Over 1 million tech questions and answers.

Attacks From \device\harddiskvolume1\program files\mozilla firefox\firefox.exe

Q: Attacks From \device\harddiskvolume1\program files\mozilla firefox\firefox.exe

I know other users have had issues with this but I didn't know if I could follow the solutions for their problem or not.

(Not sure what information is helpful so I'll start and the top and be brief)
For my job I am required to sometimes go to 'suspect websites' and normally Norton will catch anything before it even has a chance to download. Sadly, two weeks ago I did download a file called Trojan.Gen (or at least that is what Norton called it). Almost immediately Norton caught and removed all threats but I knew I wasn't going to get off that easy.

For a few days everything seemed fine but shortly after I started seeing attack messages from Norton from \device\harddiskvolume1\program files\mozilla firefox\firefox.exe, the IP and web address changes.

I couldn't tell if it was doing anything to my computer and have since been trying to remove it with no luck with Norton. Now, my web pages are being redirected to either a fake search page or a Pay Per Click page, if I click a link in Google.

Norton and Malwarebytes' Anti-Malware Free are telling me that they are not detecting anything.

I did read the preparation guide, so I hope I have all the information that is needed.

I want to thank you in advance for any help that I can get and I understand that this is a process. I appreciate your time!
-Eve



.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Owner at 0:05:56.00 on Fri 04/29/2011
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1169 [GMT -4:00]
.
AV: Norton AntiVirus *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Ahead\InCD\InCDsrv.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
svchost.exe
C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton AntiVirus\Engine\18.5.0.125\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WMP54GSv1_1.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Norton AntiVirus\Engine\18.5.0.125\ccSvcHst.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Documents and Settings\Owner\Local Settings\Apps\2.0\9E91CMPZ.VT1\68N0VDRG.OC8\curs..tion_eee711038731a406_0004.0000_efb506202a7c3b08\CurseClient.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Documents and Settings\Owner\Desktop\Laaaaaaaaa\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.alienware.com/
mDefault_Page_URL = hxxp://www.alienware.com
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {348FE907-249E-4C65-A838-F34A193FE1D1} - No File
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton antivirus\engine\18.5.0.125\ips\IPSBHO.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [updateMgr] c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe AcRdB7_0_9
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [RegistryBooster] "c:\program files\uniblue\registrybooster\launcher.exe" delay 20000
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [AmazonGSDownloaderTray] c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderTray.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\documents and settings\owner\start menu\programs\startup\CurseClientStartup.ccip
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} - hxxp://www.shockwave.com/content/dinerdash2/sis/DinerDash2.1.0.0.67.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {DB7ACFA2-9634-4C98-BC9D-FB9416153022} - hxxp://clarion.webhop.biz/nvEPLMedia.ocx
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Notify: WB - c:\program files\alienguise\fastload.dll
AppInit_DLLs: wbsys.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\i7sdu12y.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?PC=BRTH&FORM=BT074D&q=
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\documents and settings\owner\application data\move networks\plugins\npqmp071500000347.dll
FF - plugin: c:\documents and settings\owner\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\owner\application data\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nppopcaploader.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SMR162;Symantec SMR Utility Service 1.6.2;c:\windows\system32\drivers\SMR162.SYS [2011-4-28 76920]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nav\1205000.07d\symds.sys [2011-1-23 340016]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1205000.07d\symefa.sys [2011-1-23 652336]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\bashdefs\20110419.001\BHDrvx86.sys [2011-4-19 802936]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nav\1205000.07d\ironx86.sys [2011-1-23 136312]
R2 Amazon Download Agent;Amazon Download Agent;c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderService.exe [2011-1-23 401920]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 NAV;Norton AntiVirus;c:\program files\norton antivirus\engine\18.5.0.125\ccsvchst.exe [2011-1-23 130000]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-4-16 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\ipsdefs\20110428.002\IDSXpx86.sys [2011-4-28 341944]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\virusdefs\20110428.019\NAVENG.SYS [2011-4-28 86136]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\virusdefs\20110428.019\NAVEX15.SYS [2011-4-28 1393144]
RUnknown SASDIFSV;SASDIFSV; [x]
RUnknown SASKUTIL;SASKUTIL; [x]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\androidusb.sys --> c:\windows\system32\drivers\ANDROIDUSB.sys [?]
.
=============== Created Last 30 ================
.
2011-04-29 03:49:58 -------- d-----w- c:\program files\iPod
2011-04-29 03:49:07 -------- d-----w- c:\program files\ESET
2011-04-29 03:47:18 -------- d-----w- c:\program files\Bonjour
2011-04-29 02:01:08 76920 ----a-w- c:\windows\system32\drivers\SMR162.SYS
2011-04-28 01:17:55 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\NPE
2011-04-25 17:36:55 -------- d-----w- c:\windows\pss
2011-04-22 01:08:09 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2011-04-22 01:04:46 -------- d-----w- c:\docume~1\owner\applic~1\Malwarebytes
2011-04-22 01:04:40 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-22 01:04:39 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-04-22 01:04:36 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-22 01:04:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-21 00:00:37 -------- d-----w- c:\windows\system32\CatRoot_bak
2011-04-20 23:29:25 -------- d-----w- c:\program files\World of Warcraft
2011-04-20 02:28:59 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2011-04-20 02:28:59 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2011-04-20 02:28:59 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2011-04-20 02:28:59 8192 ----a-w- c:\windows\system32\kbdkor.dll
2011-04-20 02:28:59 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2011-04-20 02:28:59 6144 ----a-w- c:\windows\system32\kbd101c.dll
2011-04-20 02:28:59 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2011-04-20 02:28:59 5632 ----a-w- c:\windows\system32\kbd103.dll
2011-04-20 02:28:47 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2011-04-20 02:28:47 6144 ----a-w- c:\windows\system32\kbd101b.dll
2011-04-20 02:28:44 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2011-04-20 02:28:44 6144 ----a-w- c:\windows\system32\kbd106.dll
2011-04-19 00:54:04 123392 --sha-r- c:\windows\system32\ntsdextsp.dll
2011-04-13 17:36:34 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\Symantec
2011-04-13 17:36:34 -------- d-----w- c:\docume~1\owner\applic~1\Tific
2011-04-11 01:15:30 252080 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-04-11 01:15:28 252080 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-04-11 01:15:28 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-04-11 01:15:03 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-04-11 01:15:03 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-04-11 01:15:03 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-11 01:15:02 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-04-11 01:08:18 -------- d-----w- c:\program files\SystemRequirementsLab
2011-04-06 20:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 20:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-03 17:58:31 -------- d-----w- c:\program files\RIFT Game
2011-04-03 17:51:30 -------- d--h--w- c:\windows\msdownld.tmp
2011-04-03 17:51:27 -------- d-----w- c:\windows\Logs
2011-04-03 17:51:15 -------- d-----w- c:\docume~1\owner\applic~1\RIFT
2011-04-03 17:51:08 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\RIFT Beta
.
==================== Find3M ====================
.
2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:45:07 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-18 21:36:58 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-17 13:51:57 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-02-17 13:51:57 667136 ----a-w- c:\windows\system32\wininet.dll
2011-02-17 13:51:57 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-02-17 12:37:38 369664 ----a-w- c:\windows\system32\html.iec
2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-08 13:33:55 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33:55 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-04 22:48:32 456192 ----a-w- c:\windows\system32\encdec.dll
2011-02-04 22:48:30 291840 ----a-w- c:\windows\system32\sbe.dll
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
.
============= FINISH: 0:06:39.86 ===============

RELEVANCY SCORE 200
Preferred Solution: Attacks From \device\harddiskvolume1\program files\mozilla firefox\firefox.exe

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Attacks From \device\harddiskvolume1\program files\mozilla firefox\firefox.exe

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.
I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together ;)
Because of this, you must reply within three days failure to reply will result in the topic being closed!
Please do not PM me directly for help. If you have any questions, post them in this topic.
Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.____________________________________________________Rootkit UnHooker (RkU)Please download Rootkit Unhooker from one of the following links and save it to your desktop.Link 1 (.exe file)Link 2 (zipped file)Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.Double-click on RKUnhookerLE.exe to start the program.
Vista/Windows 7 users right-click and select Run As Administrator.Click the Report tab, then click Scan.Check Drivers, Stealth, and uncheck the rest.Click OK.Wait until it's finished and then go to File > Save Report.Save the report to your Desktop.Copy and paste the contents of the report into your next reply.-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".NEXT:Running OTLWe need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedNEXT:Please provide an update on how things are running in your next reply.

Read other 12 answers
RELEVANCY SCORE 198.8

Hi I have had repeated attacks. The websites, ports and IP addresses the attacks were coming from varied, but the one message I kept receiving wasTHE ATTACK WAS RESULTED FROM \DEVICE\HARDDISKVOLUME1\PROGRAMFILES\MOZILLAFIREFOX\FIREFOX.EXE. I'm pretty sure it's from a virus.Any help would be appreciatedNEED HELP'sigh' Hijack-thisLogfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:08:43 PM, on 4/19/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Norton 360 Premier Edition\Engine\4.3.0.5\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin ... Read more

A:Repeat Attacks From \device\harddiskvolume1\program files\mozilla firefox\firefox.exe

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 3 answers
RELEVANCY SCORE 198.8

Hello, Last night I started receiving repeated attack warnings from my Norton Antivirus. The websites and IP addresses the attacks were coming from varied, but the one message I kept receiving wasTHE ATTACK WAS RESULTED FROM \DEVICE\HARDDISKVOLUME1\PROGRAMFILES\MOZILLAFIREFOX\FIREFOX.EXETo get rid of the repeat warnings I ran my Norton Antivirus then downloaded and ran TDSSKILLER,SUPERAntiSpyware Free Edition and Malwarebytes Free Edition. All the programs found and removed suspicious programs.Today being a bit cautious I did a few general Google Searches and it seems the constant attack warnings had stopped. But then I tried to enter one of my normal sites and it seemed the virus/trogen or whatever it is tried to re-direct me to a Fake App. Again the website and IP address was different than before but once again I recieved this warningTHE ATTACK WAS RESULTED FROM \DEVICE\HARDDISKVOLUME1\PROGRAMFILES\MOZILLAFIREFOX\FIREFOX.EXESo now being something at a loss I would very much appreciate any help you guys at Bleeping Computer can offer. I have followed the Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help and have pasted the DDS log below plus I have attached the DDS, GMER files and a copy of today's Norton Attack Report.if I have missed anything out please let me know.Thanks,jdpex.DDS (Ver_11-03-05.01) - NTFSx86 Run by John O'Shea at 12:46:38.90 on 13/04/2011Internet Explorer: 8.0.6001.... Read more

A:Repeat Attacks From \device\harddiskvolume1\program files\mozilla firefox\firefox.exe

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
Do not d... Read more

Read other 18 answers
RELEVANCY SCORE 198.8

Today being a bit cautious I did a few general Google Searches and it seems the constant attack warnings had stopped. But then I tried to enter one of my normal sites and it seemed the virus/trogen or whatever it is tried to re-direct me to a Fake App. Again the website and IP address was different than before but once again I recieved this warning

THE ATTACK WAS RESULTED FROM \DEVICE\HARDDISKVOLUME1\PROGRAMFILES\MOZILLAFIREFOX\FIREFOX.EXE

So now being something at a loss I would very much appreciate any help you guys at Bleeping Computer can offer. I have followed the Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help and have pasted the DDS log below plus I have attached the DDS, GMER files and a copy of today's Norton Attack Report.

if I have missed anything out please let me know.

Thanks,
.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 7.0.5730.11
Run by Head Quartrers at 17:37:04 on 2011-06-16
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.639.96 [GMT 10:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe
C:\Program Files\Venturi\Client\ventc.exe
C:&... Read more

A:Repeat Attacks From \device\harddiskvolume1\program files\mozilla firefox\firefox.exe

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator&#... Read more

Read other 3 answers
RELEVANCY SCORE 130.8

Hi, My computer has been under constant attack (i.e. every two minutes). Norton tells me that it is coming from \DEVICE\HARDDISKVOLUME1\PROGRAMFILES\MOZILLAFIREFOX\FIREFOX.EXE In addition, it describes the source as usually coming from 91.212.226.179, the attack URL generally being zl00zxcv1.com. However, I've been receiving apparently different trojan attacks across the board. This morning, I noticed for the first time a piece of spyware called Antimalware Doctor, which I could not remove through Norton or Malwarebytes. I eventually manually deleted the source files that RKill found, those being in my application data under temporary files. However, I continue to experience the attacks constantly. I am also suffering from google redirect searches, in which my searches are diverted to a variety of shady sites. Finally, whenever I boot my computer, I get the RUNDLL error "Error loading C:\WINDOWS\usanufeworitulus.dll The specified module could not be found" These symptoms seem very unusual to me. Please let me know what other specifics I can provide. Thank you so much for helping me!DDS (Ver_10-03-17.01) - NTFSx86 Run by Robert at 22:15:35.85 on Wed 07/07/2010Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_15Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1022.234 [GMT -5:00]AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}FW... Read more

A:Issue with constant attacks coming from \DEVICE\HARDDISKVOLUME1\PROGRAMFILES\MOZILLAFIREFOX\FIREFOX.EXE

Hello I Would like you to do the following.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofixPlease ensure you read this guide carefully and install the Recovery Console first. The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.Once installed, you should see a blue screen prompt that says:The Recovery Console was successfully installed.Please continue as follows:Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Click Yes to allow ComboFix to continue scanning for malware.When the tool is finished, it will produce a report for you. Please include the report in your next post:C:\ComboFix.txt"information and logs"In your next post I need the followingLog from Combofixlet me know of any problems you may have hadHow is the computer doing now?Gringo

Read other 6 answers
RELEVANCY SCORE 130.8

Hi there, I just copy and pasted the thread title from another thread in which there appeared to be identicle circumstances to mine, so i'm hoping this forum can help. Norton is registering and blocking attacks every couple of minutes coming from various places, though thynksn0taeg.com crops up a bit. This seemed to start when I started using the PHProxy addon for Firefox. Last night it was throwing up SVCHOST.EXE instead of the Firefox.exe in the message about blocked attacks. Spybot S&D and Norton 360 have removed various things but the attacks are still coming, what can I do to stop this? What details do I need to provide for help with this?
Thanks in advance.

A:Issue with constant attacks coming from \DEVICE\HARDDISKVOLUME1\PROGRAMFILES\MOZILLAFIREFOX\FIREFOX.EXE

Hello,Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

Read other 1 answers
RELEVANCY SCORE 96.4

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

A:the attack was result from \DEVICE\HARDDISKVOLUME1\PROGRAM FILES\INTERNET EXPLORER\IEXPLORER.EXE

Hello 48 Hour bumpIt has been more than 48 hours since my last post.do you still need help with this?do you need more time?are you having problems following my instructions?
if after 48hrs you have not replied to this thread then it will have to be closed!Gringo

Read other 25 answers
RELEVANCY SCORE 94.4

Mozilla has released a test build of Firefox that adds new technology designed to stymie most Web-based attacks, the browser maker said Sunday.
The technology, dubbed "Content Security Policy" (CSP), is a Mozilla-initiated specification targeted at Web site and application developers, who will be able to define which content on the site or in the online application is legitimate. That would block any script or malicious code that's been added by hackers who manage to compromise the site or app. Such attacks are generally tagged with the label of cross-site scripting (XSS).



More -
New Firefox security technology blocks Web attacks, Mozilla claims - Network World

Read other answers
RELEVANCY SCORE 93.6

I have 4 browsers on my computer: Internet Explorer 8, Google Chrome, Mozilla Firefox, and Opera. I am trying to listen to some MP3 files on a website, and all of the browsers, except for IE 8, told me to download the Realplayer Plugin. So I did, and when I tried to listen to the MP3 file, Realplayer will automatically enable this "Autoupdate Helper" thing and check for updates. So I let it check for updates, but then it'll say "There are no updates..." and just stop there. The file won't play! I click play again, and the same thing happens.

Internet Explorer is the only browser smart enough to open the MP3 files on the web page using Quicktime (the website actually tells you to use Quicktime to open the files) but it doesn't load the Youtube videos that are embedded on the site. There's a X on the top left corner of the section where the video is suppose to be.

Now I'm stuck! I want to view all the contents on one page with one browser! But none of the browsers will actually work properly!

So the main problem is:

1. The MP3 files won't load in Chrome, Firefox, and Opera using Quicktime.

Chrome is the only browser I use frequently, and the others are basically backup. IS THERE ANY SOLUTION TO THIS!?!?!?

Thanks everyone!
 

A:Firefox, Google Chrome, and Mozilla Firefox won't play MP3 files on websites

Read other 7 answers
RELEVANCY SCORE 82.4

Hey guys i don't know what is happening to my computer but all my programs have got a little mozilla firefox on it and when i open my msn messenager for example it takes me to firefox and a box comes up telling to download msnmsgr.exe and when i do the same thing comes up and this is for all m programs can you help me pleaseee!!!!
 

A:I program i try to open takes me to mozilla firefox !!!

Click on the "lnk" in the file association fixes box to download the "lnkfix_vista.zip" file. Follow the rest of the usage instructions at the site for how to use it. This will fix the shortcut associations for you.

File Association Fixes
 

Read other 2 answers
RELEVANCY SCORE 81.6

FormSpy (aka FireSpy) is a new spyware program designed to integrate into the Mozilla browser environment. It is being spread by spam email spoofed to appear as a billing issue from Walwart. It was launched on July 24th. The attachment contains a downloader malware agent that can install FormSpy as a Firefox plugin. Users should avoid spam email and attachments, plus keep AV protection updated. This new threat is not prevelant in the wild.FormSpy - Spyware program hooks into Mozilla Firefoxhttp://www.avertlabs.com/research/blog/?p=62http://vil.nai.com/vil/content/v_140256.htmUpon execution, it registers Mozilla event listeners to the malware and sends information submitted by the victim in the web browser to a malicious website. These information can include, but is not limited to, credit card numbers, passwords, e-banking pin numbers etc. The main executable is also capable of sniffing passwords from ICQ, FTP, IMAP and POP3 trafficFireSpy - Sophos Writeuphttp://www.sophos.com/security/analyses/trojfirespya.htmlTroj/FireSpy-A will then attempt to register the dropped component as a Firefox plugin and begin monitoring the user's browsing habits, stealing information including monitoring and logging information from Web forms

Read other answers
RELEVANCY SCORE 80.8

So yeah on my pretty brand new HP computer, my mozilla is all of a sudden getting this error. I think it usually happens when I'm visiting websites where I can shop online. Anyways, its Program C:\Program Files (x86)\Mozillafirefox\fierfox.exe.
Abnormal program termination. Anyone know what's wrong and how it can be fixed?
 

A:Mozilla Firefox getting runtime error, abnormal program termination!

Have you tried uninstalling and reinstalling, or checking for FF updates?
 

Read other 1 answers
RELEVANCY SCORE 80

Firefox has been freezing up on me, and when I close it down, I get a bluescreen error. It also happens a lot of the time when I close Firefox down normally. This was happening before I updated to the latest version of FF. I am running Windows XP, and have recently started using ZoneAlarm and Avast on my system.

A:Firefox closes = bluescreen error? (Moved for the mozilla/Firefox Forum)

Hi,

Can you give us the error in full that you are getting. Also, I would check and make sure that ZoneAlarm and Avast are allowing FF to connect to the internet.

Cheers!

Read other 8 answers
RELEVANCY SCORE 79.2

my wife is big into saving images she finds in the temp inter net files but we cannot find files for mozilla.
if you could help, my wife would appreciate it!

A:temp internet files for mozilla/firefox

It's called the cache in Firefox:-

Documents & Settings/*Your User Name*/Local Settings/Application Data/Mozilla/Firefox/Profiles/*Your Profile Name*/Cache

Read other 3 answers
RELEVANCY SCORE 79.2

Hello forum

After recently buying a new custom PC, I've yet to find big flaws in the system.
Yet now I found one that is pretty annoying!

I'm not able to download any files (while using Firefox). After a download is ready in the 'download'-tab, it's not openable. The 'open' and 'open file location' buttons are greyed out. So I can't find the file I download nor open it.
This is proving to be a severe problem, since I'd like to install certain programs and download addons for WoW.

Already tried using Internet Explorer, yet when downloading anything it gives me the message: 'Your current security settings do not allow you to download this file' ( or something along these lines ).

Any idea's? I'd like to reinstall Firefox to see if that helps, but I got no current browers who is capable of downloading the files needed!

system:
Windows 7 Home Premium 64 bit

Cheers in advance!

A:Mozilla Firefox, problems with downloading files.

Hello Broxxar, I may be stating the obvious to you but do you have your 'Options' set correctly in Firefox?
I've attached a graphic of the 'Option's in the 'General Tab' and you should nominate where to save your downloaded files to. In Windows 7 it defaults to 'Downloads', however you can 'browse' to a different location that you may prefer. You will also see that you can 'tick' the box to 'Show the Downloads Window when downloading a file should you wish. I don't and a pop-up appears on your Taskbar to show download completed. I only hope this helps.
Regards.

Read other 2 answers
RELEVANCY SCORE 78.8

I don't know if my problem is Firefox or WordPress but I thought I'd try here first.
I use WordPress to publish articles and usually copy and paste from the finished article in the Articles forum to WordPress but since I reinstalled Win 7 this no longer works as paste is no longer an option when I right click in WordPress, or at least in the particular part that I need it to. I can, however, do it in Internet Explorer, but images aren't copied over, which they used to be. I've tried all the usual things like clearing the cache, but nothing has worked. Any suggestions would be much appreciated.

A:Is this Win 7 or Firefox at fault? Moved from Mozilla/Firefox browsers

Hi,
I am using Win-7 too but I haven't used IE. So my suggestion is to, try another browser for the same purpose and then see the effects (I feel firefox is well suited for the purpose). If you are getting same problems then, you are missing with some features of Win-7 otherwise, it is the website issue.

Read other 2 answers
RELEVANCY SCORE 78.8

Currently I have used Mozilla firefox 3.0 the latest version of firefox. In this version when I have open multiple site on the tab I have find the FIREFOX.exe below error and that time firefox is closing.

Refer the error message
Firefox.exe
Firefox.exe has encountered a problem and need to close. We are sorry for the inconvenience.
So, Plz tell me how to solve this problem
 

A:Error of firefox.exe on Mozilla Firefox 3.0 closing immediately

Have you tried: Standard diagnostic - Firefox?
 

Read other 1 answers
RELEVANCY SCORE 77.2

Hi Guys

I am new to this forum and have limited knowledge of computers.
I was using Firefox version 2 and was very happy until I was requested to download version 3. Now I seem to have endless crashes and keep getting told Firefox has a problem & needs to close. Up to 5 x a day.

This is very frustrating.
This happens with avg, facebook ,all internet functions.

I have spybot running and avg and says there are no problems.

We had a power failure earlier yesterday and when I switched back on Microsoft suggested I check the C drive as there was a problem -but that seems to have sorted itself out.-probably due to not closing down properly.

So can you help me with detailed instructions on how to fix forefox or totally remove it and install from the beginning or is there major problems with that version 3 .1 ?

Thanks
Carol

A:Mozilla Firefox 3 crashes/Firefox has problem

http://kb.mozillazine.org/Standard_diagnostic_(Firefox)

Read other 3 answers
RELEVANCY SCORE 72.4

Hello,

My Mozilla firefox will not open. Each time I try to open it from my desktop, start menu, or program file the same message pops up "Another program is currently using this file." I uninstalled and reinstalled Mozilla and the same message is still appearing. I ran a nod32 scan and it didn't find anything. I'm not sure what to do/how harmful this could be to my computer. I don't know what the first step is to tackling this problem. Any help is greatly appreciated! Thank you.
 

Read other answers
RELEVANCY SCORE 71.6

I have been searching the forums for days looking for answers. On startup, Windows XP pops up a not connected to the internet window. Then Ultimate Cleaner ads pop up, Now it is opening IE and Firefox windows at random with ads...Here's my registry

(I have tried smitfraud, combofix, fixwareout, spyware doctor...)

Here's my registry log from HijackThis..Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:27:30 PM, on 2/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\DellSupport\brkrsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32... Read more

A:Malware, attacks IE and Firefox

Really wondering if anyone has any ideas for me...I can't even do anything on my computer now...The adware opens 100 windows each of IE and Mozilla.

Help
 

Read other 1 answers
RELEVANCY SCORE 70.8

Hello All,
Here's my problem. I've erased my profile from Mozilla Firefox. I HAVE NOT however erased the profile files.

I have since created a profile with a different name. I would like to import the old profile info (bookmarks inparticular) to my new "default" profile.

As well, what if I wanted to import info from another Mozilla Firefox profile?

Can this be done?

I've tried everything but I can't seem to figure it out.

If you do post please be advised that I am not all that familiar with Firefox.

Thank you all for your time.
 

A:Solved: Mozilla Firefox...Erased Profile but not files...trying to import to new profile

I move mine manually all the time. If you just want to add the bookmarks.html, just move the one you saved to the new profile. Here is the official instructions from Firefox on backup and restore of the Profile.
 

Read other 1 answers
RELEVANCY SCORE 70.4

My bookmarks are a huge mess. When I used IE, I would go to the folder on the drive to organize them. Now that I use Firefox, I can't do that. I would like to find a program that gives me ease of organizing and will export the bookmarks as individual files, instead of one.

I'm interested in this: http://bkm.sourceforge.net/en/vbbkm.html but it's old and dead I think. Also I don't think it worked with Firefox.

I'm not interested in online managers and I don't have a real need for portability. I just want to sort and burn the folder.

Thanks.
 

A:Program to organize Firefox bookmarks and export them as individual files?

Really? Nobody?
 

Read other 2 answers
RELEVANCY SCORE 68.4

CYBER SECURITY BOFFINS have uncovered a flaw in the way Firefox handles third-party browser extensions that could expose millions of users to sneaky malware.
Researchers from the Northeastern University in Boston discovered a flaw that allows hackers to stealthily execute malicious code hiding behind seemingly innocent extensions, such as NoScript and Firebug. They can then steal personal data or even seize control of a machine's resources.
The flaw stems from a weakness in Firefox’s extension structure, which doesn’t isolate various browser add-ons. This allows them to connect to the capabilities of other popular third-party extensions.   
Edit:
But Firefox users can breathe a little easier because it’s not clear whether the flaw has actually been used in any extensions, as the researchers demonstrated it only as a proof-of-concept. They have supplied the attack framework to Mozilla so that the company can firm up the way it handles security in reviewing extension approvals.

Article

A:Firefox extension flaw exposes millions to cyber attacks

Good find JohnC thanks for sharing!

Read other 4 answers
RELEVANCY SCORE 67.2

I keep getting this same virus show up in my MSE "VirTool:INF/Autorun.gen!F". I have tried everything to get ride of it and it keeps coming back. There also seems to b a hidden trojan that comes with it that is almost impossible to find. I have downlaod every patch to stop auto runs but I still keep seeing this error. What can I do to stop this from happening again?

I was referred to this web-site from MS answers to try and make it easier to solve this problem. Here is the link that I have been using "http://answers.microsoft.com/en-us/protect/forum/mse-protect_scanning/i-keep-getting-this/1a6db434-47d8-4e62-8099-0b5729bad7ab"

A:file:\Device\HarddiskVolume1\autorun.inf

Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log
Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
Post the log

Run a scan with Eset.
http://www.eset.com/us/online-scanner/
When the scan finish list found threats save to clipboard copy to notepad Post the log here.


Please download FarbarServiceScanner and run it on the computer with the issue.
http://download.bleepingcomputer.com/farbar/FSS.exe
Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)

Click Go and post the result.

Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downl... Read more

Read other 4 answers
RELEVANCY SCORE 67.2

I would appreciate some help PLEASE!
AVG Resident Shield throws up this every time computer starts up.

Resident Shield detection
"Infection";"Object";"Result";"Detection time";"Object Type";"Process"

"Virus found Worm/AutoRun";"\Device\HarddiskVolume1\AutoRun.inf";"Object is inaccessible.";"23/07/2010, 00:51:39";"file";"C:\WINDOWS\Explorer.EXE"
"Virus found Worm/AutoRun";"\Device\HarddiskVolume1\autorun.inf";"Object is inaccessible.";"23/07/2010, 00:51:39";"file";"C:\Program Files\Autorun Eater\billy.exe"

Malwarebytes does not detect anything even doing full scan BUT it did successfully remove worm on a removable HDD which caused the problem in the first place I believe.

I would love to be able to remove this forever as I have spent a long time trying to sort it and have also restored my laptop to factory settings thinking that would help but it didnt.

Here is my HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:13:48, on 23/07/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsv... Read more

A:device/harddiskvolume1/autorun.inf Worm

Read other 13 answers
RELEVANCY SCORE 66

Has anyone tried the Mozilla Firefox Browser? I really like it. I love managing the bookmarks and the tabs!

http://www.mozilla.org/products/firefox/

I do wish you could shortcut to the Bookmark files. But overall I am really enjoying it!

I am interested in your experienced and professional opinions.


 

A:Mozilla Firefox

Read other 9 answers
RELEVANCY SCORE 66

Are they compatable with windows 95, and if so where can i get it and what version should i get?

A:Mozilla/firefox

http://www.quickonlinetips.com/archi...ginal-release/

Read other 1 answers
RELEVANCY SCORE 66

I used to use Netscape browser it was great, then like most of us I moved over to Mozilla Firefox and it used to be great too.
Now However I get an update almost every week which annoys the hell out of me.
This thing seems to be getting more and more boated all the time.
The latest problem is half the time it won't shut down I end up having to open taskmaster and shutting it down that way so I can then reopen it up.
Seems to want to run unseen in the background. What?s the cure for this? Even rebooting the computer doesn't always shut it down
Another problem is I seem to have lost the refresh button. A real nuisance when you are bidding on an auction with just a minute to go.
I have tried to get it back from options, toolbars to no avail.
I tried a while ago to download Opera and use this instead but it wouldn't load??

A:Mozilla Firefox

Even though it did not work for you, I would still suggest:
Open Tools menu, choose Options... item,
Choose Advanced (over to the righthand side at the top),
open the tab labeled "Update".

You have three options and can choose exactly one of them: You would choose Either:
Check for Updates, but let me choose whether...
Or
Never Check for Updates.

The only question is, are these options and that path presented for you or not? Then, if they are, then do they fail for you when you had selected them?

Read other 3 answers
RELEVANCY SCORE 66

Can I save my name in forums when I type it in and then go back to it with out retyping it again like it is in IE6 can you tell me where I could set this up at in Firefox and dose it also go for Web address and search engines stored also Thanks
 

A:Mozilla Firefox ?

sportman11 said:

Can I save my name in forums when I type it in and then go back to it with out retyping it again like it is in IE6 can you tell me where I could set this up at in Firefox and dose it also go for Web address and search engines stored also ThanksClick to expand...

Just type the first letter.
 

Read other 2 answers
RELEVANCY SCORE 66

I have internet explorer 6 as my default browser and my home page on it is google. I have just downloaded mozilla firefox and the home page on it is ask I thought it would be google as in internet options that is set as my home page, how do I change ask to google in mozilla???

A:mozilla firefox

go to tools then options. Main tab then startup section

Read other 2 answers
RELEVANCY SCORE 66

Have a slight problem, recently I installed Mozilla Firefox on a computer and delivered it to a co-worker. Couple days later I was told that while on the internet on Firefox no sound is heard. What could be the problem?

A:Mozilla Firefox

Hi,

I need some more information, like what site is being viewed? What version of FF is being used? Are all the sound drivers installed, and up-to-date? I just need some information like that and any thing else that you can give me would be great.

Cheers!

Read other 4 answers
RELEVANCY SCORE 66

i have recently formatted and nopw mozilla blocks all popups, even onesi want regardless to the settings i have set, (java open in new windows etc...)
i have reinstalled and still ntohing, i know its not zonealarm, any ideas???

Read other answers
RELEVANCY SCORE 66

I am thinking of trying Mozilla-Firefox as an eventual replacement for IE. I understand that it is better for security. Would you recommend going directly to Firefox 0.9.1 which is beta, or taking (part of) the Mozilla suite? Any comments appreciated.
 

A:IE v Mozilla-Firefox

Read other 11 answers
RELEVANCY SCORE 66

I'm a newbierunning windows xp home edition version 2002 service pack 3I use mozilla firefox to search, but lately it is extremely slow.In searching online...I've seen people suggesting going to about:config and changing false to true in a couple place (pipelining) and changing max request to a higher number 30....I've tried these (probably foolishly) and they haven't helped. When I search with IE, everything is speedy, but normally I have searched with MF, and I don't know the first thing about cookies, etc.. so I am totally at YOUR mercy. I would appreciate any help. I am so glad I finally found your forum, where I can get some reliable help, hopefully in words an idiot can comprehend.Again thanks for your help, and I apologize for my ignorance, in advance.ThanksEdit: Moved topic from XP to the more appropriate forum. ~ Animal

A:Mozilla firefox

Hello and welcome to BC forums.What is the Firefox version? When in Firefox, from menu, select Help then About.Tell me what version number it shows. The current version is 3.5.2See the following article about clearing cache & temporary files:Clearing cache (temp files) & private datahttp://support.mozilla.com/en-US/kb/Clearing+private+dataCookies are handy in conjunction with remembering some things, for example your favorite sites login & help a bit with making the next login easier. However, cookies are also used for ad-related things from advertisers. Cookies are not harmful. See this article http://www.ufaq.org/navcom/lyncookie.htmlWhile it is a bit dated and refers to Netscape, take that to mean any internet browser.The following will clear all temp files as well as cookies (if you do the Select All or checkmark the Cookies line.Next, Take out the trash (temporary files & temporary internet files) Please download ATF Cleaner by Atribune, saving it to your desktop. It is used to cleanout temporary files & temp areas used by internet browsers.This will take care of both Internet Explorer and FireFox and Opera (if you have it).Close/exit Firefox and also Internet Explorer, then ....Start ATF-Cleaner.exe to run the program. Under Main choose: Select All Click the Empty Selected button. If you use Firefox browser, do this also:Click Firefox at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved pa... Read more

Read other 5 answers
RELEVANCY SCORE 66

Can anyone suggest how to remove just one website from the history of Mozilla Firefox?(not all of them, just one or more). Thanx in advance
 

A:Firefox Mozilla

Read other 8 answers
RELEVANCY SCORE 66

Which one should I use?
 

A:Mozilla or Firefox

Read other 16 answers
RELEVANCY SCORE 66

I have mozilla firefox and i had it 12 mths now, last 24 hours i can not go into my emails,facebook, etc it comes up server not found.
i tried restore point and that did not work.

can anyone help me please

thanks
 

A:mozilla firefox

Read other 6 answers
RELEVANCY SCORE 66

i had mozilla firefox installed on my computer, and on one of those automatic computer updates, my computed restarted and i was unable to open mozilla. so i deleted the program entirely from my computer, and while on internet explorer tried to download mozilla firefox, again, and everytime the Run and Save box pops up it immediately disappears. It doesnt even give me time to click it. Not only that but the entire webpage closes. I dont know what to do, help!
 

A:mozilla firefox

Click here:
http://download.mozilla.org/?product=firefox-3.0.3&os=osx&lang=en-US
It is a direct mirror to firefox, taken off of there site.
 

Read other 1 answers
RELEVANCY SCORE 66

Anyone have an opinion on Mozilla Firefox versus IE? It's supposed to be faster, safer etc?
 

A:Mozilla Firefox

Read other 9 answers
RELEVANCY SCORE 66

I've just installed today firefox5. I was unhappy with it so i wanted to uninstall. Surprise. The following message appears " Your computer must be restarted to complete a previous upgrade of firefox. Do you want to reboot now? ". And this message keep comnig. I am restarting and firefox is still there after that. I don't have any restore point in system. Any ideea how to delete?

A:Mozilla Firefox 5

This message is shown when the previous upgrade is broken.

Try this to see if it stops the message:

Delete *.moz-upgrade files from Firefox folder (C:\Program Files\Mozilla Firefox) to fix this.

Read other 9 answers
RELEVANCY SCORE 66

i installed mozilla firefox (a browser, pretty good) on my computer since internet explorer wasnt working at all...(thanks to flrman1 who got it back to work)
but now.....since it's not in my install/remove list...i dont know how to unistall firefox....do i just search windows for firefox files and delete them manually or is there a way to unistall it.....there is no unistall icons either in mozilla firefox's folder ...
 

A:Mozilla firefox ?

Read other 16 answers
RELEVANCY SCORE 66

When i am searching with google i am being redireted to other sites how do i stop this please help

A:mozilla firefox

The process of cleaning your computer may require you to temporarily disable some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".C... Read more

Read other 10 answers
RELEVANCY SCORE 66

How come when I download google toolbar or yahoo toolbar they will not show up in my new Mozilla Firefox browser. It only shows up in the Internet Explorer browser. Any ideas anyone. I also do not understand why my Comast homepage (Comcast is my ISP) will not show any flash or graphics. I have downloaded the new versions of Macromedia. Any ideas anyone.
 

A:Mozilla Firefox

Read other 6 answers
RELEVANCY SCORE 66

I have Mozilla Firefox
and when I log out
And try to get back into
Mozilla Firefox
I cannot get back in
as much as I keep hitting the tab
or pushing the button
why ?
and, how can I fix that ?
please help me

thanks
sigmundf
 

A:Mozilla firefox

Read other 16 answers
RELEVANCY SCORE 66

I ask could I save my name in forums when I type it in and then go back to it with out retyping it again like it is in IE6 can I just click in the box like I do for IE6 and then the info just comes up like Auto complete in IE6 and dose it also go for Web address and search engines need it for for Mozilla Firefox 0.9.2 ?
 

A:Mozilla Firefox 0.9.2 ?

If it's what I'm thinking of, then you just need to type the first letter. I have a related question though, how do you remove a entry from the pull down you get when you type the first letter? In IE you could just highlight it and press delete, but that doesn't seem to work in Firefox.
 

Read other 1 answers
RELEVANCY SCORE 66

mozilla firefox is not opening..whenever i try to open it, its coming i dont hate mozilla but use ie..
someone help plz
 

Read other answers