[pystryker]

Yes, thank you I'm awaiting my teacher's approval before we move to the next steps.

[Advertisements]

The computer is running a little bit better but still having some problems like loading google chrome browser, and when I try to unload a program from Control Panel Add/remove Program, it takes a long time open,which was not the case earlier.

I'm glad to hear it's running better, and we'll take a look regarding Chrome and the Add/Remove programs issue. Let's run a sweep for remnants and look for out of date programs.


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Step 1: Scan with Malwarebytes


Please download Malwarebytes' Anti-Malware from Here.

• Double Click mbam-setup.exe to install the application (Windows 7 users, right click and select Run as Administrator.)
• Proceed through the setup
  
  • Choose your language
  • Accept the License Agreement
  • Select Destination Location
  • Select Start Menu Folder
  • Select Addtional Tasks
  • Click Install
  • In the Completeing the Malwarebytes Anti-Malware Setup Wizard Window
    
    • Uncheck Enable free trial of Malwarebytes Anti-Malware PRO
    • Keep the check mark beside Update Malwarebytes' Anti-Malware
    • Keep the check mark beside Launch Malwarebytes' Anti-Malware
  • Click Finish.
  • If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform Quick Scan
• Click Scan. The scan may take some time to finish,so please be patient.
  
  
  
• When the scan is complete, click OK, then Show Results to view the results.
  
  
  
• Make sure that everything is checked, and click Remove Selected.
  
  
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and Paste the entire report in your next reply.

Step 2: ESET Online Virus Scan

Please note: You can use Internet Explorer or Firefox for this step.

If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.

Please click on this link and then click the ESET Online Scanner bar ---->

• Select the option YES, I accept the Terms of Use then click on Start
  
• When prompted allow the Add-On/Active X to install.
  
• Make sure that the option Remove found threats is NOT checked.
  
• Make sure that the option Scan archives is checked.
  
• Now click on Advanced Settings and select the following:
• Scan for potentially unwanted applications
• Scan for potentially unsafe applications
• Enable Anti-Stealth Technology
  
• Now click on Start
  
• The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  
• When completed the Online Scan will begin automatically. The scan may take several hours.
  
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  
• Now click on Finish
  
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  
• Copy and paste that log as a reply to this topic.

Step 3: SecurityCheck Scan


Download Security Check by screen317 from here or here.

• Save it to your Desktop.
  
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Things I need to see in your next post:

• ESET Scan Log
  
• MBAM Log
  
• SecurityCheck Log

[pystryker]

The computer is running a little bit better but still having some problems like loading google chrome browser, and when I try to unload a program from Control Panel Add/remove Program, it takes a long time open,which was not the case earlier.

I'm glad to hear it's running better, and we'll take a look regarding Chrome and the Add/Remove programs issue. Let's run a sweep for remnants and look for out of date programs.


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Step 1: Scan with Malwarebytes


Please download Malwarebytes' Anti-Malware from Here.

• Double Click mbam-setup.exe to install the application (Windows 7 users, right click and select Run as Administrator.)
• Proceed through the setup
  
  • Choose your language
  • Accept the License Agreement
  • Select Destination Location
  • Select Start Menu Folder
  • Select Addtional Tasks
  • Click Install
  • In the Completeing the Malwarebytes Anti-Malware Setup Wizard Window
    
    • Uncheck Enable free trial of Malwarebytes Anti-Malware PRO
    • Keep the check mark beside Update Malwarebytes' Anti-Malware
    • Keep the check mark beside Launch Malwarebytes' Anti-Malware
  • Click Finish.
  • If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform Quick Scan
• Click Scan. The scan may take some time to finish,so please be patient.
  
  
  
• When the scan is complete, click OK, then Show Results to view the results.
  
  
  
• Make sure that everything is checked, and click Remove Selected.
  
  
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and Paste the entire report in your next reply.

Step 2: ESET Online Virus Scan

Please note: You can use Internet Explorer or Firefox for this step.

If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.

Please click on this link and then click the ESET Online Scanner bar ---->

• Select the option YES, I accept the Terms of Use then click on Start
  
• When prompted allow the Add-On/Active X to install.
  
• Make sure that the option Remove found threats is NOT checked.
  
• Make sure that the option Scan archives is checked.
  
• Now click on Advanced Settings and select the following:
• Scan for potentially unwanted applications
• Scan for potentially unsafe applications
• Enable Anti-Stealth Technology
  
• Now click on Start
  
• The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  
• When completed the Online Scan will begin automatically. The scan may take several hours.
  
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  
• Now click on Finish
  
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  
• Copy and paste that log as a reply to this topic.

Step 3: SecurityCheck Scan


Download Security Check by screen317 from here or here.

• Save it to your Desktop.
  
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Things I need to see in your next post:

• ESET Scan Log
  
• MBAM Log
  
• SecurityCheck Log

[baltimoredude1]

Wow the ESEt took over 17 hrs to scan. I have the last one then I will post them.

[baltimoredude1]

ok I got them, MBAM, ESET, and the security check respectively. thanks

MBAM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.10.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
A M Rahman :: AMRLAPTOP [administrator]

2/10/2014 11:16:50 AM
mbam-log-2014-02-10 (11-16-50).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 280578
Time elapsed: 1 hour(s), 36 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Documents and Settings\A M Rahman\My Documents\Downloads\Vzwpix__3473_i87944546_il6774.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\A M Rahman\My Documents\Downloads\winamp563_full_bundle_emusic-7plus_en-us.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Documents and Settings\A M Rahman\Shared\E-Mail Bomber.rar (Tool.EmailBomber) -> Quarantined and deleted successfully.
C:\WINDOWS\Installer\6c52467.msi (PUP.Optional.SmartBar) -> Quarantined and deleted successfully.

(end)

ESET

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=e55d1489f51cd942928e819254ec9161
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-05-29 02:15:30
# local_time=2010-05-28 10:15:30 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 605553 605553 0 0
# compatibility_mode=1026 16777178 100 82 598590 47539725 0 0
# compatibility_mode=6143 16777215 0 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=165404
# found=0
# cleaned=0
# scan_time=15013
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6425
# api_version=3.0.2
# EOSSerial=e55d1489f51cd942928e819254ec9161
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-03-13 07:13:59
# local_time=2011-03-13 03:13:59 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 25551730 25551730 0 0
# compatibility_mode=5889 16768342 100 100 25121234 139854842 0 24363296
# compatibility_mode=8192 67108863 100 0 24860447 24860447 0 0
# scanned=173822
# found=0
# cleaned=0
# scan_time=13146
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=e55d1489f51cd942928e819254ec9161
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-03-17 09:07:02
# local_time=2012-03-17 05:07:02 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 57522119 57522119 0 0
# compatibility_mode=5889 16768358 80 100 57091623 171825231 0 56333685
# compatibility_mode=8192 67108863 100 0 56830836 56830836 0 0
# scanned=194126
# found=6
# cleaned=6
# scan_time=17540
C:\Documents and Settings\A M Rahman\Shared\cnet_wlsetup-custom_exe.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\A M Rahman\Shared\Miro_Installer.exe Win32/Toolbar.Zugo application (deleted - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP122\A0010303.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP122\A0010331.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP122\A0010332.exe Win32/Toolbar.Zugo application (deleted - quarantined) 00000000000000000000000000000000 C
C:\TDSSKiller_Quarantine\14.03.2012_14.43.19\tdlfs0000\tsk0004.dta a variant of Win32/Olmarik.ADZ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=e55d1489f51cd942928e819254ec9161
# engine=17015
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-02-11 12:05:38
# local_time=2014-02-11 07:05:38 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=5892 16777213 88 94 6749883 42268317 0 0
# scanned=242831
# found=39
# cleaned=0
# scan_time=62971
sh=3384310DF78E9E59105F27CF75FAFB0699266F0E ft=1 fh=89e4e511e189e48a vn="a variant of Win32/Toolbar.Widgi potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\spigot\Search Settings\SearchSettings.exe.vir"
sh=8B92981239697BA7F3A1E7CF60305D5A3571F56F ft=1 fh=104c5d383a430366 vn="a variant of Win64/Toolbar.Widgi.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\spigot\Search Settings\SearchSettings64.exe.vir"
sh=68F26AA902CC953FC8834BDAD0A44A443992D5D4 ft=1 fh=b9400f9f240f82be vn="Win32/Toolbar.Widgi.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\spigot\Search Settings\wth175.dll.vir"
sh=D32D55A13DD56DCCC1AA8754710361A5DB0129D4 ft=1 fh=09e85a34ebc583bf vn="Win64/Toolbar.Widgi.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\spigot\Search Settings\wthx175.dll.vir"
sh=BECA053987A95F9E8C8FBE7D90A9861009A8AEC6 ft=1 fh=b7372605487491c9 vn="Win32/Toolbar.Widgi.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Vuze Remote toolbar\WidgiHelper.exe.vir"
sh=DBCB7C654B5B388BC0E7BF7DCDED74C1D6503B2F ft=1 fh=015e8d6ddc85a6f6 vn="a variant of Win32/Toolbar.Widgi potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Vuze Remote toolbar\FF\components\vuzeToolbarFF.dll.vir"
sh=A877A4C2A390E739A92485DE3E6F828C200CD461 ft=1 fh=77420ee15bd0a4a8 vn="a variant of Win32/Toolbar.Widgi potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Vuze Remote toolbar\IE\8.5\vuzeToolbarIE.dll.vir"
sh=D62DA2F8763F8E4B308001E579A0F4FC9B3423F0 ft=1 fh=89e5c8ce03a0f8ce vn="Win64/Toolbar.Widgi.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Vuze Remote toolbar\IE\8.5\vuzeToolbarIE64.dll.vir"
sh=F73D5B67244A64FEAD79CBB628DB87407F3BF60E ft=1 fh=94f6828b87d0dd82 vn="a variant of Win32/KBM.A potentially unwanted application" ac=I fn="C:\Documents and Settings\A M Rahman\My Documents\Downloads\BestVideoDownloader.exe"
sh=52058C1A454FD03F5D51AF0C1B33A117E86B7249 ft=1 fh=f4022efa87398807 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Documents and Settings\A M Rahman\Shared\Avery Wizard 4.0.0.exe"
sh=B289C53DBB01232884364F964E8A5BCCDFBCE00A ft=1 fh=20604ce9407285e3 vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application" ac=I fn="C:\Documents and Settings\A M Rahman\Shared\ccsetup310.exe"
sh=3B38ECE8A1605F66D7FC38CC9BCC5FF325A2ED55 ft=1 fh=bc0c24e3a63c61a6 vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application" ac=I fn="C:\Documents and Settings\A M Rahman\Shared\ccsetup313.exe"
sh=DC1FE696A24E0072BA7221FCB0DAFEDB9B3560B4 ft=1 fh=5aa7e24d05d642d5 vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application" ac=I fn="C:\Documents and Settings\A M Rahman\Shared\ccsetup315.exe"
sh=2E9FC5EE22DDB3588857BAEB1EC51885EB3D3C27 ft=1 fh=78aa2c558c3526a3 vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application" ac=I fn="C:\Documents and Settings\A M Rahman\Shared\ccsetup318.exe"
sh=25CF9B7BB46B581ED8DE03DDC56E1574087CACAA ft=1 fh=10c5a1651be6049d vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Documents and Settings\A M Rahman\Shared\ccsetup326.exe"
sh=B37B52285DE862B7CAEA96BB8EB99D9B10DE236F ft=1 fh=1dbf7062960066bb vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Documents and Settings\A M Rahman\Shared\Shockwave_Installer_Slim.exe"
sh=FF8EE7363F23024985290D8DE0388C7CBFAF2706 ft=1 fh=1bb7c2264c841428 vn="a variant of Win32/Toolbar.Visicom.C potentially unwanted application" ac=I fn="C:\Documents and Settings\All Users\Application Data\comcastModemRelease\dtuser.exe"
sh=C327BC77EBA51986159DF4959DBBF5F86FE8A1AB ft=1 fh=f54387099459bade vn="a variant of Win32/Toolbar.Widgi potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP390\A0045072.rbf"
sh=DBD65FBDB56C3EE38A2009758E3745CEFEC5F81F ft=1 fh=73b3b2bc8f4f73a6 vn="a variant of Win32/Toolbar.Widgi potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP390\A0045074.rbf"
sh=0ED6799D6FA3765CE2EBAFE3058F9C885D0855DC ft=1 fh=f24cd6af69805012 vn="a variant of Win32/Toolbar.Widgi potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP390\A0045076.rbf"
sh=19894F7A34E6CF2310B11397BCFB6839D0BF3228 ft=1 fh=d04f40cfd1d1b6c1 vn="a variant of Win64/Toolbar.Widgi.A potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP390\A0045087.rbf"
sh=1CE4EFDECF5A711E567649564E5BDDE83ECBB3A4 ft=1 fh=a7610b22ae6e2f18 vn="Win64/Toolbar.Widgi.B potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP390\A0045088.rbf"
sh=B6238C2C21C65E83C4B09A5620D1D3191B40A9DC ft=1 fh=c46382750801768a vn="Win32/Toolbar.Widgi.A potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP390\A0045089.rbf"
sh=8C36E87385B7C284CB9727CF94ACEFBB0E5BAB2A ft=1 fh=02cdc2b6dd5165e3 vn="a variant of Win64/Toolbar.Widgi.B potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP390\A0045090.rbf"
sh=E64FA0C364F289E8A0A4E6E88E1E867DFC1010C2 ft=0 fh=0000000000000000 vn="probably a variant of Win32/Toolbar.Widgi potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP390\A0045114.msi"
sh=2C5A09F4EB3290926BB5AAC52E97CFFC0D8CB31E ft=1 fh=72788f897c09cf01 vn="Win32/Toolbar.Widgi.A potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP394\A0045458.rbf"
sh=BECA053987A95F9E8C8FBE7D90A9861009A8AEC6 ft=1 fh=b7372605487491c9 vn="Win32/Toolbar.Widgi.A potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP458\A0053061.exe"
sh=A877A4C2A390E739A92485DE3E6F828C200CD461 ft=1 fh=77420ee15bd0a4a8 vn="a variant of Win32/Toolbar.Widgi potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP458\A0053068.dll"
sh=D62DA2F8763F8E4B308001E579A0F4FC9B3423F0 ft=1 fh=89e5c8ce03a0f8ce vn="Win64/Toolbar.Widgi.B potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP458\A0053069.dll"
sh=DBCB7C654B5B388BC0E7BF7DCDED74C1D6503B2F ft=1 fh=015e8d6ddc85a6f6 vn="a variant of Win32/Toolbar.Widgi potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP458\A0053072.dll"
sh=3384310DF78E9E59105F27CF75FAFB0699266F0E ft=1 fh=89e4e511e189e48a vn="a variant of Win32/Toolbar.Widgi potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP458\A0053106.exe"
sh=8B92981239697BA7F3A1E7CF60305D5A3571F56F ft=1 fh=104c5d383a430366 vn="a variant of Win64/Toolbar.Widgi.A potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP458\A0053107.exe"
sh=68F26AA902CC953FC8834BDAD0A44A443992D5D4 ft=1 fh=b9400f9f240f82be vn="Win32/Toolbar.Widgi.A potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP458\A0053108.dll"
sh=D32D55A13DD56DCCC1AA8754710361A5DB0129D4 ft=1 fh=09e85a34ebc583bf vn="Win64/Toolbar.Widgi.B potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP458\A0053109.dll"
sh=8D6D48D2A91F03A312CCB298D31DF211FF23BAFE ft=0 fh=0000000000000000 vn="a variant of MSIL/Toolbar.Linkury.C potentially unwanted application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP460\A0053395.msi"
sh=8C934683C52D53E6A6860CBF6169AF94171DF369 ft=0 fh=0000000000000000 vn="probably a variant of Win32/Toolbar.Widgi potentially unwanted application" ac=I fn="C:\WINDOWS\Installer\1b5621e8.msi"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\WINDOWS\system32\Adobe\Shockwave 12\gt.exe"
sh=EEEBBBAE9C5D474A21E82DEFD93AA19560D2A10B ft=1 fh=fd4872c44b6c5488 vn="Win32/Toolbar.Widgi.A potentially unwanted application" ac=I fn="C:\_OTL\MovedFiles\02092014_002351\C_Program Files\Application Updater\ApplicationUpdater.exe"
sh=83F3C542C8756A18CBC34A6CE61005EA6ED24161 ft=1 fh=0c2210b7f9eca85b vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\_OTL\MovedFiles\02092014_002351\C_Program Files\Freecorder\tbFree.dll"

Security Check
Results of screen317's Security Check version 0.99.79
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
ESET Online Scanner v3
Microsoft Security Essentials
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
SpywareBlaster 4.0
Spybot - Search & Destroy
SUPERAntiSpyware
Windows Defender
Secunia PSI (2.0.0.4003)
Malwarebytes Anti-Malware version 1.75.0.1300
CCleaner
EasyCleaner
JavaFX 2.1.1
Java™ 6 Update 18
Java™ 6 Update 31
Java 7 Update 45
Java SE Development Kit 7 Update 45
Java version out of Date!
Adobe Flash Player 11.9.900.170
Adobe Reader 9
Adobe Reader XI
Mozilla Firefox (26.0)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 7%
````````````````````End of Log``````````````````````

[pystryker]

Thank you for the logs. :-) I'll get to work on them asap.

[pystryker]

Looking good! Let's get rid of the remnants. After completion of these fixes, please let me know how the machine is running now.

Let's run an OTL fix:

Warning: This fix is to be used on this system and this system ONLY. Using this fix on any other machine other than yours can seriously damage it.

Be advised that when the fix commences, it will shut down all running processes and you may lose the desktop and icons, they will return on reboot.

Run OTL by double clicking it (Windows Vista, Windows 7, and 8, right click and select "Run as Administrator)

• Copy the text in the quote box below (do not copy the word "quote") and paste in the in the box marked Custom Scans/Fixes as shown in the graphic below.

:Commands
[createrestorepoint]

:Files
C:\Documents and Settings\A M Rahman\My Documents\Downloads\BestVideoDownloader.exe
C:\Documents and Settings\A M Rahman\Shared\Avery Wizard 4.0.0.exe
C:\Documents and Settings\A M Rahman\Shared\ccsetup*.exe
C:\Documents and Settings\A M Rahman\Shared\Shockwave_Installer_Slim.exe
C:\Documents and Settings\All Users\Application Data\comcastModemRelease\dtuser.exe
C:\WINDOWS\Installer\1b5621e8.msi
C:\WINDOWS\system32\Adobe\Shockwave 12\gt.exe

:Commands
[reboot]

• Click the Run Fix button at the top of the OTL control panel.
  
• Let the program run until it's finished and then reboot the computer.
  
• Once your machine has rebooted, a log will open. If the log doesn't open, you can find a copy of it here: C:\_OTL\MovedFiles. Please post that log in your next reply.

If you have any problems, questions, or need further explanation, please post a message in this thread and I will get back to you asap.


Things I need to see in your next post:

OTL Fix Log

[baltimoredude1]

========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== FILES ==========
C:\Documents and Settings\A M Rahman\My Documents\Downloads\BestVideoDownloader.exe moved successfully.
C:\Documents and Settings\A M Rahman\Shared\Avery Wizard 4.0.0.exe moved successfully.
C:\Documents and Settings\A M Rahman\Shared\ccsetup218.exe moved successfully.
C:\Documents and Settings\A M Rahman\Shared\ccsetup229.exe moved successfully.
C:\Documents and Settings\A M Rahman\Shared\ccsetup231.exe moved successfully.
C:\Documents and Settings\A M Rahman\Shared\ccsetup232(2).exe moved successfully.
C:\Documents and Settings\A M Rahman\Shared\ccsetup232.exe moved successfully.
C:\Documents and Settings\A M Rahman\Shared\ccsetup233.exe moved successfully.
C:\Documents and Settings\A M Rahman\Shared\ccsetup234.exe moved successfully.
C:\Documents and Settings\A M Rahman\Shared\ccsetup235.exe moved successfully.
C:\Documents and Settings\A M Rahman\Shared\ccsetup301.exe moved successfully.
C:\Documents and Settings\A M Rahman\Shared\ccsetup310.exe moved successfully.
C:\Documents and Settings\A M Rahman\Shared\ccsetup313.exe moved successfully.
C:\Documents and Settings\A M Rahman\Shared\ccsetup315.exe moved successfully.
C:\Documents and Settings\A M Rahman\Shared\ccsetup318.exe moved successfully.
C:\Documents and Settings\A M Rahman\Shared\ccsetup326.exe moved successfully.
C:\Documents and Settings\A M Rahman\Shared\Shockwave_Installer_Slim.exe moved successfully.
C:\Documents and Settings\All Users\Application Data\comcastModemRelease\dtuser.exe moved successfully.
C:\WINDOWS\Installer\1b5621e8.msi moved successfully.
C:\WINDOWS\system32\Adobe\Shockwave 12\gt.exe moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 02122014_113933

[pystryker]

Looks good, we still have a bit more to do though. How is the machine running?

[baltimoredude1]

It's running ok. Still having some problem with Chrome and couple of other programs. Thanks bud.

[baltimoredude1]

one question, I have some Microsoft automatic security update that came up, should I go ahead and do it. I did not want to change anything since we are working on this

[pystryker]

It's running ok. Still having some problem with Chrome and couple of other programs. Thanks bud.

What kind of problems with Chrome? Slow loading? Also, what other programs are having trouble?

one question, I have some Microsoft automatic security update that came up, should I go ahead and do it. I did not want to change anything since we are working on this

Hold off on those for the moment. When we get your machine clear, we'll let that update.

[baltimoredude1]

well page do not load properly, it has problem to load and takes very long time with a repeated pop up telling either to kill the page or wait. I used sandbox command also, and it did not resolve it. also remember the add/remove program thing I told you about that it takes extremely long, it still is happening.

[pystryker]

well page do not load properly, it has problem to load and takes very long time with a repeated pop up telling either to kill the page or wait. I used sandbox command also, and it did not resolve it. also remember the add/remove program thing I told you about that it takes extremely long, it still is happening.

Ok, we may need to reset Chrome to solve that problem. We also may need to run some maintenance and see if that takes care of the other problem. I'll need to get my teacher to approve that and we'll proceed.

[pystryker]

Let's reset Chrome and check your hard drive and see if we can clear up those last 2 problems.



Step 1: Reset Chrome


Reset Chrome to it's default setting.

• Click the Chrome menu on the browser toolbar.
  
• Select Settings.
  
• Click Show advanced settings and find the "Reset browser settings” section.
  
• Click Reset browser settings.
  
• In the dialog that appears, click Reset. Note: When the "Help make Google Chrome better by reporting the current settings" checkbox is selected you are anonymously sending Google your Chrome settings.

Resetting your browser settings will impact the settings below:

• Default search engine and saved search engines will be reset and to their original defaults.
  
• Homepage button will be hidden and the URL that you previously set will be removed.
  
• Default startup tabs will be cleared. The browser will show a new tab when you startup or continue where you left off if you're on a Chromebook.
  
• New Tab page will be empty unless you have a version of Chrome with an extension that controls it. In that case your page may be preserved.
  
• Pinned tabs will be unpinned.
  
• Content settings will be cleared and reset to their installation defaults.
  
• Cookies and site data will be cleared.
  
• Extensions and themes will be disabled.

Step 2: Hard Drive Check


Let's get a look at the state of your hard drive and see if any maintenance is needed. Please follow the instructions below:


Check Hard Disk For Errors:

Press Start->Run, then copy/paste the following command into the box and press OK:

cmd /c chkdsk c: |find /v "percent" >> "%userprofile%\desktop\checkhd.txt"

A blank command window will open on your desktop, then close in a few minutes. This is normal.

A file icon named checkhd.txt should appear on your Desktop. Please post the contents of this file.


Things I need to see in your next post:

Checkhd.txt

[baltimoredude1]

I did what you said with Chrome, still no resolution . some pages will not load properly, for example yahoo page. I am attaching a print screen so that you know what I mean.