Jump to content

Unable to use Mozilla and computer running slowly.


kelro
 Share

Recommended Posts

  • Root Admin

You can delete the last file on the ESET log.

Please download the attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.

If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.

The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

fixlist.txt

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 17-01-2015 01
Ran by kelly_000 at 2015-01-17 11:41:17 Run:1
Running from C:\Users\kelly_000\Desktop
Loaded Profiles: kelly_000 (Available profiles: Alex & kelly_000)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-4264348289-3241612886-2336119300-1001\...\Run: [Gyazo] => [X]ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1004\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1001\User: Group Policy restriction detected <======= ATTENTION
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
Task: {382BDB8C-C6D7-4F9A-BF8F-CF5F711F68B7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F8C8F035-3F9F-4A16-B087-AF71FAA940EE} - \Optimize Start Menu Cache Files-S-1-5-21-4264348289-3241612886-2336119300-1005 No Task File <==== ATTENTION
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
C:\WINDOWS\Tasks\User_Feed_Synchronization-{3CD877CF-0AFB-472B-BB81-29A2DA5A8569}.job
AlternateDataStreams: C:\Users\Alex\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\kelly_000\SkyDrive:ms-properties
EmptyTemp:
Reboot:


*****************

HKU\S-1-5-21-4264348289-3241612886-2336119300-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Gyazo => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2 => Key could not be deleted. Access denied.
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3 => Key could not be deleted. Access denied.
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1 => Key could not be deleted. Access denied.
HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2 => Key could not be deleted. Access denied.
HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3 => Key could not be deleted. Access denied.
HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Key not found.

"C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1004\User" directory move:

Could not move "C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1004\User\Registry.pol" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1004\User" directory. => Scheduled to move on reboot.

"C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1001\User" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key could not be deleted. Access denied.
HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key not found.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} => Key could not be deleted. Access denied.
HKCR\CLSID\{CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} => Key not found.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key could not be deleted. Access denied.
HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{382BDB8C-C6D7-4F9A-BF8F-CF5F711F68B7} => Key could not be deleted. Access denied.
Could not move "C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate" => Scheduled to move on reboot.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate => Key could not be deleted. Access denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8C8F035-3F9F-4A16-B087-AF71FAA940EE} => Key could not be deleted. Access denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-4264348289-3241612886-2336119300-1005 => Key could not be deleted. Access denied.
Could not move "C:\WINDOWS\Tasks\Adobe Flash Player Updater.job" => Scheduled to move on reboot.
"C:\WINDOWS\Tasks\User_Feed_Synchronization-{3CD877CF-0AFB-472B-BB81-29A2DA5A8569}.job" => File/Directory not found.
C:\Users\Alex\SkyDrive => ":ms-properties" ADS removed successfully.
"C:\Users\kelly_000\SkyDrive" => ":ms-properties" ADS not found.
EmptyTemp: => Removed 119.6 MB temporary data.
 

Link to post
Share on other sites

  • Root Admin

It looks almost like this was not run with admin rights - much was ignored.

Please restart the computer again and run FRST again and make sure you place a check mark in the Additions.txt check box and post back both new logs.

Please open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link

Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkits, Under Non Malware Protection set both PUP and PUM to Treat detections as malware.

Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button. Remove any threats found

Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

Next,

Please download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!
Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 19-01-2015
Ran by Alex at 2015-01-20 17:09:23 Run:2
Running from C:\Users\kelly_000\Desktop
Loaded Profiles: Alex & kelly_000 (Available profiles: Alex & kelly_000)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-4264348289-3241612886-2336119300-1001\...\Run: [Gyazo] => [X]ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1004\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1001\User: Group Policy restriction detected <======= ATTENTION
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
Task: {382BDB8C-C6D7-4F9A-BF8F-CF5F711F68B7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F8C8F035-3F9F-4A16-B087-AF71FAA940EE} - \Optimize Start Menu Cache Files-S-1-5-21-4264348289-3241612886-2336119300-1005 No Task File <==== ATTENTION
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
C:\WINDOWS\Tasks\User_Feed_Synchronization-{3CD877CF-0AFB-472B-BB81-29A2DA5A8569}.job
AlternateDataStreams: C:\Users\Alex\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\kelly_000\SkyDrive:ms-properties
EmptyTemp:
Reboot:


*****************

HKU\S-1-5-21-4264348289-3241612886-2336119300-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Gyazo => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => Key deleted successfully.
"HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => Key deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => Key deleted successfully.
"HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => Key deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => Key deleted successfully.
"HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => Key deleted successfully.
"C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1004\User" => File/Directory not found.
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1001\User => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}" => Key deleted successfully.
HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key not found.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA}" => Key deleted successfully.
"HKCR\CLSID\{CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => Key deleted successfully.
HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{382BDB8C-C6D7-4F9A-BF8F-CF5F711F68B7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{382BDB8C-C6D7-4F9A-BF8F-CF5F711F68B7}" => Key deleted successfully.
C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8C8F035-3F9F-4A16-B087-AF71FAA940EE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8C8F035-3F9F-4A16-B087-AF71FAA940EE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-4264348289-3241612886-2336119300-1005" => Key deleted successfully.
"C:\WINDOWS\Tasks\Adobe Flash Player Updater.job" => File/Directory not found.
"C:\WINDOWS\Tasks\User_Feed_Synchronization-{3CD877CF-0AFB-472B-BB81-29A2DA5A8569}.job" => File/Directory not found.
"C:\Users\Alex\SkyDrive" => ":ms-properties" ADS not found.
"C:\Users\kelly_000\SkyDrive" => ":ms-properties" ADS not found.
EmptyTemp: => Removed 301.3 MB temporary data.


The system needed a reboot.

==== End of Fixlog 17:09:59 ====

Link to post
Share on other sites

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 20/01/2015
Scan Time: 17:31:46
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.20.08
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x86
File System: NTFS
User: Alex

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 406330
Time Elapsed: 50 min, 13 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.94  
   x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 CCleaner     
 Adobe Flash Player     16.0.0.257  
 Mozilla Firefox (35.0)
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe
 Malwarebytes Anti-Malware mbam.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C::  
````````````````````End of Log``````````````````````
 

Link to post
Share on other sites

  • Root Admin

How is the computer running now?

Please reinstall your iTunes as the Bonjour Service appears to be broken and that should fix it.

If Mozilla is still having an issue then you may need to reset your browsers.

Please visit each of the following sites and lets reset all of your browsers back to defaults to prevent unexpected issues.

If you are not using one of the browsers but it is installed then you may want to consider uninstalling it as older versions of some software can pose an increase in the potential for an infection to get in.

Internet Explorer

How to reset Internet Explorer settings

Firefox

Click on Help / Troubleshooting Information then click on the Reset Firefox button.

Chrome

Start by disabling Sync

How To Delete Your Google Chrome Browser Sync Data

Chrome - Reset browser settings

If that fails then Uninstall Google Chrome and do not reinstall until sure the system is clean.

Link to post
Share on other sites

  • 3 months later...
Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.