|
|
|
IE and Firefox randomly encounter problems
|
|
|
odell1980
Junior Member
1 product review
|
16. December 2008 @ 17:19 |
Link to this message
|
I have been having problems keeping my browsers open on certain pages for more than a few seconds. This problem is limited to only certain websites, although I am not sure how they are connected. Some of the sites that I have had issues with are overstock.com, foodnetwork.com and amazon.com I noticed this trend after installing malwarebytes and avg anti-virus. I have run hijackthis and combofix. I am not sure if I have a virus or what is going on here. Also, is AVG a good antivirus, or am I going to be in trouble in the future? Thanks for the and any advice.
Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:52:04 PM, on 12/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsu...b?1229327672388
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: nopukb.dll,avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
--
End of file - 3235 bytes
ComboFix:
ComboFix 08-12-15.01 - Ben Odell 2008-12-16 16:53:50.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.767.400 [GMT -5:00]
Running from: c:\documents and settings\Ben Odell\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\_000102_.tmp.dll
.
((((((((((((((((((((((((( Files Created from 2008-11-16 to 2008-12-16 )))))))))))))))))))))))))))))))
.
2008-12-16 16:52 . 2008-12-16 16:53 <DIR> d-------- C:\32788R22FWJFW
2008-12-16 16:48 . 2008-12-16 16:48 <DIR> d-------- c:\program files\Trend Micro
2008-12-16 12:39 . 2008-12-16 13:37 <DIR> d-------- c:\windows\system32\CatRoot_bak
2008-12-16 12:27 . 2008-12-16 12:27 <DIR> d-------- c:\windows\LastGood
2008-12-16 02:06 . 2008-12-16 12:37 <DIR> d--h----- c:\windows\$hf_mig$
2008-12-16 00:39 . 2008-08-14 04:51 138,368 -----c--- c:\windows\system32\dllcache\afd.sys
2008-12-16 00:37 . 2008-10-03 05:15 247,326 -----c--- c:\windows\system32\dllcache\strmdll.dll
2008-12-15 23:37 . 2008-12-15 23:39 <DIR> d-------- c:\documents and settings\Ben Odell\Application Data\Media Player Classic
2008-12-15 16:37 . 2008-12-15 16:37 <DIR> d-------- C:\VundoFix Backups
2008-12-15 16:35 . 2008-12-15 16:36 <DIR> d-------- c:\program files\XP Codec Pack
2008-12-15 16:35 . 2008-07-09 04:05 421,888 --a------ c:\windows\system32\ac3filter.acm
2008-12-15 14:29 . 2008-12-15 15:58 <DIR> d--h----- C:\$AVG8.VAULT$
2008-12-15 14:10 . 2006-10-04 09:06 1,197,294 -----c--- c:\windows\system32\dllcache\sysmain.sdb
2008-12-15 14:10 . 2006-10-04 09:06 764,868 -----c--- c:\windows\system32\dllcache\apph_sp.sdb
2008-12-15 14:10 . 2006-10-04 09:06 217,118 -----c--- c:\windows\system32\dllcache\apphelp.sdb
2008-12-15 14:09 . 2008-12-15 14:09 <DIR> d-------- c:\program files\Windows Media Connect 2
2008-12-15 14:07 . 2008-12-15 14:07 <DIR> d-------- c:\windows\system32\LogFiles
2008-12-15 14:07 . 2008-12-15 14:08 <DIR> d-------- c:\windows\system32\drivers\UMDF
2008-12-15 13:47 . 2008-12-16 13:34 <DIR> d-------- c:\windows\system32\drivers\Avg
2008-12-15 13:47 . 2008-12-15 13:47 <DIR> d-------- c:\program files\AVG
2008-12-15 13:47 . 2008-12-15 13:47 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2008-12-15 13:47 . 2008-12-15 13:47 98,440 --a------ c:\windows\system32\drivers\avgldx86.sys
2008-12-15 13:47 . 2008-12-15 13:47 90,632 --a------ c:\windows\system32\drivers\avgtdix.sys
2008-12-15 13:47 . 2008-12-15 13:47 12,936 --a------ c:\windows\system32\drivers\avgrkx86.sys
2008-12-15 13:47 . 2008-12-15 13:47 10,520 --a------ c:\windows\system32\avgrsstx.dll
2008-12-15 13:38 . 2008-12-15 13:42 3 --a------ c:\windows\sbacknt.bin
2008-12-15 13:20 . 2008-12-15 13:36 316,640 --a------ c:\windows\WMSysPr9.prx
2008-12-15 13:19 . 2008-12-15 13:19 <DIR> d-------- c:\windows\provisioning
2008-12-15 13:19 . 2008-12-15 13:19 <DIR> d-------- c:\windows\peernet
2008-12-15 13:16 . 2008-12-15 13:16 <DIR> d-------- c:\windows\ServicePackFiles
2008-12-15 13:08 . 2006-09-25 17:58 23,856 --a------ c:\windows\system32\spupdsvc.exe
2008-12-15 12:59 . 2008-12-15 12:59 <DIR> d-------- c:\windows\EHome
2008-12-15 12:44 . 2004-08-04 00:56 11,776 --------- c:\windows\system32\spnpinst.exe
2008-12-15 12:44 . 2004-08-02 14:20 7,208 --------- c:\windows\system32\secupd.sig
2008-12-15 12:44 . 2004-08-02 14:20 4,569 --------- c:\windows\system32\secupd.dat
2008-12-15 02:58 . 2008-12-15 02:58 <DIR> d-------- c:\windows\system32\bits
2008-12-15 02:58 . 2004-08-04 02:56 438,784 --------- c:\windows\system32\xpob2res.dll
2008-12-15 02:58 . 2004-08-04 02:56 351,232 --a------ c:\windows\system32\winhttp.dll
2008-12-15 02:58 . 2004-08-04 02:56 18,944 --a------ c:\windows\system32\qmgrprxy.dll
2008-12-15 02:58 . 2004-08-04 02:56 8,192 --------- c:\windows\system32\bitsprx2.dll
2008-12-15 02:58 . 2004-08-04 02:56 7,168 --------- c:\windows\system32\bitsprx3.dll
2008-12-15 02:55 . 2008-10-16 14:12 561,688 --a------ c:\windows\system32\wuapi.dll
2008-12-15 02:55 . 2008-10-16 14:12 323,608 --a------ c:\windows\system32\wucltui.dll
2008-12-15 02:55 . 2008-10-16 14:12 213,528 --a------ c:\windows\system32\wuaucpl.cpl
2008-12-15 02:55 . 2008-10-16 14:09 43,544 --a------ c:\windows\system32\wups2.dll
2008-12-15 02:55 . 2008-10-16 14:08 34,328 --a------ c:\windows\system32\wups.dll
2008-12-15 02:55 . 2008-10-16 14:09 31,768 --a------ c:\windows\system32\wucltui.dll.mui
2008-12-15 02:55 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuaucpl.cpl.mui
2008-12-15 02:55 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuapi.dll.mui
2008-12-15 02:55 . 2008-10-16 14:07 18,456 --a------ c:\windows\system32\wuaueng.dll.mui
2008-12-15 02:54 . 2008-12-15 02:54 <DIR> d---s---- c:\documents and settings\Ben Odell\UserData
2008-12-13 18:49 . 2008-12-13 18:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\WinZip
2008-12-12 05:42 . 2008-12-12 05:42 25 --a------ c:\windows\cdplayer.ini
2008-12-12 05:41 . 2008-12-12 05:41 <DIR> d-------- c:\program files\Real
2008-12-12 05:41 . 2008-12-12 05:41 <DIR> d-------- c:\program files\Common Files\xing shared
2008-12-12 05:41 . 2008-12-12 05:41 <DIR> d-------- c:\program files\Common Files\Real
2008-12-10 13:42 . 2008-12-12 05:08 <DIR> d-------- c:\program files\vghd
2008-12-10 13:42 . 2008-12-10 13:42 <DIR> d-------- c:\documents and settings\Ben Odell\Application Data\vghd
2008-12-10 13:42 . 2008-12-12 05:08 152,904 --a------ c:\windows\system32\vghd.scr
2008-12-09 19:59 . 2008-12-15 13:48 <DIR> d-------- c:\documents and settings\Mary
2008-12-08 20:36 . 2008-12-15 13:48 <DIR> d-------- c:\documents and settings\Grandma
2008-12-08 15:02 . 2008-12-08 15:02 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-08 15:02 . 2008-12-08 15:02 <DIR> d-------- c:\documents and settings\Ben Odell\Application Data\Malwarebytes
2008-12-08 15:02 . 2008-12-08 15:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-08 15:02 . 2008-12-03 22:59 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-08 15:02 . 2008-12-03 22:59 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-08 14:50 . 2008-12-08 14:50 <DIR> d-------- c:\program files\Common Files\Adobe AIR
2008-12-08 14:49 . 2008-12-08 14:49 <DIR> d-------- c:\program files\Common Files\Adobe
2008-12-08 14:43 . 2008-12-08 19:16 <DIR> d-------- c:\program files\NOS
2008-12-08 14:43 . 2008-12-08 19:16 <DIR> d-------- c:\documents and settings\All Users\Application Data\NOS
2008-12-08 14:39 . 2008-12-08 14:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\McAfee
2008-12-07 23:43 . 2008-12-07 23:45 <DIR> d-------- c:\windows\system32\Adobe
2008-12-07 23:43 . 2008-12-12 05:41 499,712 --a------ c:\windows\system32\msvcp71.dll
2008-12-07 23:43 . 2008-12-12 05:41 348,160 --a------ c:\windows\system32\msvcr71.dll
2008-12-07 06:23 . 2008-12-07 06:20 13,032 --a------ c:\windows\system32\wpa.bak
2008-12-07 06:12 . 2008-12-12 18:11 <DIR> d-------- C:\Downloads
2008-12-07 05:44 . 2008-12-16 16:51 <DIR> d-------- c:\program files\BitComet
2008-12-07 05:27 . 2008-12-07 05:27 0 --a------ c:\windows\nsreg.dat
2008-12-07 05:23 . 2008-12-07 05:23 <DIR> d---s---- c:\windows\system32\Microsoft
2008-12-07 05:22 . 2008-12-07 05:22 <DIR> d-------- c:\windows\OPTIONS
2008-12-07 05:22 . 2008-12-07 05:22 <DIR> d-------- c:\program files\NETGEAR
2008-12-07 05:22 . 2008-12-07 05:22 <DIR> d--h----- c:\program files\InstallShield Installation Information
2008-12-07 05:22 . 2008-12-07 05:22 <DIR> d-------- c:\program files\Common Files\InstallShield
2008-12-07 05:22 . 2006-04-10 21:41 200,704 --a------ c:\windows\system32\WG1v2Lib.dll
2008-12-07 05:22 . 2006-03-27 20:53 167,808 --a------ c:\windows\system32\drivers\wg111v2.sys
2008-12-07 05:22 . 2003-11-18 12:27 155,648 --a------ c:\windows\system32\IpLib.dll
2008-12-07 05:22 . 2005-12-29 03:16 114,688 -ra------ c:\windows\system32\EnumDev111.dll
2008-12-07 05:22 . 2005-04-01 14:43 66,048 --a------ c:\windows\system32\drivers\EAPPkt.sys
2008-12-07 05:22 . 2002-10-02 11:57 13,532 --a------ c:\windows\system32\drivers\SjyPkt.sys
2008-12-07 05:20 . 2008-12-15 16:44 <DIR> d--hs---- c:\windows\Installer
2008-12-07 05:20 . 2008-12-15 02:54 <DIR> d-------- c:\documents and settings\Ben Odell
2008-12-07 05:17 . 2008-12-07 05:17 <DIR> d--hs---- c:\documents and settings\NetworkService
2008-12-07 05:17 . 2008-12-15 13:35 <DIR> d--hs---- c:\documents and settings\LocalService
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-07 09:29 --------- d-----w c:\program files\microsoft frontpage
2008-11-29 20:26 991,232 ----a-w c:\windows\system32\VSFilter.dll
2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 19:12 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 19:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 19:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-03 10:15 247,326 ----a-w c:\windows\system32\strmdll.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"BitComet"="c:\program files\BitComet\BitComet.exe" [2008-12-03 2514744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-12-12 185872]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-16 1261336]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
WG111v2 Smart Wizard Wireless Setting.lnk - c:\program files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe [2008-12-07 745472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=nopukb.dll,avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= ffdshow.ax
"msacm.ac3filter"= ac3filter.acm
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"19608:TCP"= 19608:TCP:BitComet 19608 TCP
"19608:UDP"= 19608:UDP:BitComet 19608 UDP
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\Drivers\avgrkx86.sys [2008-12-15 12936]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-12-15 98440]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-12-15 90632]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-12-15 874776]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-15 231704]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\DRIVERS\EAPPkt.sys [2008-12-07 66048]
R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\DRIVERS\wg111v2.sys [2008-12-07 167808]
R3 SjyPkt;SjyPkt;\??\c:\windows\System32\Drivers\SjyPkt.sys [2008-12-07 13532]
*Newly Created Service* - PROCEXP90
.
.
------- Supplementary Scan -------
.
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
FF - ProfilePath - c:\documents and settings\Ben Odell\Application Data\Mozilla\Firefox\Profiles\sauea47w.default\
FF - prefs.js: browser.startup.homepage - my.yahoo.com
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-16 16:55:43
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(680)
c:\windows\system32\avgrsstx.dll
- - - - - - - > 'lsass.exe'(744)
c:\windows\system32\avgrsstx.dll
.
Completion time: 2008-12-16 16:56:43
ComboFix-quarantined-files.txt 2008-12-16 21:56:40
Pre-Run: 130,088,337,408 bytes free
Post-Run: 130,321,739,776 bytes free
186 --- E O F --- 2008-12-16 17:28
|
|
