search & Destroy\SDHelper.dll
    c:\program files\McAfee\VirusScan\scriptsn.dll
    .
    Completion time: 2009-05-28 16:15
    ComboFix-quarantined-files.txt 2009-05-28 23:15

    Pre-Run: 111,116,029,952 bytes free
    Post-Run: 111,142,846,464 bytes free

    172 --- E O F --- 2009-05-16 10:02










    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 4:20:04 PM, on 5/28/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18226)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\system32\WerCon.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\Explorer.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Windows\system32\notepad.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
    O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files\Jumpstart\jswtrayutil.exe"
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/reso...PUplden-us.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
    O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: pinger - Unknown owner - C:\TOSHIBA\IVP\ISM\pinger.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
    O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

    --
    End of file - 8853 bytes

  10. #10
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    I am not seeing reasons for the issues you are having.
    The computer having these problems can't connect to the internet.
    What exactly happens when you try to go online? What messages do you receive? I think you should contact your Internet Service Provider, the problem may very well be theirs. They will be able to tell you why you are not getting online. They have the technical folks who work with connections issues, I do not.

    Post the Uninstall list I requested in my post #6.

    Disable TeaTimer so it is not constanly popping up when you are trying to make changes.
    We need first to disable TeaTimer that it doesn't interfere with fixes. You can re-enable it when you're clean again:
    * Run Spybot-S&D in Advanced Mode.
    * If it is not already set to do this Go to the Mode menu select "Advanced Mode"
    * On the left hand side, Click on Tools
    * Then click on the Resident Icon in the List
    * Uncheck "Resident TeaTimer" and OK any prompts.
    * Restart your computer.
    (leave TT disabled until we finish)


    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •