Jump to content

Welcome to Geeks to Go - Register now for FREE
Geeks To Go is a helpful hub, where thousands of friendly volunteers serve up answers and support. Get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute.
Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message and all ads will be removed once you have signed in.
Create an Account Login to Account

Unknow, My IE keep shutting down by himself [Solved]


  • This topic is locked This topic is locked

#1
Sir Viver

Sir Viver

    New Member

  • Member
  • Pip
  • 7 posts
Hello,

Please help me to fix my IE.
Time to time, he is shutting down. No freezing, nothing, just when I opening pages in the new tab it suddenly shut down. Usually, 3rd or 4th tab when he closing. Then I can open again. Don't give me notice to report the problem, nothing. There is no certain sites when he do that. I can go the same site when I open again the IE. It's completly random, some of the days he doesn't do.

Sometimes (like once a week, I try to open new site in new tab, which he do, but in the meantime, start opening hundreds of new tabs with the same site, until he freeze down, I can close, and open again the same site, buut without any problem now.

I did scan the McAfee, Windows Defender, Malwarebytes' Anti-Malware - sometimes they do find some unwanted, or low virus, malware...etc, which have removed and the IE still doing the samething.
I have SpywareGuard, Spyware Blaster.
I have no idea what to looking for to avoid the shutting down, I really would like to have fixed, it's really anoying.

Here is my Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:25, on 2009-05-11
Platform: Windows XP SP3, v.3311 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\DVDRAMSV.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\EzButton\CplBTQ00.EXE
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\toshiba\ivp\ism\pinger.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Apoint2K\Apntex.exe
c:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trafficsw...d2d5a2c4fe57dd2
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {0D82BD57-1B85-4557-9B90-76E4EB797D7C} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: XBTB05988 - {5C43B8A2-24E8-4336-B86E-A94558E10C60} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: del.icio.us Toolbar Helper - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: (no name) - {D7336D32-62F7-43B5-8B8C-3963C72CA498} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {3FE20A68-5F78-4CF1-A941-3AAA55DE4C9D} - (no file)
O3 - Toolbar: del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [CplBTQ00] C:\Program Files\EzButton\CplBTQ00.EXE
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Furl It - http://www.furl.net/.../rightClick.jsp
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {038E2507-7A48-41E2-94AD-7F23D199AF4E} (ZenGems Control) - http://www.worldwinn...ems/zengems.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebo...toUploader5.cab
O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} (SkillGam Control) - http://www.worldwinn...am/skillgam.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinn...GamesLoader.cab
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} (TPIR Control) - http://www.worldwinn...0/tpir/tpir.cab
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} (SolitaireRush Control) - http://www.worldwinn...litairerush.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace....ploader1006.cab
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} (BJA Control) - http://www.worldwinn...jattack/bja.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinn...d/bejeweled.cab
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} (Blockwerx Control) - http://www.worldwinn...x/blockwerx.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1205719613403
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - http://h20270.www2.h...ctDetection.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1205719833777
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2....re/HPDEXAXO.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinn...ed/wwlaunch.cab
O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} (Cubis Control) - http://www.worldwinn...cubis/cubis.cab
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} (WwLuxor Control) - http://www.worldwinn...luxor/luxor.cab
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) - http://www.worldwinn...apit/swapit.cab
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} (Tilecity Control) - http://www.worldwinn...ty/tilecity.cab
O16 - DPF: {BB637307-92FA-47EC-B3F7-6969078673CC} (Royal Control) - http://www.worldwinn...royal/royal.cab
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} (DinerDash Control) - http://www.worldwinn...h/dinerdash.cab
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} (Paint Control) - http://www.worldwinn...paint/paint.cab
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} (GolfSol Control) - http://www.worldwinn...sol/golfsol.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ThreatFire - Unknown owner - C:\Program Files\ThreatFire\TFService.exe (file missing)

--
End of file - 13586 bytes


Thank you,
Eva

Edited by Sir Viver, 13 May 2009 - 05:42 PM.

  • 0

Advertisement


#2
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 63,705 posts
Hi there and sorry for the delay - I would like a fresh look at your system

To ensure that I get all the information this log will need to be attached (instructions at the end) if it is to large to attach then upload to Mediafire and post the sharing link.

Download OTS to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.
  • Close ALL OTHER PROGRAMS.
  • Open the OTScanit folder and double-click on OTS.exe to start the program.
  • Check the box that says Scan All Users
  • Under Additional Scans check the following:
    • File - Lop Check
    • File - Purity Scan
    • Evnt - EventViewer Errors/Warnings (last 10)
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Please attach the log in your next post.

To attach a file, do the following:
  • Click Add Reply
  • Under the reply panel is the Attachments Panel
  • Browse for the attachment file you want to upload, then click the green Upload button
  • Once it has uploaded, click the Manage Current Attachments drop down box
  • Click on Posted Image to insert the attachment into your post

  • 0

#3
Sir Viver

Sir Viver

    New Member

  • Member
  • Pip
  • 7 posts
Attached File  OTS.Txt   153.55KB   139 downloads



Hello,

Under the additional I coudn't check: Evnt - EventViewer Errors/Warnings (last 10)
There was only one kind: Evnt - EventViewer Logs (Last 10 Errors) : I did check in this one.

Thank You
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 63,705 posts
Start OTS. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Unregister Dlls]
[Win32 Services - Safe List]
YY -> (ThreatFire) ThreatFire [Win32_Own | Auto | Stopped] -> 
[Registry - Safe List]
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YN -> {0D82BD57-1B85-4557-9B90-76E4EB797D7C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> {5C43B8A2-24E8-4336-B86E-A94558E10C60} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> {D7336D32-62F7-43B5-8B8C-3963C72CA498} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1452089565-128784992-372151615-1004\] > -> HKEY_USERS\S-1-5-21-1452089565-128784992-372151615-1004\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\"{3FE20A68-5F78-4CF1-A941-3AAA55DE4C9D}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1452089565-128784992-372151615-1004\] > -> HKEY_USERS\S-1-5-21-1452089565-128784992-372151615-1004\Software\Microsoft\Internet Explorer\MenuExt\
YN -> Furl It -> [http://www.furl.net/resources/rightClick.jsp]
[Files/Folders - Created Within 30 Days]
NY -> vfhysoyq.ini -> C:\WINDOWS\System32\vfhysoyq.ini
NY -> qwimp.ini -> C:\WINDOWS\qwimp.ini
NY -> intuprof.ini -> C:\WINDOWS\intuprof.ini
[File - Lop Check]
NY -> Gogii -> C:\Documents and Settings\All Users\Application Data\Gogii
[Empty Temp Folders]

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here along with a new OTS log.

I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.
  • 0

#5
Sir Viver

Sir Viver

    New Member

  • Member
  • Pip
  • 7 posts
I did the fix, it did take 30 minutes until the message box came up to restart the computer. After restarting I got the log box.

Now the computer (open webpage) bit slowlier than before I run the fix (he never was so fast, my computer it's kind of almost full), and now the IE shutting down after opening the first new tab.

Here is the log:


[Win32 Services - Safe List]
Service ThreatFire stopped successfully!
Service ThreatFire deleted successfully!
File not found.
[Registry - Safe List]
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D82BD57-1B85-4557-9B90-76E4EB797D7C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D82BD57-1B85-4557-9B90-76E4EB797D7C}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C43B8A2-24E8-4336-B86E-A94558E10C60}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C43B8A2-24E8-4336-B86E-A94558E10C60}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D7336D32-62F7-43B5-8B8C-3963C72CA498}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7336D32-62F7-43B5-8B8C-3963C72CA498}\ not found.
Registry value HKEY_USERS\S-1-5-21-1452089565-128784992-372151615-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3FE20A68-5F78-4CF1-A941-3AAA55DE4C9D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3FE20A68-5F78-4CF1-A941-3AAA55DE4C9D}\ not found.
Registry key HKEY_USERS\S-1-5-21-1452089565-128784992-372151615-1004\Software\Microsoft\Internet Explorer\MenuExt\Furl It\ deleted successfully.
[Files/Folders - Created Within 30 Days]
C:\WINDOWS\System32\vfhysoyq.ini moved successfully.
C:\WINDOWS\qwimp.ini moved successfully.
C:\WINDOWS\intuprof.ini moved successfully.
[File - Lop Check]
C:\Documents and Settings\All Users\Application Data\Gogii\THOS2\BigFish\data folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Gogii\THOS2\BigFish folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Gogii\THOS2 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Gogii folder moved successfully.
[Empty Temp Folders]
File delete failed. C:\Documents and Settings\tigri-bigri\Local Settings\Temp\~DF4CFA.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\tigri-bigri\Local Settings\Temp\~DF55B6.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\tigri-bigri\Local Settings\Temp\~DF67B9.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\tigri-bigri\Local Settings\Temp\~DF67CB.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\mcmsc_bbjMczmF0DO5J47 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_Bzjv12sBdUEoY1l scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_tAXVnKYalxeyrnT scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
RecycleBin -> emptied.
< End of fix log >
OTS by OldTimer - Version 3.0.2.1 fix logfile created on 05202009_072601

Files moved on Reboot...
C:\Documents and Settings\tigri-bigri\Local Settings\Temp\~DF4CFA.tmp moved successfully.
C:\Documents and Settings\tigri-bigri\Local Settings\Temp\~DF55B6.tmp moved successfully.
C:\Documents and Settings\tigri-bigri\Local Settings\Temp\~DF67B9.tmp moved successfully.
File C:\Documents and Settings\tigri-bigri\Local Settings\Temp\~DF67CB.tmp not found!
File C:\WINDOWS\temp\mcmsc_bbjMczmF0DO5J47 not found!
File C:\WINDOWS\temp\mcmsc_Bzjv12sBdUEoY1l not found!
File C:\WINDOWS\temp\mcmsc_tAXVnKYalxeyrnT not found!

Registry entries deleted on Reboot...
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 63,705 posts
Hmm your system is running on less than 1 Gb of memory which is pushing it for XP

766.98 Mb Total Physical Memory | 350.42 Mb Available Physical Memory


Lets spring clean and then run MBAM to see what that shows

Please download ATF Cleaner by Atribune.
This program is for XP, Vista and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All Unless on Vista then uncheck the prefetch area
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.


THEN

Download and run Auslogics disc defragmenter

FINALLY

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
  • 0

#7
Sir Viver

Sir Viver

    New Member

  • Member
  • Pip
  • 7 posts
Defenetly got faster, but my IE still shutting down.
Open new tab, or new page - the page goes doan, I have to reopen again the IE.

Malwarebyte log:

Malwarebytes' Anti-Malware 1.36
Database version: 2161
Windows 5.1.2600 Service Pack 3, v.3311

2009-05-20 17:08:34
mbam-log-2009-05-20 (17-08-34).txt

Scan type: Quick Scan
Objects scanned: 91166
Time elapsed: 5 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 63,705 posts
Two options to go I will let you decide which to try first

If you stay with IE7 disable all the tollbars that you have running and see if that shows an improvement

If that shows no improvement then download and install IE8

Again let me know the results
  • 0

#9
Sir Viver

Sir Viver

    New Member

  • Member
  • Pip
  • 7 posts
I went over on both steps.
I did disabled all, and it didn't helped. Specially, I was trying to get off the links from the toolbar (right click, unselect Links, lock the toolbar) when I did open new page the links went back.

So, I did download and install the 8. I was playing with the IE for a bit, to see if is going to shut down. No, it didn't. Altough when I installed before restart give me message box: RUNDLL - Error in C:\Windows\System32\iedkcs23.dll Missing entry: BrandIEActiveSetup

But overall, right now IE don't shutting down.
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 63,705 posts
Before I remove my tools I would like you to run for 24 hours and then let me know of any problems you are experiencing
  • 0

#11
Sir Viver

Sir Viver

    New Member

  • Member
  • Pip
  • 7 posts
The computer running faster, and the IE working perfectly.

The ATF Cleaner and the Malwarebyte was allready on my computer and I would like to keep it.
Basicly the OTS needs the remove only.

Right now I'm leaving to Yosemite and I'll be back on Monday afternoon.

Have a happy holiday,
Thank You
Eva
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 63,705 posts
Excellent result Eva thank you for letting me know :)

Now the best part of the day ----- Your log now appears clean :)

A good workman always cleans up after himself so..Run OTListit and hit the cleanup button. It will remove all the programmes we have used plus itself. MBAM can be uninstalled via control panel add/remove along with ERUNT. But they may be useful tools to keep

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Upgrading Java:
  • Download the latest version of Java SE Runtime Environment (JRE)JRE 6 Update 13.
  • Click the "Download" button to the right.
  • Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation (jre-6u13-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u13-windows-i586-p.exe and select "Run as an Administrator.")

XP
Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE
You now have a clean restore point, to get rid of the bad ones:
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do some calculation and the display a dialogue box with TABS
  • Select the More Options Tab.
  • At the bottom will be a system restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes: It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe :)
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 63,705 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

Advertisement




Similar Topics: Unknow, My IE keep shutting down by himself [Solved]     x


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

featured