I’ve been having problems with the latest
version of Firefox 3.0.1. Either…
a) it would not fully load web pages.
b) it returned a timed-out error message.
c) it said server not found.
I checked for a resolution everywhere
(including at Firefox and here at Avast,
based upon suggestions).
After trying ALL the suggestions…
(none of which worked)
I ended up uninstalling Firefox 3.0.1 and
re-installing version 2.0.0.6. Which seems
to have solved all the problems.
BUT… one of the suggestions I “did” try
showed me something… VERY odd.
Someone suggested running Boot-Scan.
Which I did.
It found a malware Dynamic Link Library (aka .dll)
saying it contained… “Other:Malware-gen”.
The name of the DLL was… owcstp16.dll
It was found in the folder… C:\Program Files\
How it got there I’m “best guessing” (<- keywords)
was when I installed something to test to
see if it met my needs. When I un-installed it
(whatever it was)… it left that DLL behind.
A Google search shows that others have found
this DLL too. But no one’s sure of how it got
on their computer.
Now my question is…
why didn’t On-Access catch it but the Boot-Scan did?
I now put on my “best guessing” hat on as there is no information to work with:
Well the on-access scan is limited to a degree as a) windows is running (files can be protected) b) they can also be located in hidden folders, have their attributes changes, etc.
All of which can’t keep it hidden from detection.
The boot-time scan is run before windows starts so what may have hidden or protected it isn’t running so now it can be detected.
However there is also another possibility that the signature that detected it (a generic signature in the VPS) was update just prior to running the boot-time scan.
Based on my first best guess I would suggest running a couple of other scans. Run the first and report the findings here. Then do the same for the second.
Sorry for the delayed reply.
I’ve been quite busy with other things lately.
First I’d like to make a correction to my resolution
for the Firefox problem I “was” (past-tense) having.
I did a “complete” uninstall of Firefox v3.0.1.
Meaning… not only un-installing Firefox via
the Control Panel but…
a) removed ALL folders that it leaves behind.
b) removed ALL Registry entries that it leaves behind.
c) and defraging my hard drive.
Then… I installed v2.0.0.16 (not v2.0.0.6)
From what I’m understanding… many people
are having problems with v.3.0.1.
Here’s a link to the v.2.0.0.16 version… http://www.mozilla.com/en-US/firefox/all-older.html
Now about the suggestions you made…
I downloaded and ran the applications you mentioned
and everything on my hard drive was clean (except
for some ad cookies. which supposedly aren’t harmful)
The missed DLL that was caught “only” during a
Boot-Scan may simply didn’t have the chance
to be loaded into memory, by the culprit program,
before I deleted the whole thing.
So I’ve opted to uninstall the mentioned applications
and simply run an Avast Boot-Scan “alot” more often
than before. I trust Avast THAT much.
For as often as I install software and/or visit
unfamiliar websites… I feel I don’t need the extra
resources being sucked up while working on my
hobby (creating software for Windows).
Sorry I didn’t address any of the firefox issues in my first reply as I simply don’t know enough about it inner workings.
The SAS and MalwareBytes AntiMalware compliment avast as they are on-demand scanners which are used as a back-up, they are also specialist anti-spyware/malware applications. No single application will provide 100% protection and that is where a multi application approach to your security provided they don’t conflict/clash (and neither of these do) with avast! You only need look at my signature to see if I only use avast ;D
Extra resources for these applications are negligible as they are on-demand and not resident applications.
If you do these activities what are you doing for prevention?
HIPS?
site advisor type thingie
script blocker for firefox?
threatfire? or equilivent
spyware blaster?
Spybot Immunize
Hosts file
Win Patrol
real time anti malware product?-- In ADDITION to AVAST
Spybot t-timer
Spyware terminator free (without AV and toolbar)
Spyware Doctor free from GooglePack- without the rest of google back