Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Annoying Browser problem

  • This topic is locked This topic is locked
2 replies to this topic

#1 Dom C

Dom C

  • Members
  • 5 posts
  • Local time:12:47 AM

Posted 25 November 2009 - 03:15 PM

I'm migrating here from the XP forum.
-Firefox keeps freezing my computer to the point that I have to manually shut it off (only happens when I'm downloading a file). When it's not freezing up my PC, it's just crashing very frequently. IE is doing the same thing. Also.. when my computer sits idle, it sounds like it's hard at work at something, meanwhile I've got nothing open.
I ran a malwarebytes scan, Adaware scan, spybot scan, and Symantec scan (also in safe mode) and the problem still persists.

Here is my DDS log..
Thanks for the help.
~EDIT: I'm including the DDS log in this edit, and I attached the ark and attach text files. Sorry for not reading the directions before posting. ~

DDS (Ver_09-11-24.02) - NTFSx86
Run by Dom at 15:22:51.12 on Wed 11/25/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3317.2294 [GMT -5:00]

AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Hercules\DualPix Exchange\Camservice.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32Info.exe
C:\Documents and Settings\Dom\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=1080515
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
mSearchAssistant = hxxp://www.google.com
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup
mRun: [Alcmtr] ALCMTR.EXE
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [CamserviceDP] c:\program files\hercules\dualpix exchange\Camservice.exe /startup
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes\mbam.exe" /runcleanupscript
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader5.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: NavLogon - c:\windows\system32\NavLogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\dom\applic~1\mozilla\firefox\profiles\vhgnwe5m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=en
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p=
FF - plugin: c:\documents and settings\dom\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

FF - user.js: network.protocol-handler.warn-external.dnupdate - falsec:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-11-24 64288]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-9-24 1184912]
R3 camfilt2;camfilt2;c:\windows\system32\drivers\camfilt2.sys [2008-6-3 94208]
S3 dz2kscsi;dz2kscsi;c:\windows\system32\drivers\dz2kscsi.sys [2009-5-18 10624]
S3 dz2kusb;dz2kusb;c:\windows\system32\drivers\dz2kusb.sys [2009-5-18 11392]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version;c:\windows\system32\drivers\libusb0.sys [2009-6-11 33792]
S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2005-4-17 124608]

=============== Created Last 30 ================

2009-11-25 17:05:41 0 d-----w- c:\program files\Trend Micro
2009-11-25 03:54:27 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-11-25 03:08:47 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-11-25 03:08:42 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-25 03:07:29 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-25 02:16:35 1393 ----a-w- c:\windows\imsins.BAK

==================== Find3M ====================

2009-10-22 09:19:04 5939712 ----a-w- c:\windows\system32\dllcache\mshtml.dll
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 14:18:39 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-04 21:03:36 58880 ------w- c:\windows\system32\dllcache\msasn1.dll
2009-08-28 10:35:52 173056 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe
2008-06-09 05:29:02 13868 ----a-w- c:\program files\common files\anipiho.bin
2008-06-08 07:04:32 16356 ----a-w- c:\program files\common files\yvom.exe
2008-06-08 07:04:32 11740 ----a-w- c:\program files\common files\zehohowa.dll
2008-06-08 07:04:32 10272 ----a-w- c:\program files\common files\vodapomivu.scr
2008-06-08 06:59:36 19389 ----a-w- c:\program files\common files\ypanif.com
2008-06-08 06:59:36 15907 ----a-w- c:\program files\common files\luhag.pif
2008-06-08 06:59:36 13319 ----a-w- c:\program files\common files\ehaber._dl
2008-06-08 06:59:36 12023 ----a-w- c:\program files\common files\uputeqipe.vbs
2008-06-08 06:59:36 10287 ----a-w- c:\program files\common files\caragozot._dl
2008-06-08 06:59:36 10269 ----a-w- c:\program files\common files\zapelarib.com
2008-06-07 17:13:53 14704 ----a-w- c:\program files\common files\xoguho.sys
2008-06-07 17:03:26 16495 ----a-w- c:\program files\common files\ihuwify.reg
2008-06-07 17:03:26 10916 ----a-w- c:\program files\common files\xinokyz.inf
2008-06-08 08:19:37 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008060820080609\index.dat

Attached Files

Edited by Dom C, 25 November 2009 - 03:33 PM.

BC AdBot (Login to Remove)


#2 Dom C

Dom C
  • Topic Starter

  • Members
  • 5 posts
  • Local time:12:47 AM

Posted 28 November 2009 - 01:14 AM


You can abandon this. I just formatted my HD and reinstalled my operating system. Now I have a new computer. :-P
This thread can be ignored.


#3 Orange Blossom

Orange Blossom

    OBleepin Investigator

  • Moderator
  • 36,804 posts
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:01:47 AM

Posted 28 November 2009 - 01:27 AM


Thank you for letting us know. I'm sorry we couldn't get to you sooner. Sometimes a reformat and clean install is the quickest and best solution.

Since this issue seems to be resolved, this thread will now be closed.

In case you experience any problems with the computer, please start a new topic.

Happy computing,

Orange Blossom :(
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users