BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Something REALLY wrong with the mozilla and msn
   
BullGuard Antivirus Forum > Virus Removal > Removal Tools > Something REALLY wrong with the mozilla and msn  
Forum Quick Jump
 
Vote Results :: 0 vote(s) total
0
- - 0.0%
0
- - 0.0%

 
New Topic Post reply to : Something REALLY wrong with the mozilla and msn Printable version of : Something REALLY wrong with the mozilla and msn
[ << Previous Thread | Next Thread >> ]

aesthete9928
New Member


Date Joined Sep 2009
Total Posts : 2
 
   Posted 9/15/2009 6:18 PM (GMT +2)    Quote: Something REALLY wrong with the mozilla and msnAlert an admin about: Something REALLY wrong with the mozilla and msn
Hi there!

I am experiencing difficulty with mozilla firefox and msn. (which i suspect is due to virus/malware/torjan or something similar)

When I try to log on to my sch email, even though I typed the correct password, it says wrong username/password. When I try to access my hotmail, mozilla crashes. When I use facebook, the messages don't load. I also don't seem to be able to browse facebook pictures and "hit next page" button for some websites. However, sometimes it work.

As for msn, my friends told me that I have been sending those virus messages. Exactly which one, I'm not sure.

Initially I only had avast and windows defender as protection.

After being notified of a possible virus attack, I installed a series of programs
-Zone alarm for firewall
-PSI Security for notifying patches and threats
- Advance System Care3

And those asked from the website.

Recently, I was told, I no longer send out random msges. However, the problem with Mozilla still constantly occurs. Even after reinstalling it. My main concern is the safety of using internet banking and leakage of private information.


Your aid to this is GREATLY APPRECIATED.
Below are my log as required to post this post.


=================================HIJACKTHIS LOG=====================================================

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:55:58 AM, on 16/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\system32\1XConfig.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\00THotkey.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\Msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ZCfgSvc.exe] C:\WINDOWS\system32\ZCfgSvc.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\Msmsgs.exe" /background
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7565 bytes






========================================MALWAREBYTELOG===============================================
Malwarebytes' Anti-Malware 1.41
Database version: 2804
Windows 5.1.2600 Service Pack 3

16/09/2009 1:48:24 AM
mbam-log-2009-09-16 (01-48-24).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 123987
Time elapsed: 33 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


======================================DDS LOG 1======================================================


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-07-30.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 24/03/2009 9:01:45 AM
System Uptime: 16/09/2009 12:22:49 AM (1 hours ago)

Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Pentium(R) M processor 1.50GHz | uFC-PGA Socket | 1496/100mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 67 GiB total, 14.822 GiB free.
D: is FIXED (NTFS) - 61 GiB total, 37.061 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\SMCF030\4&32D50C2&0
Manufacturer:
Name:
PNP Device ID: ACPI\SMCF030\4&32D50C2&0
Service:

==== System Restore Points ===================

RP125: 27/08/2009 3:00:17 AM - Software Distribution Service 3.0
RP126: 28/08/2009 1:35:19 AM - Software Distribution Service 3.0
RP127: 28/08/2009 9:29:47 AM - Software Distribution Service 3.0
RP128: 30/08/2009 3:54:49 PM - System Checkpoint
RP129: 31/08/2009 10:56:53 PM - System Checkpoint
RP130: 1/09/2009 2:11:36 AM - Software Distribution Service 3.0
RP131: 2/09/2009 4:18:05 AM - System Checkpoint
RP132: 3/09/2009 4:43:46 AM - System Checkpoint
RP133: 4/09/2009 12:11:02 AM - Software Distribution Service 3.0
RP134: 6/09/2009 10:50:16 PM - System Checkpoint
RP135: 7/09/2009 12:26:47 AM - Installed Java(TM) 6 Update 16
RP136: 8/09/2009 1:19:24 AM - Installed QuickTime
RP137: 9/09/2009 12:25:59 AM - Software Distribution Service 3.0
RP138: 11/09/2009 12:50:43 AM - System Checkpoint
RP139: 11/09/2009 2:21:30 AM - Advanced SystemCare RestorePoint
RP140: 11/09/2009 2:24:36 AM - Software Distribution Service 3.0
RP141: 11/09/2009 3:00:15 AM - Software Distribution Service 3.0
RP142: 12/09/2009 10:55:15 PM - System Checkpoint
RP143: 13/09/2009 11:16:13 PM - System Checkpoint
RP144: 14/09/2009 3:00:19 AM - Software Distribution Service 3.0
RP145: 15/09/2009 1:55:59 AM - Software Distribution Service 3.0

==== Installed Programs ======================

Acrobat.com
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Reader 9.1
Advanced SystemCare 3
Apple Software Update
avast! Antivirus
BitComet 1.10
CCleaner (remove only)
CutePDF Writer 2.7
e-tax 2009
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet
Java(TM) 6 Update 16
K-Lite Mega Codec Pack 4.7.0
Malwarebytes' Anti-Malware
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office PowerPoint 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Project MUI (English) 2007
Microsoft Office Project Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Mozilla Firefox (3.5.3)
MSVCRT
NVIDIA Windows 2000/XP Display Drivers
QuickTime
Secunia PSI
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Segoe UI
SigmaTel AC97 Audio Drivers
Skype web features
Skype™ 4.1
TOSHIBA Software Modem
TRNSYS 16.01.0003
Update for 2007 Microsoft Office System (KB967642)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
VC 9.0 Runtime
WebFldrs XP
Windows Defender
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Messenger 5.1
Windows Rights Management Client Backwards Compatibility SP2
Windows Rights Management Client with Service Pack 2
Windows XP Service Pack 3
WinRAR archiver
ZoneAlarm

==== Event Viewer Messages From Past Week ========

9/09/2009 6:25:09 PM, error: nv [106] - Silent Running: Stress test transition: Performance 3D -> LowPower 3D
9/09/2009 6:25:09 PM, error: nv [106] - Silent Running: Stress test transition: Dynamic -> Performance 3D
10/09/2009 2:15:35 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 000CF14C875B. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
10/09/2009 11:00:27 PM, error: Dhcp [1002] - The IP address lease 192.168.0.3 for the Network Card with network address 000E7BECD91C has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
10/09/2009 1:54:22 PM, error: Dhcp [1002] - The IP address lease 192.168.0.2 for the Network Card with network address 000CF14C875B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

==== End Of File ===========================


==========================================DDS LOG 2==================================================


DDS (Ver_09-07-30.01) - NTFSx86
Run by Tyger at 1:53:17.43 on Wed 16/09/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_16
Microsoft Windows XP Home Edition 5.1.2600.3.1252.61.1033.18.1279.628 [GMT 10:00]

AV: avast! antivirus 4.8.1351 [VPS 090914-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\S24EvMon.exe
svchost.exe
C:\WINDOWS\system32\ZCfgSvc.exe
svchost.exe
C:\WINDOWS\system32\1XConfig.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\00THotkey.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\Msmsgs.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Tyger\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.3.3.2.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [MSMSGS] "c:\program files\messenger\Msmsgs.exe" /background
uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /installquiet
mRun: [00THotkey] c:\windows\system32\00THotkey.exe
mRun: [000StTHK] 000StTHK.exe
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [ZCfgSvc.exe] c:\windows\system32\ZCfgSvc.exe
mRun: [PRONoMgr.exe] c:\program files\intel\ncs\proset\PRONoMgr.exe
mRun: [SigmaTel StacMon] c:\program files\sigmatel\sigmatel ac97 audio drivers\stacmon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\tyger\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi.exe
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.3.3.2.dll/206
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: Sebring - c:\windows\system32\LgNotify.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\tyger\applic~1\mozilla\firefox\profiles\0pvjsrxi.default\
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-8-6 114768]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2009-9-8 353672]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-8-6 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-8-6 138680]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-8-6 254040]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-8-6 352920]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-6-17 12648]

=============== Created Last 30 ================

2009-09-16 01:09 <DIR> --d----- c:\program files\CCleaner
2009-09-16 01:07 <DIR> --d----- c:\docume~1\tyger\applic~1\Malwarebytes
2009-09-16 01:07 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-16 01:07 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-09-16 01:07 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-09-16 01:06 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-09-13 13:13 208,744 a------- c:\windows\system32\muweb.dll
2009-09-13 13:13 268,648 a------- c:\windows\system32\mucltui.dll
2009-09-13 13:13 27,496 a------- c:\windows\system32\mucltui.dll.mui
2009-09-12 18:59 <DIR> --d----- c:\documents and settings\tyger\Tracing
2009-09-12 18:56 <DIR> --d----- c:\program files\Microsoft
2009-09-12 18:56 <DIR> --d----- c:\program files\Windows Live SkyDrive
2009-09-11 02:20 <DIR> --d----- c:\docume~1\tyger\applic~1\IObit
2009-09-11 02:20 <DIR> --d----- c:\program files\IObit
2009-09-10 13:56 153,088 -c------ c:\windows\system32\dllcache\triedit.dll
2009-09-08 01:42 4,212 a---h--- c:\windows\system32\zllictbl.dat
2009-09-08 01:41 1,221,512 a------- c:\windows\system32\zpeng25.dll
2009-09-08 01:41 <DIR> --d----- c:\windows\system32\ZoneLabs
2009-09-08 01:41 <DIR> --d----- c:\program files\Zone Labs
2009-09-08 01:41 350,192 a------- c:\windows\system32\vsconfig.xml
2009-09-08 01:40 <DIR> --d----- c:\windows\Internet Logs
2009-09-08 01:11 <DIR> --d----- c:\program files\Secunia
2009-09-07 23:24 268 a---h--- C:\sqmdata07.sqm
2009-09-07 23:24 244 a---h--- C:\sqmnoopt07.sqm
2009-09-07 00:27 411,368 a------- c:\windows\system32\deploytk.dll
2009-09-07 00:27 73,728 a------- c:\windows\system32\javacpl.cpl
2009-09-02 01:13 56 a---h--- c:\windows\system32\ezsidmv.dat
2009-09-02 01:11 <DIR> --d--r-- c:\program files\Skype
2009-08-27 00:19 <DIR> --d----- C:\etax2009
2009-08-20 15:39 12,160 ac------ c:\windows\system32\dllcache\mouhid.sys
2009-08-20 15:39 12,160 a------- c:\windows\system32\drivers\mouhid.sys

==================== Find3M ====================

2009-08-05 19:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-07-26 16:44 48,448 a------- c:\windows\system32\sirenacm.dll
2009-07-18 05:01 58,880 a------- c:\windows\system32\atl.dll
2009-07-12 12:21 233,472 a------- c:\windows\system32\wmpdxm.dll
2009-06-30 02:12 827,392 a------- c:\windows\system32\wininet.dll
2009-06-30 02:12 78,336 a------- c:\windows\system32\ieencode.dll
2009-06-30 02:12 17,408 a------- c:\windows\system32\corpol.dll
2009-06-25 18:25 730,112 a------- c:\windows\system32\lsasrv.dll
2009-06-25 18:25 301,568 a------- c:\windows\system32\kerberos.dll
2009-06-25 18:25 147,456 a------- c:\windows\system32\schannel.dll
2009-06-25 18:25 136,192 a------- c:\windows\system32\msv1_0.dll
2009-06-25 18:25 56,832 a------- c:\windows\system32\secur32.dll
2009-06-25 18:25 54,272 a------- c:\windows\system32\wdigest.dll

============= FINISH: 1:53:30.22 ===============



I will be looking forward to your reply

Thanks and best regard,
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12981
 
   Posted 9/16/2009 7:47 AM (GMT +2)    Quote: Something REALLY wrong with the mozilla and msnAlert an admin about: Something REALLY wrong with the mozilla and msn
Hello aesthete9928 and welcome smile
 
 
Nothing suspicious in the log files. Please tell how things are running ?


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

aesthete9928
New Member


Date Joined Sep 2009
Total Posts : 2
 
   Posted 9/16/2009 8:21 AM (GMT +2)    Quote: Something REALLY wrong with the mozilla and msnAlert an admin about: Something REALLY wrong with the mozilla and msn
Hmm. another noticeable problem with mozilla is that, when I experience difficulty and try to close and reopen mozilla, it would say program already open, close program or restart computer.
Then i would run task manager and see that mozilla firefox is on the task list and is using 99 CPU Usage with like e.g. 105, 909K memory usage which is unusually high in my opinion.

Is there any safe browser that you could recommend to ensure high safety for internet banking?
 
Thanks again! :)
 
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12981
 
   Posted 9/16/2009 8:53 AM (GMT +2)    Quote: Something REALLY wrong with the mozilla and msnAlert an admin about: Something REALLY wrong with the mozilla and msn
I think you can use Opera Browser to internet banking:
 
It is a safe browser, and don´t use many recourses
 
 


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 
New Topic Post reply to : Something REALLY wrong with the mozilla and msn Printable version of : Something REALLY wrong with the mozilla and msn
 
Forum Information
Currently it is Thursday, October 30, 2014 5:18 PM (GMT +2)
There are a total of 60,720 posts in 13,339 threads.
In the last 3 days there were 7 new threads and 9 reply posts. View Active Threads
Who's Online
This forum has 36587 registered members. Please welcome our newest member, CarolHernandez.
5 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Bullguard dosent update to latest versions (18)10/30/2014 11:18:14 AM (NorthPole)
Syswow64 (13)10/30/2014 11:07:10 AM (missicbc)
Problems with Windows Live Mail & BG (11)10/30/2014 11:06:37 AM (missicbc)
Virus Removal (8)10/30/2014 11:05:15 AM (missicbc)
Cheap Kitchens in Cardiff (0)10/30/2014 3:30:07 AM (gaecuqqq)