Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox crashing, keyboard sticking and slow


  • Please log in to reply
6 replies to this topic

#1 AComputer

AComputer

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 01 June 2017 - 04:03 PM

Hi,

I ran the latest edition ESET and adwcleaner which both found nothing. Firefox browsers have been crashing recently, and the wireless keyboard has been frequently sticking where it will keep typing a letter until you undo the cord and it fixes itself temporarily. It's also been intermittently sluggish at typing. Suggestions?

Thanks in advance!


Edited by hamluis, 02 June 2017 - 07:05 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,247 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:17 AM

Posted 01 June 2017 - 04:14 PM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy taking care to post the link of the snapshot in your next post.

   Go to Piriform's website, and download the free version on the left.  Click Download from Piriform.com (the FileHippo link requires an extra click). Or if you want to use a portable version of Speccy (which doesn't require installation), click the builds page link and download the portable version. You will now be asked where you want to save the file. The best place to put it is the Desktop, as it will be easy to find later.

    After the file finishes downloading, you are ready to run Speccy. If you downloaded the installer, simply double-click on it and follow the prompts until installation is complete. If you downloaded the portable version, you will need to unzip it before use. Right-click the ZIP file and click Extract all. Click Next. Open up the extracted folder and double-click on Speccy.
 
     Once inside Speccy, it will look similar to this (with your computer's specifications, of course):
 
post-33068-0-86653600-1480692866_thumb.j

     Now, at the top, click File > Publish Snapshot.

     Click Yes > then Copy to Clipboard

Now, once you are back in the forum topic you are posting in, click the ADD REPLY or REPLY TO THIS TOPIC button. Right-click in the empty space of the Reply box and click Paste. Then, click Add Reply below the Reply box.

Louis



#3 AComputer

AComputer
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 01 June 2017 - 06:00 PM

Thank you for the reply.

\

MiniToolBox:

Error: (05/31/2017 06:54:04 PM) (Source: Service Control Manager) (User: )
Description: The Volume Shadow Copy service failed to start due to the following error:  %%1053 = The service did not respond to the start or control request in a timely fashion.

Error: (05/31/2017 06:54:04 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.

Error: (05/31/2017 06:54:04 PM) (Source: DCOM) (User: )
Description: 1053VSS{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (05/30/2017 02:12:06 PM) (Source: DCOM) (User: )
Description: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5}

Error: (04/14/2017 01:18:01 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.

Error: (04/14/2017 01:16:37 PM) (Source: DCOM) (User: )
Description: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5}

Error: (04/14/2017 01:16:04 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (04/08/2017 01:48:40 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (04/08/2017 01:42:07 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (03/22/2017 01:19:16 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2017-01-23 19:30:19.329
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-23 19:30:19.289
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

=========================== Installed Programs ============================
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Bullzip PDF Printer 10.23.0.2529 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.23.0.2529 - Bullzip)
Canon MF Toolbox 4.9.1.1.mf18 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf18 - CANON INC.)
Canon MF210 Series (HKLM\...\{14824AB4-17F5-4909-80AB-A7E24743A47C}) (Version: 4.5.0.0 - CANON INC.)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6321 - CDBurnerXP)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
D-Link DWA-130 (HKLM-x32\...\{09828F4D-CE2E-403A-8708-A02E53495F3D}) (Version: 6.01 - D-Link Corporation)
ESET NOD32 Antivirus (HKLM\...\{FC6250CE-D271-4A2E-AFCC-59D2BFA29795}) (Version: 10.0.386.0 - ESET, spol. s r.o.)
Far Manager 3 x64 (HKLM\...\{08DDFDA1-A0FF-418B-8295-E0FD35A2F117}) (Version: 3.0.4700 - Eugene Roshal & Far Group)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 en-US)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 en-US)) (Version: 45.7.1 - Mozilla)
PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD Backup (HKLM-x32\...\{67C2F93C-8E4E-4BD2-863A-4DCE7EB359D9}) (Version: 1.2.5721.28811 - Western Digital Technologies, Inc) Hidden
WD Backup (HKLM-x32\...\{953eccd5-26ad-450b-af24-c50227e0fb74}) (Version: 1.2.5721.28811 - Western Digital Technologies, Inc.)

========================= Memory info: ===================================
Percentage of memory in use: 48%
Total physical RAM: 4079.37 MB
Available physical RAM: 2103.44 MB
Total Virtual: 8156.93 MB
Available Virtual: 5968.04 MB

========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:465.66 GB) (Free:339.81 GB) NTFS
2 Drive d: () (Fixed) (Total:232.82 GB) (Free:99.3 GB) NTFS

========================= Users: ========================================
User accounts for \\HP-XW-4600

Administrator            Erica                    Guest                    


**** End of log ****

 

Speccy: http://speccy.piriform.com/results/4077VnNhKuDQhOB5ctPiexp

 

Hope this helps!


Edited by hamluis, 01 June 2017 - 06:06 PM.


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,247 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:17 AM

Posted 01 June 2017 - 06:31 PM

firefox.exe    Process ID: 3572    User: Erica     Domain: HP-XW-4600    Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Memory Usage: 515 MB      Peak Memory Usage: 1.10 GB


firefox.exe    Process ID: 3324     User: Erica     Domain: HP-XW-4600     Path:  C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Memory Usage: 464 MB     Peak Memory Usage:698 MB
 

The above processes reflected in Speccy...are out of line with what I would exprect.  Typical browser precesses never exceed 400MB for peak memory usage.

 

It also appears that you recently ran ComboFix...what happened to the log generated?  Do NOT post it here, I just want to know what happened to it. 

 

If you have the log data...I suggest that you consider initiating a topic in BC Malware Removal Logs forum.

 

Louis



#5 AComputer

AComputer
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 01 June 2017 - 07:08 PM

Thank you Louis. I didn't save a copy of the ComboFix log unless it does so automatically? If so, where would I find it?
 
If not, what should my next step be?

Edited by hamluis, 02 June 2017 - 07:03 AM.


#6 hamluis

hamluis

    Moderator


  • Moderator
  • 55,247 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:17 AM

Posted 02 June 2017 - 07:04 AM

Running ComboFix is an indication that you suspecfed malware.

 

Since the Win 7 forum does not have the expertise to deal with such, I am moving your topic to the Am I Infected forum for a malware check.

 

Louis



#7 AComputer

AComputer
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 02 June 2017 - 08:15 AM

Thanks Louis, much appreciated.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users