Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Chrome Doesn't Work, FF is plainfully slow, Skype is funky

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Chrome Doesn't Work, FF is plainfully slow, Skype is fun

Unread postby nunped » May 30th, 2014, 3:47 pm

Hi mal-an,

I also thank you for your patience! This scan can take a really long time...

ESET is flagging these files:
G:\AL-LAPTOP\Backup Set 2013-01-19 080713\Backup Files 2013-01-19 080713\Backup files 3.zip
G:\AL-LAPTOP\Backup Set 2013-01-19 080713\Backup Files 2013-01-19 080713\Backup files 4.zip
G:\AL-LAPTOP\Backup Set 2013-01-19 080713\Backup Files 2013-01-20 190007\Backup files 27.zip
J:\AL-LAPTOP\Backup Set 2012-10-28 181901\Backup Files 2012-10-28 181901\Backup files 19.zip
J:\AL-LAPTOP\Backup Set 2012-10-28 181901\Backup Files 2012-10-28 181901\Backup files 3.zip
J:\AL-LAPTOP\Backup Set 2012-10-28 181901\Backup Files 2012-11-04 190012\Backup files 1.zip
J:\AL-LAPTOP\Backup Set 2012-10-28 181901\Backup Files 2012-11-04 190012\Backup files 2.zip
J:\AL-LAPTOP\Backup Set 2012-10-28 181901\Backup Files 2012-11-04 190012\Backup files 41.zip
J:\AL-LAPTOP\Backup Set 2012-10-28 181901\Backup Files 2012-11-04 190012\Backup files 57.zip
J:\AL-LAPTOP\Backup Set 2012-10-28 181901\Backup Files 2012-11-18 190050\Backup files 1.zip
J:\AL-LAPTOP\Backup Set 2012-10-28 181901\Backup Files 2012-11-18 190050\Backup files 2.zip

Do you know what those contain?

Run this OTL fix:
Step 1
  • Right click OTL.exe and select "Run as Administrator" to launch the program.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Do not include the words "Code: Select all". Press "Select all" to automatically select all the text on the box.
Code: Select all
:commands
[createrestorepoint]

:files
C:\Program Files (x86)\JollyWallet
C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
C:\ProgramData\YouTube Downloader
C:\Users\Alan\AppData\Local\Updater12555
C:\Users\All Users\YouTube Downloader
D:\Users\alan\Desktop\desktop cleanup\m4a-to-mp3-converter.exe
D:\Users\alan\Downloads\cnet_Mp3CoverDownloaderSetup_exe.exe
D:\Users\alan\Downloads\DuplicateCleaner_setup.exe
D:\Users\All Users\YouTube Downloader\ytd_installer.exe
C:\MGtools\Process.exe
D:\Users\alan\AppData\Local\Mozilla\Firefox\Profiles\hnjq01xf.default\Cache\4\A1\1DBDEd01
D:\Users\alan\AppData\Local\Mozilla\Firefox\Profiles\hnjq01xf.default\Cache\4\C6\21213d01
D:\Users\alan\AppData\Local\Mozilla\Firefox\Profiles\hnjq01xf.default\Cache\B\2C\AE853d01
D:\Users\alan\AppData\Local\Temp\debutsetup.exe
D:\Users\alan\AppData\Local\Temp\doxillionsetup.exe
D:\Users\alan\AppData\Local\Temp\prismsetup.exe
D:\Users\alan\AppData\Local\Temp\vpsetup.exe
D:\Users\alan\AppData\Roaming\Mozilla\Firefox\Profiles\hnjq01xf.default\extensions\staged\{90eee664-34b1-422a-a782-779af65cdf6d}\chrome\incredimail_mediabar_4.jar
D:\Users\alan\AppData\Roaming\Mozilla\Firefox\Profiles\hnjq01xf.default\extensions\staged\{9ee802e8-c931-47ab-b570-aa8f791598ca}\chrome\emusic.jar
D:\Users\alan\AppData\Roaming\Mozilla\Firefox\Profiles\hnjq01xf.default\extensions\staged\{ba14329e-9550-4989-b3f2-9732e92d17cc}\chrome\vuze_remote.jar
D:\Users\alan\AppData\Roaming\Mozilla\Firefox\Profiles\hnjq01xf.default\extensions\{90eee664-34b1-422a-a782-779af65cdf6d}\chrome\incredimail_mediabar_4.jar
D:\Users\alan\AppData\Roaming\Mozilla\Firefox\Profiles\hnjq01xf.default\extensions\{9ee802e8-c931-47ab-b570-aa8f791598ca}\chrome\emusic.jar
D:\Users\alan\AppData\Roaming\Mozilla\Firefox\Profiles\hnjq01xf.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\chrome\vuze_remote.jar

:commands
[emptytemp]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Please tell me how your computer is behaving after the fix.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal
Advertisement
Register to Remove

Re: Chrome Doesn't Work, FF is plainfully slow, Skype is fun

Unread postby mal-an » June 2nd, 2014, 3:25 pm

Hi again,

OK. I am a digital hoarder. Some of those old files are transferred from dead laptops I used to have. They are zipped up, I think. Does that mean they're safe? I would prefer not to delete them if I can.

My computer seems much better already. Thank you!

Here is the OTL. It seems short.


Files\Folders moved on Reboot...
C:\Users\Alan\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
mal-an
Regular Member
 
Posts: 49
Joined: September 14th, 2013, 2:43 pm

Re: Chrome Doesn't Work, FF is plainfully slow, Skype is fun

Unread postby nunped » June 2nd, 2014, 4:11 pm

Hi mal-an,

Being zipped up, they should be safe. I advise you to run them through an antivirus, if you need them.

Yes, the log from OTL is unusually short... Did you have any issues running the fix? Do you think your computer is running normally by now?

Run this search, just to be sure the fix was successful:

SystemLook
Please download SystemLook from the link below and save it to your Desktop.
For 64 bit Systems
  • Right-click SystemLook.exe and select "Run as Administrator" to run it.
  • Copy and paste the content of the following codebox into the main textfield: Do not include the words Code: select all
  • (Click the select all button next to code to select the entire script).

    Code: Select all
    :filefind
    *jollywallet*
    
    :folderfind
    *jollywallet*
    
    
  • Click the Look button to start the scan.
    The scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Chrome Doesn't Work, FF is plainfully slow, Skype is fun

Unread postby mal-an » June 2nd, 2014, 6:00 pm

My machine rebooted during OTL but I'm not sure what happened, if anything. The log was suspiciously short. Hopefully SystemLook will help you. My computer seems to be running normally. Thank you!

SystemLook 04.09.10 by jpshortstuff
Log created at 17:12 on 02/06/2014 by Alan
Administrator - Elevation successful

========== filefind ==========

Searching for "*jollywallet*"
C:\_OTL\MovedFiles\09252013_183224\C_Program Files (x86)\JollyWallet\JollyWallet-bg.exe --a---- 1052808 bytes [16:11 18/09/2013] [16:11 18/09/2013] E68645722949D26D785C7B1463E4EBEC
C:\_OTL\MovedFiles\09252013_183224\C_Program Files (x86)\JollyWallet\JollyWallet.dll --a---- 702600 bytes [16:11 18/09/2013] [16:11 18/09/2013] 3C7B5D51015535A6C96C463513153629
C:\_OTL\MovedFiles\09252013_183224\C_Program Files (x86)\JollyWallet\JollyWallet.exe --a---- 1052808 bytes [16:11 18/09/2013] [16:11 18/09/2013] E68645722949D26D785C7B1463E4EBEC
C:\_OTL\MovedFiles\09252013_183224\C_Program Files (x86)\JollyWallet\JollyWallet.ico --a---- 9662 bytes [08:29 13/02/2013] [08:29 13/02/2013] 29F570AC2EE6063E171297959BD72CDF
C:\_OTL\MovedFiles\09252013_183224\C_Program Files (x86)\JollyWallet\JollyWallet.ini --a---- 161 bytes [16:11 18/09/2013] [16:11 18/09/2013] 24018192C1F778439E7311E6353F8C49

========== folderfind ==========

Searching for "*jollywallet*"
C:\_OTL\MovedFiles\09252013_183224\C_Program Files (x86)\JollyWallet d------ [16:11 18/09/2013]
C:\_OTL\MovedFiles\09272013_062025\C_Users\Alan\AppData\Local\JollyWallet d------ [16:11 18/09/2013]

-= EOF =-
mal-an
Regular Member
 
Posts: 49
Joined: September 14th, 2013, 2:43 pm

Re: Chrome Doesn't Work, FF is plainfully slow, Skype is fun

Unread postby nunped » June 2nd, 2014, 6:46 pm

Hi mal-an,

Good job! Your computer appears to be free from malware. :cheers:

Now, some clean-up steps:

OTL-Cleanup
You should still have this on your desktop, if so, please ignore the download instructions.
Please download OTL Save it to your Desktop.
  1. Right click on OTL.exe select "Run As Administrator" to run it
  2. Press the CleanUp button.
  3. When done, you will be prompted to reboot your system to finish file removal... please select OK to reboot your computer.
If you did not reboot your computer normally, please do so now, before continuing.

Create a System Restore Point
  1. Right-click on Computer and select Properties.
  2. In the left pane under Tasks, click System protection.
    If UAC prompts for an administrator password or approval, type the password or give your "permission to continue".
  3. Select System Protection and choose Create.
  4. In the System Restore dialog box, type a description for the restore point, like "All-clean", click Create.
    A window will pop up with "The Restore Point was created successfully" confirmation message.
  5. Click OK and close the System Restore dialog.
    Now you have a clean restore point.
Perform Disk Cleanup
Note: You have to have administrative rights to run Disk Cleanup for "All" users.
  1. Click Start button. Type disk in the Start Search text entry box.
  2. Double click the Disk Cleanup entry, from the matching program list.
  3. In the Disk Cleanup options select "Files from all users on this computer"
    If the Disk Cleanup: Drive Selection dialog box appears:
    • Select the drive where Windows is installed. (Normally, this would be C:\ drive)
    • Press the "OK"...button.
    Disk Cleanup will begin space saving calculations.
  4. When the calculations are finished... Press the More Options tab.
  5. In the "System Restore and Shadow Copies" section... select "Clean up" button.
  6. Press the "Delete"... button, at the "Are you sure..." prompt.
    Disk Cleanup will begin cleaning up old files and restore points.
  7. Exit Disk Cleanup.
    This will remove all restore points except the one you just created.

Don't forget to re-enable your security programs!

Stay informed.
To help minimize the chances of becoming re-infected, please read.
Computer Security - a short guide to staying safer online

If your computer is running slowly after your clean up, please read.
What to do if your Computer is running slowly

Please reply to this post so I know you have read it. If you don't have any further questions this thread will be closed.

Safe surfing! ;)
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Chrome Doesn't Work, FF is plainfully slow, Skype is fun

Unread postby mal-an » June 2nd, 2014, 7:32 pm

Thank you a million times! I've done the system restore point and clean up. Really, I'm so grateful.
mal-an
Regular Member
 
Posts: 49
Joined: September 14th, 2013, 2:43 pm

Re: Chrome Doesn't Work, FF is plainfully slow, Skype is fun

Unread postby nunped » June 3rd, 2014, 7:47 am

You are very welcome :)
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Chrome Doesn't Work, FF is plainfully slow, Skype is fun

Unread postby Gary R » June 3rd, 2014, 10:31 am

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 309 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware