| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 113160 | 2010-10-07 19:09:00 | Big Firefox problem | Vince (406) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1142501 | 2010-10-07 19:09:00 | A couple of days ago I got fed up with the smaller game offered on the new version of a (http://www.freetetris.org/). I followed a link that promised better things and stupidly download a toolbar - that promised better things -! ***Bad site! http://www.tetrisfriends.com/ Bad site!*** I installed it as soon as I saw what it was, but to late. Firefox has gone mad. It can't access Googles New Zealand site, or the Google.com. or facebook. It is slow 1.4 Mb maximum even though I am getting 15 Mb s. from Telstra Clear. I've tried everything I can think of, including reinstalling Firefox. nothing has worked. What should I do now? |
Vince (406) | ||
| 1142502 | 2010-10-07 19:20:00 | Remove its addon in FF if its there. Then scan the system with something | Speedy Gonzales (78) | ||
| 1142503 | 2010-10-07 19:35:00 | Does it also happen with Firefox Portable from portableapps.com ? | Chilling_Silence (9) | ||
| 1142504 | 2010-10-07 20:15:00 | There is no plugin and have scanned with Avast, AV. Super anti spyware, Spybot S&D, Malware Bites, RougueRemover, CCleaner, and Easycleaner. No results! | Vince (406) | ||
| 1142505 | 2010-10-07 20:39:00 | Here is a Hijackthis log for your perusal. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:12:13 a.m., on 8/10/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe F:\Program Files\Comodo\COMODO\COMODO Internet Security\cmdagent.exe C:\WINDOWS\system32\svchost.exe F:\Program Files\Tools\Avast Antivirus\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe F:\PROGRA~1\Tools\Cacheman\CACHEM~1\CachemanXP.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program Files\Common Files\EPSON\eEBAPI\SAgent2.exe F:\Program Files\Java\bin\jqs.exe F:\Program Files\DiskPrograms\CD Burner XP\NMSAccessU.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE F:\PROGRA~1\SYSTEM~1\WScheduler.exe F:\Program Files\Tools\Ava Find\AvaFind.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC 2.EXE F:\Program Files\Tools\Avast Antivirus\avastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe F:\Program Files\Unlocker\UnlockerAssistant.exe F:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\System32\svchost.exe F:\Program Files\IObit SmartDefrag\IObit SmartDefrag.exe F:\Program Files\Comodo\COMODO\COMODO Internet Security\cfp.exe F:\Program Files\Chameleon Clock\ChamClock.exe F:\Program Files\Tools\Super Spyware Remover\SUPERAntiSpyware.exe F:\Program Files\Tools\SpyBot S&D\TeaTimer.exe F:\Program Files\Tools\TaskBar Shuffle\Taskbar Shuffle\taskbarshuffle.exe F:\Program Files\Keyboards\Click-N-Type.exe F:\Program Files\Mouse Driver\SetPoint\SetPoint.exe F:\Program Files\Uniblue\SpeedUpMyPC\sump.exe F:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE F:\Program Files\AZZ CARDFILE\azzCardfile\azzCardfile.exe C:\Program Files\iPod\bin\iPodService.exe F:\Program Files\Firefox\firefox.exe F:\Program Files\Firefox\plugin-container.exe C:\WINDOWS\SYSTEM32\SOL.EXE C:\WINDOWS\SYSTEM32\FREECELL.EXE C:\WINDOWS\SYSTEM32\spider.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\msiexec.exe F:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = g.xtramsn.co.nz R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\Tools\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - F:\Program Files\Canon Printer\Easy-WebPrint\EWPBrowseLoader.dll O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file) O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - F:\Program Files\Canon Printer\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [WScheduler] F:\PROGRA~1\SYSTEM~1\WScheduler.exe /LOGON O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AvaFind] F:\Program Files\Tools\Ava Find\AvaFind.exe /minimized O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [EPSON Stylus C43 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC 2.EXE /P23 "EPSON Stylus C43 Series" /O6 "USB001" /M "Stylus C43" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [avast5] "F:\Program Files\Tools\Avast Antivirus\avastUI.exe" /nogui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [UnlockerAssistant] "F:\Program Files\Unlocker\UnlockerAssistant.exe" -H O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SmartDefrag] "F:\Program Files\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [COMODO Internet Security] "F:\Program Files\Comodo\COMODO\COMODO Internet Security\cfp.exe" -h O4 - HKCU\..\Run: [HomeAlarm] F:\Program Files\Chameleon Clock\ChamClock.exe O4 - HKCU\..\Run: [EPSON Stylus C43 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC 2.EXE /P23 "EPSON Stylus C43 Series" /M "Stylus C43" O4 - HKCU\..\Run: [SUPERAntiSpyware] F:\Program Files\Tools\Super Spyware Remover\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Tools\SpyBot S&D\TeaTimer.exe O4 - HKCU\..\Run: [Taskbar Shuffle] F:\Program Files\Tools\TaskBar Shuffle\Taskbar Shuffle\taskbarshuffle.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Vincent Dent\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Advanced SystemCare 3] "F:\Program Files\Advanced SystemCare 3\AWC.exe" /startup O4 - HKCU\..\Run: [SpeedUpMyPC] "F:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe" delay 20000 O4 - S-1-5-18 Startup: azzCardfile.lnk = F:\Program Files\AZZ CARDFILE\azzCardfile\azzCardfile.exe (User 'SYSTEM') O4 - .DEFAULT Startup: azzCardfile.lnk = F:\Program Files\AZZ CARDFILE\azzCardfile\azzCardfile.exe (User 'Default user') O4 - Startup: azzCardfile.lnk = F:\Program Files\AZZ CARDFILE\azzCardfile\azzCardfile.exe O4 - Global Startup: Click-N-Type.exe.lnk = F:\Program Files\Keyboards\Click-N-Type.exe O4 - Global Startup: Logitech SetPoint.lnk = F:\Program Files\Mouse Driver\SetPoint\SetPoint.exe O4 - Global Startup: Mozilla Thunderbird.lnk = F:\Program Files\Mozilla Thunderbird\thunderbird.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://F:\Program Files\Canon Printer\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://F:\Program Files\Canon Printer\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://F:\Program Files\Canon Printer\Easy-WebPrint\Toolband.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://F:\Program Files\Canon Printer\Easy-WebPrint\Toolband.dll/RC_Print.html O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\Tools\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\Tools\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.paradise.net.nz/ O16 - DPF: ppctlcab - O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} - O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) - O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} - O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} - O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} - O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} - O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} - O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} (Java Plug-in 1.6.0_19) - O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} - O17 - HKLM\System\CCS\Services\Tcpip\..\{90BCC2C4-DC62-44C0-A260-92D849F14D8C}: NameServer = 156.154.70.22,156.154.71.22 O20 - Winlogon Notify: !SASWinLogon - F:\Program Files\Tools\Super Spyware Remover\SASWINLO.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - F:\Program Files\Tools\Avast Antivirus\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - F:\Program Files\Tools\Avast Antivirus\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - F:\Program Files\Tools\Avast Antivirus\AvastSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CachemanXP (CachemanXPService) - Outertech - F:\PROGRA~1\Tools\Cacheman\CACHEM~1\CachemanXP.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - F:\Program Files\Comodo\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\eEBAPI\SAgent2.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - F:\Program Files\Java\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe O23 - Service: NMSAccess - Unknown owner - F:\Program Files\DiskPrograms\CD Burner XP\Tools\NMSAccess.exe (file missing) O23 - Service: NMSAccessU - Unknown owner - F:\Program Files\DiskPrograms\CD Burner XP\NMSAccessU.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe -- End of file - 12683 bytes |
Vince (406) | ||
| 1142506 | 2010-10-07 21:06:00 | 1 ERROR BY ME. | Vince (406) | ||
| 1142507 | 2010-10-07 21:19:00 | Uninstall ALL versions of java, they're out of date. Then install the latest version ONLY You can tick these entries then tick fix checked Close browsers Uninstall this F:\Program Files\Uniblue\SpeedUpMyPC\sump.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file) O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file) O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [UnlockerAssistant] "F:\Program Files\Unlocker\UnlockerAssistant.exe" -H O4 - HKLM\..\Run: [SmartDefrag] "F:\Program Files\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [SUPERAntiSpyware] F:\Program Files\Tools\Super Spyware Remover\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Tools\SpyBot S&D\TeaTimer.exe O4 - HKCU\..\Run: [Advanced SystemCare 3] "F:\Program Files\Advanced SystemCare 3\AWC.exe" /startup O4 - HKCU\..\Run: [SpeedUpMyPC] "F:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe" delay 20000 O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present |
Speedy Gonzales (78) | ||
| 1142508 | 2010-10-10 19:39:00 | First My original post contains an error. It should have red, "I UNINSTALLD the toollbar as soon as I saw what it was". I have some questions. Uninstall ALL versions of java, they're out of date. Then install the latest version ONLY ===================================== The latest version was among them. ========================================== O4 - HKLM\..\Run: [UnlockerAssistant] "F:\Program Files\Unlocker\UnlockerAssistant.exe" Unlocker doesn't work very well without its assistant. ====================================== O4 - HKLM\..\Run: [SmartDefrag] "F:\Program Files\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp This has been to usefull, running trouble free for nearly a year. Why should it go? ====================================== O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Tools\SpyBot S&D\TeaTimer.exe ====================================== What's wrong with teaTimer? ========================================== O4 - HKCU\..\Run: [Advanced SystemCare 3] "F:\Program Files\Advanced SystemCare 3\AWC.exe" /startup This does not appear to exist! It is not in the registry, I've looked. Windows can't find it, nor can AvaFind. I've been trying to get rid of it all year! It keeps returning! ================================== Results so far_ There have been improvements, but still cant access Google.co.nz, or Google.com. facebook is a mess of blue links that don't work. Cant get Yahoo search and Yahoo mail works but has flaws. |
Vince (406) | ||
| 1142509 | 2010-10-10 19:48:00 | Removing them from startup wont uninstall them. Run them manually Teatimer will block things from writing to the registry properly But if you want to keep them in startup, thats fine. But, then there's no point in posting a HJT log Uninstall the old versions of Java and keep the latest. Older versions of Java have vulnerabilities (even if you've installed the latest version). So you can get hit, by a vulnerability, if you don't uninstall the old versions |
Speedy Gonzales (78) | ||
| 1142510 | 2010-10-10 20:10:00 | My "questions" weren't meant to be argumentative. Sorry if they seemed that way. I just have a very strong desire to learn. I like to know. Thank you for your help. |
Vince (406) | ||
| 1 2 3 | |||||