Over 1 million tech questions and answers.

Attacks From \device\harddiskvolume1\program files\mozilla firefox\firefox.exe

Q: Attacks From \device\harddiskvolume1\program files\mozilla firefox\firefox.exe

I know other users have had issues with this but I didn't know if I could follow the solutions for their problem or not.

(Not sure what information is helpful so I'll start and the top and be brief)
For my job I am required to sometimes go to 'suspect websites' and normally Norton will catch anything before it even has a chance to download. Sadly, two weeks ago I did download a file called Trojan.Gen (or at least that is what Norton called it). Almost immediately Norton caught and removed all threats but I knew I wasn't going to get off that easy.

For a few days everything seemed fine but shortly after I started seeing attack messages from Norton from \device\harddiskvolume1\program files\mozilla firefox\firefox.exe, the IP and web address changes.

I couldn't tell if it was doing anything to my computer and have since been trying to remove it with no luck with Norton. Now, my web pages are being redirected to either a fake search page or a Pay Per Click page, if I click a link in Google.

Norton and Malwarebytes' Anti-Malware Free are telling me that they are not detecting anything.

I did read the preparation guide, so I hope I have all the information that is needed.

I want to thank you in advance for any help that I can get and I understand that this is a process. I appreciate your time!
-Eve



.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Owner at 0:05:56.00 on Fri 04/29/2011
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1169 [GMT -4:00]
.
AV: Norton AntiVirus *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Ahead\InCD\InCDsrv.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
svchost.exe
C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton AntiVirus\Engine\18.5.0.125\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WMP54GSv1_1.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Norton AntiVirus\Engine\18.5.0.125\ccSvcHst.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Documents and Settings\Owner\Local Settings\Apps\2.0\9E91CMPZ.VT1\68N0VDRG.OC8\curs..tion_eee711038731a406_0004.0000_efb506202a7c3b08\CurseClient.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Documents and Settings\Owner\Desktop\Laaaaaaaaa\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.alienware.com/
mDefault_Page_URL = hxxp://www.alienware.com
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {348FE907-249E-4C65-A838-F34A193FE1D1} - No File
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton antivirus\engine\18.5.0.125\ips\IPSBHO.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [updateMgr] c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe AcRdB7_0_9
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [RegistryBooster] "c:\program files\uniblue\registrybooster\launcher.exe" delay 20000
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [AmazonGSDownloaderTray] c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderTray.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\documents and settings\owner\start menu\programs\startup\CurseClientStartup.ccip
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} - hxxp://www.shockwave.com/content/dinerdash2/sis/DinerDash2.1.0.0.67.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {DB7ACFA2-9634-4C98-BC9D-FB9416153022} - hxxp://clarion.webhop.biz/nvEPLMedia.ocx
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Notify: WB - c:\program files\alienguise\fastload.dll
AppInit_DLLs: wbsys.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\i7sdu12y.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?PC=BRTH&FORM=BT074D&q=
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\documents and settings\owner\application data\move networks\plugins\npqmp071500000347.dll
FF - plugin: c:\documents and settings\owner\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\owner\application data\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nppopcaploader.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SMR162;Symantec SMR Utility Service 1.6.2;c:\windows\system32\drivers\SMR162.SYS [2011-4-28 76920]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nav\1205000.07d\symds.sys [2011-1-23 340016]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1205000.07d\symefa.sys [2011-1-23 652336]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\bashdefs\20110419.001\BHDrvx86.sys [2011-4-19 802936]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nav\1205000.07d\ironx86.sys [2011-1-23 136312]
R2 Amazon Download Agent;Amazon Download Agent;c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderService.exe [2011-1-23 401920]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 NAV;Norton AntiVirus;c:\program files\norton antivirus\engine\18.5.0.125\ccsvchst.exe [2011-1-23 130000]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-4-16 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\ipsdefs\20110428.002\IDSXpx86.sys [2011-4-28 341944]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\virusdefs\20110428.019\NAVENG.SYS [2011-4-28 86136]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\virusdefs\20110428.019\NAVEX15.SYS [2011-4-28 1393144]
RUnknown SASDIFSV;SASDIFSV; [x]
RUnknown SASKUTIL;SASKUTIL; [x]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\androidusb.sys --> c:\windows\system32\drivers\ANDROIDUSB.sys [?]
.
=============== Created Last 30 ================
.
2011-04-29 03:49:58 -------- d-----w- c:\program files\iPod
2011-04-29 03:49:07 -------- d-----w- c:\program files\ESET
2011-04-29 03:47:18 -------- d-----w- c:\program files\Bonjour
2011-04-29 02:01:08 76920 ----a-w- c:\windows\system32\drivers\SMR162.SYS
2011-04-28 01:17:55 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\NPE
2011-04-25 17:36:55 -------- d-----w- c:\windows\pss
2011-04-22 01:08:09 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2011-04-22 01:04:46 -------- d-----w- c:\docume~1\owner\applic~1\Malwarebytes
2011-04-22 01:04:40 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-22 01:04:39 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-04-22 01:04:36 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-22 01:04:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-21 00:00:37 -------- d-----w- c:\windows\system32\CatRoot_bak
2011-04-20 23:29:25 -------- d-----w- c:\program files\World of Warcraft
2011-04-20 02:28:59 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2011-04-20 02:28:59 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2011-04-20 02:28:59 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2011-04-20 02:28:59 8192 ----a-w- c:\windows\system32\kbdkor.dll
2011-04-20 02:28:59 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2011-04-20 02:28:59 6144 ----a-w- c:\windows\system32\kbd101c.dll
2011-04-20 02:28:59 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2011-04-20 02:28:59 5632 ----a-w- c:\windows\system32\kbd103.dll
2011-04-20 02:28:47 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2011-04-20 02:28:47 6144 ----a-w- c:\windows\system32\kbd101b.dll
2011-04-20 02:28:44 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2011-04-20 02:28:44 6144 ----a-w- c:\windows\system32\kbd106.dll
2011-04-19 00:54:04 123392 --sha-r- c:\windows\system32\ntsdextsp.dll
2011-04-13 17:36:34 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\Symantec
2011-04-13 17:36:34 -------- d-----w- c:\docume~1\owner\applic~1\Tific
2011-04-11 01:15:30 252080 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-04-11 01:15:28 252080 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-04-11 01:15:28 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-04-11 01:15:03 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-04-11 01:15:03 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-04-11 01:15:03 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-11 01:15:02 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-04-11 01:08:18 -------- d-----w- c:\program files\SystemRequirementsLab
2011-04-06 20:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 20:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-03 17:58:31 -------- d-----w- c:\program files\RIFT Game
2011-04-03 17:51:30 -------- d--h--w- c:\windows\msdownld.tmp
2011-04-03 17:51:27 -------- d-----w- c:\windows\Logs
2011-04-03 17:51:15 -------- d-----w- c:\docume~1\owner\applic~1\RIFT
2011-04-03 17:51:08 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\RIFT Beta
.
==================== Find3M ====================
.
2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:45:07 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-18 21:36:58 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-17 13:51:57 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-02-17 13:51:57 667136 ----a-w- c:\windows\system32\wininet.dll
2011-02-17 13:51:57 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-02-17 12:37:38 369664 ----a-w- c:\windows\system32\html.iec
2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-08 13:33:55 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33:55 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-04 22:48:32 456192 ----a-w- c:\windows\system32\encdec.dll
2011-02-04 22:48:30 291840 ----a-w- c:\windows\system32\sbe.dll
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
.
============= FINISH: 0:06:39.86 ===============

RELEVANCY SCORE 200
Preferred Solution: Attacks From \device\harddiskvolume1\program files\mozilla firefox\firefox.exe

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Attacks From \device\harddiskvolume1\program files\mozilla firefox\firefox.exe

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.
I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together ;)
Because of this, you must reply within three days failure to reply will result in the topic being closed!
Please do not PM me directly for help. If you have any questions, post them in this topic.
Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.____________________________________________________Rootkit UnHooker (RkU)Please download Rootkit Unhooker from one of the following links and save it to your desktop.Link 1 (.exe file)Link 2 (zipped file)Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.Double-click on RKUnhookerLE.exe to start the program.
Vista/Windows 7 users right-click and select Run As Administrator.Click the Report tab, then click Scan.Check Drivers, Stealth, and uncheck the rest.Click OK.Wait until it's finished and then go to File > Save Report.Save the report to your Desktop.Copy and paste the contents of the report into your next reply.-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".NEXT:Running OTLWe need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedNEXT:Please provide an update on how things are running in your next reply.

Read other 12 answers
RELEVANCY SCORE 198.8

Hi I have had repeated attacks. The websites, ports and IP addresses the attacks were coming from varied, but the one message I kept receiving wasTHE ATTACK WAS RESULTED FROM \DEVICE\HARDDISKVOLUME1\PROGRAMFILES\MOZILLAFIREFOX\FIREFOX.EXE. I'm pretty sure it's from a virus.Any help would be appreciatedNEED HELP'sigh' Hijack-thisLogfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:08:43 PM, on 4/19/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Norton 360 Premier Edition\Engine\4.3.0.5\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin ... Read more

A:Repeat Attacks From \device\harddiskvolume1\program files\mozilla firefox\firefox.exe

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 3 answers
RELEVANCY SCORE 198.8

Today being a bit cautious I did a few general Google Searches and it seems the constant attack warnings had stopped. But then I tried to enter one of my normal sites and it seemed the virus/trogen or whatever it is tried to re-direct me to a Fake App. Again the website and IP address was different than before but once again I recieved this warning

THE ATTACK WAS RESULTED FROM \DEVICE\HARDDISKVOLUME1\PROGRAMFILES\MOZILLAFIREFOX\FIREFOX.EXE

So now being something at a loss I would very much appreciate any help you guys at Bleeping Computer can offer. I have followed the Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help and have pasted the DDS log below plus I have attached the DDS, GMER files and a copy of today's Norton Attack Report.

if I have missed anything out please let me know.

Thanks,
.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 7.0.5730.11
Run by Head Quartrers at 17:37:04 on 2011-06-16
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.639.96 [GMT 10:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe
C:\Program Files\Venturi\Client\ventc.exe
C:&... Read more

A:Repeat Attacks From \device\harddiskvolume1\program files\mozilla firefox\firefox.exe

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator&#... Read more

Read other 3 answers
RELEVANCY SCORE 198.8

Hello, Last night I started receiving repeated attack warnings from my Norton Antivirus. The websites and IP addresses the attacks were coming from varied, but the one message I kept receiving wasTHE ATTACK WAS RESULTED FROM \DEVICE\HARDDISKVOLUME1\PROGRAMFILES\MOZILLAFIREFOX\FIREFOX.EXETo get rid of the repeat warnings I ran my Norton Antivirus then downloaded and ran TDSSKILLER,SUPERAntiSpyware Free Edition and Malwarebytes Free Edition. All the programs found and removed suspicious programs.Today being a bit cautious I did a few general Google Searches and it seems the constant attack warnings had stopped. But then I tried to enter one of my normal sites and it seemed the virus/trogen or whatever it is tried to re-direct me to a Fake App. Again the website and IP address was different than before but once again I recieved this warningTHE ATTACK WAS RESULTED FROM \DEVICE\HARDDISKVOLUME1\PROGRAMFILES\MOZILLAFIREFOX\FIREFOX.EXESo now being something at a loss I would very much appreciate any help you guys at Bleeping Computer can offer. I have followed the Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help and have pasted the DDS log below plus I have attached the DDS, GMER files and a copy of today's Norton Attack Report.if I have missed anything out please let me know.Thanks,jdpex.DDS (Ver_11-03-05.01) - NTFSx86 Run by John O'Shea at 12:46:38.90 on 13/04/2011Internet Explorer: 8.0.6001.... Read more

A:Repeat Attacks From \device\harddiskvolume1\program files\mozilla firefox\firefox.exe

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
Do not d... Read more

Read other 18 answers
RELEVANCY SCORE 130.8

Hi, My computer has been under constant attack (i.e. every two minutes). Norton tells me that it is coming from \DEVICE\HARDDISKVOLUME1\PROGRAMFILES\MOZILLAFIREFOX\FIREFOX.EXE In addition, it describes the source as usually coming from 91.212.226.179, the attack URL generally being zl00zxcv1.com. However, I've been receiving apparently different trojan attacks across the board. This morning, I noticed for the first time a piece of spyware called Antimalware Doctor, which I could not remove through Norton or Malwarebytes. I eventually manually deleted the source files that RKill found, those being in my application data under temporary files. However, I continue to experience the attacks constantly. I am also suffering from google redirect searches, in which my searches are diverted to a variety of shady sites. Finally, whenever I boot my computer, I get the RUNDLL error "Error loading C:\WINDOWS\usanufeworitulus.dll The specified module could not be found" These symptoms seem very unusual to me. Please let me know what other specifics I can provide. Thank you so much for helping me!DDS (Ver_10-03-17.01) - NTFSx86 Run by Robert at 22:15:35.85 on Wed 07/07/2010Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_15Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1022.234 [GMT -5:00]AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}FW... Read more

A:Issue with constant attacks coming from \DEVICE\HARDDISKVOLUME1\PROGRAMFILES\MOZILLAFIREFOX\FIREFOX.EXE

Hello I Would like you to do the following.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofixPlease ensure you read this guide carefully and install the Recovery Console first. The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.Once installed, you should see a blue screen prompt that says:The Recovery Console was successfully installed.Please continue as follows:Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Click Yes to allow ComboFix to continue scanning for malware.When the tool is finished, it will produce a report for you. Please include the report in your next post:C:\ComboFix.txt"information and logs"In your next post I need the followingLog from Combofixlet me know of any problems you may have hadHow is the computer doing now?Gringo

Read other 6 answers
RELEVANCY SCORE 130.8

Hi there, I just copy and pasted the thread title from another thread in which there appeared to be identicle circumstances to mine, so i'm hoping this forum can help. Norton is registering and blocking attacks every couple of minutes coming from various places, though thynksn0taeg.com crops up a bit. This seemed to start when I started using the PHProxy addon for Firefox. Last night it was throwing up SVCHOST.EXE instead of the Firefox.exe in the message about blocked attacks. Spybot S&D and Norton 360 have removed various things but the attacks are still coming, what can I do to stop this? What details do I need to provide for help with this?
Thanks in advance.

A:Issue with constant attacks coming from \DEVICE\HARDDISKVOLUME1\PROGRAMFILES\MOZILLAFIREFOX\FIREFOX.EXE

Hello,Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

Read other 1 answers
RELEVANCY SCORE 96.4

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

A:the attack was result from \DEVICE\HARDDISKVOLUME1\PROGRAM FILES\INTERNET EXPLORER\IEXPLORER.EXE

Hello 48 Hour bumpIt has been more than 48 hours since my last post.do you still need help with this?do you need more time?are you having problems following my instructions?
if after 48hrs you have not replied to this thread then it will have to be closed!Gringo

Read other 25 answers
RELEVANCY SCORE 94.4

Mozilla has released a test build of Firefox that adds new technology designed to stymie most Web-based attacks, the browser maker said Sunday.
The technology, dubbed "Content Security Policy" (CSP), is a Mozilla-initiated specification targeted at Web site and application developers, who will be able to define which content on the site or in the online application is legitimate. That would block any script or malicious code that's been added by hackers who manage to compromise the site or app. Such attacks are generally tagged with the label of cross-site scripting (XSS).



More -
New Firefox security technology blocks Web attacks, Mozilla claims - Network World

Read other answers
RELEVANCY SCORE 94

I have 4 browsers on my computer: Internet Explorer 8, Google Chrome, Mozilla Firefox, and Opera. I am trying to listen to some MP3 files on a website, and all of the browsers, except for IE 8, told me to download the Realplayer Plugin. So I did, and when I tried to listen to the MP3 file, Realplayer will automatically enable this "Autoupdate Helper" thing and check for updates. So I let it check for updates, but then it'll say "There are no updates..." and just stop there. The file won't play! I click play again, and the same thing happens.

Internet Explorer is the only browser smart enough to open the MP3 files on the web page using Quicktime (the website actually tells you to use Quicktime to open the files) but it doesn't load the Youtube videos that are embedded on the site. There's a X on the top left corner of the section where the video is suppose to be.

Now I'm stuck! I want to view all the contents on one page with one browser! But none of the browsers will actually work properly!

So the main problem is:

1. The MP3 files won't load in Chrome, Firefox, and Opera using Quicktime.

Chrome is the only browser I use frequently, and the others are basically backup. IS THERE ANY SOLUTION TO THIS!?!?!?

Thanks everyone!
 

A:Firefox, Google Chrome, and Mozilla Firefox won't play MP3 files on websites

Read other 7 answers
RELEVANCY SCORE 82.8

Hey guys i don't know what is happening to my computer but all my programs have got a little mozilla firefox on it and when i open my msn messenager for example it takes me to firefox and a box comes up telling to download msnmsgr.exe and when i do the same thing comes up and this is for all m programs can you help me pleaseee!!!!
 

A:I program i try to open takes me to mozilla firefox !!!

Click on the "lnk" in the file association fixes box to download the "lnkfix_vista.zip" file. Follow the rest of the usage instructions at the site for how to use it. This will fix the shortcut associations for you.

File Association Fixes
 

Read other 2 answers
RELEVANCY SCORE 81.6

FormSpy (aka FireSpy) is a new spyware program designed to integrate into the Mozilla browser environment. It is being spread by spam email spoofed to appear as a billing issue from Walwart. It was launched on July 24th. The attachment contains a downloader malware agent that can install FormSpy as a Firefox plugin. Users should avoid spam email and attachments, plus keep AV protection updated. This new threat is not prevelant in the wild.FormSpy - Spyware program hooks into Mozilla Firefoxhttp://www.avertlabs.com/research/blog/?p=62http://vil.nai.com/vil/content/v_140256.htmUpon execution, it registers Mozilla event listeners to the malware and sends information submitted by the victim in the web browser to a malicious website. These information can include, but is not limited to, credit card numbers, passwords, e-banking pin numbers etc. The main executable is also capable of sniffing passwords from ICQ, FTP, IMAP and POP3 trafficFireSpy - Sophos Writeuphttp://www.sophos.com/security/analyses/trojfirespya.htmlTroj/FireSpy-A will then attempt to register the dropped component as a Firefox plugin and begin monitoring the user's browsing habits, stealing information including monitoring and logging information from Web forms

Read other answers
RELEVANCY SCORE 80.8

So yeah on my pretty brand new HP computer, my mozilla is all of a sudden getting this error. I think it usually happens when I'm visiting websites where I can shop online. Anyways, its Program C:\Program Files (x86)\Mozillafirefox\fierfox.exe.
Abnormal program termination. Anyone know what's wrong and how it can be fixed?
 

A:Mozilla Firefox getting runtime error, abnormal program termination!

Have you tried uninstalling and reinstalling, or checking for FF updates?
 

Read other 1 answers
RELEVANCY SCORE 80

Firefox has been freezing up on me, and when I close it down, I get a bluescreen error. It also happens a lot of the time when I close Firefox down normally. This was happening before I updated to the latest version of FF. I am running Windows XP, and have recently started using ZoneAlarm and Avast on my system.

A:Firefox closes = bluescreen error? (Moved for the mozilla/Firefox Forum)

Hi,

Can you give us the error in full that you are getting. Also, I would check and make sure that ZoneAlarm and Avast are allowing FF to connect to the internet.

Cheers!

Read other 8 answers
RELEVANCY SCORE 79.2

my wife is big into saving images she finds in the temp inter net files but we cannot find files for mozilla.
if you could help, my wife would appreciate it!

A:temp internet files for mozilla/firefox

It's called the cache in Firefox:-

Documents & Settings/*Your User Name*/Local Settings/Application Data/Mozilla/Firefox/Profiles/*Your Profile Name*/Cache

Read other 3 answers
RELEVANCY SCORE 79.2

Hello forum

After recently buying a new custom PC, I've yet to find big flaws in the system.
Yet now I found one that is pretty annoying!

I'm not able to download any files (while using Firefox). After a download is ready in the 'download'-tab, it's not openable. The 'open' and 'open file location' buttons are greyed out. So I can't find the file I download nor open it.
This is proving to be a severe problem, since I'd like to install certain programs and download addons for WoW.

Already tried using Internet Explorer, yet when downloading anything it gives me the message: 'Your current security settings do not allow you to download this file' ( or something along these lines ).

Any idea's? I'd like to reinstall Firefox to see if that helps, but I got no current browers who is capable of downloading the files needed!

system:
Windows 7 Home Premium 64 bit

Cheers in advance!

A:Mozilla Firefox, problems with downloading files.

Hello Broxxar, I may be stating the obvious to you but do you have your 'Options' set correctly in Firefox?
I've attached a graphic of the 'Option's in the 'General Tab' and you should nominate where to save your downloaded files to. In Windows 7 it defaults to 'Downloads', however you can 'browse' to a different location that you may prefer. You will also see that you can 'tick' the box to 'Show the Downloads Window when downloading a file should you wish. I don't and a pop-up appears on your Taskbar to show download completed. I only hope this helps.
Regards.

Read other 2 answers
RELEVANCY SCORE 78.8

Currently I have used Mozilla firefox 3.0 the latest version of firefox. In this version when I have open multiple site on the tab I have find the FIREFOX.exe below error and that time firefox is closing.

Refer the error message
Firefox.exe
Firefox.exe has encountered a problem and need to close. We are sorry for the inconvenience.
So, Plz tell me how to solve this problem
 

A:Error of firefox.exe on Mozilla Firefox 3.0 closing immediately

Have you tried: Standard diagnostic - Firefox?
 

Read other 1 answers
RELEVANCY SCORE 78.8

I don't know if my problem is Firefox or WordPress but I thought I'd try here first.
I use WordPress to publish articles and usually copy and paste from the finished article in the Articles forum to WordPress but since I reinstalled Win 7 this no longer works as paste is no longer an option when I right click in WordPress, or at least in the particular part that I need it to. I can, however, do it in Internet Explorer, but images aren't copied over, which they used to be. I've tried all the usual things like clearing the cache, but nothing has worked. Any suggestions would be much appreciated.

A:Is this Win 7 or Firefox at fault? Moved from Mozilla/Firefox browsers

Hi,
I am using Win-7 too but I haven't used IE. So my suggestion is to, try another browser for the same purpose and then see the effects (I feel firefox is well suited for the purpose). If you are getting same problems then, you are missing with some features of Win-7 otherwise, it is the website issue.

Read other 2 answers
RELEVANCY SCORE 77.6

Hi Guys

I am new to this forum and have limited knowledge of computers.
I was using Firefox version 2 and was very happy until I was requested to download version 3. Now I seem to have endless crashes and keep getting told Firefox has a problem & needs to close. Up to 5 x a day.

This is very frustrating.
This happens with avg, facebook ,all internet functions.

I have spybot running and avg and says there are no problems.

We had a power failure earlier yesterday and when I switched back on Microsoft suggested I check the C drive as there was a problem -but that seems to have sorted itself out.-probably due to not closing down properly.

So can you help me with detailed instructions on how to fix forefox or totally remove it and install from the beginning or is there major problems with that version 3 .1 ?

Thanks
Carol

A:Mozilla Firefox 3 crashes/Firefox has problem

http://kb.mozillazine.org/Standard_diagnostic_(Firefox)

Read other 3 answers
RELEVANCY SCORE 72.4

Hello,

My Mozilla firefox will not open. Each time I try to open it from my desktop, start menu, or program file the same message pops up "Another program is currently using this file." I uninstalled and reinstalled Mozilla and the same message is still appearing. I ran a nod32 scan and it didn't find anything. I'm not sure what to do/how harmful this could be to my computer. I don't know what the first step is to tackling this problem. Any help is greatly appreciated! Thank you.
 

Read other answers
RELEVANCY SCORE 71.6

I have been searching the forums for days looking for answers. On startup, Windows XP pops up a not connected to the internet window. Then Ultimate Cleaner ads pop up, Now it is opening IE and Firefox windows at random with ads...Here's my registry

(I have tried smitfraud, combofix, fixwareout, spyware doctor...)

Here's my registry log from HijackThis..Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:27:30 PM, on 2/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\DellSupport\brkrsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32... Read more

A:Malware, attacks IE and Firefox

Really wondering if anyone has any ideas for me...I can't even do anything on my computer now...The adware opens 100 windows each of IE and Mozilla.

Help
 

Read other 1 answers
RELEVANCY SCORE 70.8

Hello All,
Here's my problem. I've erased my profile from Mozilla Firefox. I HAVE NOT however erased the profile files.

I have since created a profile with a different name. I would like to import the old profile info (bookmarks inparticular) to my new "default" profile.

As well, what if I wanted to import info from another Mozilla Firefox profile?

Can this be done?

I've tried everything but I can't seem to figure it out.

If you do post please be advised that I am not all that familiar with Firefox.

Thank you all for your time.
 

A:Solved: Mozilla Firefox...Erased Profile but not files...trying to import to new profile

I move mine manually all the time. If you just want to add the bookmarks.html, just move the one you saved to the new profile. Here is the official instructions from Firefox on backup and restore of the Profile.
 

Read other 1 answers
RELEVANCY SCORE 70.4

My bookmarks are a huge mess. When I used IE, I would go to the folder on the drive to organize them. Now that I use Firefox, I can't do that. I would like to find a program that gives me ease of organizing and will export the bookmarks as individual files, instead of one.

I'm interested in this: http://bkm.sourceforge.net/en/vbbkm.html but it's old and dead I think. Also I don't think it worked with Firefox.

I'm not interested in online managers and I don't have a real need for portability. I just want to sort and burn the folder.

Thanks.
 

A:Program to organize Firefox bookmarks and export them as individual files?

Really? Nobody?
 

Read other 2 answers
RELEVANCY SCORE 68.4

CYBER SECURITY BOFFINS have uncovered a flaw in the way Firefox handles third-party browser extensions that could expose millions of users to sneaky malware.
Researchers from the Northeastern University in Boston discovered a flaw that allows hackers to stealthily execute malicious code hiding behind seemingly innocent extensions, such as NoScript and Firebug. They can then steal personal data or even seize control of a machine's resources.
The flaw stems from a weakness in Firefox’s extension structure, which doesn’t isolate various browser add-ons. This allows them to connect to the capabilities of other popular third-party extensions.   
Edit:
But Firefox users can breathe a little easier because it’s not clear whether the flaw has actually been used in any extensions, as the researchers demonstrated it only as a proof-of-concept. They have supplied the attack framework to Mozilla so that the company can firm up the way it handles security in reviewing extension approvals.

Article

A:Firefox extension flaw exposes millions to cyber attacks

Good find JohnC thanks for sharing!

Read other 4 answers
RELEVANCY SCORE 67.2

I keep getting this same virus show up in my MSE "VirTool:INF/Autorun.gen!F". I have tried everything to get ride of it and it keeps coming back. There also seems to b a hidden trojan that comes with it that is almost impossible to find. I have downlaod every patch to stop auto runs but I still keep seeing this error. What can I do to stop this from happening again?

I was referred to this web-site from MS answers to try and make it easier to solve this problem. Here is the link that I have been using "http://answers.microsoft.com/en-us/protect/forum/mse-protect_scanning/i-keep-getting-this/1a6db434-47d8-4e62-8099-0b5729bad7ab"

A:file:\Device\HarddiskVolume1\autorun.inf

Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log
Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
Post the log

Run a scan with Eset.
http://www.eset.com/us/online-scanner/
When the scan finish list found threats save to clipboard copy to notepad Post the log here.


Please download FarbarServiceScanner and run it on the computer with the issue.
http://download.bleepingcomputer.com/farbar/FSS.exe
Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)

Click Go and post the result.

Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downl... Read more

Read other 4 answers
RELEVANCY SCORE 67.2

I would appreciate some help PLEASE!
AVG Resident Shield throws up this every time computer starts up.

Resident Shield detection
"Infection";"Object";"Result";"Detection time";"Object Type";"Process"

"Virus found Worm/AutoRun";"\Device\HarddiskVolume1\AutoRun.inf";"Object is inaccessible.";"23/07/2010, 00:51:39";"file";"C:\WINDOWS\Explorer.EXE"
"Virus found Worm/AutoRun";"\Device\HarddiskVolume1\autorun.inf";"Object is inaccessible.";"23/07/2010, 00:51:39";"file";"C:\Program Files\Autorun Eater\billy.exe"

Malwarebytes does not detect anything even doing full scan BUT it did successfully remove worm on a removable HDD which caused the problem in the first place I believe.

I would love to be able to remove this forever as I have spent a long time trying to sort it and have also restored my laptop to factory settings thinking that would help but it didnt.

Here is my HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:13:48, on 23/07/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsv... Read more

A:device/harddiskvolume1/autorun.inf Worm

Read other 13 answers
RELEVANCY SCORE 66

Hi Everyone,

Needed some help, im trying to run firefox on my pc, which has been working for the past year and a half, but all of a sudden stopped working. I remember the last thing i did with it was, upgrade the piclens add on, and restart it, but a couple of minutes later it crashed. Now everytime i try to run firefox, nothing happens ! I switched on the task manager, and looked at processes, firefox comes on for a second, then just dissapears ! Ive uninstalled, and reinstalled it three times now, using older and new versions of firefox, nothing seems to work ! Any idea on what i can do ?

Thank You
 

A:Help with Mozilla Firefox

Try starting Firefox in safe mode. This will run without any extensions and the default theme.
If Firefox runs ok, then disable the extension that you last updated and see if that solves your problem.
If not, disable all and re-enable them one at a time until you find the problem.
This will explain Firefox safe mode if you haven't used it before.
Firefox (Safe Mode),
 

Read other 3 answers
RELEVANCY SCORE 66

Hey.
Sometime during the last week was Mozilla Firefox into USC (user account control device) list, which means that I have to press yes every time I open a new window. I'm using Windows 7 (64bit) (Home Premium I think). This is not a vital, yet incredibly annoying when you want to hurry up a bit. Would like to know how to remove Firefox from the list or just check may be that it's okay "Allows you the following program can be used to make changes to your computer." ii mean seriously to have that run 24/7 is sooo annying.

My thx to who ever can fix this.

A:UAC+Mozilla Firefox

Should just be able to go to the firefox.exe in Program Files (x86) right click on it and uncheck the box here, if it's checked. And check your FF desktop shortcut to make sure that shows as uncheked as well. If you have it pinned to the taskbar, you might have to unpin and repin it after you uncheck it.

Read other 1 answers
RELEVANCY SCORE 66

I have a Sony Vaio, windows 7. i had installed Mozilla Firefox and it was running alright. by accident i uninstalled it. when i was uninstalling it the power went out. now anytime i want to install it, it says that i must reboot or restart my computer so it can finish uninstalling..i have restarted my computer countless times but it wont seem to work.
any help/suggestions?
 

A:Mozilla Firefox...

Read other 13 answers
RELEVANCY SCORE 66

Mozilla | Firefox web browser & Thunderbird email client

Figured we could devote a whole new thread to the actual release...and maybe some cake

That is what the IE guys send them with each release...

A:Mozilla Firefox 3.6 Now Available!

It is the same as RC2.

Read other 9 answers
RELEVANCY SCORE 66

Hi there. Every time that I start Firefox or open a new page, Firefox opens a window that is invisible, but will eventually pop up a new window containing ads. I can alt tab to the firefox window and alt-f4 out of it, but it pops up again every time i access a new window or site.

Attatched is my DDS as well as other log files.



DDS (Version 1.0) - NTFSx86
Run by Scott at 14:28:17.34 on Mon 12/01/2008
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2046.1351 [GMT -6:00]

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\D-Link\D-Link DWA-552 Xtreme N Desktop Adapter\acs.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\v... Read more

A:Pop up in mozilla Firefox

Please visit this webpage for download links, and instructions for running combofix:

http://www.bleepingcomputer.com/comb...o-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

Read other 6 answers
RELEVANCY SCORE 66

I've been using firefox clean for a couple of months now, but for some reason today something happened and I cant figure it out. I installed the IE extension tab , and then installed the windows update kb896424, now I dont know what caused this but I can no longer launch firefox, when I click on the executable it doesnt do anything, I have reinstalled, ran spyware scans,uninstalled pestpatrol, ewido, unistalled the microsoft patch,has anyone had this issue??
 

A:Mozilla firefox 1.0.7...

Open your task manager. Click on the Processes tab. Look for Firefox.exe. and end that process using the task manager.

Firefox should open normally for you after that.

Sometimes it doesn't close completely for whatever reason, and when this happens and you click on the executable, it won't open a new browser.
 

Read other 1 answers
RELEVANCY SCORE 66

Tis difficult to fall in like, let alone love, with Firefox for a browser because as of late, it won't load pages.

Example 1: eBay sites. Certain ones load immediately. Others, such as "View Seller's Other Items" won't load. The page loads and loads and loads and... never loads! Example 2: Pogo games. Just this week it won't load certain rooms.

In both above examples, it's not the web site because I can immediately access via IE.

Question: Is anybody else experiencing slow/non loads of sites?
 

A:Mozilla Firefox

Hi

Yeah you are right about pogo. I just tried chess with mozilla and it said the site is temperarily down. I tried right after that with IE and it came right up. I don't know about the ebay one though. Maybe someone else knows why. People on this site are always saying firefox is better. Maybe someone can explain why? I just like firefox because you can put bookmarked web pages below the address bar for easy access.
 

Read other 12 answers
RELEVANCY SCORE 66

I have Mozilla Firefox
and when I log out
And try to get back into
Mozilla Firefox
I cannot get back in
as much as I keep hitting the tab
or pushing the button
why ?
and, how can I fix that ?
please help me

thanks
sigmundf
 

A:Mozilla firefox

Read other 16 answers
RELEVANCY SCORE 66

Hi, I've just installed Firefox to replace my IE. It's great. Thanks tg1911 for the intro to this usefull and safer web browser. I have a few add-ons, one of it is Download status bar 0.9.4.5. I noticed the download is a bit slow looking at the status at the bottom in my window. I have DAP (Download Accelerator Plus) program which used to handle my downloads previously. However this option seems to be missing from Firefox option. How can I let Firefox to enable me using DAP to handle the downloads?Thanks-veronica yeoh-

A:Mozilla Firefox

This sounds like it could be a compatibility problem between extensions.With a specific issue like this,it's best to search the Firefox Knowledge Base,or post a question in the Firefox forum Here.

Read other 5 answers
RELEVANCY SCORE 66

Hey guys, just recently got the new Mozilla firefox update and im wondering, whats the big difference between Mozilla Firefox and IE?
 

A:Mozilla Firefox

Security ! Firefox is active x free
 

Read other 1 answers
RELEVANCY SCORE 66

Can I save my name in forums when I type it in and then go back to it with out retyping it again like it is in IE6 can you tell me where I could set this up at in Firefox and dose it also go for Web address and search engines stored also Thanks
 

A:Mozilla Firefox ?

sportman11 said:

Can I save my name in forums when I type it in and then go back to it with out retyping it again like it is in IE6 can you tell me where I could set this up at in Firefox and dose it also go for Web address and search engines stored also ThanksClick to expand...

Just type the first letter.
 

Read other 2 answers
RELEVANCY SCORE 66

mozilla firefox is not opening..whenever i try to open it, its coming i dont hate mozilla but use ie..
someone help plz
 

Read other answers
RELEVANCY SCORE 66

Vator Campaigns I have yahoo and google toolbars on my mozilla firefox browser. I go into View and select Toolbars and remove google toolbar but whenever I restart firefox, it comes back. Can I have some help on how to solve this problem. ​


 

A:Need help with mozilla firefox...

Sure, go to add/remove programs in Control Panel and uninstall the Google Toolbar.
 

Read other 1 answers
RELEVANCY SCORE 66

I am thinking of trying Mozilla-Firefox as an eventual replacement for IE. I understand that it is better for security. Would you recommend going directly to Firefox 0.9.1 which is beta, or taking (part of) the Mozilla suite? Any comments appreciated.
 

A:IE v Mozilla-Firefox

Read other 11 answers
RELEVANCY SCORE 66

I have Firefox and i try to go to certain sites that use java and they wont load because it tells me my java is turned off or non existant ,but its there. How do I get it to work? Also, I have NoScript and i have to keep clicking allow(site) evry 5 seconds for the page to load correctly. How can I avoid this? Thanks!!

A:Mozilla Firefox

Make sure you have the latest JavaRuntimeEnvironment installed on your hard drive (you should see a Java Control Panel when you open up the Windows Control Panel).https://addons.mozilla.org/firefox/plugins/You can set NoScript to allow scripting by site; if you trust the site, then click on the "S" at the bottom right of the viewing panel, click on "options" and then "general" to add web sites that are to be allowed to execute scripts. Under the "Advanced" tab, see if you have "forbid Java" checked for untrusted sites.Regards,John

Read other 7 answers
RELEVANCY SCORE 66

I like to use Foxfire; but for the last 3 days when I click on the Firefox browser the screen goes black momentarilly. Then It come back on, and my desktop icons are so large it pushes some of them off the screen. When I go to my email or a web page it is displayed very large. When I close out the Firefoxx or change to IE the screen again blacks out momentarilly. then it comes back on with every thing in it's proper perspective. Or, when start with IE every thing is the proper size; but I don't like IE. Thank you.
 

A:Mozilla Firefox

Try this solution --> http://ask-leo.com/why_does_my_screen_resolution_change_when_i_run_this_program.html

Joe
 

Read other 1 answers
RELEVANCY SCORE 66

Figured I'd give Firefox a try. But seems to slow down my computer too much. Now I can't seem to delete from Add/Remove Programs. HELP!

A:Mozilla Firefox

1. Go to Windows Control Panel>Add/Remove Programs, and if a 'Mozilla Firefox' entry (or similar) exists, select it and click Change/Remove and uninstall it. Note, you can also uninstall Firefox by going to the \Program Files\Mozilla Firefox\uninstall\ directory and running the UinstallFirefox.exe file. Reboot if required.

2. Go to your Documents and Settings\[username]\Application Data\Mozilla directory and delete the entire \Firefox subdirectory and all of its contents. Note that this will delete all of your bookmarks and saved settings. If you want to backup any or all of your current Profile, see the Customizing Firefox section first.

3. Go to your \Program Files\Mozilla Firefox\ directory and delete it and all of its contents.

4. Using a registry cleaner like RegCleaner 4.3, find and remove all Firefox/Mozilla-related entries (usually there are several Mozilla entries to be found) and remove them. Alternatively you can use the Registry Editor (Start>Run>Regedit) and delete the following keys - that is, right click on their name in the left pane of Registry Editor and select Delete:

[HKEY_CLASSES_ROOT\FirefoxHTML]

[HKEY_CURRENT_USER\Software\Classes\Applications\firefox.exe]

[HKEY_CURRENT_USER\Software\Mozilla]

[HKEY_CURRENT_USER\Software\MozillaPlugins]

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla]

[HKEY_LOCAL_MACHINE\SOFTWARE\mozilla.org]

[H... Read more

Read other 5 answers
RELEVANCY SCORE 66

Hi everyone i use a internet browser called Mozilla Firefox, its the newset version out. But when ever i want to watch a video as for myspace it says i need to download a plugin, and that plugins are missing. Well the only option i have is Manual and once i go to download Windows Media Player 10 it says that its already on my computer... But i still cant watch videos!!! plz help
email me at [email protected], plz i need ur help
 

A:Mozilla Firefox

I would remove my email address if I were you.
You might need Quicktime player or another player than WMP. Does the site say which player is needed? In the address bar of Firefox, type: aboutlugins and hit enter. See if you have Quicktime plugin. I would suggest Quicktime Alternative instead of Quicktime because it is not loaded with bloat. If you load QA, read the instructions for installation and setup.
 

Read other 2 answers
RELEVANCY SCORE 66

hey guys,
ive got windows ME and mozilla firefox version 1.0.6.
i cant watch videos online!! for example ...today i went to comedycentral.com
i wanted to watch a video from chappelle's show but the videos wont load!
this happens at every site if i wanna watch a video.
please help me ...you guys have come through before!!

A:Mozilla Firefox

Which player does that website require?Realplayer or Windows Media Player?Try downloading the freeware versions (not free trials of paid for software) of both and see if that doesn't cure the problem.Real Player Free(bottom right side of page)http://www.real.com/realsuperpass.html/?pc...guide&src=guideWindows Media Player 9http://www.microsoft.com/windows/windowsme...d/download.aspx

Read other 7 answers
RELEVANCY SCORE 66

I've heard a lot about firefox, but I'm well attached to internet explorer. Could anyone give me a list of pros and cons against FireFox?

Also, Is there anyway to get rid of IE if i decide to install Firefox, and will it do any damage if i do?

Thanks

-Insan3

A:Ie Vs Mozilla Firefox

If a mod finds this, please move it to "Web Browsing/Email and Other Internet Applications"

Sorry for the trouble.

Read other 3 answers
RELEVANCY SCORE 66

hello, sometimes i get this error when i go to someones profile on Tagged

A:Mozilla Firefox 1.5.0.7

try upgrading to version 2...see if it still does it

Read other 5 answers