Firefox just stops working until I shut it down?

View previous topic View next topic Go down

Re: Firefox just stops working until I shut it down?

Post by sandman423 on 30th August 2009, 7:43 pm

.
((((((((((((((((((((((((((((( SnapShot_2009-08-14_07.20.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-30 18:57 . 2009-08-30 18:57 16384 c:\windows\temp\Perflib_Perfdata_7ec.dat
+ 2007-07-18 12:42 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2007-11-05 01:41 . 2009-01-08 01:21 26144 c:\windows\system32\spupdsvc.exe
+ 2009-01-23 00:09 . 2009-01-08 01:20 16928 c:\windows\system32\spmsg.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 46592 c:\windows\system32\pngfilt.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 23552 c:\windows\system32\normaliz.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 24576 c:\windows\system32\nlsdl.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 48128 c:\windows\system32\mshtmler.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 66560 c:\windows\system32\mshtmled.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 45568 c:\windows\system32\mshta.exe
+ 2009-03-08 11:31 . 2009-03-08 11:31 13312 c:\windows\system32\msfeedssync.exe
+ 2009-03-08 11:31 . 2009-07-03 17:09 55296 c:\windows\system32\msfeedsbs.dll
+ 2004-08-04 00:56 . 2009-03-08 11:34 43008 c:\windows\system32\licmgr10.dll
+ 2004-08-04 00:56 . 2009-07-03 17:09 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 94720 c:\windows\system32\inseng.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 34816 c:\windows\system32\imgutil.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 36864 c:\windows\system32\ieudinit.exe
+ 2004-08-04 00:56 . 2009-03-08 11:32 71680 c:\windows\system32\iesetup.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 55808 c:\windows\system32\iernonce.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 26112 c:\windows\system32\idndl.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 59904 c:\windows\system32\icardie.dll
+ 2009-05-14 22:49 . 2009-05-14 22:49 94360 c:\windows\system32\drivers\epfwtdir.sys
+ 2004-08-04 00:56 . 2009-06-25 08:44 59392 c:\windows\system32\dllcache\wdigest.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 56320 c:\windows\system32\dllcache\secur32.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 46592 c:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 45568 c:\windows\system32\dllcache\mshta.exe
+ 2004-08-04 00:56 . 2009-03-08 11:34 43008 c:\windows\system32\dllcache\licmgr10.dll
+ 2004-08-03 22:59 . 2009-06-22 11:34 92544 c:\windows\system32\dllcache\ksecdd.sys
+ 2004-08-04 00:56 . 2009-07-03 17:09 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 34816 c:\windows\system32\dllcache\imgutil.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2007-11-05 01:05 . 2009-03-08 11:24 68608 c:\windows\system32\dllcache\hmmapi.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 18944 c:\windows\system32\corpol.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 72704 c:\windows\system32\admparse.dll
+ 2009-08-23 23:02 . 2009-08-23 23:02 10134 c:\windows\Installer\{2EEBAC31-3EEF-4118-91CB-1A286A507DB2}\callmsi.exe
+ 2009-08-26 19:39 . 2009-03-08 11:33 12288 c:\windows\ie8updates\KB972260-IE8\xpshims.dll
+ 2009-08-26 19:39 . 2009-03-08 11:31 55296 c:\windows\ie8updates\KB972260-IE8\msfeedsbs.dll
+ 2009-08-26 19:39 . 2009-03-08 11:33 25600 c:\windows\ie8updates\KB972260-IE8\jsproxy.dll

sandman423
Novice
Novice

Posts Posts : 25
Joined Joined : 2009-08-20
OS OS : XP SP2
Points Points : 26719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Firefox just stops working until I shut it down?

Post by sandman423 on 30th August 2009, 7:43 pm

+ 2009-08-26 19:38 . 2004-08-04 00:56 37888 c:\windows\ie8\url.dll
+ 2009-08-26 19:38 . 2009-03-08 21:23 58464 c:\windows\ie8\spuninst\iecustom.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 39424 c:\windows\ie8\pngfilt.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 96256 c:\windows\ie8\occache.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 56832 c:\windows\ie8\mshtmler.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 29184 c:\windows\ie8\mshta.exe
+ 2009-08-26 19:38 . 2004-08-04 00:56 22016 c:\windows\ie8\licmgr10.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 16384 c:\windows\ie8\jsproxy.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 96256 c:\windows\ie8\inseng.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 35840 c:\windows\ie8\imgutil.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 93184 c:\windows\ie8\iexplore.exe
+ 2009-08-26 19:38 . 2004-08-04 00:56 62976 c:\windows\ie8\iesetup.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 48640 c:\windows\ie8\iernonce.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 81920 c:\windows\ie8\ieencode.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 34304 c:\windows\ie8\ie4uinit.exe
+ 2009-08-26 19:38 . 2004-08-04 00:56 38912 c:\windows\ie8\hmmapi.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 35328 c:\windows\ie8\corpol.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 99840 c:\windows\ie8\advpack.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 61440 c:\windows\ie8\admparse.dll
+ 2009-08-26 19:39 . 2009-03-08 11:35 2048 c:\windows\ie8updates\KB973874-IE8\iecompat.dll
+ 2009-01-08 01:21 . 2009-01-08 01:21 121856 c:\windows\system32\xmllite.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 208384 c:\windows\system32\WinFXDocObj.exe
+ 2004-08-04 00:56 . 2009-03-08 11:34 236544 c:\windows\system32\webcheck.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 420352 c:\windows\system32\vbscript.dll
+ 2004-08-04 00:56 . 2009-03-08 11:34 105984 c:\windows\system32\url.dll
+ 2004-08-04 00:56 . 2009-07-03 17:09 206848 c:\windows\system32\occache.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 611840 c:\windows\system32\mstime.dll
+ 2004-08-04 00:56 . 2009-03-08 11:34 193536 c:\windows\system32\msrating.dll
+ 2001-08-23 14:00 . 2009-03-08 11:22 156160 c:\windows\system32\msls31.dll
+ 2009-03-08 11:32 . 2009-07-03 17:09 594432 c:\windows\system32\msfeeds.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 265720 c:\windows\system32\msdbg2.dll
+ 2004-08-04 00:56 . 2008-02-26 11:59 294912 c:\windows\system32\msctf.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 726528 c:\windows\system32\jscript.dll
- 2008-08-14 18:46 . 2008-06-10 09:32 139264 c:\windows\system32\javaws.exe
+ 2008-08-14 18:46 . 2008-02-22 09:33 139264 c:\windows\system32\javaws.exe
+ 2008-08-14 18:46 . 2008-02-22 08:23 135168 c:\windows\system32\javaw.exe
- 2008-08-14 18:46 . 2008-06-10 08:21 135168 c:\windows\system32\javaw.exe
+ 2008-08-14 18:46 . 2008-02-22 08:23 135168 c:\windows\system32\java.exe
- 2008-08-14 18:46 . 2008-06-10 08:21 135168 c:\windows\system32\java.exe
+ 2009-03-08 11:22 . 2009-03-08 11:22 164352 c:\windows\system32\ieui.dll
+ 2004-08-04 00:56 . 2009-07-03 17:09 184320 c:\windows\system32\iepeers.dll
+ 2004-08-04 00:56 . 2009-07-03 17:09 386048 c:\windows\system32\iedkcs32.dll
+ 2009-03-08 11:11 . 2009-03-08 11:11 445952 c:\windows\system32\ieapfltr.dll
+ 2001-08-23 14:00 . 2009-03-08 11:32 163840 c:\windows\system32\ieakui.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 229376 c:\windows\system32\ieaksie.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 125952 c:\windows\system32\ieakeng.dll
+ 2004-08-04 00:56 . 2009-07-03 11:01 173056 c:\windows\system32\ie4uinit.exe
+ 2004-08-04 00:56 . 2009-03-08 11:31 216064 c:\windows\system32\dxtrans.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 348160 c:\windows\system32\dxtmsft.dll
+ 2009-05-14 22:47 . 2009-05-14 22:47 107256 c:\windows\system32\drivers\ehdrv.sys
+ 2009-05-14 22:41 . 2009-05-14 22:41 114472 c:\windows\system32\drivers\eamon.sys
+ 2004-08-04 00:56 . 2009-07-03 17:09 915456 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-04 00:56 . 2009-03-08 11:34 236544 c:\windows\system32\dllcache\webcheck.dll
+ 2007-11-05 01:05 . 2009-03-08 11:33 759296 c:\windows\system32\dllcache\VGX.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 420352 c:\windows\system32\dllcache\vbscript.dll
+ 2004-08-04 00:56 . 2009-03-08 11:34 105984 c:\windows\system32\dllcache\url.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 134144 c:\windows\system32\dllcache\sqmapi.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 168448 c:\windows\system32\dllcache\schannel.dll
+ 2004-08-04 00:56 . 2009-07-03 17:09 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 133632 c:\windows\system32\dllcache\msv1_0.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 611840 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-04 00:56 . 2009-03-08 11:34 193536 c:\windows\system32\dllcache\msrating.dll
+ 2001-08-23 14:00 . 2009-03-08 11:22 156160 c:\windows\system32\dllcache\msls31.dll
+ 2004-08-04 00:56 . 2008-02-26 11:59 294912 c:\windows\system32\dllcache\msctf.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 724480 c:\windows\system32\dllcache\lsasrv.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 298496 c:\windows\system32\dllcache\kerberos.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2007-11-05 01:05 . 2009-03-08 21:09 638816 c:\windows\system32\dllcache\iexplore.exe
+ 2004-08-04 00:56 . 2009-07-03 17:09 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-04 00:56 . 2009-07-03 17:09 386048 c:\windows\system32\dllcache\iedkcs32.dll
+ 2001-08-23 14:00 . 2009-03-08 11:32 163840 c:\windows\system32\dllcache\ieakui.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-04 00:56 . 2009-07-03 11:01 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-04 00:56 . 2009-03-08 11:31 216064 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 128512 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 128512 c:\windows\system32\advpack.dll
+ 2009-08-23 23:02 . 2009-08-23 23:02 101480 c:\windows\Installer\{2EEBAC31-3EEF-4118-91CB-1A286A507DB2}\egui.exe
+ 2009-08-26 19:39 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB973874-IE8\spuninst\updspapi.dll
+ 2009-08-26 19:39 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB973874-IE8\spuninst\spuninst.exe
+ 2009-08-26 19:39 . 2009-03-08 11:34 914944 c:\windows\ie8updates\KB972260-IE8\wininet.dll
+ 2009-08-26 19:39 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB972260-IE8\spuninst\updspapi.dll
+ 2009-08-26 19:39 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB972260-IE8\spuninst\spuninst.exe
+ 2009-08-26 19:39 . 2009-03-08 11:34 109568 c:\windows\ie8updates\KB972260-IE8\occache.dll
+ 2009-08-26 19:39 . 2009-03-08 11:32 594432 c:\windows\ie8updates\KB972260-IE8\msfeeds.dll
+ 2009-08-26 19:39 . 2009-03-08 11:33 246784 c:\windows\ie8updates\KB972260-IE8\ieproxy.dll
+ 2009-08-26 19:39 . 2009-03-08 11:31 183808 c:\windows\ie8updates\KB972260-IE8\iepeers.dll
+ 2009-08-26 19:39 . 2009-03-08 21:09 391536 c:\windows\ie8updates\KB972260-IE8\iedkcs32.dll
+ 2009-08-26 19:39 . 2009-03-08 11:32 173056 c:\windows\ie8updates\KB972260-IE8\ie4uinit.exe
+ 2009-08-26 19:38 . 2009-06-26 15:59 668160 c:\windows\ie8\wininet.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 276480 c:\windows\ie8\webcheck.dll
+ 2009-08-26 19:38 . 2007-06-26 15:13 851968 c:\windows\ie8\vgx.dll
+ 2009-08-26 19:38 . 2007-12-18 14:40 417792 c:\windows\ie8\vbscript.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 620032 c:\windows\ie8\urlmon.dll
+ 2009-08-26 19:38 . 2009-01-08 01:21 382496 c:\windows\ie8\spuninst\updspapi.dll
+ 2009-08-26 19:38 . 2009-01-08 01:20 231456 c:\windows\ie8\spuninst\spuninst.exe
+ 2009-08-26 19:38 . 2009-06-26 15:59 532480 c:\windows\ie8\mstime.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 146432 c:\windows\ie8\msrating.dll
+ 2009-08-26 19:38 . 2001-08-23 14:00 146432 c:\windows\ie8\msls31.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 449024 c:\windows\ie8\mshtmled.dll
+ 2009-08-26 19:38 . 2007-12-18 14:40 450560 c:\windows\ie8\jscript.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 251904 c:\windows\ie8\iepeers.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 323584 c:\windows\ie8\iedkcs32.dll
+ 2009-08-26 19:38 . 2001-08-23 14:00 221184 c:\windows\ie8\ieakui.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 216576 c:\windows\ie8\ieaksie.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 139264 c:\windows\ie8\ieakeng.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 205312 c:\windows\ie8\dxtrans.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 357888 c:\windows\ie8\dxtmsft.dll
+ 2004-08-04 00:56 . 2009-07-03 17:09 1208832 c:\windows\system32\urlmon.dll
+ 2004-08-04 00:56 . 2009-07-19 13:18 5937152 c:\windows\system32\mshtml.dll
+ 2009-03-08 11:32 . 2009-07-03 17:09 1985536 c:\windows\system32\iertutil.dll
+ 2009-02-07 04:07 . 2009-02-07 04:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2004-08-04 00:56 . 2009-07-03 17:09 1208832 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-04 00:56 . 2009-07-19 13:18 5937152 c:\windows\system32\dllcache\mshtml.dll
+ 2009-08-23 23:02 . 2009-08-23 23:02 1129472 c:\windows\Installer\6b0c7.msi
+ 2009-08-26 19:39 . 2009-03-08 11:34 1206784 c:\windows\ie8updates\KB972260-IE8\urlmon.dll
+ 2009-08-26 19:39 . 2009-03-08 11:41 5937152 c:\windows\ie8updates\KB972260-IE8\mshtml.dll
+ 2009-08-26 19:39 . 2009-03-08 11:32 1985024 c:\windows\ie8updates\KB972260-IE8\iertutil.dll
+ 2009-08-26 19:38 . 2009-07-18 16:00 3069440 c:\windows\ie8\mshtml.dll
+ 2009-03-08 11:39 . 2009-07-20 01:48 11067392 c:\windows\system32\ieframe.dll
+ 2009-08-26 19:39 . 2009-03-08 11:39 11063808 c:\windows\ie8updates\KB972260-IE8\ieframe.dll
.

sandman423
Novice
Novice

Posts Posts : 25
Joined Joined : 2009-08-20
OS OS : XP SP2
Points Points : 26719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Firefox just stops working until I shut it down?

Post by sandman423 on 30th August 2009, 7:43 pm

-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]
2009-05-20 04:26 429800 ----a-w- c:\program files\kikin\ie_kikin.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Gus\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-06-09 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Firewall Pro"="c:\program files\Comodo\Firewall\CPF.exe" [2007-11-08 1115728]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-27 413696]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-14 177472]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck lsdelete\0autocheck lsdelete\0autocheck lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GammaTray.lnk]
backup=c:\windows\pss\GammaTray.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Gus^Start Menu^Programs^Startup^Adobe Gamma.lnk]
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wwEngineSvc"=2 (0x2)
"Viewpoint Manager Service"=2 (0x2)
"MagicTuneEngine"=2 (0x2)
"IDriverT"=3 (0x3)
"Bonjour Service"=2 (0x2)
"Adobe Version Cue CS2"=3 (0x3)
"aawservice"=2 (0x2)
"a2AntiMalware"=2 (0x2)
"upnphost"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Alias\\Maya8.0\\bin\\maya.exe"=
"c:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Adobe\\Adobe Version Cue CS2\\bin\\VersionCueCS2.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"47386:TCP"= 47386:TCP:uTorrent

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [5/14/2009 3:47 PM 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [5/14/2009 3:49 PM 94360]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [5/28/2008 10:33 AM 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/28/2008 10:33 AM 55024]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [5/14/2009 3:47 PM 731840]
R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [7/27/2005 5:25 PM 14080]
R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [7/27/2005 5:25 PM 36352]
R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [7/27/2005 5:25 PM 77056]
S3 mam4410c;mam4410c;c:\windows\system32\drivers\mam4410c.sys [5/30/2008 2:53 PM 24784]
S3 mam4410m;mam4410m;c:\windows\system32\drivers\mam4410m.sys [5/30/2008 2:53 PM 25044]
S3 mam4410u;mam4410u;c:\windows\system32\drivers\mam4410u.sys [5/30/2008 2:53 PM 52565]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [5/28/2008 10:33 AM 7408]
S3 SbieDrv;SbieDrv;c:\program files\Sandboxie\SbieDrv.sys [1/5/2009 7:39 AM 103936]
S3 SDTHOOK;SDTHOOK;c:\windows\system32\drivers\SDTHOOK.SYS [1/15/2008 12:14 AM 44928]
S3 SynasUSB;SynasUSB;c:\windows\system32\drivers\synasUSB.sys [4/16/2008 12:46 PM 16896]
S4 wwEngineSvc;Window Washer Engine;c:\program files\Webroot\Washer\WasherSvc.exe --> c:\program files\Webroot\Washer\WasherSvc.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{621FCD24-4498-4324-A81E-07D331376EDF}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder

2009-08-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]

2009-08-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1767777339-839522115-1003Core.job
- c:\documents and settings\Gus\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-09 20:41]

2009-08-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1767777339-839522115-1003UA.job
- c:\documents and settings\Gus\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-09 20:41]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
FF - ProfilePath - c:\documents and settings\Gus\Application Data\Mozilla\Firefox\Profiles\hmfnv7n5.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: c:\documents and settings\Gus\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - plugin: c:\documents and settings\Gus\Application Data\Mozilla\Firefox\Profiles\hmfnv7n5.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp07075003.dll
FF - plugin: c:\documents and settings\Gus\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbyond.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

sandman423
Novice
Novice

Posts Posts : 25
Joined Joined : 2009-08-20
OS OS : XP SP2
Points Points : 26719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Firefox just stops working until I shut it down?

Post by sandman423 on 30th August 2009, 7:44 pm

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-08-30 12:35
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2000478354-1767777339-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:36,80,52,87,67,8d,3a,2a,e0,63,1c,1d,59,73,63,5b,0f,5b,8b,53,93,16,85,
09,21,6b,1e,37,44,cc,25,a4,d9,a5,22,86,07,d0,66,d8,81,13,b8,e9,b6,b7,b4,74,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50

[HKEY_USERS\S-1-5-21-2000478354-1767777339-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:d0,36,fc,95,6f,f6,2e,53,71,a7,33,1d,b2,6e,4e,a0,3b,30,1d,8c,f0,
6f,ae,94,74,05,44,10,58,68,d5,2b,7c,f0,49,6e,bc,67,97,b4,9f,b7,3b,f2,ec,0f,\
"rkeysecu"=hex:33,02,bd,07,eb,6b,14,8a,03,7a,1e,09,f6,94,3e,a4

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):fc,08,ce,fa,52,47,26,8d,1a,27,1f,ee,df,8c,dd,63,32,f6,a6,b5,d7,
be,88,59,29,ce,31,62,93,5c,19,de,79,d0,53,a6,e6,6e,fe,19,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):3b,cc,7e,a5,62,6a,68,7b,51,00,a1,2d,ce,0c,7f,ae,f3,76,1b,ed,69,
d3,cf,39,c6,cd,16,8f,bd,51,c0,db,b6,6d,4f,19,6d,ca,aa,75,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{994d1d4b-8133-48b6-ad7c-e17ee05c3a3b}]
@Denied: (Full) (Everyone)
"Model"=dword:00000162
"Therad"=dword:00000025
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,05,e2,1b,2b,9a,65,e8,ec,16,73,9f,4f,94,a3,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{f58c4ed1-f8ac-4df7-a027-b35a1ead5e60}]
@Denied: (Full) (Everyone)
"Model"=dword:00000046
"Therad"=dword:00000016
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,98,07,ff,fc,5d,
df,1c,2f,3b,8a,0a,32,11,89,01,b5,6d,31,5c,83,bc,5f,58,b1,7a,34,ad,44,f4,57,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2284)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-08-30 12:38
ComboFix-quarantined-files.txt 2009-08-30 19:38
ComboFix2.txt 2009-08-26 03:31
ComboFix3.txt 2009-08-26 03:22
ComboFix4.txt 2009-08-14 07:22
ComboFix5.txt 2009-08-30 19:26

Pre-Run: 58,175,655,936 bytes free
Post-Run: 58,126,114,816 bytes free

511 --- E O F --- 2009-08-26 19:40

sandman423
Novice
Novice

Posts Posts : 25
Joined Joined : 2009-08-20
OS OS : XP SP2
Points Points : 26719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Firefox just stops working until I shut it down?

Post by Belahzur on 30th August 2009, 8:14 pm

Hello.
The crack is gone, or at least the run value by the looks of it.

I would also uninstall uTorrent, had another user lately where torrent program was causing problems for them.

Let me know how it goes.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Firefox just stops working until I shut it down?

Post by sandman423 on 30th August 2009, 11:43 pm

So your not seeing any viruses or malware

sandman423
Novice
Novice

Posts Posts : 25
Joined Joined : 2009-08-20
OS OS : XP SP2
Points Points : 26719
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Firefox just stops working until I shut it down?

Post by Belahzur on 31st August 2009, 1:40 am

Hello.
Not really.

That kikin BHO looks a little weird to me, BHO/toolbars can do what they say they do and more. I can't find much on the kikin stuff other than one scan that doesn't find any malware, but I still wouldn't trust it.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum