Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox random shut down


  • This topic is locked This topic is locked
2 replies to this topic

#1 JimmiesWanker

JimmiesWanker

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 28 February 2009 - 02:51 PM

Hi

Randomly today i got up from my computer for about 10 mins and came back to find it restarted by itself. Now whenever i access firefox or IE it either shuts down after 10 secs or it takes me to the perfect defender 2009 start page. I know i havent installed PD2009, but i have been getting the false positives for malware and trojans that PD2009 gives. any help would be greatly appreciated.

DDS (Ver_09-02-01.01) - NTFSx86
Run by Phil at 11:47:20.90 on Sat 02/28/2009
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_05
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.568 [GMT -8:00]


============== Running Processes ===============

C:\Program Files\NETGEAR\WG311v3\WinDomainlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\NETGEAR\WG311v3\WinDomainlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
"C:\WINDOWS\svchost.exe"
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Documents and Settings\Phil\Application Data\Google\wcwdu16814728.exe
C:\Program Files\DellSupport\DSAgnt.exe
"C:\WINDOWS\system32\drivers\svchost.exe"
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\Phil\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.dell4me.com/myway
mDefault_Page_URL = hxxp://www.dell4me.com/myway
mStart Page = hxxp://www.dell4me.com/myway
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Google Module: {531be052-76fc-4b05-9ccd-af6aa265113c} - strike12.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
uRun: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\RegistryBooster.exe /S
uRun: [SVCHOST.EXE] c:\windows\system32\drivers\svchost.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_05\bin\jusched.exe"
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [Install.exe] c:\windows\svchost.exe
mRun: [mmtask] "c:\program files\musicmatch\musicmatch jukebox\mmtask.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [realtecks] "c:\documents and settings\phil\application data\google\wcwdu16814728.exe" 2
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\windows\installer\{70014586-7bba-4a92-a610-cdc896c48f8f}\NewShortcut1_1.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office10\EXCEL.EXE/3000
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partygaming\partypoker\RunApp.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
LSP: winsck2.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} - hxxps://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} - hxxp://plugin.fileopen.com/0714/FileOpen.CAB
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\phil\applic~1\mozilla\firefox\profiles\knvbbgkv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: c:\documents and settings\phil\application data\mozilla\firefox\profiles\knvbbgkv.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp071101000055.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2009-02-28 11:22 <DIR> --d----- c:\program files\Trend Micro
2009-02-28 11:17 <DIR> --d----- C:\_OTMoveIt
2009-02-28 11:08 <DIR> --d----- c:\docume~1\phil\applic~1\Malwarebytes
2009-02-28 11:08 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-02-28 11:08 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-28 11:08 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-02-28 11:08 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-02-28 10:27 28,673 a------- c:\windows\system32\drivers\svchost.exe
2009-02-22 09:25 <DIR> --d----- C:\aaaTemp
2009-02-22 09:13 <DIR> --d----- C:\Pat Dee Dee Bill Phil Feb 2009

==================== Find3M ====================

2008-12-12 09:01 3,067,904 -------- c:\windows\system32\dllcache\mshtml.dll
2008-12-11 02:57 333,952 -------- c:\windows\system32\dllcache\srv.sys
2008-12-10 16:33 200,704 a------- c:\windows\system32\dtu100.dll
2008-12-10 16:33 86,016 a------- c:\windows\system32\dpl100.dll
2008-12-08 18:28 593,920 a------- c:\windows\system32\dpuGUI11.dll
2008-12-08 18:28 344,064 a------- c:\windows\system32\dpus11.dll
2008-12-08 18:28 294,912 a------- c:\windows\system32\dpu11.dll
2008-12-08 18:28 57,344 a------- c:\windows\system32\dpv11.dll
2007-07-10 12:42 39,928 a------- c:\docume~1\phil\applic~1\GDIPFONTCACHEV1.DAT
2005-10-06 14:17 280,576 a------- c:\windows\inf\wg311v3\WG311v3XP.sys
2005-10-06 14:17 280,576 a------- c:\windows\inf\wg311v3\WG311v3.sys
2005-03-01 10:16 212,992 a------- c:\windows\inf\wg311v3\CopyWHQLDriver.exe

============= FINISH: 11:47:46.45 ===============


THanks in advance

BC AdBot (Login to Remove)

 


#2 JimmiesWanker

JimmiesWanker
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 28 February 2009 - 03:44 PM

update: used Malwarebytes eventually and it took care of the problem as well as some other stuff. if i knew how to delete this topic i would.

#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:07:48 PM

Posted 01 March 2009 - 06:11 PM

Thanks for informing us.

This topic is closed.
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users