# My computer is suddenly freezing and hanging up.



## Help123 (Oct 31, 2004)

All of a sudden about 5 days ago my computer started freezing when I tried to open certain things, Outlook Xp, Firefox, simple folders, you name it. When I look in Task Manager nothing seems to be taking up very much CPU or VM or Mem, but the hard drive light stays solid like I tried to open all my files at once or something. I didn't install anything new or do anything unusual when it started. I updated Norton and ran it and came up clean, tried to run AdAware but it freezes up about halfway through every time. Also if I try and open a folder or go into control panel, it gives me the Explorer.exe has encountered a problem and needs to close message.

Here is my HJT log.

Logfile of HijackThis v1.99.1
Scan saved at 11:37:38 PM, on 8/7/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\System32\TPWRTRAY.EXE
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\toshiba\ivp\ISM\pinger.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\James\LOCALS~1\Temp\Rar$EX01.916\HijackThis.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fark.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshiba.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Anonymizer Core Browser Helper Object - {2F2FBF0D-254F-11D5-B1E5-0050DAD7AF62} - C:\Program Files\ANONYMIZER\CORE\Anonymizer.dll
O2 - BHO: CInterfaceObj Object - {58F07DD3-924D-4141-BC74-299F523A95F1} - C:\WINDOWS\pxwma.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {C14DC52F-B4D9-11D5-B1E6-0050DAD7AF62} - (no file)
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 10
O4 - HKLM\..\Run: [Pinger] C:\toshiba\ivp\ISM\pinger.exe /run
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TosHKCW.exe] C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [752755728] C:\WINDOWS\System32\OOBE\Setup\Bin\DLPlayer32.exe /r "C:\WINDOWS\System32\OOBE\Setup\Bin\ToshibaReg.rpd"
O4 - HKLM\..\Run: [ToolbarThanks] http://www.anonymizer.com/toolbar_short_help/thanks.shtml
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Network Device Switch.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open Link Target in Firefox - file://C:\Documents and Settings\James\Application Data\Mozilla\Firefox\Profiles\fgr2o84w.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O8 - Extra context menu item: View This Page in Firefox - file://C:\Documents and Settings\James\Application Data\Mozilla\Firefox\Profiles\fgr2o84w.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

All help is appreciated!


----------



## Help123 (Oct 31, 2004)

I forgot to say I'm on a laptop with Windows XP and Office XP. I believe it has SP2, but I'm not sure as I was given this laptop by the store when my other one broke. I think it is approx 1.5 GHZ.

Thanks for your help!


----------



## D_Trojanator (May 13, 2005)

Hi There and Welcome:

You currently are running HijackThis from here: 
* 
a temp file
*

Please make a folder here: 
*c:\HJT* 
and place HijackThis in that folder.

please post new log
David


----------



## Help123 (Oct 31, 2004)

I tried to do that, but once I put it into a folder I can't get the folder to open up to get to it. Everytime I try and open a folder Explorer crashes.


----------



## D_Trojanator (May 13, 2005)

Ok, i'll ask for this to be moved to the security section.
David


----------



## cybertech (Apr 16, 2002)

This one has the option of putting a shortcut on the desktop.
Download HJT again from this link: Hijackthis and post another log.


----------



## Help123 (Oct 31, 2004)

Okay, here is my new log.

Logfile of HijackThis v1.99.1
Scan saved at 11:31:52 PM, on 8/8/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\System32\TPWRTRAY.EXE
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AIM\aim.exe
C:\toshiba\ivp\netint\netint.exe
C:\toshiba\ivp\ISM\pinger.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fark.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshiba.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Anonymizer Core Browser Helper Object - {2F2FBF0D-254F-11D5-B1E5-0050DAD7AF62} - C:\Program Files\ANONYMIZER\CORE\Anonymizer.dll
O2 - BHO: CInterfaceObj Object - {58F07DD3-924D-4141-BC74-299F523A95F1} - C:\WINDOWS\pxwma.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {C14DC52F-B4D9-11D5-B1E6-0050DAD7AF62} - (no file)
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 10
O4 - HKLM\..\Run: [Pinger] C:\toshiba\ivp\ISM\pinger.exe /run
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TosHKCW.exe] C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [752755728] C:\WINDOWS\System32\OOBE\Setup\Bin\DLPlayer32.exe /r "C:\WINDOWS\System32\OOBE\Setup\Bin\ToshibaReg.rpd"
O4 - HKLM\..\Run: [ToolbarThanks] http://www.anonymizer.com/toolbar_short_help/thanks.shtml
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Network Device Switch.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open Link Target in Firefox - file://C:\Documents and Settings\James\Application Data\Mozilla\Firefox\Profiles\fgr2o84w.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O8 - Extra context menu item: View This Page in Firefox - file://C:\Documents and Settings\James\Application Data\Mozilla\Firefox\Profiles\fgr2o84w.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

Thanks


----------



## Help123 (Oct 31, 2004)

Does anyone have any ideas? I really can't reformat it either... I have a lot of things I can't lose and I can't save right now.


----------



## cybertech (Apr 16, 2002)

*Run HJT again and put a check in the following:*

R3 - Default URLSearchHook is missing
O2 - BHO: CInterfaceObj Object - {58F07DD3-924D-4141-BC74-299F523A95F1} - C:\WINDOWS\pxwma.dll
O3 - Toolbar: (no name) - {C14DC52F-B4D9-11D5-B1E6-0050DAD7AF62} - (no file)

*Close all applications and browser windows before you click "fix checked".*

Unless you know you are using it I also recommend removing Viewpoint Manager.

Navigate to the C:\Windows\Temp folder. Open the Temp folder and go to Edit > Select All then Edit > Delete to delete the entire contents of the Temp folder.

Next navigate to the C:\Documents and Settings\Administrator *(Repeat for all user names)*\Local Settings\Temp folder. Open the Temp folder and go to Edit > Select All then Edit > Delete to delete the entire contents of the Temp folder.

Finally go to Control Panel > Internet Options. On the General tab under "Temporary Internet Files" Click "Delete Files".

Put a check by "Delete Offline Content" and click OK.

Reboot.

Have you run a scandisk and defrag lately?

You need to get the critical security updates from Microsoft!


----------



## Help123 (Oct 31, 2004)

Okay, I did all that. However it is still freezing up. When it starts, it always says that explorer has encountered a problem, and also that An Office Xp Component has encountered a problem. Also if I try and get into folders or open control panel or do anything besides launch a program it just locks up and then says explorer has encountered a problem.

Here is my new HJT log.

Logfile of HijackThis v1.99.1
Scan saved at 9:02:34 PM, on 8/9/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\toshiba\ivp\ISM\pinger.exe
C:\WINDOWS\System32\TPWRTRAY.EXE
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\TOSHIBA\NetDevSw\NetDevSW.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fark.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshiba.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 10
O4 - HKLM\..\Run: [Pinger] C:\toshiba\ivp\ISM\pinger.exe /run
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TosHKCW.exe] C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [752755728] C:\WINDOWS\System32\OOBE\Setup\Bin\DLPlayer32.exe /r "C:\WINDOWS\System32\OOBE\Setup\Bin\ToshibaReg.rpd"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Network Device Switch.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open Link Target in Firefox - file://C:\Documents and Settings\James\Application Data\Mozilla\Firefox\Profiles\fgr2o84w.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O8 - Extra context menu item: View This Page in Firefox - file://C:\Documents and Settings\James\Application Data\Mozilla\Firefox\Profiles\fgr2o84w.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe


----------



## Help123 (Oct 31, 2004)

Also now Windows Media Player keeps just opening for no reason. Does anybody have any suggestions? It's finals week and I've got a bunch of papers due, which is very difficult with this problem. 

Thanks again.


----------



## cybertech (Apr 16, 2002)

I would suggest uninstalling Media player. You can reinstall it later.

Have you run a scandisk and defrag lately?

You need to get the critical security updates from Microsoft!


----------



## Help123 (Oct 31, 2004)

I deleted Office XP just in case, but I can't delete Windows Media Player because I can't get into Control Panel, I also can't get C: drive, My Computer, any folder I can't get into. I did defrag it last night. Everytime I try and do anything other than launch a basic program I get Windows Explorer has encountered an error. I appreciate your help so far!


----------



## cybertech (Apr 16, 2002)

What about the Microsoft updates?


----------



## Help123 (Oct 31, 2004)

I tried to download them, but I hadn't installed the automatic update thing yet, and when I go to the website the Internet Explorer has encountered a problem and needs to close error comes up.


----------



## Help123 (Oct 31, 2004)

Is that the problem most likely? Is there another way to download, say a direct link to download instead of going through the Windows Update website?


----------



## Help123 (Oct 31, 2004)

Does anyone have any suggestions about what the problem could be? It's getting to be really annoying... Volume Control even gave me the "encountered an error" message. 

Thanks again.


----------



## cybertech (Apr 16, 2002)

Try this one: http://windowsxp.mvps.org/IEFIX.htm


----------



## Help123 (Oct 31, 2004)

I ran that now too, but it still won't let me open files or do anything really besides use the internet.


----------



## cybertech (Apr 16, 2002)

If you can now use the internet I suggest you go and get all of the Microsoft critical security updates!


----------



## Help123 (Oct 31, 2004)

I should have specified, I can browse the internet mostly, but If I go to the Microsoft Windows Update site when it tries to detect what updates I need I still get the "encountered an error"... I've been able to use the internet the entire time for normal browsing, just can't use it for things like that. It's really frustrating. I use Firefox mostly, so that might be it, because for the Windows Update site I have to use IE. That's why I said if there was a direct link to them I could download them, but I can't get it from the WU site.


----------



## Help123 (Oct 31, 2004)

Any ideas anyone?


----------



## beachball (Mar 12, 2005)

Can you try and go to www.microsoft.com from Firefox and then link to Service Packs under the Support heading. I just tried it and it worked for me. At least you would get SP2.


----------



## Help123 (Oct 31, 2004)

I did download that and some security updates, but when I install them at the end it says Installation did not complete. I think it's a registry problem, registry mechanic says I have like 75 problems but only the full version fixes them. Any suggestions anyone?


----------



## Help123 (Oct 31, 2004)

Okay, Norton just popped up and said it had detected w32.sillyp2p virus and it could not be repaired. It did not give anymore information, but in doing a search about it, it seems that causes similar problems. Does anyone know how to remove the stupid thing?


----------



## Help123 (Oct 31, 2004)

I just ran a Norton System Scan in safe mode and it didn't find anything but still am having the problems. Please help!


----------



## cybertech (Apr 16, 2002)

Do a free on-line virus scan here: http://www.pandasoftware.com/activescan/
and here: http://housecall.trendmicro.com/

Then post a new log.


----------



## Help123 (Oct 31, 2004)

Here is my new log, both programs didn't detect anything spare a few cookies. I also discovered I can open the folders and open control panel and do almost everything in Safe Mode. So far when I looked at the last two "encountered an error" screens the probs have been in user32.dll and shdocvw.dll if that helps at all.

Logfile of HijackThis v1.99.1
Scan saved at 1:47:31 AM, on 8/19/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\toshiba\ivp\ISM\pinger.exe
C:\WINDOWS\System32\TPWRTRAY.EXE
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\TOSHIBA\NetDevSw\NetDevSW.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\WINDOWS\system32\fxssvc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fark.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshiba.com
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 10
O4 - HKLM\..\Run: [Pinger] C:\toshiba\ivp\ISM\pinger.exe /run
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TosHKCW.exe] C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Network Device Switch.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open Link Target in Firefox - file://C:\Documents and Settings\James\Application Data\Mozilla\Firefox\Profiles\fgr2o84w.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O8 - Extra context menu item: View This Page in Firefox - file://C:\Documents and Settings\James\Application Data\Mozilla\Firefox\Profiles\fgr2o84w.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe


----------



## cybertech (Apr 16, 2002)

Here is some information about it:

http://www.viruslist.com/en/viruses/encyclopedia?virusid=51400
http://www.sophos.com/virusinfo/analyses/w32hagbarda.html

You can try and remove it yourself based on the information or here is another on line scanner you can try: http://www.kaspersky.com/virusscanner


----------



## Help123 (Oct 31, 2004)

Nope, that didn't come up with anything. I'm not even sure I have that, it came up when I was downloading something, so it might never have made it actually onto my computer. What else could it be/can I do?


----------



## Help123 (Oct 31, 2004)

Anyone have any suggestions to get my comp back to full functionality?


----------



## Help123 (Oct 31, 2004)

Anyone?


----------



## cybertech (Apr 16, 2002)

You could try creating a new profile.

Open Computer Management 

In the console tree, click Users. 

Where?

Computer Management > System Tools > Local Users and Groups > Users 

On the Action menu, click New User. 

Type the appropriate information in the dialog box. 

Select or clear the check boxes for: 

 User must change password at next logon 

 User cannot change password 

 Password never expires 

 Account is disabled 

Click Create, and then click Close. 

Log in as the new user and try to get the Microsoft patches.


----------



## Help123 (Oct 31, 2004)

It still won't let me download, the internet explorer has encountered an error message comes up... Are there any more drastic things save reformatting that I can do? I can't even install new software... It's now no longer just a nuisance... It's become an actual problem.


----------



## Help123 (Oct 31, 2004)

Okay,
I did a complete reformat and can do everything now. EXCEPT Windows Update and Internet Explorer still freezes my comp, as does Yahoo Messenger. I ran the reformat, ran Registry Mechanic after, did a complete Norton scan, ran Error Check, but still have the problems. What can it be?


----------



## cybertech (Apr 16, 2002)

I would guess it's hardware, bad ram perhaps.


----------

