Basics11

In the process now. I am getting a error popup anytime I try to download anything. This is the message: Free Download Manager is not properly installed! Please reinstall Free Download Manager or try to reboot your PC. Error code 0x80080005

Results of screen317's Security Check version 0.99.63 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Windows Firewall Enabled! AVG AntiVirus Free Edition 2013 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 6 Update 30 Java version out of Date! Adobe Flash Player 11.7.700.202 Adobe Reader 10.1.7 Adobe Reader out of Date! Google Chrome 26.0.1410.43 Google Chrome 26.0.1410.64 Google Chrome Plugins... ````````Process Check: objlist.exe by Laurent```````` Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````

I was able to clean the programs off of the computer.

Here is the notepad after the last OTL run. Working on uninstalling the programs through CCleaner now. 05202013_151731.log

I tried to remove the first program you mentioned and I got the same error that I cannot remove it. Here is the content of the notepad message. All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F565DD7-8716-463B-8453-E1745A9E8093}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F565DD7-8716-463B-8453-E1745A9E8093}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect not found. Registry value HKEY_USERS\S-1-5-21-3726450246-2580802338-2658540461-1001\Software\Microsoft\Windows\CurrentVersion\Run\\PC Speed Maximizer deleted successfully. C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-3726450246-2580802338-2658540461-1001\Software\Microsoft\Windows\CurrentVersion\Run\\RESTART_STICKY_NOTES deleted successfully. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download all with Free Download Manager\ deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download selected with Free Download Manager\ deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download video with Free Download Manager\ deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with Free Download Manager\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download all with Free Download Manager\ not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download selected with Free Download Manager\ not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download video with Free Download Manager\ not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with Free Download Manager\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. C:\Program Files (x86)\MyPC Backup folder moved successfully. C:\SearchProtect\ffprotect folder moved successfully. C:\SearchProtect folder moved successfully. File PTYJAVA] not found. File ptytemp] not found. File PTYFLASH] not found. OTL by OldTimer - Version 3.2.69.0 log created on 05202013_142641 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...

Here are the two text files. Extras.Txt OTL.Txt

I was able to uninstall the MyPC Backup, but was unable to remove Optimizer Pro. The error message that I received from Optimizer Pro was "File 'C:\Program Files (x86)\Optimizer Pro\unins000.dat' does not exist. Cannot uninstall." AdwCleanerS1.txt

Here is the logs for Adwcleaner. The other suspicious programs are MyPC Backup, and optimizer pro. Waiting for further instructions. AdwCleanerR1.txt

OK, the system restore has completed and I ran the restore through the MBAR created point.

I re-ran combofix this morning is there a way to go to the restore point created by ComboFix from Thursday?

Hey Mr.C I apologize for the delay. After the scan I Internet Explorer became inoperable. When you pull the browser up all that is seen is a white screen, no text or anything. Alternatively, I tried using Google Chrome (browser that I an currently using) and the browser seems hijacked. There is a program/toolbar called Xvidly on it with a coinciding "WhiteSmoke" toolbar. They both look suspicious and neither are under the program directory if you would want to manually remove them. I hope this information helps. Attached is the logs for ComboFix. ComboFix.txt

First scan found some addware, and second scan came up clean. system-log.txt mbar-log-2013-05-16 (16-45-41).txt mbar-log-2013-05-16 (17-05-39).txt

Fixlog attached, I am able to boot the computer normally now. Fixlog.txt

Just from reading other threads on this issue I've ran the initial test, and tried to figure out the software or files that are affected but I am not sure what to look for. But attached are the logs for the FRST and Search. Thanks! FRST.txt Search.txt