OzBloke! I return
XP - SP3
back to that search engine problem,home page not opening, both FF & IE, still having an issue with so got in touch with the internet provider - ours is Telecom NZ as "XTRA" - advice from them is conflicting security programmes, maybe AV or others such as Spybot, Malwarebytes, Superantispyware - their recommendation, uninstall the lot and install "telecom Security Suite," (MacAfee in disguise methinks) I really don't know if that is going to be a complete solution as I"ve known of issues with suites, so have copied a portion for you to perhaps check and make a recommendation, I already have Win Firewall activated, hopefully this is not too much of a pain Jim, Maurylen
We strongly recommend that before installing Telecom Security Suite (TSS) you remove or un-install any existing third party security software. You can do this by following the instructions below.
Uninstalling third party security software
Telecom Security Suite will not function properly with the third party applications listed below. It is therefore necessary to uninstall these applications to enable TSS to function properly.
Turning on Windows Firewall
We advise customers to turn on Windows Firewall after they have removed their security software before they start the installation of TSS.
Uninstalling third party security software
- Click Start.
- Click Settings.
- Click Control Panel.
- Double-click Add/Remove Programs.
- Click to highlight the existing antivirus programme in the list of software.
- Click Add/Remove.
- Follow the prompts to remove the antivirus programme. Note: If you're prompted to remove shared files, click Yes to all.
- Restart your computer.
- Click Start, Search, type PROGRAMS AND FEATURES and click Go.
- Double-click Programs and Features.
- Select the program to uninstall.
- Click Uninstall and follow the steps provided.
- Restart your computer.
- Click "Start", then open the "Control Panel"
- Open "Windows Firewall"
- To turn Windows Firewall on select "On (recommended) and click "OK".
- Close the "Control Panel" to return to the Desktop.
- Click "Start", and open the "Control Panel"
- Click on "Security"
- Under the "Windows Firewall" heading click on "Turn Windows Firewall on or off"
- To turn Windows Firewall on select "On (recommended) and click "OK".
- Close the Control Panel to return to the Desktop.
|
Hey Maurylen - What kept ya?? LOL
Okay, well I would definitely ignore the advice you have received from your ISP, for the moment anyway. Sounds very much like they are pushing their own barrow to me.
Can you please provide a complete list of all your installed security programs? Also, can you please clarify about the "home page not opening" - do you mean you cannot connect to the net at all or has your home page been changed to something else?
This sounds to me more like a malware infection than conflicting software, although the latter is a possibility. Will know more once we have that list.
Cheers...Jim
Ashampoo Winoptimiser
CCleaner
MalwareBytes
Regcure
AdAware
Spybot S&D
Spyware Balaster
Super Anti Spuware
mostly I use 2, 3, 6, 7 & 8 probably once/week & Avast
problem refers to both IE & FF, they begin to open but stall (freeze) before the home page opens with only blue text and some smaller graphics towards the end of the page - I can type an address into the location bar, e.g. mozilla.com and it opens but the home page still doesn't appear, so there is a net connection, but?? -- Maurylen
So you are using AdAware as your main anti-virus? Is that the free version or paid for?
What about Malwarebytes and SuperAntiSpyware, are they the free versions or paid for? Sorry, I should have stipulated that from the beginning.
What is your home page set to? Have you tried changing the home page? What does the blue text say in the stalled page? Are you getting any sort of error message?
Have you run full/thorough scans with MBAM and SAS? If not, do so - if you have already, I assume they found zero infections?
Cheers...Jim
no, rarely used, it's the free v - i ue Avast, free
MWB & SaS both the free vs
http://yahooxtra.co.nz - though it appears in the bar as - yahoo.com and yes have tried changing it, no diff - the blue text is "headings" - brief example as follows
- yahoo.co.nz
- My Homepage
- Member Centre
- Feedback
no error message
have run full/thorough scans with MBAM and SAS and yes. no problems
cheers, Maurylen
have a larf
My girlfriend says she thinks that I might be a stalker.
Well... she's not exactly my girlfriend yet.
Yes, I've seen that before. Generally means there is a problem with the actual site, how long has this been going on for?
Can you access that Yahoo page okay if you type the URL into the address bar? Are you having issues with any other pages or when you click on links in your bookmarks/favorites sidebar?
Now, about your security setup. Avast and AdAware are both anti-virus programs and as such could likely cause conflicts. I strongly suggest you uninstall AdAware asap and keep Avast.
Both Spybot and Spyware Blaster offer improved protection through Internet Explorer and not much else, if you do not use IE much and generally prefer Firefox, I would seriously consider uninstalling Spybot and Spyware Blaster too. If, however, you tend to use IE more, then by all means keep them.
For now, uninstall AdAware and then try the home page again - let us know the outcome.
Cheers...Jim
new day Jim, unfortunately no surprises
months
yes - no
done
also done, I use FF most
been a while since opening, have been trying FF & IE periodically, restarts & close few times, but looks as though the problem remains
where to now?
till later, maurylen
Where to now? - No idea!!! 
What's making this difficult is that it's affecting only one specific page, all the rest of your browsing is fine. Plus, that the issue is common to both browsers.
Do you have anything installed which is common to both browsers, a toolbar perhaps or some kind of site ratings tool (such as WOT or McAfee Site Advisor). Look for some element which is common to both IE and FF.
I guess you would have thoroughly cleaned both browsers, including the cache? Do you use CCleaner?
Get back to me and if none of the above helps, I'll ask you to download HijackThis and create and submit a logfile.
Cheers...Jim
add-on
took me about 10 tries to log on Jim ???
had some thoughts about firewalls - some time ago (3 months?) i replaced my modem with a new Belkin and had their help system set it up online - she told me to run it direct through the computer which meant disconnecting the wireless router, which didn't concern me as only the kids use it for their laptops when they're visiting - i thought afterwards that maybe that had disabled a firewall so i enabled the MS one through the control panel - wonder if that could have some bearing on the current problem? like conflicting with the modem or router - have now disabled the MS one
logging on to your site is a newey
off to the golf course, till later
cheers, Maurylen
hijackthis logfile
hope this is what you referred to - doesn't make a lot of sense to me Jim but hope it does to you
Logfile of HijackThis v1.99.1
Scan saved at 5:50:18 PM, on 1/10/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Running processes:
C:\WINDOW\System32\smss.exe
C:\WINDOW\system32\winlogon.exe
C:\WINDOW\system32\services.exe
C:\WINDOW\system32\lsass.exe
C:\WINDOW\system32\svchost.exe
C:\Program Files\Rohos\agent.exe
C:\WINDOW\System32\svchost.exe
C:\WINDOW\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOW\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOW\system32\RUNDLL32.EXE
C:\WINDOW\RTHDCPL.EXE
C:\WINDOW\system32\ctfmon.exe
C:\Program Files\What's my computer doing\WhatsMyComputerDoing.exe
C:\WINDOW\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOW\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOW\System32\svchost.exe
C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
C:\WINDOW\system32\nvsvc32.exe
C:\WINDOW\System32\svchost.exe
C:\WINDOW\system32\ssoftsrv.exe
C:\WINDOW\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOW\system32\wscntfy.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahooxtra.co.nz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: The blinkx Toolbar - {0069B690-7A2B-41C5-98CA-9F535B4C8532} - C:\Program Files\blinkx Remote Toolbar\the_blinkx_bho.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {abb88e4e-75f4-4fdc-8f42-d101484c4b3f} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: (no name) - {d51d388b-f5dc-471a-a1ce-5e2d671091c0} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOW\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOW\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOW\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOW\system32\Adobe\Shockwave 11\SwHelper_1150595.exe -Update -1150595 -"Mozilla/5.0_(Windows_NT_5.1;_rv:7.0.1)_Gecko/20100101_Firefox/7.0.1" -"http://gameserver.mattel.com/assets/en/games/breakless/game.html?gameid=9x945261kqd9&velocitygameid=&gname=Brakeless&gcamp=None&gchannel=Games&randid=774531&config=aHR0cDovL3d3dy5ob3R3aGVlbHMuY29tL3htbC9nYW1lLzl4OTQ1MjYxa3FkOS9jb25maWcueG1s"
O4 - Global Startup: What's my computer doing.lnk = C:\Program Files\What's my computer doing\WhatsMyComputerDoing.exe
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E9BA8F8-561D-463F-939F-513527088695}: NameServer = 4.2.2.2,4.2.2.3
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
O20 - Winlogon Notify: TPSvc - TPSvc.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOW\system32\WPDShServiceObj.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOW\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOW\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOW\system32\nvsvc32.exe
O23 - Service: Rohos Disk service (Rohos Disk) - Unknown owner - C:\Program Files\Rohos\agent.exe" /service (file missing)
O23 - Service: ProgramCheckerPro (sassvc) - Unknown owner - C:\Program Files\Zenturi\ProgramChecker\sassvc.exe
O23 - Service: Cryptainer service (ssoftservice) - Cypherix - C:\WINDOW\SYSTEM32\ssoftsrv.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: User Profile Hive Cleanup (UPHClean) - Windows (R) Codename Longhorn DDK provider - C:\Program Files\UPHClean\uphclean.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
Okay, you did it already!!
Quite a mess there I'm afraid. You will need to run Hijack This again and this time select "Do a system scan only". Now, from the list I want you to place a checkmark next to the following items:
R1 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
O2 – BHO: (no name) – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – (no file)
O2 – BHO: (no name) – {abb88e4e-75f4-4fdc-8f42-d101484c4b3f} – (no file)
O2 – BHO: (no name) – {ba14329e-9550-4989-b3f2-9732e92d17cc} – (no file)
O2 – BHO: (no name) – {D4027C7F-154A-4066-A1AD-4243D8127440} – (no file)
O2 – BHO: (no name) – {d51d388b-f5dc-471a-a1ce-5e2d671091c0} – (no file)
O4 – HKLM..Run: [UserFaultCheck] %systemroot%system32dumprep 0 -u
Now click on the "Fix Checked" button.
There are several others about which I am uncertain. We'll see how you go after the ones I have listed have been fixed.
Have you always used the Avast Web Rep component? Is there an easy way to disable Web Rep or turn it off temporarily and then see if your home page will load properly?
Also, you seem to have several toolbars installed, I don't like nor trust toolbars. What on earth is The Blinkx Toolbar? You also have a Yahoo Toolbar Helper and Avast's WebRep Toolbar. All these can be possible suspects.
Anyway, try fixing the items I have listed first and we'll take it from there.
Cheers...Jim
fix checked, done
Avast Web Rep component? - pass on that one - looked through Avast and couldn't find it, where would it be?
re those toolbars, are they installed by the user? or is there some nefarious method? - don't remember ever voluntarily installing any - suggestions to delete?
will close and see what eventuates
cheers Maurylen
Before we go any further, how did it go - you didn't say? Also, did you reboot the computer after fixing checked - if not, do that too and let me know if the home page is now loading okay or not.
Cheers...Jim
don't want to get too excited yet, but have opened and closed FF 10 times, IE also, restarted a coupla times, you think it's over? seems to be but should i wait longer? what do you think was the defining change? anything else i should do? or maybe just say THANKS and i marvel at your patience, some of us are not too technically gifted - nearly forgot, any comments re firewalls? having disabled MS is there one in the modem? or the router? should i reactivate MS firewall?- one very grateful client Jim, cheers, Maurylen
Hey Maurylen - You little beauty!!! I'd say that one of the items we fixed via Hijack This was the most likely culprit, exactly which one would only be a guess. Glad to hear all is well though, should stay that way now.
You should definitely turn Windows Firewall back on, even if the router includes a firewall. One is a hardware firewall and the other a software firewall so they should not conflict and together they will do a good job. No need for any 3rd party firewall, I don't really think they help all that much anyway.
Avast is an excellent product and together with Windows Firewall should provide adequate security, especially if you tend toward caution and follow a safe surfing policy. Although security software certainly helps, a huge part of security and associated risks is in the hands of the user.
Cheers now mate...Jim
1 Guest(s)
