Issues with Firefox

View previous topic View next topic Go down

Issues with Firefox

Post by Itachi21 on 22nd October 2013, 2:59 pm

Hello fellow techs. I seem to be having issues with Firefox out of the blue now. The usual issue with firefox of flashplayer constnatly lagging and I'm have having to crash it seems to be normal with firefox nowadays. My issue is that it responds then doesn't respond constantly.


Below are the logs.


# AdwCleaner v3.005 - Report created 22/10/2013 at 10:27:00
# Updated 22/09/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Adam - WHITEBASE
# Running from : C:\Users\Adam\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\END

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\q42427h7.default\prefs.js ]

Line Deleted : user_pref("extensions.dynconff.cache.aspca.we-care.com.content", "\r\n\r\nLine Deleted : user_pref("extensions.dynconff.cache.by2prd0210.outlook.com.content", "\r\n\r\nLine Deleted : user_pref("extensions.dynconff.cache.games.espn.go.com.content", "\r\n\r\nLine Deleted : user_pref("extensions.dynconff.cache.lb.we-care.com.content", "\r\n\r\nLine Deleted : user_pref("extensions.dynconff.cache.login.yahoo.com.content", "\r\n\r\nLine Deleted : user_pref("extensions.dynconff.cache.mail.google.com.content", "\r\n\r\nLine Deleted : user_pref("extensions.dynconff.cache.movies.netflix.com.content", "\r\n\r\nLine Deleted : user_pref("extensions.dynconff.cache.thankyoupage.com.content", "\r\n\r\nLine Deleted : user_pref("extensions.dynconff.cache.twitter.com.content", "\r\n\r\nLine Deleted : user_pref("extensions.dynconff.cache.us-mg6.mail.yahoo.com.content", "\r\n\r\nLine Deleted : user_pref("extensions.dynconff.cache.www.gogoanime.com.content", "\r\n\r\nLine Deleted : user_pref("extensions.dynconff.cache.www.impactwrestling.com.content", "\r\n\r\nLine Deleted : user_pref("extensions.dynconff.cache.www.weei.com.content", "\r\n\r\nLine Deleted : user_pref("extensions.dynconff.cache.www.wwe.com.content", "\r\n\r\nLine Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("extensions.helperbar.Visibility", false);
Line Deleted : user_pref("extensions.helperbar.countryiso", "us");
Line Deleted : user_pref("extensions.helperbar.downloadprovider", "quickobrw");
Line Deleted : user_pref("extensions.helperbar.installationid", "8fc25890-292e-4a06-97a2-ea0b7930d6db");
Line Deleted : user_pref("extensions.helperbar.installdate", "30/06/2013");
Line Deleted : user_pref("extensions.helperbar.publisher", "quickobrw");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={729B8926-E13F-11E2-BF24-84A6C8B240C5}");

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : keyword
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [6731 octets] - [22/10/2013 10:25:31]
AdwCleaner[R1].txt - [6791 octets] - [22/10/2013 10:26:34]
AdwCleaner[S0].txt - [6484 octets] - [22/10/2013 10:27:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6544 octets] ##########


Malwarebytes Anti-Malware 1.75.0.1300
[You must be registered and logged in to see this link.]

Database version: v2013.10.22.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Adam :: WHITEBASE [administrator]

10/22/2013 9:54:19 AM
mbam-log-2013-10-22 (09-54-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218387
Time elapsed: 2 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 5
HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Updater By SweetPacks (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Updater By SweetPacks (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.

Registry Values Detected: 4
HKLM\SOFTWARE\Mozilla\Firefox\Extensions\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D} (PUP.Optional.SweetPacks.A) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|{7D4F1959-3F72-49d5-8E59-F02F8AA6815D} (PUP.Optional.SweetPacks.A) -> Data: C:\Program Files\Updater By SweetPacks\Firefox -> Quarantined and deleted successfully.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {729B8926-E13F-11E2-BF24-84A6C8B240C5} -> Quarantined and deleted successfully.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {729B8926-E13F-11E2-BF24-84A6C8B240C5} -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.SweetPacks) -> Bad: (http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={729B8926-E13F-11E2-BF24-84A6C8B240C5}) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\ProgramData\ReadOnlyInstaller.msi (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.

(end)


Results of screen317's Security Check version 0.99.74
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Kaspersky Anti-Virus
Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Adobe Flash Player 11.9.900.117
Adobe Reader XI
Mozilla Firefox (24.0)
Google Chrome 30.0.1599.101
Google Chrome 30.0.1599.69
````````Process Check: objlist.exe by Laurent````````
Kaspersky Lab Kaspersky Anti-Virus 2013 avp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 4%
````````````````````End of Log``````````````````````


[You must be registered and logged in to see this link.]

Itachi21
Senior
Senior

Posts Posts : 319
Joined Joined : 2008-12-07
Gender Gender : Male
OS OS : Windows 7 64 Bit
Points Points : 31909
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Superdave on 22nd October 2013, 7:14 pm

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
If your only problem is with FireFox, please try uninstalling and re-installing a new version.
The Security logs shows that your AV is out-of-date. I suspect that the subscription has run out. If this is the case, you can unistall it and install one of the free Av's below.


Remember to only install one antivirus!

1) [You must be registered and logged in to see this link.]
2) [You must be registered and logged in to see this link.]
3) [You must be registered and logged in to see this link.]
4) [You must be registered and logged in to see this link.] All versions and all languages.
5) [You must be registered and logged in to see this link.] (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" if you choose this one)
6) [You must be registered and logged in to see this link.]

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer, then only one of them should be active in memory at a time.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Itachi21 on 23rd October 2013, 3:40 am

After reinstalling firefox it looks to have the same effect. It looks like sweetpacks hasn't been removed fully yet.


[You must be registered and logged in to see this link.]

Itachi21
Senior
Senior

Posts Posts : 319
Joined Joined : 2008-12-07
Gender Gender : Male
OS OS : Windows 7 64 Bit
Points Points : 31909
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Superdave on 23rd October 2013, 6:30 pm

Do you have the same problem with Internet Explorer?

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Itachi21 on 23rd October 2013, 6:43 pm

Haven't tried explorer but on Chrome when I search it goes sweetpacks url then where im going


[You must be registered and logged in to see this link.]

Itachi21
Senior
Senior

Posts Posts : 319
Joined Joined : 2008-12-07
Gender Gender : Male
OS OS : Windows 7 64 Bit
Points Points : 31909
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Superdave on 23rd October 2013, 6:50 pm

Please try IE and also check your other browsers for add-ons.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Itachi21 on 23rd October 2013, 7:17 pm

A window came up and said

"A program on your computer has corrupted your default search provider setting for Internet Explorer.

Internet Explorer has reset this setting to your original serach provider, Bing ([You must be registered and logged in to see this link.]

Internet Explorer will now open Search Settings, where you can change this setting or install more search providers."


[You must be registered and logged in to see this link.]

Itachi21
Senior
Senior

Posts Posts : 319
Joined Joined : 2008-12-07
Gender Gender : Male
OS OS : Windows 7 64 Bit
Points Points : 31909
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Superdave on 24th October 2013, 7:27 pm

[You must be registered and logged in to see this link.] wrote:A window came up and said

"A program on your computer has corrupted your default search provider setting for Internet Explorer.

Internet Explorer has reset this setting to your original serach provider, Bing ([You must be registered and logged in to see this link.]

Internet Explorer will now open Search Settings, where you can change this setting or install more search providers."
Do you have any idea where that message came from?

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Itachi21 on 24th October 2013, 7:41 pm

I think the sweetpacks is still in the computer and mbam didn't remove it completely.


[You must be registered and logged in to see this link.]

Itachi21
Senior
Senior

Posts Posts : 319
Joined Joined : 2008-12-07
Gender Gender : Male
OS OS : Windows 7 64 Bit
Points Points : 31909
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Superdave on 24th October 2013, 10:04 pm

[You must be registered and logged in to see this link.] wrote:I think the sweetpacks is still in the computer and mbam didn't remove it completely.
Run MBAM again and see what turns up.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Itachi21 on 25th October 2013, 2:57 pm

I did after it said it was removed and here was the log.


Malwarebytes Anti-Malware 1.75.0.1300
[You must be registered and logged in to see this link.]

Database version: v2013.10.22.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Adam :: WHITEBASE [administrator]

10/22/2013 10:08:20 AM
mbam-log-2013-10-22 (10-08-20).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218009
Time elapsed: 2 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



Below you will find todays log.



Malwarebytes Anti-Malware 1.75.0.1300
[You must be registered and logged in to see this link.]

Database version: v2013.10.22.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Adam :: WHITEBASE [administrator]

10/25/2013 10:57:17 AM
mbam-log-2013-10-25 (10-57-17).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 219285
Time elapsed: 2 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


[You must be registered and logged in to see this link.]

Itachi21
Senior
Senior

Posts Posts : 319
Joined Joined : 2008-12-07
Gender Gender : Male
OS OS : Windows 7 64 Bit
Points Points : 31909
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Superdave on 25th October 2013, 7:08 pm

Well, sweetpacks is not there.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Itachi21 on 25th October 2013, 7:29 pm

It keeps coming up when going to a new webpage as I stated earlier. I am not sure what programs to run from here.


[You must be registered and logged in to see this link.]

Itachi21
Senior
Senior

Posts Posts : 319
Joined Joined : 2008-12-07
Gender Gender : Male
OS OS : Windows 7 64 Bit
Points Points : 31909
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Jan2011 on 25th October 2013, 7:59 pm

Hope I'm not out of line here, but what happens if you start Firefox in Safe Mode. You would do that by going to Firefox's Help menu and select Restart with Ad-Ons disabled.

Jan2011
Leader
Leader

Posts Posts : 616
Joined Joined : 2011-01-17
OS OS : xp
Points Points : 25585
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Superdave on 26th October 2013, 12:48 am

That's what I suspect, an add-on.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Itachi21 on 26th October 2013, 4:46 pm

It happens on Chrome as well.


[You must be registered and logged in to see this link.]

Itachi21
Senior
Senior

Posts Posts : 319
Joined Joined : 2008-12-07
Gender Gender : Male
OS OS : Windows 7 64 Bit
Points Points : 31909
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Superdave on 26th October 2013, 6:41 pm

[You must be registered and logged in to see this link.] wrote:It happens on Chrome as well.
Did you try it in Safe Mode as suggested previously?

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Itachi21 on 26th October 2013, 7:04 pm

Weird there is no safe mode on my computer. Usually Firefox has a folder where you can access it. There are no extensions or addons of sweetpacks on either firefox or chrome.

There has never been this much issue before, why can't we just continue to run programs?


[You must be registered and logged in to see this link.]

Itachi21
Senior
Senior

Posts Posts : 319
Joined Joined : 2008-12-07
Gender Gender : Male
OS OS : Windows 7 64 Bit
Points Points : 31909
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Superdave on 26th October 2013, 11:52 pm

Download Combofix from any of the links below, and save it to your DESKTOP.
If your version of Windows defaults to you download folder you will need to copy it to your desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

To prevent your anti-virus application interfering with ComboFix we need to disable it. See [You must be registered and logged in to see this link.] for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click ComboFix.exe to run it.

    You will see the following image:



Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Itachi21 on 27th October 2013, 1:13 am

ComboFix 13-10-26.01 - Adam 10/26/2013 21:04:30.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8067.6086 [GMT -4:00]
Running from: c:\users\Adam\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Outdated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Anti-Virus *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~2\COMMON~1\{F0A37~1
c:\progra~2\COMMON~1\{F0A37~1\Setup.exe
c:\programdata\Roaming
c:\programdata\uninstaller.exe
c:\windows\SysWow64\logs
c:\windows\SysWow64\logs\Patcher Logs\2013-09-10T10-36-28_launcher.log
.
.
((((((((((((((((((((((((( Files Created from 2013-09-27 to 2013-10-27 )))))))))))))))))))))))))))))))
.
.
2013-10-27 01:09 . 2013-10-27 01:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-26 23:25 . 2013-10-26 23:25 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{839065F4-D701-45E2-8A96-B5AEE8AAD141}\offreg.dll
2013-10-26 19:10 . 2012-08-21 17:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-10-26 19:10 . 2013-10-26 19:10 -------- d-----w- c:\program files\iPod
2013-10-26 19:10 . 2013-10-26 19:10 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-26 19:10 . 2013-10-26 19:10 -------- d-----w- c:\program files\iTunes
2013-10-26 19:10 . 2013-10-26 19:10 -------- d-----w- c:\program files (x86)\iTunes
2013-10-26 19:09 . 2013-10-26 19:09 -------- d-----w- c:\program files (x86)\Apple Software Update
2013-10-26 19:09 . 2013-10-26 19:09 -------- d-----w- c:\program files\Common Files\Apple
2013-10-26 19:09 . 2013-10-26 19:09 -------- d-----w- c:\program files\Bonjour
2013-10-26 19:09 . 2013-10-26 19:09 -------- d-----w- c:\program files (x86)\Bonjour
2013-10-26 19:08 . 2013-10-26 19:10 -------- d-----w- c:\program files (x86)\Common Files\Apple
2013-10-25 13:56 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{839065F4-D701-45E2-8A96-B5AEE8AAD141}\mpengine.dll
2013-10-22 14:25 . 2013-10-22 14:27 -------- d-----w- C:\AdwCleaner
2013-10-17 19:57 . 2013-10-26 18:43 -------- d-----r- c:\users\Adam\Dropbox
2013-10-17 19:55 . 2013-10-26 18:43 -------- d-----w- c:\users\Adam\AppData\Roaming\Dropbox
2013-10-14 13:23 . 2013-10-14 13:23 -------- d-----w- c:\program files\Microsoft.NET
2013-10-11 04:15 . 2013-09-23 01:25 775256 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2013-10-10 18:35 . 2013-10-10 18:35 -------- d-----w- c:\users\Adam\AppData\Roaming\Philipp Winterberg
2013-10-10 18:35 . 2013-10-10 18:35 -------- d-----w- c:\program files (x86)\RarZilla Free Unrar
2013-10-10 17:45 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2013-10-10 17:45 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2013-10-10 17:39 . 2013-06-06 05:50 41472 ----a-w- c:\windows\system32\lpk.dll
2013-10-10 17:39 . 2013-06-06 05:49 14336 ----a-w- c:\windows\system32\dciman32.dll
2013-10-10 17:39 . 2013-06-06 03:30 368128 ----a-w- c:\windows\system32\atmfd.dll
2013-10-10 17:39 . 2013-06-06 03:01 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-10-10 17:39 . 2013-06-06 05:49 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-10-10 17:39 . 2013-06-06 05:47 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-10-10 17:39 . 2013-06-06 04:57 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2013-10-10 17:39 . 2013-06-06 04:51 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-10-10 17:39 . 2013-06-06 04:50 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2013-10-10 17:39 . 2013-06-06 03:01 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-10-10 17:36 . 2013-06-25 22:55 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-10 17:35 . 2013-07-12 10:41 185344 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-10-10 17:35 . 2013-07-12 10:41 100864 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-10-10 17:35 . 2013-07-04 12:57 259584 ----a-w- c:\windows\system32\WebClnt.dll
2013-10-10 17:35 . 2013-07-03 04:05 76800 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-10-10 17:35 . 2013-07-03 04:05 32896 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-10-10 17:35 . 2013-07-04 12:50 102400 ----a-w- c:\windows\system32\davclnt.dll
2013-10-10 17:35 . 2013-07-04 11:57 205824 ----a-w- c:\windows\SysWow64\WebClnt.dll
2013-10-10 17:35 . 2013-07-04 11:51 81920 ----a-w- c:\windows\SysWow64\davclnt.dll
2013-10-10 17:35 . 2013-07-04 10:11 140800 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2013-10-10 17:32 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-10 17:32 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-10 17:32 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-10 17:32 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-10 17:32 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-10 17:32 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-10 17:32 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-08 19:53 . 2013-10-08 19:53 17813896 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-10-07 00:28 . 2013-10-22 03:36 -------- d-----w- c:\users\Adam\AppData\Roaming\Skype
2013-10-07 00:28 . 2013-10-07 00:28 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-10-07 00:28 . 2013-10-07 00:28 -------- d-----r- c:\program files (x86)\Skype
2013-10-07 00:28 . 2013-10-07 14:30 -------- d-----w- c:\programdata\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-26 23:10 . 2013-03-19 15:21 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2013-10-26 18:41 . 2013-03-19 02:00 69792 ----a-w- c:\windows\SysWow64\rpcnet.dll
2013-10-11 04:08 . 2013-03-07 15:21 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-08 19:53 . 2013-03-07 14:58 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-08 19:53 . 2013-03-07 14:58 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-08 01:38 . 2013-03-19 15:21 17408 ----a-w- c:\windows\SysWow64\rpcnetp.dll
2013-10-08 01:37 . 2013-03-19 15:21 17408 ------w- c:\windows\SysWow64\rpcnetp.exe
2013-09-03 18:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-10-10 17:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-05 02:25 . 2013-09-12 14:53 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 02:14 . 2013-09-12 14:53 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 02:13 . 2013-09-12 14:53 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 02:13 . 2013-09-12 14:53 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-08-02 02:12 . 2013-09-12 14:53 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-08-02 02:12 . 2013-09-12 14:53 6656 ----a-w- c:\windows\system32\apisetschema.dll
2013-08-02 02:12 . 2013-09-12 14:53 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:50 . 2013-09-12 14:53 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2013-08-02 01:48 . 2013-09-12 14:53 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-08-02 01:48 . 2013-09-12 14:53 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:09 . 2013-09-12 14:53 338432 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:59 . 2013-09-12 14:53 112640 ----a-w- c:\windows\system32\smss.exe
2013-08-02 00:43 . 2013-09-12 14:53 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 14:53 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 14:53 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 14:53 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-09-13 10:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-09-13 10:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-09-13 10:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-03-05 3093624]
"HP Officejet Pro 8500 A910 (NET)"="c:\program files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe" [2013-03-07 356376]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Absolute Notifier"="c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2013-07-19 85864]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-10-23 152392]
.
c:\users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-10-10 29768376]
Monitor Ink Alerts - HP Officejet Pro 8500 A910 (Network).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet Pro 8500 A910\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN0CBBK0K5;CONNECTION=NW;MONITOR=1; [2009-7-13 45568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
R2 rpcld;Remote Procedure Call (RPC) LD;c:\programdata\Rpcnet\Bin\rpcld.exe;c:\programdata\Rpcnet\Bin\rpcld.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Aldebaran;Aldebaran - Storage Filter Drivers;c:\windows\system32\Drivers\Aldebaran.sys;c:\windows\SYSNATIVE\Drivers\Aldebaran.sys [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 iscFlash;iscFlash;c:\users\Adam\AppData\Local\Temp\7zS6141.tmp\iscflashx64.sys;c:\users\Adam\AppData\Local\Temp\7zS6141.tmp\iscflashx64.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AbsoluteNotifier;Absolute Notifier;c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe;c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 ETD;Dell Touchpad;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-16 14:25 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-07 19:53]
.
2013-10-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-15 23:00]
.
2013-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-15 23:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-09-13 10:02 2328264 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-09-13 10:02 2328264 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-09-13 10:02 2328264 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2012-06-25 4802864]
"ETDCtrl"="c:\program files\Elantech\ETDCtrl.exe" [2012-10-31 2780048]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-20 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-20 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-20 439064]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
Trusted Zone: vizzed.com\www
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\q42427h7.default\
FF - prefs.js: browser.search.defaulturl -
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-10-26 21:11:43
ComboFix-quarantined-files.txt 2013-10-27 01:11
.
Pre-Run: 863,234,629,632 bytes free
Post-Run: 863,428,845,568 bytes free
.
- - End Of File - - B262AE9AEABA0D03BE0A742F8E490574
A36C5E4F47E84449FF07ED3517B43A31


[You must be registered and logged in to see this link.]

Itachi21
Senior
Senior

Posts Posts : 319
Joined Joined : 2008-12-07
Gender Gender : Male
OS OS : Windows 7 64 Bit
Points Points : 31909
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Issues with Firefox

Post by Superdave on 27th October 2013, 6:12 pm

The log shows that you AV is out-of-date. If the subscription has expired and you don't wish to renew you can download one of these free AV's

Remember to only install one antivirus!

1) [You must be registered and logged in to see this link.]
2) [You must be registered and logged in to see this link.]
3) [You must be registered and logged in to see this link.]
4) [You must be registered and logged in to see this link.] All versions and all languages.
5) [You must be registered and logged in to see this link.] (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" if you choose this one)
6) [You must be registered and logged in to see this link.]

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer, then only one of them should be active in memory at a time.
********************************************
Malwarebytes' Anti-Rootkit

Please download [You must be registered and logged in to see this link.] and save it to your desktop.

  • Be sure to print out and follow the instructions provided on that same page for performing a scan.
  • Caution: This is a beta version so also read the disclaimer and [You must be registered and logged in to see this link.] all your data before using.
  • When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
  • Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
  • Copy and paste the contents of these two log files in your next reply.


Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83201
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum