1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive Firefox error, making me mental

Discussion in 'Malware and Virus Removal Archive' started by Veri, 2010/08/13.

Thread Status:
Not open for further replies.
  1. 2010/08/13
    Veri

    Veri Inactive Thread Starter

    Joined:
    2010/08/13
    Messages:
    4
    Likes Received:
    0
    [Inactive] Firefox error, making me mental

    I was kindly redirected to this forum.

    _______

    There is the actual message - http://tinypic.com/r/351z6vo/4

    This is the name that came up when I tried to do about:crash -
    hang | mozilla:lugins::pPluginInstanceParent::CallPBrowserStreamConstructor(mozi lla:lugins::pBrowserStreamParent*, nsCString const



    So far I've uninstalled and reinstalled firefox. I tried to troubleshot and firefox had me reinitialize the plugins by deleting pluginreg.dat file.

    It hasn't shown up again in the last 15 minutes but I want to know what caused it. If it comes back, I want to be able to fix it.

    All my plug ins are up to date. I can't get the Mozilla forum to work so I can paste the actual problem in the forum.

    What can I do to keep it from crashing constantly?

    I really appreciate the help.

    Below is the DDS log. Any help is greatly appreciated.

    DDS (Ver_10-03-17.01) - NTFSx86
    Run by Aari at 15:06:15.98 on Fri 08/13/2010
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.306 [GMT -5:00]

    AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\WINDOWS\arservice.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    svchost.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\ARPWRMSG.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\DISC\DiscUpdateMgr.exe
    C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\National Consumer Panel\NCP Internet Transporter\HSTrans.exe
    C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\WINDOWS\ALCWZRD.EXE
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\OpinionSquare\opnsqr.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    c:\windows\system\hpsysdrv.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Documents and Settings\Aari.YOUR-4DACD0EA75\My Documents\Downloads\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
    uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
    uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
    uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
    uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
    mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
    uInternet Settings,ProxyOverride = *.local
    mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
    BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: SimpleAdblock Class: {ffcb3198-32f3-4e8b-9539-4324694ed664} - c:\program files\common files\simple adblock\SimpleAdblock.dll
    TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    mRun: [ehTray] c:\windows\ehome\ehtray.exe
    mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    mRun: [SoundMan] SOUNDMAN.EXE
    mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe
    mRun: [DISCover] c:\program files\disc\DISCover.exe
    mRun: [DiscUpdateManager] c:\program files\disc\DiscUpdateMgr.exe
    mRun: [DMAScheduler] c:\program files\sonic\digitalmedia plus\digitalmedia archive\DMAScheduler.exe
    mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
    mRun: [<NO NAME>]
    mRun: [PCDrProfiler]
    mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
    mRun: [Reminder] "c:\windows\creator\Remind_XP.exe "
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPwuSchd2.exe
    mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
    mRun: [igfxtray] c:\windows\system32\igfxtray.exe
    mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
    mRun: [igfxpers] c:\windows\system32\igfxpers.exe
    mRun: [MegaPanel] c:\program files\national consumer panel\ncp internet transporter\HSTrans.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe "
    mRun: [NielsenOnline] c:\program files\netratingsnetsight\netsight\NielsenOnline.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpphot~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\9972322\program\Updates from HP.exe
    IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    IE: &Translate English Word - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
    IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    IE: Translate Page into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
    Trusted Zone: trymedia.com
    DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {2E4A92AB-F2C0-456A-9935-B715439790D7} - hxxps://www.opinionsquare.com/Config/packages/op/opsetup.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1269749970890
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {A7846ED2-9DE6-4E8A-B116-A8ACEBFA7DB1} - hxxp://rms2.invokesolutions.com/events/bin/6.2.0.1452/MILive.cab
    DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
    DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {D8AA889B-2C65-47C3-8C16-3DCD4EF76A47}
    DPF: {E0CB08CE-AB3D-4779-9C77-62A439BFE6C3} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Notify: igfxcui - igfxdev.dll
    Notify: OpinionSquare - c:\program files\opinionsquare\opls.dll
    LSA: Notification Packages = scecli scecli

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\aari~1.you\applic~1\mozilla\firefox\profiles\0rnj1brk.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
    FF - component: c:\program files\netratingsnetsight\netsight\meter1\ffaddon\components\nsgkff36_meter1.dll
    FF - component: c:\program files\opinionsquare\components\opxg.dll
    FF - plugin: c:\documents and settings\aari.your-4dacd0ea75\application data\facebook\npfbplugin_1_0_3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
    FF - HiddenExtension: OpinionSquare: {6E19037A-12E3-4295-8915-ED48BC341614} - c:\program files\OpinionSquare
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

    ---- FIREFOX POLICIES ----
    c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.use_native_colors ", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.use_native_popup_windows ", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.enable_click_image_resizing ", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "accessibility.browsewithcaret_shortcut.enabled ", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "javascript.options.mem.high_water_mark ", 32);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "javascript.options.mem.gc_frequency ", 1600);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.lu ", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.nu ", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.nz ", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbaam7a8h ", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgberp4a5d4ar ", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--p1ai ", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbayh7gpa ", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.tel ", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "network.auth.force-generic-ntlm ", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "network.proxy.type ", 5);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "network.buffer.cache.count ", 24);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "network.buffer.cache.size ", 4096);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "dom.ipc.plugins.timeoutSecs ", 45);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "svg.smil.enabled ", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.trackpoint_hack.enabled ", -1);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.debug ", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.agedWeight ", 2);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.bucketSize ", 1);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.maxTimeGroupings ", 25);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.timeGroupingSize ", 604800);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.boundaryWeight ", 25);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.prefixWeight ", 5);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "accelerometer.enabled ", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref( "html5.enable ", false);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref ", true);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.renego_unrestricted_hosts ", " ");
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.treat_unsafe_negotiation_as_broken ", false);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.require_safe_negotiation ", false);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl3.rsa_seed_sha ", true);
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.download.backgroundInterval ", 600);
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.url.manual ", "http://www.firefox.com ");
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "browser.search.param.yahoo-fr-ja ", "mozff ");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name ", "chrome://browser/locale/browser.properties ");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description ", "chrome://browser/locale/browser.properties ");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add ", "addons.mozilla.org ");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add.36 ", "getpersonas.com ");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "lightweightThemes.update.enabled ", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.allTabs.previews ", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "plugins.hide_infobar_for_outdated_plugin ", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "plugins.update.notifyUser ", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "toolbar.customization.usesheet ", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.nptest.dll ", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npswf32.dll ", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npctrl.dll ", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npqtplugin.dll ", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled ", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.enable ", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.max ", 20);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.cachetime ", 20);

    ============= SERVICES / DRIVERS ===============

    R0 nielprt;Nielsen Patch Service;c:\windows\system32\drivers\nielprt.sys [2010-4-11 24192]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-3-26 165456]
    R1 nnrnstdi;nnrnstdi;c:\windows\system32\drivers\nnrnstdi.sys [2010-4-11 15360]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-3-26 17744]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-3-26 40384]
    R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
    R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-3-26 40384]
    R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-3-26 40384]
    R3 km_filter;km_filter;c:\windows\system32\drivers\km_filter.sys [2010-4-11 10368]
    S3 NielGfx;Nielsen USB GFX;c:\windows\system32\drivers\nielgfx.sys [2010-4-11 9088]
    S3 PanelSvc;PanelSvc;c:\program files\yougov\panelapp\PanelSvc.exe [2009-12-30 91136]

    =============== Created Last 30 ================

    2010-08-13 15:55:19 0 d-sh--w- c:\documents and settings\aari.your-4dacd0ea75\PrivacIE
    2010-08-13 15:55:16 0 d-----w- c:\docume~1\aari~1.you\applic~1\Simple Adblock
    2010-08-06 00:49:27 0 d-----w- c:\program files\YouGov

    ==================== Find3M ====================

    2010-07-27 06:30:35 8462336 ------w- c:\windows\system32\dllcache\shell32.dll
    2010-07-17 10:00:04 423656 ----a-w- c:\windows\system32\deployJava1.dll
    2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll
    2010-06-30 12:31:35 149504 ------w- c:\windows\system32\dllcache\schannel.dll
    2010-06-28 20:57:33 38848 ----a-w- c:\windows\avastSS.scr
    2010-06-24 22:51:58 11077120 ------w- c:\windows\system32\dllcache\ieframe.dll
    2010-06-24 12:22:03 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-06-24 12:22:03 916480 ------w- c:\windows\system32\dllcache\wininet.dll
    2010-06-24 12:22:03 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
    2010-06-24 12:22:02 1210368 ------w- c:\windows\system32\dllcache\urlmon.dll
    2010-06-24 12:22:01 611840 ----a-w- c:\windows\system32\dllcache\mstime.dll
    2010-06-24 12:22:01 5951488 ------w- c:\windows\system32\dllcache\mshtml.dll
    2010-06-24 12:22:01 206848 ------w- c:\windows\system32\dllcache\occache.dll
    2010-06-24 12:21:59 599040 ------w- c:\windows\system32\dllcache\msfeeds.dll
    2010-06-24 12:21:59 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
    2010-06-24 12:21:59 25600 ------w- c:\windows\system32\dllcache\jsproxy.dll
    2010-06-24 12:21:58 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
    2010-06-24 12:21:58 1986560 ------w- c:\windows\system32\dllcache\iertutil.dll
    2010-06-24 12:21:58 184320 ------w- c:\windows\system32\dllcache\iepeers.dll
    2010-06-24 12:21:56 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
    2010-06-24 12:21:55 387584 ------w- c:\windows\system32\dllcache\iedkcs32.dll
    2010-06-23 13:44:04 1851904 ----a-w- c:\windows\system32\win32k.sys
    2010-06-23 13:44:04 1851904 ------w- c:\windows\system32\dllcache\win32k.sys
    2010-06-23 12:08:09 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe
    2010-06-21 15:27:11 354304 ------w- c:\windows\system32\drivers\srv.sys
    2010-06-21 15:27:11 354304 ------w- c:\windows\system32\dllcache\srv.sys
    2010-06-18 13:36:12 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
    2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll
    2010-06-14 14:31:20 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
    2010-06-14 07:41:45 1172480 ----a-w- c:\windows\system32\msxml3.dll
    2010-06-14 07:41:45 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll
    2010-03-30 01:57:17 245760 --sha-w- c:\windows\system32\config\systemprofile\ietldcache\index.dat
    2010-03-30 01:57:17 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012010031520100322\index.dat
    2010-03-30 01:57:17 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012010032920100330\index.dat
    2010-04-03 06:45:47 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012010040320100404\index.dat
    2010-03-18 00:30:06 65536 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat

    ============= FINISH: 15:07:23.40 ===============




    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-03-17.01)

    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 3/17/2010 4:31:46 PM
    System Uptime: 8/12/2010 10:49:31 AM (29 hours ago)

    Motherboard: ASUSTeK Computer INC. | | Onyx2
    Processor: Intel(R) Pentium(R) M processor 1.70GHz | CPU 1 | 1697/100mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 224 GiB total, 157.774 GiB free.
    D: is FIXED (FAT32) - 8 GiB total, 0.418 GiB free.
    E: is CDROM ()
    F: is Removable
    G: is Removable
    H: is Removable
    I: is Removable

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP83: 5/15/2010 5:35:19 PM - Installed RecipeMaster
    RP84: 5/16/2010 6:22:41 PM - System Checkpoint
    RP85: 5/17/2010 6:42:49 PM - System Checkpoint
    RP86: 5/18/2010 7:19:45 PM - System Checkpoint
    RP87: 5/19/2010 11:48:52 PM - System Checkpoint
    RP88: 5/21/2010 1:35:21 AM - System Checkpoint
    RP89: 5/22/2010 1:48:42 AM - System Checkpoint
    RP90: 5/23/2010 2:25:30 AM - System Checkpoint
    RP91: 5/24/2010 2:50:36 AM - System Checkpoint
    RP92: 5/25/2010 3:38:36 AM - System Checkpoint
    RP93: 5/26/2010 3:00:19 AM - Software Distribution Service 3.0
    RP94: 5/27/2010 4:58:13 AM - System Checkpoint
    RP95: 5/28/2010 5:46:08 AM - System Checkpoint
    RP96: 5/29/2010 6:19:43 AM - System Checkpoint
    RP97: 5/30/2010 11:35:24 AM - System Checkpoint
    RP98: 5/31/2010 3:21:28 PM - System Checkpoint
    RP99: 6/1/2010 3:45:01 PM - System Checkpoint
    RP100: 6/2/2010 3:54:29 PM - System Checkpoint
    RP101: 6/3/2010 4:20:13 PM - System Checkpoint
    RP102: 6/4/2010 5:20:12 PM - System Checkpoint
    RP103: 6/5/2010 6:27:55 PM - System Checkpoint
    RP104: 6/6/2010 9:06:45 PM - System Checkpoint
    RP105: 6/7/2010 11:49:33 PM - System Checkpoint
    RP106: 6/9/2010 1:27:19 AM - System Checkpoint
    RP107: 6/10/2010 2:20:14 AM - System Checkpoint
    RP108: 6/10/2010 3:00:16 AM - Software Distribution Service 3.0
    RP109: 6/11/2010 3:13:10 AM - System Checkpoint
    RP110: 6/12/2010 3:25:44 AM - System Checkpoint
    RP111: 6/12/2010 3:15:22 PM - Removed Java(TM) 6 Update 18
    RP112: 6/13/2010 4:21:50 PM - System Checkpoint
    RP113: 6/14/2010 8:46:54 PM - System Checkpoint
    RP114: 6/15/2010 9:21:04 PM - System Checkpoint
    RP115: 6/16/2010 10:23:43 PM - System Checkpoint
    RP116: 6/18/2010 12:23:37 AM - System Checkpoint
    RP117: 6/19/2010 2:50:42 AM - System Checkpoint
    RP118: 6/20/2010 3:42:23 AM - System Checkpoint
    RP119: 6/21/2010 4:29:58 AM - System Checkpoint
    RP120: 6/23/2010 1:21:41 PM - System Checkpoint
    RP121: 6/25/2010 1:11:23 PM - System Checkpoint
    RP122: 6/26/2010 1:37:29 PM - System Checkpoint
    RP123: 6/27/2010 3:36:38 PM - System Checkpoint
    RP124: 6/28/2010 3:41:00 PM - System Checkpoint
    RP125: 6/29/2010 3:44:10 PM - System Checkpoint
    RP126: 6/30/2010 4:40:59 PM - System Checkpoint
    RP127: 7/1/2010 7:03:13 PM - System Checkpoint
    RP128: 7/2/2010 7:12:20 PM - System Checkpoint
    RP129: 7/3/2010 7:15:18 PM - System Checkpoint
    RP130: 7/4/2010 8:12:17 PM - System Checkpoint
    RP131: 7/5/2010 10:20:48 PM - System Checkpoint
    RP132: 7/7/2010 12:23:34 AM - System Checkpoint
    RP133: 7/8/2010 1:01:31 AM - System Checkpoint
    RP134: 7/9/2010 1:51:35 AM - System Checkpoint
    RP135: 7/10/2010 2:31:39 AM - System Checkpoint
    RP136: 7/10/2010 7:32:10 AM - Installed Java(TM) 6 Update 20
    RP137: 7/11/2010 9:30:30 AM - System Checkpoint
    RP138: 7/12/2010 10:08:43 AM - System Checkpoint
    RP139: 7/13/2010 11:44:03 AM - System Checkpoint
    RP140: 7/14/2010 3:00:17 AM - Software Distribution Service 3.0
    RP141: 7/15/2010 4:00:37 AM - System Checkpoint
    RP142: 7/16/2010 4:59:33 AM - System Checkpoint
    RP143: 7/17/2010 5:59:36 AM - System Checkpoint
    RP144: 7/18/2010 6:59:35 AM - System Checkpoint
    RP145: 7/19/2010 8:00:20 AM - System Checkpoint
    RP146: 7/20/2010 8:59:37 AM - System Checkpoint
    RP147: 7/21/2010 9:59:23 AM - System Checkpoint
    RP148: 7/22/2010 10:25:14 AM - System Checkpoint
    RP149: 7/23/2010 11:38:56 AM - System Checkpoint
    RP150: 7/24/2010 12:19:49 PM - System Checkpoint
    RP151: 7/25/2010 1:02:52 PM - System Checkpoint
    RP152: 7/26/2010 1:21:03 PM - System Checkpoint
    RP153: 7/27/2010 2:04:52 PM - System Checkpoint
    RP154: 7/28/2010 2:28:46 PM - System Checkpoint
    RP155: 7/29/2010 3:05:04 PM - System Checkpoint
    RP156: 7/30/2010 3:40:56 PM - System Checkpoint
    RP157: 7/31/2010 5:04:08 PM - System Checkpoint
    RP158: 8/1/2010 5:56:27 PM - System Checkpoint
    RP159: 8/2/2010 9:20:08 PM - System Checkpoint
    RP160: 8/3/2010 3:00:20 AM - Software Distribution Service 3.0
    RP161: 8/4/2010 3:07:01 AM - System Checkpoint
    RP162: 8/5/2010 4:07:04 AM - System Checkpoint
    RP163: 8/5/2010 7:49:25 PM - Installed YouGov Technology Tracking Application
    RP164: 8/6/2010 7:56:59 PM - System Checkpoint
    RP165: 8/7/2010 10:10:38 PM - System Checkpoint
    RP166: 8/9/2010 1:35:18 AM - System Checkpoint
    RP167: 8/10/2010 1:54:50 AM - System Checkpoint
    RP168: 8/11/2010 2:40:03 AM - System Checkpoint
    RP169: 8/12/2010 2:41:10 AM - System Checkpoint
    RP170: 8/12/2010 3:00:17 AM - Software Distribution Service 3.0
    RP171: 8/13/2010 3:54:55 AM - System Checkpoint
    RP172: 8/13/2010 1:36:19 PM - Installed Java(TM) 6 Update 21

    ==== Installed Programs ======================

    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.3.3
    Agere Systems PCI-SV92PP Soft Modem
    AiO_Scan
    AiOSoftware
    Amazon Kindle For PC v1.1
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    avast! Free Antivirus
    Bonjour
    BufferChm
    CameraDrivers
    Coupon Printer for Windows
    CP_CalendarTemplates1
    cp_LightScribeConfig
    cp_OnlineProjectsConfig
    CP_Package_Basic1
    CP_Package_Variety1
    CP_Package_Variety2
    CP_Package_Variety3
    CP_Panorama1Config
    cp_PosterPrintConfig
    cp_UpdateProjectsConfig
    CueTour
    Customer Experience Enhancement
    Destinations
    DISCover
    DocProc
    DocumentViewer
    DocumentViewerQFolder
    Easy Internet Sign-up
    Facebook Plug-In
    Fax
    FullDPAppQFolder
    GemMaster Mystic
    Google Toolbar for Internet Explorer
    High Definition Audio Driver Package - KB888111
    Hotfix for Windows Media Player 10 (KB903157)
    Hotfix for Windows Media Player 10 (KB910393)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    HP Boot Optimizer
    HP Deskjet Printer Preload
    HP DigitalMedia Archive
    HP Document Viewer 5.3
    HP Driver Diagnostics
    HP DVD Play 1.0
    HP Imaging Device Functions 6.0
    HP Multimedia Keyboard Software
    HP Photosmart 330,380,420,470,7800,8000,8200 Series
    HP Photosmart Cameras 5.0
    HP Photosmart for Media Center PC
    HP Photosmart Premier Software 6.0
    HP PSC & OfficeJet 5.3.B
    HP Rhapsody
    HP Software Update
    HP Solution Center & Imaging Support Tools 5.3
    HP Web Helper
    HPProductAssistant
    HpSdpAppCoreApp
    Image Resizer Powertoy for Windows XP
    InstantShareDevices
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) PRO Network Connections Drivers
    Internet Transporter - NCP Link
    Invoke Solutions Participant 6.2.0.1452
    iTunes
    J2SE Runtime Environment 5.0 Update 5
    Java Auto Updater
    Java(TM) 6 Update 21
    LightScribe 1.4.62.1
    Microsoft .NET Framework 1.0 Hotfix (KB979904)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft Away Mode
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    Microsoft Money 2006
    Microsoft Office 2003 Edition 60 Days Trial Welcome Tour
    Microsoft Office Standard Edition 2003
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Works
    Mozilla Firefox (3.6.8)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    muvee autoProducer 4.5
    muvee autoProducer unPlugged 1.2
    NCP Internet Transporter
    NewCopy
    Nielsen
    OpinionSquare
    OptionalContentQFolder
    Otto
    PanoStandAlone
    PhotoGallery
    PS2
    PSPrinters08
    PSTAPlugin
    Python 2.2 pywin32 extensions (build 203)
    Python 2.2.3
    Quicken 2006
    QuickTime
    RandMap
    RealPlayer
    Realtek High Definition Audio Driver
    RecipeMaster
    Remove IntelliMover Demo
    Scan
    ScannerCopy
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Simple Adblock
    SkinsHP1
    SolutionCenter
    Sonic Express Labeler
    Sonic MyDVD Plus
    Sonic RecordNow Audio
    Sonic RecordNow Copy
    Sonic RecordNow Data
    Sonic Update Manager
    Sonic_PrimoSDK
    Status
    TrayApp
    Unload
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows Internet Explorer 8 (KB980302)
    Update for Windows Media Player 10 (KB913800)
    Update for Windows Media Player 10 (KB926251)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update for Windows XP (KB978207)
    Update Rollup 2 for Windows XP Media Center Edition 2005
    Updates from HP (remove only)
    WebFldrs XP
    WebReg
    WildTangent Web Driver
    Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 8
    Windows Media Format Runtime
    Windows XP Media Center Edition 2005 KB908250
    Windows XP Media Center Edition 2005 KB973768
    Windows XP Service Pack 3
    WinRAR archiver
    YouGov Technology Tracking Application

    ==== End Of File ===========================
     
    Veri,
    #1
  2. 2010/08/13
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    STEP 1. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/mbam.php to your desktop.
    (Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

    * Double-click mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select Perform Quick Scan, then click Scan.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Be sure that everything is checked, and click Remove Selected.
    * When completed, a log will open in Notepad.
    * Post the log back here.

    The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
    Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt


    STEP 2. Download GMER: http://www.gmer.net/files.php, by clicking on Download EXE button.
    Alternative downloads:
    - http://majorgeeks.com/GMER_d5198.html
    - http://www.softpedia.com/get/Interne...ers/GMER.shtml
    Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
    Do NOT use the computer while GMER is running!
    When scan is completed, click Save button, and save the results as gmer.log
    Warning ! Please, do not select the "Show all" checkbox during the scan.
    Post the log to your next reply.

    IMPORTANT! If for some reason GMER refuses to run, try again.
    If it still fails, try to UN-check "Devices" in right pane.
    If still no joy, try to run it from Safe Mode.


    STEP 3. Download MBRCheck to your desktop

    Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
    It will show a black screen with some data on it.
    A report called MBRcheckxxxx.txt will be on your desktop
    Open this report and post its content in your next reply.



    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
     
    broni,
    #2


  3. to hide this advert.

Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...