Jump to content

bitworks

Members
  • Posts

    1
  • Joined

  • Last visited

Everything posted by bitworks

  1. Crash 4 times in 2 hours Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:13:14 PM, on 9/6/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Microsoft SQL Server\MSSQL$ACT7\Binn\sqlservr.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe c:\TOSHIBA\IVP\swupdate\swupdtmr.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\WINDOWS\system32\igfxtray.exe C:\Program Files\TOSHIBA\TouchPad\TPTray.exe C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\WINDOWS\system32\TCtrlIOHook.exe C:\toshiba\ivp\ism\pinger.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\system32\TPSMain.exe C:\Program Files\Toshiba\Tvs\TvsTray.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\WINDOWS\system32\ZoomingHook.exe C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Norton Ghost\Agent\VProTray.exe C:\Program Files\Eset\nod32kui.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\abelhadigital.com\HostsMan\hostssrv.exe C:\Program Files\abelhadigital.com\HostsMan\hm.exe C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\MoRUN.net\Sticker Lite\sticker.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile - {D5233FCD-D258-4903-89B8-FB1568E7413D} - mscoree.dll (file missing) O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [ZoomingHook] ZoomingHook.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Norton Ghost 12.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe" O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [HostsServer] "C:\Program Files\abelhadigital.com\HostsMan\hostssrv.exe" --start O4 - HKCU\..\Run: [HostsMan] "C:\Program Files\abelhadigital.com\HostsMan\hm.exe" -s O4 - HKCU\..\Run: [stickerLite] C:\Program Files\MoRUN.net\Sticker Lite\sticker.exe O4 - Startup: Shortcut to taskmgr.lnk = C:\WINDOWS\system32\taskmgr.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - C:\Program Files\VisualRoute\vrie.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Attach Web page to ACT! contact - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing) O9 - Extra 'Tools' menuitem: Attach Web page to ACT! contact... - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1188449438078 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1188449426015 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- End of file - 12906 bytes Process PID Description Company Name System Idle Process 0 procexp.exe 3056 Sysinternals Process Explorer Sysinternals S24EvMon.exe 1204 Wireless Management Service Intel Corporation services.exe 888 Services and Controller app Microsoft Corporation Interrupts n/a Hardware Interrupts explorer.exe 1768 Windows Explorer Microsoft Corporation ZoomingHook.exe 3328 Zooming Utility Hotkey Hook TOSHIBA ZCfgSvc.exe 2744 ZeroCfgSvc MFC Application Intel Corporation wscntfy.exe 1264 Windows Security Center Notification App Microsoft Corporation WrtProc.exe 3672 NsWrtProc Microsoft Base Clase Application WrtMon.exe 3576 NsWrtMon Microsoft Base Class Application winlogon.exe 844 Windows NT Logon Application Microsoft Corporation WindowsSearch.exe 548 Windows Desktop Search System Tray Microsoft Corporation VProTray.exe 3448 Tray Application Symantec Corporation VProSvc.exe 408 Service Module Symantec Corporation uTorrent.exe 244 TvsTray.exe 3216 TOSHIBA Virtual Sound Taskbar Module TOSHIBA Corporation TPTray.exe 2804 TPTray Application COMPAL ELECTRONIC INC. TPSMain.exe 3148 TOSHIBA Corporation TPSBattM.exe 2368 TOSHIBA Corporation TOSCDSPD.exe 3684 CD/DVD Drive Acoustic Silencer TOSHIBA TFncKy.exe 2848 TFncKy TOSHIBA Corporation TCtrlIOHook.exe 2904 TOSHIBA Control Utility Hotkey Hook TOSHIBA taskmgr.exe 2176 Windows TaskManager Microsoft Corporation System 4 swupdtmr.exe 1360 svchost.exe 1168 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1452 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1044 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1272 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1124 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 4028 Generic Host Process for Win32 Services Microsoft Corporation sticker.exe 3932 MoRUN.net sqlservr.exe 448 SQL Server Windows NT Microsoft Corporation spoolsv.exe 1912 Spooler SubSystem App Microsoft Corporation smss.exe 768 Windows NT Session Manager Microsoft Corporation SmoothView.exe 3364 SmoothView TOSHIBA Corporation searchprotocolhost.exe 1148 Microsoft Windows Search Protocol Host Microsoft Corporation searchindexer.exe 280 Microsoft Windows Search Indexer Microsoft Corporation searchfilterhost.exe 2888 Microsoft Windows Search Filter Host Microsoft Corporation RegSrvc.exe 948 Intel® PROSet/Wireless Registry Service Intel Corporation pinger.exe 2940 TOSHIBA Pinger TOSHIBA Corporation PDAgent.exe 744 PDAgent Module Raxco Software, Inc. OUTLOOK.EXE 3404 Microsoft Office Outlook Microsoft Corporation notepad.exe 2428 Notepad Microsoft Corporation notepad.exe 248 Notepad Microsoft Corporation nod32kui.exe 3540 NOD32 Control Center GUI Eset nod32krn.exe 700 NOD32 Kernel Service Eset NDSTray.exe 3280 ConfigFree Tray TOSHIBA CORPORATION mdm.exe 368 Machine Debug Manager Microsoft Corporation lsass.exe 900 LSA Shell (Export Version) Microsoft Corporation jusched.exe 3624 Java Platform SE binary Sun Microsystems, Inc. igfxtray.exe 2772 igfxTray Module Intel Corporation igfxpers.exe 2732 persistence Module Intel Corporation iFrmewrk.exe 2764 Intel Framework MFC Application Intel Corporation iexplore.exe 3204 Internet Explorer Microsoft Corporation hostssrv.exe 3784 HostsServer abelhadigital.com hm.exe 3860 HostsMan abelhadigital.com hkcmd.exe 3004 hkcmd Module Intel Corporation HijackThis.exe 3548 HijackThis Trend Micro Inc. FNPLicensingService.exe 3920 Activation Licensing Service Macrovision Europe Ltd. FnKeyHook.exe 2812 TOSHIBA Accessibility Hotkey Hook TOSHIBA EvtEng.exe 296 Intel® PROSet/Wireless Event Log Intel Corporation DPCs n/a Deferred Procedure Calls Dot1XCfg.exe 3524 Intel 802.1X Server Intel Corporation ctfmon.exe 3752 CTF Loader Microsoft Corporation csrss.exe 816 Client Server Runtime Process Microsoft Corporation CFSvcs.exe 196 Service of ConfigFree. TOSHIBA CORPORATION CeEKey.exe 3044 TOSHIBA HotKey Utility COMPAL ELECTRONIC INC. bgsvcgen.exe 160 B's Recorder GOLD Service Library B.H.A Corporation AppleMobileDeviceService.exe 2036 Apple Mobile Device Service Apple, Inc. Apoint.exe 3132 Alps Pointing-device Driver Alps Electric Co., Ltd. ApntEx.exe 3388 Alps Pointing-device Driver for Windows NT/2000/XP Alps Electric Co., Ltd. alg.exe 2796 Application Layer Gateway Service Microsoft Corporation agrsmmsg.exe 3076 SoftModem Messaging Applet Agere Systems acrotray.exe 3112 AcroTray Adobe Systems Inc. aawservice.exe 1696 Ad-Aware 2007 Service Lavasoft AB ------------ Dump Files: http://bitworker.jwp.googlepages.com/4470-utorrent.13db.dmp http://bitworker.jwp.googlepages.com/4470-utorrent.d2a0.dmp
×
×
  • Create New...