|
|||||||
| Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs |
 |
|
|
Topic Tools |
|
#1
April 15th, 2006, 09:42 PM
|
|||
|
|||
|
Both of my browsers crash...
I'm having a wierd problem. Both FireFox and IE crash while I am on the website www.letsbeef.com. My friends aren't having the same problem and the site admin told me he had never heard of that problem before.
I've run Spybot, AdAware, and MS Anti-Spyware and they've all come up with nothing. I keep a close eye on my HJT logs too. I haven't noticed any other problems besides this. What do you think it is? HJT log: Logfile of HijackThis v1.99.1 Scan saved at 4:42:41 PM, on 4/15/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\LEXBCES.EXE C:\WINNT\system32\spoolsv.exe C:\WINNT\system32\LEXPPS.EXE C:\WINNT\Explorer.EXE C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe C:\WINNT\system32\CTHELPER.EXE C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE C:\Program Files\Lexmark X5100 Series\lxbabmon.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\WINNT\system32\ctfmon.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\PROGRA~1\CHARTE~1\backweb\3528733\Program\SERVI C~1.EXE C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Program\fspex.exe C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\program\fsbwsys.exe C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\FSGK32.EXE C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE C:\WINNT\system32\nvsvc32.exe C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fssm32.exe C:\Program Files\Charter High-Speed Security Suite\Common\FSMB32.EXE C:\Program Files\Charter High-Speed Security Suite\Common\FCH32.EXE C:\WINNT\System32\svchost.exe C:\Program Files\Charter High-Speed Security Suite\Common\FAMEH32.EXE C:\Program Files\Charter High-Speed Security Suite\FSPC\fspc.exe C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsav32.exe C:\Program Files\Charter High-Speed Security Suite\FWES\Program\fsdfwd.exe C:\Program Files\Charter High-Speed Security Suite\FSGUI\fsguiexe.exe C:\WINNT\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Owner\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://music.yahoo.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Charter High-Speed Security Suite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Charter High-Speed Security Suite\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\Charter High-Speed Security Suite\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: Web Filter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Show website &list - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: &Suspend Webpage Filter - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: &Deny this website - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: &Allow this website - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.charter.com/sdccommon...ad/tgctlcm.cab O16 - DPF: {01118400-3E00-11D2-8470-0060089874ED} (SdcNetCheckCtl Class) - http://activex.microsoft.com/objects/ocget.dll O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/p.../PCPitStop.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) - http://www.mathxl.com/wizmodules/tes...enXInstall.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab O16 - DPF: {93CEA8A4-6059-4E0B-ADDD-73848153DD5E} (CWebLaunchCtl Object) - http://gateway.cf1live.com/eSupport/.../weblaunch.cab O16 - DPF: {C4DD6732-1E82-4AE7-BD94-180331B84082} (DeltaCVX Control) - http://www.mathxl.com/applets/deltacvx.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite...ITDetector.cab O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Charter High-Speed Security Suite (BackWeb Client - 3528733) - Unknown owner - C:\PROGRA~1\CHARTE~1\backweb\3528733\Program\SERVI C~1.EXE O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\FWES\Program\fsdfwd.exe O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\FSPC\fshttps\fshttps.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) Thanks again! 
|
|
#2
April 15th, 2006, 10:43 PM
|
||||
|
||||
|
Howdy tlj,
No infection showing in that log, however, the first thing that shows up both at that website and listed with your Charter software Here are Parental Control issues. That's enough to make me think you should contact your ISP for guidance on how to make sure their software isn't interfering with site access.
|
|
#4
April 16th, 2006, 08:26 PM
|
||||
|
||||
|
Less likely. Why not try to force the error, and I.D. the cause. Looks like a site that could quickly fill up your temp storage, which would cause possible freezes.
Download Killbox from http://www.bleepingcomputer.com/file...re/KillBox.zip, unzip the file to your Desktop and click on it to run. Click on Tools - Delete Temp Files. Then click Options - Check ALL Options. Next, click the Delete Selected Temp Files button. Using the dropdown box, repeat these steps for all users listed. After completing for all users, click Exit (Save Settings). See if that helps.
|
|
#5
April 16th, 2006, 09:21 PM
|
|||
|
|||
|
Ok, I figured out that if I disable java then I can view the site without it crashing my browser. Unfortunately disabling java means that I can't listen to audio on the site since it is a java thing. Any ideas?
edit: The Killbox thing didn't help. Last edited by tlj; April 16th, 2006 at 09:28 PM.
|
|
#6
April 16th, 2006, 09:43 PM
|
||||
|
||||
|
Looks like you have an updated Java version, so try the following for that Java thing. If it doesn't help, you might consider making a request at the CTH Internet/Browsers forum.
Go to Start > Control Panel > Java and select the General Tab. Under Temporary Internet Files, click on Delete Files... In the "Delete Temporary Files" window that appears, ensure that "Downloaded Applets, "Downloaded Applications" and "Other Files" are checked and then click on OK.
|
|
| Bookmarks |
«
Previous Topic
|
Next Topic
»
|
|
Similar Topics
|
||||
| Topic | Topic Starter | Forum | Replies | Last Post |
| Browsers Won't Open (Firefox & IE)- just pop up crash reporter box... | CJSauve | Windows XP | 3 | December 20th, 2011 07:01 AM |
| Online Flash games crash browsers. | GretaLovejoy | Internet / Browsers | 1 | January 4th, 2011 04:19 AM |
| Browsers Crash, Antivirus/Spyware won't install, Blue Screen | klmnop | Malware Removal | 5 | May 17th, 2010 04:15 AM |
| Browsers Crash/Redirect | OneForTheRoad | Malware Removal | 53 | May 13th, 2009 04:42 AM |
| browsers and other programs crash. vindow popups. help | zombyfellow | Malware Removal | 2 | October 18th, 2007 04:17 AM |
All times are GMT +1. The time now is 05:53 PM.