[Chouse28]

Hi,
I tried, but apparently I am "not permitted to upload this kind of file"

Any suggestions?

[Advertisements]

You must ZIP it in order to upload it. If you fail than change prefs.js to prefs.txt and try again

[maliprog]

You must ZIP it in order to upload it. If you fail than change prefs.js to prefs.txt and try again

[Chouse28]

Hi,
It will not let me upload prefs.rar. I just sent you prefs.txt, I hope this is good enough. If you have any idea on how I can upload a .rar file, please let me know

Thanks

Attached Files

•  prefs.txt   72.62KB   376 downloads

[maliprog]

RAR file is not the same as ZIP file. They are two different compression type.

Do you have this problem only in Firefox?
Can you try to do Google search in Internet Explorer and see what will come up.

Can you post screenshot of Firefox after you do Google search. Maybe I'll see something that might help us.

To do print screen:

• Press Alt and Print Screen button on your keyboard
• Open Paint program
• From the menu choose Edit then Paste
• Now save the picture and attach it here for me.

[Chouse28]

Sorry, my bad. I was reading .ZIP but thinking .RAR. Anyways here is a PRT SCREEN and the .ZIP file

Thanks

Attached Thumbnails

• 

Attached Files

•  prefs.zip   14.02KB   74 downloads

[maliprog]

OK. I still have ideas. Please bare with me.

Step 1

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

• Double-click SystemLook.exe to run it.
• Copy the content of the following codebox into the main textfield:
  
  

  :filefind
  *mystart*
  *Incredibar*
  
  :folderfind
  *mystart*
  *Incredibar*
  
  :regfind
  mystart
  Incredibar

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

Step 2

Please read this article and remove anything that have MyStart or Inredibar in name

http://kb.mozillazine.org/Search_Bar

Step 3

Please don't forget to include these items in your reply:

• SystemLook log

It would be helpful if you could post each log in separate post

[Chouse28]

SystemLook Log:

SystemLook 30.07.11 by jpshortstuff
Log created at 07:13 on 07/03/2012 by Chris
Administrator - Elevation successful

========== filefind ==========

Searching for "*mystart*"
C:\Documents and Settings\Chris.CHOUSE\My Documents\My Pictures\MyStart.JPG --a---- 164123 bytes [22:02 06/03/2012] [22:02 06/03/2012] 07DDAD7B6DDB2B59B49AEE0C5C5AD5C2
C:\Documents and Settings\Chris.CHOUSE\Recent\MyStart.JPG.lnk --a---- 710 bytes [22:02 06/03/2012] [22:09 06/03/2012] 4796CA7A45048E8416D22C353A61B1C5
C:\_OTL\MovedFiles\02272012_174131\C_Documents and Settings\Chris.CHOUSE\Application Data\Mozilla\Firefox\Profiles\iscczm2c.default\searchplugins\MyStart Search.xml --a---- 2203 bytes [03:37 03/02/2012] [19:33 10/02/2012] 5B518F9FD64F03A016B6E8253E1DB316

Searching for "*Incredibar*"
No files found.

========== folderfind ==========

Searching for "*mystart*"
No folders found.

Searching for "*Incredibar*"
No folders found.

========== regfind ==========

Searching for "mystart"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"="C:\Documents and Settings\Chris.CHOUSE\My Documents\My Pictures\MyStart.JPG"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*]
"d"="C:\Documents and Settings\Chris.CHOUSE\My Documents\My Pictures\MyStart.JPG"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\jpg]
"d"="C:\Documents and Settings\Chris.CHOUSE\My Documents\My Pictures\MyStart.JPG"
[HKEY_USERS\S-1-5-21-1606980848-448539723-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"="C:\Documents and Settings\Chris.CHOUSE\My Documents\My Pictures\MyStart.JPG"
[HKEY_USERS\S-1-5-21-1606980848-448539723-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*]
"d"="C:\Documents and Settings\Chris.CHOUSE\My Documents\My Pictures\MyStart.JPG"
[HKEY_USERS\S-1-5-21-1606980848-448539723-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\jpg]
"d"="C:\Documents and Settings\Chris.CHOUSE\My Documents\My Pictures\MyStart.JPG"

Searching for "Incredibar"
[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603]
"000"="incredibar"
[HKEY_USERS\S-1-5-21-1606980848-448539723-1177238915-1003\Software\Microsoft\Search Assistant\ACMru\5603]
"000"="incredibar"

-= EOF =-

[Chouse28]

I was just looking at the log, and under "regfind" it had MyStart.JPG a bunch of times. That is the PRT SCN that I sent you yesterday.

Also I looked over that article, and removed some unused extensions and search engines.

Also I just tried something as well. Firefox was opening up to "about:home" and that is when if I typed something in the search, that it would redirect to MyStart. If I type in www.google.ca first and then do a search, it does a google search. So the problem is on the "about:home".

I hope this information might help. Sorry I didn't think about doing it earlier.

Chris

[maliprog]

Thank you for that info. Let's try to fix you problem now. I'll do some more research and get back to you soon.

Step 1

NOTE: This fix is custom made for this system only and for current system state! Don't try to run it on another system!

Please close all running programs and Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :OTL
  
  :Reg
  [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603]
  "000"=-
  
  [HKEY_USERS\S-1-5-21-1606980848-448539723-1177238915-1003\Software\Microsoft\Search Assistant\ACMru\5603]
  "000"=-
  
  :Commands
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles

Step 2

See my last post...

Step 3

Please don't forget to include these items in your reply:

• OTL fix log

It would be helpful if you could post each log in separate post

[maliprog]

If you didn't do Step 2 please don't do it jet. Instead try this step:

Open Firefox on about:home page
On your keyboard press Shift + F4 and it will open Scratchpad
Copy and past this on the end

localStorage["search-engine"]="{\"name\":\"Google\",\"searchUrl\":\"http://www.google.com/search?q=_searchTerms_&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a\"}";

From menu choose Execute then Run
Close Scratchpad and restart Firefox. Test your Firefox search now.

[Chouse28]

That WORKED! It now searches Google from everywhere.
I ran that OTL Fix, but it didn't produce a log that I can find. Do you want me to run it again and see if I can find the log?

Thank you for all your help. It has been greatly appreciated! I will donate some money to you.

Chris

[maliprog]

Hi Chouse28,

Good job! We nail it . Thank you for your donation! It's greatly appreciated. I can have cake with my coffee now .

Your logs and system are clean now. I'm glad we fix up your computer. We need to clean up your PC from programs we used.

Step 1

Please start OTL one more time and click CleanUp button. OTL will restart your system at the end. Remove all other application we used to clean your PC.

General recommendations

Here are some recommendations you should follow to minimize infection risk in the future:

1. Enable Windows Update

• Click Start, click Run, type sysdm.cpl, and then press ENTER.
• Click the Automatic Updates tab, and then click to select one of the following options. We recommend that you select the Automatic (recommended) Automatically download recommended updates for my computer and install them option.
• Click OK button

2. Delete Temp files

Download TFC to your desktop

• Open the file and close any other windows.
• It will close all programs itself when run, make sure to let it run uninterrupted.
• Click the Start button to begin the process. The program should not take long to finish its job
• Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

  
3. Make Backups of Important Files

Please read this article Home Computer Data Backup.


4. Regularly update your software

To eliminate design flaws and security vulnerabilities, all software needs to be updated to the latest version or the vendor’s patch installed.

You should download Update Checker from here. The program will automaticly check for newer version of software installed on your system.

[Chouse28]

Done and Done! Thanks Again!

[maliprog]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.