Classie83

Thank you! I appreciate everything!!!

Security Check Log Results of screen317's Security Check version 0.99.57 Windows 7 Service Pack 1 x86 (UAC is disabled!) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 Java 6 Update 29 Java version out of Date! Adobe Flash Player 10 Flash Player out of Date! Adobe Reader 9 Adobe Reader out of Date! ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 2% ````````````````````End of Log``````````````````````

Here is the AdwCleaner logfile. I will run the other program now. # AdwCleaner v2.105 - Logfile created 01/14/2013 at 11:16:28 # Updated 08/01/2013 by Xplode # Operating system : Windows 7 Professional Service Pack 1 (32 bits) # User : Teacher - 1282-SPROUTS1 # Boot Mode : Normal # Running from : C:\Users\Teacher\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E6EA0A49\AdwCleaner (1).exe # Option [Delete] ***** [services] ***** Stopped & Deleted : WajamUpdater ***** [Files / Folders] ***** Folder Deleted : C:\Program Files\OApps Folder Deleted : C:\Program Files\Wajam Folder Deleted : C:\Users\Teacher\AppData\Local\Wajam Folder Deleted : C:\Users\Teacher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKCU\Software\Cr_Installer Key Deleted : HKCU\Software\InstalledBrowserExtensions Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Key Deleted : HKCU\Software\Wajam Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.BHO Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.BHO.1 Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.Sandbox Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.Sandbox.1 Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D} Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1 Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1 Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam Key Deleted : HKLM\Software\Wajam Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Registry is clean. ************************* AdwCleaner[R1].txt - [2877 octets] - [14/01/2013 06:59:20] AdwCleaner[R2].txt - [2941 octets] - [14/01/2013 11:15:50] AdwCleaner[s1].txt - [2946 octets] - [14/01/2013 11:16:28] ########## EOF - C:\AdwCleaner[s1].txt - [3006 octets] ##########

Good morning. Here is the log file as requested. # AdwCleaner v2.105 - Logfile created 01/14/2013 at 06:59:20 # Updated 08/01/2013 by Xplode # Operating system : Windows 7 Professional Service Pack 1 (32 bits) # User : Teacher - 1282-SPROUTS1 # Boot Mode : Normal # Running from : C:\Users\Teacher\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E6EA0A49\AdwCleaner.exe # Option [search] ***** [services] ***** Found : WajamUpdater ***** [Files / Folders] ***** Folder Found : C:\Program Files\OApps Folder Found : C:\Program Files\Wajam Folder Found : C:\Users\Teacher\AppData\Local\Wajam Folder Found : C:\Users\Teacher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Crossrider Key Found : HKCU\Software\Cr_Installer Key Found : HKCU\Software\InstalledBrowserExtensions Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Key Found : HKCU\Software\Wajam Key Found : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634} Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Found : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL Key Found : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} Key Found : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5} Key Found : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0021804.BHO Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0021804.BHO.1 Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0021804.Sandbox Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0021804.Sandbox.1 Key Found : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D} Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1 Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1 Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam Key Found : HKLM\Software\Wajam Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Registry is clean. ************************* AdwCleaner[R1].txt - [2748 octets] - [14/01/2013 06:59:20] ########## EOF - C:\AdwCleaner[R1].txt - [2808 octets] ##########

Oops i just left work. I will run the program and update on Monday.

I'm so happy to let you know that I'm posting this from NORMAL MODE! I could kiss you (but I know you'd prefer a donation)! Thank you so much.

Will do.

...I noticed that misconfig won't launch from the run menu.

When I run it, it says the program has encountered a problem and can't continue. Please try again later. I rebooted and still says the same thing. This is so discouraging, I could cry!

Will do. Give me a sec.

Ok. Thanks. The frozen taskbar thing had been happening while the malware was still on the computer. Two weeks ago, I noticed it begining to happen. Then last week everything seemed to work normally, until the day before. Do you think I should do a factory reset via the system repair menu upon boot up?

Oh and the MBAM scan is not finding any threats. Do you think this may not be related to the malware? Is the malware gone?

So the status is, when I boot in normal mode, it is entering the desktop, but not loading the icons and the taskbar is frozen. I just see the blue circle. Once in a while it will load the icons, but the taskbar will still be frozen. I can only boot into safe mode.

Ok.