Virus problems.

Status
Not open for further replies.
S

Shoupie080

Posts: 67   +0
I've had firefox for sometime now with no problems. Recently while browsing certain sites (i.e. Hotmail, citizensbank, and myspace) firefox will just close by itself. No warning, nothing. So in order to access these sites I have to use IE and I prefer never to open that browser.

I've checked my settings in firefox against my gf's laptop to see if there was something different applied but they're both identical and her firefox works on these sites. This is mindboggling. It's not a huge problem but it is annoying having to use IE and all of it's adware that comes with it.


any help would be awesome

thanks
 
Hey howard,

I tried doing that before with no luck and I just tried it again and it's doing it still. Is there some kind of log file I can send you so maybe you can see what's happening? I have AVG, ad-aware, spybot, ewido, and spyblaster all up-to-date working on my computer so I doubt it could be a trojan or anything...

any suggestions???

thanks again
 
Just in case you have a malware problem, go and read this thread HERE. Post a HJT log as an attachment into this thread and I`ll take a look for you.

Regards Howard :)

This thread is for the use of Shoupie080 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
It could be possible that the site is only compatible for IE, even though that is a huge mistake by the webmaster if thats the case.
 
Shoupie080 said:
I've checked my settings in firefox against my gf's laptop to see if there was something different applied but they're both identical and her firefox works on these sites.
Click to expand...

Hi guys.

As you can see from the above, it`s not a problem with the sites themselves.

It`s either something in Firefox/settings/malware or some other problem we`ve not thought of yet.

Regards Howard :)
 
hijackthis log

Howard,


here's the log file. Firefox is still unexpectantly closing. Happy hunting!


thanks again
 
You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Turn off system restore.(XP/ME only) See how here.> http://www.bleepingcomputer.com/forums/tutorial56.html

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how here.> http://www.bleepingcomputer.com/forums/tutorial61.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how here.> http://www.bleepingcomputer.com/forums/tutorial62.html

Go to add remove programmes in your control panel and uninstall anything to do with(if there).

PartyGaming\PartyPoker

Close control panel.

Click start/run and type services.msc into the run box and press the enter key.

When the window appears, maximise it. Double click on the following services(if there) and select stop if they are running. Set the startup type to disabled. Click apply/ok for each service you disable.

Secure HTTP

Close the services window.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

csrvs.exe
RunApp.exe

Close task manager.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe

O16 - DPF: {2E12FB00-546B-4EE3-9CC2-057BF02E1C17} (Webshots Multiple Media Uploader - Container) - http://community.webshots.com/html/atx/wsaxcontrol.cab

O18 - Protocol: HTLFP - {03B7A5D4-96B0-4316-95F8-072D326A58F1} - ielpview.dll (file missing)

O18 - Protocol: vfsp - {E4CB5121-E242-11D4-8ED6-00010219EB22} - VFSProtocol.dll (file missing)

O23 - Service: Secure HTTP (Service Secured) - Unknown owner - C:\WINDOWS\csrvs.exe (file missing)

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\WINDOWS\csrvs.exe
C:\Program Files\PartyGaming Delete the entire folder.

Reboot into normal mode, turn system restore back on and rehide your protected OS files.

Post a fresh HJT log and let me know how your system is running.

Regards Howard :)

This thread is for the use of Shoupie080 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Reply to howard_hopkinso

Hello Howard:

Ok I followed all those instructions you gave me and the good news is that my system seems to be screaming fast now which is awesome. The bad news is firefox is still messed up. It works fine with every site except the ones mentioned earlier. I have posted a new hjt log for you to review and see if I missed anything.

Thanks again you've been very helpful
 
The good news is your HJT log is now clean.

The bad news is I don`t know why you`re Firefox problem is happening.

Now we`ve got rid of the nasties, try uninstalling and reinstalling Firefox. If that doesn`t help, backup your bookmarks etc and completely get rid of Firefox, befor reinstalling it.

That means, once you`ve uninstalled Firefox, do a search of your system and delete all traces of it, before reinstalling.

Do you use the addblock extension? If you do, try getting rid of it and see if that helps.

Other than the above, I have no further ideas.

Regards Howard :)

This thread is for the use of Shoupie080 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Howard,

You were right! I guess everytime i've uninstalled firefox I didn't get rid of it entirely. This time after I reinstalled it it finally works! So I just wanted to extend a big thanks for all the help.

cheers!
 
HJT log for Howard_Hopkinso

Howard,

My girlfriends laptop is going crazy. Firefox has stopped working completely and IE is not allowing certain sites anymore. I have ran ad-aware, spybot, spyblaster, ewido, and avg anti-virus. No viruses just some simple tracking cookies. I have attached my HJT log (after running all the programs) for you to spec. There's probably lots of nasties I just don't want to delete anything I shouldn't.

Also, thank you in advance you've helped me with a lot of problems already and hopefully your mad skills will prevail once again.

Jason
 
Mad skills eh lol.

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Turn off system restore.(XP/ME only) See how here.> http://www.bleepingcomputer.com/forums/tutorial56.html

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how here.> http://www.bleepingcomputer.com/forums/tutorial61.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how here.> http://www.bleepingcomputer.com/forums/tutorial62.html

Go to add remove programmes in your control panel and uninstall anything to do with(if there).

Viewpoint
Viewpoint Toolbar

Close control panel.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm4Me69ZMbubcD3RW7BXlKjvc7x op5d9I78PUKJrK3FhPpSTP9H7wnaKG4bJhUYrMFKa0P90C5oEQ7IQ4N7oVhVtf/bZfdY5MSyFPvkn/Ne XXoNk8LqdJLgiZdixHMldljzotaMfYJCplMPS1749Ri+ez790p3yvhj2ZROuNPkBiXi

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://as.starware.com/dp/search?x=wKX1ILEOi+UdWpSlz2q9Dzn13Emww/YwIjsqjZBnROG85 /+iZ0ygDxfZBjZZ4gQRbt98UnVYN4AmV2uaaKkA3RLPMVLeyBybrDgWfTynDVTWijrc5zUeZhFiFacsL ued

O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll

O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll

O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML

O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)

O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)

O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O16 - DPF: {C190FF32-96D0-445F-9F60-5CF288FD3D0F} (ActiveFormX Control) - http://158.83.152.2:8080/registration/CAT/CNICAT.cab

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\Program Files\Viewpoint Delete the entire folder.

Reboot into normal mode, turn system restore back on and rehide your protected OS files.

Post a fresh HJT log and let me know how the system is running.

Regards Howard :)

This thread is for the use of Shoupie080 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I have merged your new thread and your old thread into this one.

Your HJT log is now clean.

If you need help with any further virus/spyware problems, please post in this thread. Thanks.

Regards Howard :)

This thread is for the use of Shoupie080 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Status
Not open for further replies.

Similar threads

Daniel Sims
European Union set to revise cookie law, admits cookie banners are annoying
2
Replies
31
Views
701
opckieran
O
C
Facebook stubbornly refuses to load pictures
Replies
0
Views
1K
catc01
C
midian182
User-activated bug in Windows File Explorer unintentionally boosts performance
Replies
6
Views
421
Ben Myers
Ben Myers

Latest posts

Back