claiidd

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.5.4 (08.22.2013:1) OS: Windows 7 Professional x86 Ran by CRAIG on Thu 08/22/2013 at 11:46:54.16 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [service] fastfreeconverterupdt Successfully deleted: [service] fastfreeconverterupdt ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\CRAIG\appdata\locallow\fast free converter" Successfully deleted: [Folder] "C:\Program Files\fast free converter" Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{00221CD9-B614-4B5D-9D72-10F94BDA5748} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{007E62E5-30E7-4E0D-9687-A92627AB8661} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{01750AC3-0F18-4516-AC3E-7E449FCE9E29} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{01B94947-0485-4DD6-B521-9F8D018392A6} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{02EEA66A-938F-4BF1-AA37-72333C2966A3} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{0309218E-D1D7-427B-B23D-521F2201CD2D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{030DB9CC-A492-4D98-943A-9D11C7B034FC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{03DA8A6D-C9D7-42F3-A052-A39DBD79C6BE} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{048587D6-787C-4311-827A-0AA7DEAACE83} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{04CEEE1C-2301-459B-8472-3C8A93CCBA1C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{05218A2F-76B5-4532-B38F-D6FD5425A5B3} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{056A698E-C983-4122-B409-FF6646C85D20} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{057A08F0-0F2C-4868-B822-233892DEB9B0} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{05AABEE3-C606-4F22-B89C-95FE5C0FE187} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{06AD32C4-6F16-4E54-884B-5BC95B0D3116} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{06B2EC7D-45D4-45CC-9711-8965657EFE27} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{06E13FCA-DA3A-4DC9-B57D-2542424310F7} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{08D69BAC-EFB3-41AF-83FB-48796707FC3D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{0962D776-E1D1-40B3-BE03-31911AF8D903} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{0968BA3B-34F1-4454-8110-8E4453967EF3} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{09AB4BD6-A3EA-42E5-9E0F-C07D603464D8} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{09D52C5D-F124-40F6-BC9A-9009C87C021F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{0A415B49-E736-4DEC-81A3-1ED73D114B14} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{0B61F6EC-0E91-4B35-82DE-B623AED7C070} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{0B94E489-6209-4EBF-A794-87D2B4425A85} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{0C057365-4EE4-4CF7-B0D2-36CAFAD72265} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{0E236B81-98DC-47B4-9F26-84473F2558E7} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{0E3B8A7D-5895-43A8-81FA-5394723EB9BD} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1089AFCE-46D0-440F-96BF-A4456487A13A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{109896DD-90D6-412D-842D-EB4EB3860921} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{10C8D21E-852E-435E-B9BE-042603202A38} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{115D7976-5908-4660-9F3B-ADEE963D4D0D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{116ADC03-226F-4F9B-92D7-05217E18125A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{11838BB1-D8ED-4738-8AD6-CE9FB6720A57} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{11BF21D0-F769-48C4-850D-2D9745F1A225} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{123B85E6-A917-44EE-9659-4B5910A1DDD1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{129F615D-8185-46AB-B22C-3CB3293A5F17} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{12D627A5-60C9-4B76-81F7-45CF1961E18E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{139CC580-72E7-4989-8AA3-EA6939D2BD16} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1435091B-9842-4821-9AF1-1C282D30E00D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{147C1C33-7504-43E0-9847-79AF78079A08} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{14F8533D-3A21-427B-AC37-A512ED6E334C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{150AADD1-0446-421A-9674-8B7B44E8C086} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1539C0A6-D6A8-4475-9305-2137BBE1263D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{156EFC4B-991D-4B4F-8BA6-22222BC4BAA5} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{15C39EF1-0364-4DFA-8C0E-E78110BF36DA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{15F581D1-3A63-43A4-B95D-02FB880A43DC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{163EEFA0-586B-46E1-A80C-F6AE117C36DD} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1690A1ED-C91F-4E66-9F07-CFF08BFB8011} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{16C38C3D-047F-4F79-9464-1B94F5B77C88} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{179E5915-50EA-4C6C-B9E7-FC893DF1EDB1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1918A296-A9C2-4CB5-A014-EA078767CA87} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1953F9E5-6177-435E-B6D8-4CB0672484B7} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{19F32905-E497-4EBC-8C8F-F3E6D334BE5B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1A1CAC80-08D1-4719-A76C-E9DEDE6BDD0A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1A3859AA-53E1-4C02-8FF7-4FFE12FB2E3B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1AC52059-FB9A-4EB2-A930-913DE2A6E064} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1B2A9E54-8AC1-4221-B58D-84C24B11E722} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1B3D2B81-E4A5-424E-905F-04D4921B5355} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1B447D0F-F6DD-4A23-9B5F-BE0F29EF72FA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1B97DC7A-9B31-4033-A8C5-49B48FB4E75D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1C1A61FB-DD55-469F-93DD-70F140235998} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1C1F9F62-ED71-4A16-99C8-A061A1993653} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1C3DFB8E-DFE3-4F37-90D8-490B3B7F9506} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1D9FFC87-B797-4C17-B0E6-AFDB189981AB} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1E2D382D-86AB-4F86-8418-19B8AF5398D6} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1E54BCE3-689B-4240-8B86-822238CB403D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1EDA2915-74B2-4FA2-84D4-46F9386383FA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1EE35212-6ADE-413F-A0BB-4FC8B0F779B0} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1F53A90E-9CCF-4ED7-ADA9-762E20DB3E85} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1FAA9414-A3F7-46D7-A19A-11D843BA3E75} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{1FC201C2-AA70-4A16-849B-C9CFAA93721C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{20293D16-D296-4AAA-B0E3-EB8FE238A662} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2082F1FB-59FC-4320-8357-77A360D12EEC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{20C268F3-F26D-4AF6-9513-55B5F3B3CE9B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{211FEB6F-A841-4725-8E7F-9A49C3EC7568} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2123037B-3B93-4005-99CE-E8B5AD39F806} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{215D4997-3DCD-479B-BD2A-43873C6CA3EC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{218778C2-7505-40D3-A7C5-FF3C63121C73} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{227F701D-407C-405A-9B7B-0BFB1A7F1C59} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{22FBB0D5-91FB-474E-8C5C-FEC68A61E471} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2321C25F-6EB1-4171-A35B-83F4A1DB9BC3} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{232DEA61-CDA5-4078-8F2F-2D0160A3C698} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{237BDE7E-2CD6-464D-9C93-943F57056C18} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{23B633B7-F8F9-4362-9BB0-5C3E7B809E19} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{23D838D9-88FE-4EFB-A1A1-36CA8A69D6AE} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{243CD4C4-A6EA-49C9-A58E-FC9D93F8EE03} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{24CF3C47-45F0-41BC-8CE6-3EFE7EC36195} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{24D51712-544C-468F-AED6-F99701207D9E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{25FC7CCA-0C94-4A38-9DD5-4F15B3B37FD8} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{27981C99-1789-4D1A-9AD8-12AC5F1C10EC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{290AEA79-2512-4F75-808B-17A22E8ED42E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{29AFAF1E-37B4-4982-8DCB-AA0920FE8ED9} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{29B5AD9A-8DC3-46EF-98AF-C0AEAE6A1E3C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{29D3AE7C-7E59-4BF0-A787-A0ADD00754FF} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2AA73A7B-FC40-4F1C-9670-FC0CB50A34F5} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2AB5B5F4-7F6B-4CCA-A843-6B09E644DE60} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2BE06BDD-F369-49CD-8310-921A7DF04A53} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2BF2C33D-DACB-4F40-BCC6-8696E5FEE643} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2C03C977-5D87-431F-BBE0-68558666ED95} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2C26591F-9958-4EA6-B0F2-187E957D5BC3} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2CBB1C3A-68BB-44C7-A475-11FFAE4E0A94} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2CC7FEDA-6180-4DAB-A9A6-082CF6C00EDB} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2D41A4E4-A5F5-4AC3-804E-14B6E081064E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2D734B67-DDE8-497A-B98D-C44324EEAFD0} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2D9FB8DD-0E1F-42FB-A078-3446F2D99D42} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2E245BA8-1B3F-401F-AE9F-CEA2D516E80C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2E2E9F8A-0D0D-4655-BC84-2845F772EB5C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2EAE93C3-F56C-4EAC-85D4-50F27D77143F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2EFF4E69-8512-4CD5-8E7A-7904891A515E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{2F27BC49-9E92-4B06-802F-9DA6C11BF1FC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{301B9AFE-F302-47AD-B84A-D3DB0E4266C0} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{30237DC4-B4D3-4F3F-9516-913BCB0796F7} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{30244355-C6D0-46EB-A66B-D24494601ADA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{3052C859-4679-4A4B-BDA2-05232082A886} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{3052CF66-3063-47A6-BFC8-5B44686C725F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{31A07E62-501D-40CE-8CDB-8D95AFF7193A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{31B3C90B-7AED-4B6C-9904-1768CE40887D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{31FE5056-2E5B-4598-853C-3C6BA557B1B7} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{3272C8EA-328F-4213-9B80-D22FC89FD5F0} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{32D1CEE6-32E5-40FC-AFF6-54E58FF7260E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{32D86FB4-7469-4694-8937-A4F42AB81E65} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{330FD5A2-7B28-4D6C-862E-8F1E6CA6C40B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{33445334-E694-4151-A079-154AFFF79BF3} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{346AE702-E523-4AB0-9B6F-3E70BB06C339} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{347F454E-B3E3-44F5-B9BE-2FA50C456BF2} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{348D9B5D-D89C-4D06-ACCD-FF2D4C16260B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{34D6FAFA-E564-46E7-8459-066A7C42E153} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{34FCB043-1C78-4338-A646-23627C4EB155} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{35CCB247-DA5F-449D-975C-5F8F6C15B4F2} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{35DD288F-AE27-40A0-9586-B5E933783A40} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{36CC4B52-CD01-4FD8-AC88-AB041AECEE66} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{3710AF4C-D1A5-4578-94B6-0628BEA01730} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{38857ADF-357D-4E22-A742-FE7D44A9D0DA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{397D6250-F3AA-44B8-8980-10E9FF4E40DC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{399B70D8-A13A-4D74-B9C9-7A8395D59B3E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{3A0265E4-DD90-4973-AFEC-0F979DC89F88} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{3A3EFAEC-4DDE-48A5-9B27-CED396E7051A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{3B430C75-0148-4C24-A044-60010D12B987} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{3B944C56-2B0A-405F-9959-46CB74A3A65C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{3C98AEB8-EDC7-470E-83F7-23710951535D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{3CEB9923-9E8D-49B3-A4E3-7C56C50B2CE9} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{3D52CFE6-84CE-48E7-A605-2CBE984E1701} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{3DA5C0F6-5A55-4ADD-924A-B214139BC8C0} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{3E2028D0-B799-4BB2-B196-DC3924DB58F9} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{409D37F9-EFE2-49FC-AB03-79DE0B47173E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{410B1D71-5DE6-4076-97FE-BEC4F49AFCB3} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4160B939-2D61-4FC5-92D6-CE7606ACA9E9} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4176A88C-A8A0-48AC-B24E-6AA1E298FD20} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{41834F17-4B29-4065-8EF4-63D7424FBFB9} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{41BD7EFA-059E-4697-8BE5-F49F27D9D294} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{41F464E6-97D6-44A9-8211-757910E25D41} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{430237EE-20E6-4932-9ED2-32CFD473EE14} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{432FDDDB-1088-40BE-AAF2-93FC3B52E8CF} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{436F2C9C-8282-4666-8617-861F1F010BD9} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{43758D52-1610-49EA-AD65-433440C979C8} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{43930011-5ED8-4D17-9170-108EE4EA333C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4564900F-A1CE-43FC-BCDA-71EAEC80395C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{45E23F66-5409-4732-B738-272DB20EFD03} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{45F9C872-9212-4609-B829-CDC2C6DE7D20} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4683BD7C-426D-45B7-A300-F55997BC205E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{46D8AAAC-5413-4A9D-8E79-89526C2C8897} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{46F3D341-7BFE-41DC-B01F-44028BC20C2E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{474D7692-BAF3-4E6A-875A-E35D5F8F75D0} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{478F2C51-FC9E-4DFB-9EDA-8D9AEB561F7E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{47940F39-435C-4F52-A213-AB9D835F08F1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{480759B2-013A-49F4-A422-2FBCC47E8108} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{48B56954-C0B4-49A5-81C9-8CEA697061DF} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4952DCD8-CC3F-464C-A662-B6FA26BD00A9} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{499A1E7E-D4DA-475F-B6CA-38086F12A0EA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{49A1118B-A256-4701-A9AF-B895613F4C98} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4A4B9397-88B8-4A9F-936F-7B5186356080} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4A70A1F6-EA6E-4D0E-866A-8ACAAC1C981C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4A7229C2-65A2-4F79-B342-33261FD97BA1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4B6C1659-3826-40CB-9FE8-FDE1D2BE0B73} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4BB34833-2EAD-4274-A2D1-3C9DEF6EF5E5} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4BB42F93-920C-496D-B221-B9E0BE29C580} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4BCF6CB1-3245-4BC3-A6BF-0118CB2A4409} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4C1C7C4F-101A-497D-9C8B-D24A5A7934E3} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4C62E44E-8127-418C-82FF-9E63EC6ECB52} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4D272018-A5FD-4F46-904B-996724B5FB9E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4D6BC9C9-C593-4C7F-8CD3-28BD6198CA68} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4E5770B4-A824-4A2F-8870-81F457EBD707} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4E96F35A-1814-4BA5-A1B2-3472767270EC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4EE845E9-E21F-46E1-9968-3FBCA0BAA286} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4F7F7866-DAF0-4C1A-8AE9-05B72299B8F2} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{4F9091E3-40E5-47F6-AD34-6968291BFC4C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{50575C40-28BF-40CD-9874-BFBE571FAA12} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{51E83CE5-8681-4CCD-91D4-CE64F0574EB0} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{526BA735-373E-4432-80F1-F8747842BA92} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{527523DC-4657-47BA-B55E-DCF42D7CA311} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{53EB0D79-E486-48AC-9C3E-307F95A0EFEA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{54195A8D-7DFA-46BB-AF21-184F18E4107E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{544A1C06-A854-4795-8B3E-E33D73FA6583} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{544AA2FB-2572-473E-BCD3-5D6B887CBE9C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{546B5ECB-E304-4CAA-A792-7ECD9128530F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{54D0FD02-0690-4797-ACA6-0C3064CC4EE1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{553EC5EB-3090-49DF-9B21-581FB6B7084D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{5630FBBF-13F8-4683-AAFE-1CE6EEE21104} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{567E7A44-9FD4-4538-805E-3F7972C461AB} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{57324580-4267-4FC3-9EF8-B1AE015904D6} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{57ABFD0C-0F97-4C65-8DA2-D30E738ABE8A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{57B277C4-DA85-4AA7-9E67-1D841060951D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{57E1FBA4-48CD-411B-B198-51B57761A9BE} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{58032CFE-2FD3-41B9-99AD-6FEAE0B94D8A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{583C507F-D676-4DC0-B3C7-17621EC9CB94} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{590EFA5D-2B44-40E1-9E67-4FC997BDE4EA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{592F3C97-E860-491B-9157-C45543031AE1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{59825534-2329-462F-8F4F-5F361519DBDE} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{59873421-6414-4C55-B8FF-E36292C92A5D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{59BAC85A-5B6D-4417-9941-2F23F2AA5207} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{5A7317AB-8388-4A0B-9736-351245FE374A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{5AD08800-8F12-482E-9C14-DB38B1EA3CE3} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{5AEF5589-E17D-40D4-A9E5-C63FF2236B48} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{5BA81360-74E9-495C-A06D-2E7156A56429} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{5BE58170-D422-4E7F-8AD7-0D60F09B1F90} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{5C82FD0E-0F10-4CA3-953D-40B247E082A7} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{5CB1B3EB-18BA-4BA8-8DB2-8B61ADB63C8C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{5E1488F9-3C84-4A87-88C9-4120DA5AF464} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{5EAA57DB-4AD9-4CC6-9B4F-D33F825DA0A4} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{5ED382AA-EBB3-4962-850E-0EBF6AB46B16} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{603DDFEE-9956-49D1-82E0-1AB640082E23} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6076A9DF-04A6-43F7-AC8E-1226348DC3EF} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{608917F7-97D4-4AB6-B741-470D13191F3A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{62B213FE-5A0F-46B9-8DD4-0CD190AEA499} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{632E9144-5F69-4F70-A579-173A3E7ADF10} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{636195DC-67FE-4F23-8E35-833F83E07AA3} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6384580C-06D1-4E4F-A886-459E038704BD} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{63FC7BD0-CDF8-490E-95E4-A3B3520EC9DC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{64055D0C-098C-4A12-9616-954173DC0FD8} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{644A6E17-FBAA-479F-BE69-07D3B0C38A48} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6745C19D-A3B0-4188-99F2-BFF1CEE9947D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{67938161-BB84-439D-B0F8-9383A8F26492} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{679A8D1F-AC2E-40BA-B05E-1234F0CC3A4E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{67A4215F-1614-4440-86B9-376638E8E10D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6828A583-2107-4E2B-974D-C3C1DFE23CA9} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6932A6FF-38C9-4FE5-BC7B-60A4CB06AFC7} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{69AB787A-7D4B-4302-8304-5595786EAC33} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6A1589A0-4830-480E-AF81-47F6AB8B85DD} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6A72A644-3BFC-4C22-A537-317026003791} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6A8F0985-B27D-470E-971A-C0F142D2F366} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6A9AD72F-AE0B-4956-BC58-6D10436C4693} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6B0401D9-023F-4886-BE41-CDC40E8AC6CF} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6B17A787-31F7-4C2F-93C2-C9E2A2EF3A9A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6BDDFAFA-3FC9-41A9-8E13-A374CFCE5352} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6C83C773-09A8-49A7-A2B0-054A18E744D8} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6C8A96FC-91E7-4373-924D-17F5987EA21F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6D23612F-138F-456F-96BA-A0AB5C528A9E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6DD9CC2A-8720-44AE-932C-465F4EE4D4A5} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6DF06A18-D2DD-41A8-BE2A-CCF2E3CE82F1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6DFFEC89-29B9-4821-ABF8-5E0FE8F9D562} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6FA03E8B-265F-4FF6-9E40-5A928E30B7FC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{6FA128CE-FA10-4E00-B32D-055D2FD7AA48} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{70086508-F162-4CB4-AB27-BCBA58297910} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7023E637-DFE9-456F-946A-60B3177B9283} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{71E3B7EA-CA5D-4501-AF3C-39DA78C089B8} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{725291DF-2F31-45B3-8473-E57B6ECCA025} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{726BA417-4BA4-421C-BFE2-0E7AD9C73C4D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{733FC3FC-1AC0-4D1F-90B7-95DC9EFE1245} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{739397B7-F76E-4A6D-9EA0-0C81EC07139E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{744FAF5D-D755-4C1B-A1DA-008425A7A164} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{74F1983A-EE5A-4920-82E3-6DFCB701D41B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{766BCA85-8883-4FD9-B664-BE9B9AE9646A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{77E17AC1-8D17-4F55-863D-4047C5F3A9F4} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{78EE7351-ED31-4C5F-8AEB-3034889D0EAC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{791E44DD-D956-429E-9051-E395A948C398} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{79A03BB7-04BC-40D5-87C8-FD9CF2035721} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{79FC5430-C818-4FE6-8F12-FAB7E7E85C49} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7B17BE45-257D-4BFE-A4D8-F62AFB5E96C4} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7B1A8924-E63A-4062-BCB0-0BBE1D8B262D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7C0BAD74-7FD7-4A71-9CA9-256778CA1FA2} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7C47A937-B5CE-42C3-8037-1234E3A7175F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7C5A901C-358F-42B8-B79B-22EA60F5CD0B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7C720CAD-63BF-419A-9447-CA0368F55CF9} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7C81B85C-FFA3-40BD-9294-F81D7B0F7ABD} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7D0C5BBD-8AA5-4ADB-888C-269F0F30AA4A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7D4EAF8A-2B9C-4A6C-9846-C9F18A425CC1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7D8C522C-A973-489B-AFAA-0408911C3772} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7DD3773C-6AA0-4117-B340-9694F1E45CC4} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7DFF1122-3D6B-4291-B5A7-D892FC6749A9} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7E2BBEA4-85C3-4D6E-BE36-011BFDB7CD4D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7E991375-610E-4534-B09C-1208D6BA12C5} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7EC9696C-44A6-42CB-9125-AD7E8779F715} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7ED9336F-8E50-47DB-AD8F-CF418A25F5B4} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7F86271C-2F0F-4B33-94DF-AA7B36455F61} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{7FA0BEAF-C428-44A4-BDEC-E6D0D41155BE} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8027C43B-CA0C-4F68-8D47-57169D2AD21E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{804BA19F-93DD-4912-BEC8-4919859F859B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{80A28C5F-A1C4-4C12-BD76-BB2D580DEAA3} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{82BC31CA-7F5C-497C-9FC7-126546817146} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{82E4E707-E26A-467E-A25F-F59E04AE2DAE} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{82EA21EA-C1EE-428E-A8FB-8AC5A5438732} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{82FC7FDD-0B3A-4A23-A783-F056682B9380} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{833E6638-C028-4D0C-A5C2-5C67756D44E2} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{833FA566-8D53-450B-A1CF-973DFC9AC73D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{838B13F0-C069-488A-BC2E-466A7EEE33C4} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{83B5A4BC-2769-4146-8799-7BC693ABCF49} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{83B5FC77-5080-4002-944C-1EAB44781DA9} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{85C1A749-A746-48F5-BF7B-ACA805CAC53E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{86444279-BA6B-4AB6-9DCD-66B869D56B6A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{864D70E5-BEC5-4E88-867F-F0446FEE0549} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8667A795-05F8-4210-950B-22200156D942} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8677993E-4D89-42CC-9BCB-47E57E628302} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8698808F-C176-4D09-A6E6-B101C95D6969} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{86B61601-863C-4E25-82ED-9F3C258722A0} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{873211F0-9CDC-4087-910A-81721C459E23} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{87B73E34-3A25-448B-B86E-23DCB4262562} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{87CA20A2-88F9-42CF-975B-A0F6726FB384} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{88089D91-5225-4989-A79C-197B9EDE6105} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8823116E-B20D-45B2-BF04-622DFEA40206} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{89033004-F8F7-4EFB-9D65-E97B8141501C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{892295C5-3E04-4F08-AB87-170C164B6F07} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{89AA5F1F-A0A3-4666-ACBD-B8CAEB523A96} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{89E6DFBE-888F-4415-AA06-1F155816AE81} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{89E6FE5B-9982-47C7-A370-24B8280479A4} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8ADDA7D6-D1FD-45B6-A7FD-7F85EFEACE6B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8AF98D15-8CF6-4D09-9FF2-F36F9E260741} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8B42A02A-A026-4D88-B456-48CB547B9891} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8BB9711A-4171-4054-8CF2-F5B5F8FEF153} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8BB97A84-1F60-46D6-943B-D013B3858435} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8C09985B-CF1D-416A-9E72-A0A24CD3B214} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8C0E6360-8C3B-494B-86E0-CBA40BBDDE08} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8C576347-6687-4BC5-BE0D-05C146436B4C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8CD86891-C588-4EAA-824F-F94BDDEA7858} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8D84E051-9E29-4E0B-A952-3635B91F28E1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8DB02FBF-5726-4292-9BAA-8AF0C66697A4} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8E876D1C-7F7F-4D5D-A828-8E912ABB0F66} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8EDC99E2-F4A1-449C-8709-399E54AEA378} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8F009951-CFB1-495D-A8C0-CD8FB302DE7B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8F0B9417-0FA8-423F-B2AD-99D98060B183} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8F80E177-4BB3-467B-833B-0F21D2EA5C4A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8FC5650C-E6EE-4DEF-8C5A-56194FC9570D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{8FD1E94E-C01A-4B5A-A0F0-F21F571D50DE} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{90CD1302-7B8E-4413-ADA2-0E4AE739F832} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{91A90FD4-3A9E-4F51-B53C-CEE29F1A9BBD} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{92CDA131-9762-4399-B364-B5A9D3F9DCEC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{92E74210-09B3-4705-B805-A833B7678DCE} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{935CBC2C-33F3-457E-B44A-DE06C8E507CE} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{936288A8-9120-491B-9256-01560A8A2ED8} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{93E4BA71-2D9F-4B32-BFF4-C34CD5FB5483} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{93E5416E-74A6-495D-A5E4-531D447B6A6F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9438B26A-AC96-468D-9BC0-A8350038FD5E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{944CE434-6CE1-4A74-9FAF-CF22722868F6} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{945A6FE1-55A8-48A9-AC62-E28354ACE6BC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{94801A38-21E4-4194-8CF1-EEC74CCBAC40} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{956D933A-610A-45C1-B655-34FF3903F081} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9585CC9A-E43D-4116-A5CC-F261C4AE3E6B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{95BF5629-45E8-4348-8698-3A7710241E91} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{95DA8197-0D0E-4EAA-9F98-B08B5BDFDF04} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{968AA73B-BADA-4B41-BEEF-3B97838779D1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{97057691-C546-46EF-BC20-7C9CA725C04B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{97275DFF-03EE-4041-8129-90BC85C020AD} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{97CAF0C0-A70C-4494-A6E4-D73512D901AB} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{97F1BE43-6B47-42CB-A5A8-3A8C011596FA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9807C4C6-8A27-4D33-B0ED-C1D66B5FDAA4} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{986E4514-D8FD-494E-A8E6-1A6501D4939F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{991832BF-B79C-4B35-B261-D064CC15B439} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{99672C13-04C2-4991-B90B-FC37AF52FA88} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{996B82F4-C5A2-439D-8DB3-C6546D4580AB} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9A7EE89E-7CC2-4813-9D11-DFCA194B8A6E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9ADB0F04-0F38-47FB-919F-647FA457383C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9AF5881D-959F-42B2-AEC5-90D97EC3B547} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9BA64D9C-2113-43A1-9F83-161389D15FF4} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9BB44719-C204-4799-A5A8-9BC35AA36A50} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9BCA25A0-B0B2-426F-A20C-CCB5EBAD887F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9BCE7776-D38A-4ADF-A0F9-7F7986312827} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9C781308-296D-4807-9014-F0B525326190} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9CF5BE8D-B066-4B7E-8D04-456D555A5405} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9D1A269D-3E6D-40A5-ABA1-DE1DD5445EB6} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9D2D4B6A-BE98-4395-9CD0-F7E6763F7385} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9D509AD9-EEB6-466A-93EF-316CEA325836} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9D69EC3F-8090-4C48-9365-3782C9BD1A99} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9E3BF861-D46C-438E-862E-7B0178DBD8A3} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9F41125C-72FE-4E11-BC16-415666CD2FDD} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9F47DEFB-33BE-4C23-BD4C-7B64BA0A1ED1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{9FE226CC-8265-46F1-BAE9-D46CEBD2C049} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A062EA6B-FDA1-4B13-9E73-D518156D429B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A0805DDD-0F5E-4FEC-BE04-65E29D5D5C28} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A0CB5E5C-AF69-478A-8E39-DAE7135B8C1C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A0D70239-FF3E-4339-A28C-5456396B4A77} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A124A7F0-10C6-4865-8825-E5452A5F8B4A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A132384D-E64C-4ECF-9907-F63C0C615BFB} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A3840EAD-5363-4DD0-9CF4-75BA51BCAB65} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A3B6EFB5-70A6-4F6F-B2C7-9AD4610ED065} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A3D0CB6B-6C3C-4D3C-923D-D8BD56C32C0C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A42908A9-8646-4BFB-8D66-94E4F1B6B8C0} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A4B3E30D-EF1D-4D5E-9EC4-4AB9F75364E4} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A5FC62DF-F823-4A4F-B6C2-62C97F864435} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A6E040E7-82D6-49F4-8188-DF36411AB509} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A71E83CB-1B28-42CC-8BA2-0BB6398D0C77} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A74AF5C8-2A30-443B-8F5E-BBDA2842C4EC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A7588D22-EE55-46AC-B30F-E1F51D63470F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A7856FC7-C162-42EE-8FDE-F605E8A413EC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A7AE00E9-F2A2-493C-9884-C43A44420CC5} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A8112603-D83F-4BFB-9B04-98A45093817D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{A8B23E4D-A3A2-4494-91C6-F4F368ADF82F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{AB460F7C-C0C4-47D1-BD3B-66C4D6AF1209} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{ABC7D1FE-4720-4180-B26B-FA2BB94227C6} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{ABCF4486-38B0-461B-BFA1-AAE9B3CD817D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{AC7D01A5-4097-405F-8E35-4CEDBCB5B7E0} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{AC8EA7AB-99BE-4254-8AE3-181F354AE2E6} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{ACA1F019-8FA3-4E7C-BCAB-2A2C816555CA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{ACCB47F0-806D-437B-86B2-1C9394EEA791} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{AD0B96F3-1435-4FCA-998B-AC22D7711E09} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{AE287D35-FE3B-4C5F-AEE8-A491DDB14D24} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{AF4045CF-EBE1-4A42-929E-C13212D9614E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{AF80001F-836D-44C5-97F9-333DE4345774} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{AF90AD5B-5EF6-41A2-B8F1-848400505E65} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B11C46C1-1CD8-413C-B650-6A7A76414FCA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B1759EEA-A250-4410-9682-C087AD06AB13} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B19AED14-6637-432F-822B-E8C40486E590} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B1AF9396-137E-4A96-94FD-E9C1EEA32567} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B24BA8BF-C562-4F77-9B37-91E8AEE711D9} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B2A6A526-8C2E-4883-8AEE-934A73FA5EB8} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B325AB78-AB0A-4912-8218-40B6EB68DB1F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B35C9FF9-2639-4827-8AFC-38D1DC755290} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B36EE418-DE48-44E8-A8F1-E6A82382E6FB} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B36F17EA-111D-45DA-A790-FA3B8231DF5D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B38A3740-F4E6-47B3-9837-8CCD9D832C9E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B4AB8D80-1F41-4F14-B44E-D29DFD234163} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B4CE8257-790E-4E44-A6C4-B3B517BE042C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B53AD46F-F1DF-4DD6-AC71-0CFB7698A9DD} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B58AE265-D3BF-489F-8D7D-11CCD3E8F155} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B5C6B62D-429E-4667-A491-F8DD5B5971C4} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B6839105-0FEA-4775-98A8-459DF3B0A63C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B6DD390C-45DE-49C9-AF79-A477E5A23BC5} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B6FA1A39-B366-4726-BBE1-C8B78010DD39} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B718B4DB-57EE-494C-9EE3-0BBA8B20052A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B7BEBE0F-5173-4CBF-972B-3A9EA2D033F5} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B8039F48-2EF7-491C-B0A7-C40F81126CA1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B884C0B9-E3F3-4E93-A3BB-8C923E8C5F08} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B886A919-3674-4617-872E-164F8030476E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B8BE30E1-A2B2-42F1-B7BC-5B679DA400A6} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B8E13C40-A802-4379-B8C5-B9B409A4387F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{B91288A7-99D1-4495-983B-C8D02ED79031} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{BBDAF369-F774-4E40-8ED3-207C17FAFCE1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{BBEFF649-4A26-4C34-838D-9F7364A1E5EE} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{BC358345-4FC8-4A75-B5F3-32EF8AC3FB4B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{BC535993-5177-47EC-A52B-E9A30BE08714} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{BC679DD5-875A-4246-9241-FFBC44302B0D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{BC6D3FDF-FB22-4C8A-9553-8710EF43F63A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{BCAD476C-A5A3-4F37-B2ED-9343DF0D6E38} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{BD08C143-B49C-4A0F-B86A-3CF1CFDD8C54} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{BD2DAF7F-6B8B-43C0-B37A-09AD75B0EB7D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{BD619036-F74F-4638-825F-1A5C775F2861} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{BD92BE58-0893-4C94-BBF9-C6915CA0F667} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{BEDC52B2-9257-4CA4-99C3-E0336E755DD5} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{BF537BA8-03C6-45E4-AA18-00B3A4572FE9} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{BFC3B302-5DA3-4971-919F-AFBE46EF5B1F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{BFD02E69-B450-4297-952E-4657CA4125D2} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C00334FD-0F8E-4879-9DAE-5DB7C7566DFD} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C0223CC4-ED81-4304-81B8-32C3917229FB} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C0261E9B-EAE0-40B3-9154-670CD566BB4D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C05E0C58-DEE6-473C-9EC4-0E1FE1AF0A15} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C0F812FD-8760-4794-BEF6-204212741B3E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C11425A8-9CCA-49DA-BCD0-3273EF4969BA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C1A286DD-98F6-4415-8C6B-EE2907189BF1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C1A8E933-B7EA-4569-9ADF-7AE8AA554798} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C1BA00F2-55F5-42A4-9CFD-DC7E28FA9337} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C1C0C758-18B3-4521-91B0-E68BEFBDF4FD} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C269A3C5-EDE1-4C3A-9C63-D6D6F82918F8} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C2E9F303-25C2-4BCC-B93A-5F9C5CC83ADE} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C320C2E1-478C-4D01-BE83-F5A4BF8C300F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C388166E-5D5F-4347-98CE-9DD07525DDFD} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C41C3C51-9B03-4D5C-8DC5-1C6C9F7E4307} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C42967FD-99B0-4891-912D-C5C6602F8F6E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C4D3F8BB-B668-4ECD-8AF0-084B1A473B38} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C5422406-B67A-4B42-B2E4-DFE1D4AF86CB} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C6A03669-31ED-436A-BF62-AB56EADFEBDA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C6D84601-54A2-4C68-B883-721921FC6502} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C725000F-B2DC-4AD9-8363-7E75038FA307} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C7EB6CEC-E1FE-446F-8D58-D72A376A6FF6} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C807669E-FAC7-40BF-9611-6A2DD2760C71} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C85F795B-5089-403D-BC82-1CB6A36C9DAF} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{C8986EB8-A7FB-4801-B0A2-ACFF3FC650DF} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{CB3B3B23-A17D-46DE-AB69-B25592C9BD83} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{CC4F6133-C124-4A79-A8D1-FA6B42B82FF1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{CD786A83-E4D6-4CD8-B39B-156DF34C58D0} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{CD814954-F699-4BA1-8517-03B8FC984500} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{CE3BAF7A-63D6-4F4C-9155-DAA26CDD5357} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{CE543B00-1A2A-4E07-B883-40A188C0DB6A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{CE72D814-F749-4D75-B974-F8FA48ECA3CB} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{CF7BE794-A8FB-4BF8-825E-D44456E458AD} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D08EBDDB-6AFD-40E1-A734-F38A5EB40D17} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D0CDD7FF-3593-4CAA-85CA-14D306B2BFF5} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D108429D-17D5-4944-B0C1-1F28BB488089} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D10A0C29-E034-485A-A186-5465FAC8268D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D2EC0AFD-A820-4A49-8645-5EEEF6271C22} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D326B8AB-026C-4B02-9E30-0DB70D7D4290} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D35322E4-CAFE-4AF2-8F32-10EFED8ECDFA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D3BAA0F3-4940-4D3D-A89F-56AEF32ADD8E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D424891E-9093-4440-97FA-FBAA0D9A4108} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D427B80D-AA46-40A1-9326-6F8326D3A530} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D451A064-AE34-40BD-A145-0A7222092440} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D475FD46-B89A-4AF3-ABD5-E4F70D687F61} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D4DF8825-ABC1-4DA0-B1D5-8129B2AF3F61} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D574C08D-B46F-4A90-9587-FD66F6434F3D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D57964F3-56C3-4EB2-91EC-633D33DDC815} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D58888A5-A8ED-42B9-BD2E-65E1244ADDB5} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D6BBCAC2-A127-4E86-8706-B2C43CD8A64F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D6CB4A21-3072-407A-B4BD-E9D058A83C01} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D7282B78-3F9C-4EB4-955E-F4775C7BE98A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D792E7CB-6313-4F71-A2FB-7300016C9112} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D8090025-1A35-47F0-9DE9-6C708D892931} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D82F7C19-15B2-40D7-89E3-1835160B6FF5} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D94972E5-2530-4DE5-B22F-51359B707DEB} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D9551E17-7CB2-4D48-932F-378B2C2E7BD6} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D95A4869-67F5-4159-ADDB-EB9B4B6BF18C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{D9CFC632-9323-4ACF-8041-EAA6B7ED8671} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{DA4B93F4-00A0-4863-830C-BBD14B9C6053} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{DA9E3D62-0F2C-421A-9284-11473F83A00A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{DC78095F-5513-4F6B-8642-B3408E72F424} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{DCBFBCA5-4535-470C-B550-B880F9F87D2B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{DD342846-63F9-46AD-9073-FE5D910D4FFD} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{DD502EBF-4EB1-43AE-B7C8-56856ED6A214} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{DD7CD785-16D7-432C-9E04-CC648C6CABD1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{DD86357D-1868-4002-BE3A-7F420D4C1D2A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{DDAC774A-AC46-45D4-8890-5BFB15CE28CE} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{DDE3C51B-557B-429B-9B54-80566461665A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{DE0521F1-B6DE-4634-928F-89DBF1242056} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{DEC94858-6933-4246-9701-3F439BE69F91} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{DF3E8223-9AB4-470C-A768-D18B70BDB5F6} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{DF9A81C8-B77F-480E-9F29-FAB1DF692DC2} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{DFD2B39F-5535-4E7F-B7D5-0E400C76FE5E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E053B5E5-C736-4B10-A103-25E37F033FDB} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E08A47E7-2006-4C3B-A784-65EADF1B4AF8} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E0AB60F9-3285-4A5C-AAF2-A9691060D40C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E0D1D949-4C79-4FDD-B3EB-208345857527} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E0F5BBC2-9C66-4C37-A126-8C1BA0ED0FAC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E135A9DF-473B-4316-9CCD-F2DFFC47993B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E15AB138-4C19-4376-AEBB-B56BDC108520} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E16BA08D-33AD-4503-A95F-19E81611D6C1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E1ABB4F4-2D55-4014-AE01-76F141943BBF} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E1C3E55B-1A6B-4934-B3F2-BABCAE025AD2} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E1EFB0CD-ADDB-49A4-AF44-C6B32B4D8163} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E29B1845-BB77-410C-B682-105B9E463795} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E32AFDD5-43B3-4818-8F3A-92776047B93D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E351194D-7D35-4126-A14C-C7CFEC3312FA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E38FB358-66DD-44C0-BCCA-03F7EAF22786} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E3CDE297-8867-4228-BCC1-3225DD173AD5} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E3FFDE0B-CF39-4BBA-A4BE-E790A014A46A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E4E09DCC-9438-4FB5-A034-06ADD4DAC246} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E4E90861-141E-4878-8851-AE2B60D5FCC7} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E4FDBE2B-0CAE-4EFC-8662-1B0E3C4A8184} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E5C7D380-646F-4885-8C43-320A5AB89203} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E5CEF1A6-B3D5-4BA2-A955-5EE218C813AC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E5D7528E-CE56-4C87-A5D0-4D02356B0ACB} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E7453CC3-8DCF-4424-A95E-5A66F695701A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E7C77EB0-FA3F-4CD5-BB66-702B7F04FB4A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E820E5BC-D60F-4E2B-8415-BF9D1C6D9CFA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E8561E80-34C1-4707-B503-BEFDF3A99BB3} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E9343B12-5DA9-44A0-98BB-467C77BB7A0A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{E94DB938-2881-4E4D-A924-C593FD822E8E} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{EA74248C-B238-48D1-B2DA-7B4D4F1B8F21} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{EB3DF760-341A-4100-9D86-F66B44EDB314} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{EB69964B-BBA9-4B91-BFEC-7CC0A9BC4F4D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{EC1D512E-A392-4FE6-8272-F0053DF1419A} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{EC6391AB-C136-4CAC-A813-2AA2B9CA269D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{ECA0FEC6-9A1C-4D55-A073-923D0C6BA874} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{ECC70BFF-4497-443C-A79E-AF5219CD62B6} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{ED244318-7CF9-438C-BD21-DD1FD092C396} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{ED583FDD-12C9-42D4-9919-E02C78E94403} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{EDAF56BB-A053-46A0-A74D-0DA3657C0D9C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{EE10DA4C-F849-4BB9-AE7D-49BBD354AA3D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{EF895D46-9468-479F-8360-4D3C07D6AF4B} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F0678FC6-D542-4AC6-BC81-2C0F68FE9411} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F0B51528-D351-4C5E-BC12-3F310A67A5ED} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F1388A86-ABBF-4D1F-A29D-272F292DFAF0} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F1F35D3D-A1AA-4E1B-A1B6-86549206A343} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F2EF3B06-4423-4608-AACD-A2E605A07546} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F31B10C2-4975-408D-83E8-1FEA4B0CAEAD} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F3B3586C-2DC7-4EE8-BB76-849A6FF986E6} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F4C88D82-ECA9-46DA-B191-581568809C2D} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F56D79DB-4B6C-4056-A91B-2D8440F3D8E1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F5A84AF4-DE2B-4176-A58A-F66926327600} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F5ED2442-7EBC-441B-BFC0-374B09E4FD69} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F6EA2202-09E5-4890-9687-98BBA74E2CF1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F703426E-A021-47E9-BB7F-B2EBDDB2D8D4} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F74C6744-BFE2-46E3-9294-71EFD7F2B676} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F7CA2B27-C93C-478D-B67D-3D87BD20F2D7} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F879B70C-3BC0-43CD-ABDD-7C150962C778} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F8CAED52-8D86-458A-A044-8A9665FF13BC} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F90A6326-54BB-40C1-935D-E64DDEA3EF35} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F9281AE7-A0A7-4A87-970D-B6175A2363CF} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{F9B0F2C2-545F-4D0E-A757-C8052248FAEE} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{FA24D06C-9C36-403D-A656-42B598750DFF} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{FA5CEACA-FC51-42E1-A517-058E106563C7} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{FC17E8E8-09DD-4DB8-8C5F-6C8544E3F6D1} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{FC79CBE9-7F6C-41AE-8E77-8945E3D09D04} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{FCA8EB0D-3CB8-4FFA-A7A9-AB6AC81F9C95} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{FD4A1FDD-68CB-4578-9071-E2A631DE7943} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{FD6D8F33-D603-4268-9294-5BC88F05B679} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{FE1EC6B0-8DDC-4969-ADB5-6CF4FDE4F5CA} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{FE2255BB-49D8-4094-AECC-FEADCED2CF5C} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{FED7A686-521A-4C99-9945-DC2A1831C6BE} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{FEF271B8-2C0E-40E2-9F50-D960C2D50B0F} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{FF418B7D-A4C6-4F97-BB3E-A6A71118A912} Successfully deleted: [Empty Folder] C:\Users\CRAIG\appdata\local\{FFD4E8B0-0ADB-46AC-8BB0-911FB19B8611} ~~~ FireFox Successfully deleted: [File] C:\Users\CRAIG\AppData\Roaming\mozilla\firefox\profiles\l75bkxec.default\invalidprefs.js Emptied folder: C:\Users\CRAIG\AppData\Roaming\mozilla\firefox\profiles\l75bkxec.default\minidumps [2 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Thu 08/22/2013 at 12:01:48.29 End of JRT log

# AdwCleaner v3.000 - Report created 22/08/2013 at 11:26:06 # Updated 20/08/2013 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (32 bits) # Username : CRAIG - CRAIG-PC # Running from : C:\Users\CRAIG\Downloads\AdwCleaner (1).exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\END File Found : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\searchplugins\Babylon.xml File Found : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\searchplugins\delta.xml File Found : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\user.js Folder Found C:\ProgramData\Babylon Folder Found C:\Users\CRAIG\AppData\Local\PackageAware Folder Found C:\Users\CRAIG\AppData\LocalLow\delta Folder Found C:\Users\CRAIG\AppData\Roaming\DSite ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\BabylonToolbar Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{06E58E5E-F8CB-4049-991E-A41C03BD419E} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06E58E5E-F8CB-4049-991E-A41C03BD419E} Key Found : HKCU\Software\YahooPartnerToolbar Key Found : HKLM\SOFTWARE\84da8fb63ebe42 Key Found : HKLM\Software\Babylon Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe Key Found : HKLM\SOFTWARE\Classes\CLSID\{06E58E5E-F8CB-4049-991E-A41C03BD419E} Key Found : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore.1 Key Found : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Key Found : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Key Found : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Key Found : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Key Found : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Key Found : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Key Found : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Key Found : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Key Found : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Key Found : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Key Found : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Key Found : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Key Found : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Key Found : HKLM\SOFTWARE\Classes\Prod.cap Key Found : HKLM\SOFTWARE\Classes\Prod.cap Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Found : HKLM\Software\DataMngr Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{06E58E5E-F8CB-4049-991E-A41C03BD419E}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{06E58E5E-F8CB-4049-991E-A41C03BD419E}] ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16455 -\\ Mozilla Firefox v23.0.1 (en-US) [ File : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\prefs.js ] Line Found : user_pref("extensions.delta.admin", false); Line Found : user_pref("extensions.delta.aflt", "babsst"); Line Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); Line Found : user_pref("extensions.delta.autoRvrt", "false"); Line Found : user_pref("extensions.delta.dfltLng", "en"); Line Found : user_pref("extensions.delta.excTlbr", false); Line Found : user_pref("extensions.delta.ffxUnstlRst", true); Line Found : user_pref("extensions.delta.id", "c24f22b30000000000000024d667f5c5"); Line Found : user_pref("extensions.delta.instlDay", "15841"); Line Found : user_pref("extensions.delta.instlRef", "sst"); Line Found : user_pref("extensions.delta.newTab", false); Line Found : user_pref("extensions.delta.prdct", "delta"); Line Found : user_pref("extensions.delta.prtnrId", "delta"); Line Found : user_pref("extensions.delta.rvrt", "false"); Line Found : user_pref("extensions.delta.smplGrp", "none"); Line Found : user_pref("extensions.delta.tlbrId", "base"); Line Found : user_pref("extensions.delta.tlbrSrchUrl", ""); Line Found : user_pref("extensions.delta.vrsn", "1.8.16.16"); Line Found : user_pref("extensions.delta.vrsnTs", "1.8.16.169:38:48"); Line Found : user_pref("extensions.delta.vrsni", "1.8.16.16"); -\\ Google Chrome v29.0.1547.57 [ File : C:\Users\CRAIG\AppData\Local\Google\Chrome\User Data\Default\preferences ] Found : homepage ************************* AdwCleaner[R0].txt - [5973 octets] - [22/08/2013 11:23:44] AdwCleaner[R1].txt - [5897 octets] - [22/08/2013 11:26:06] ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [5957 octets] ##########

DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2 Install Date: 3/19/2010 2:30:50 PM System Uptime: 8/22/2013 10:10:11 AM (0 hours ago) . Motherboard: Dell Inc. | | 0DW634 Processor: Intel® Core2 Duo CPU P8700 @ 2.53GHz | Microprocessor | 2535/266mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 232 GiB total, 39.01 GiB free. D: is CDROM (UDF) . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP808: 8/11/2013 3:45:00 PM - Scheduled Checkpoint RP809: 8/22/2013 10:02:31 AM - Removed Microsoft Works 6-9 Converter . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 401(k) Easy Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.6) Adobe SVG Viewer 3.0 All Day Battery Life Configuration Apple Application Support Apple Mobile Device Support Apple Software Update AuthenTec Fingerprint Software avast! Ad Blocker avast! Free Antivirus BioAPI Framework Bonjour Broadcom NetXtreme-I Netlink Driver and Management Installer Brother HL-3070CW Brother MFL-Pro Suite Brother MFL-Pro Suite MFC-9320CW Canon RAW Image Task for ZoomBrowser EX Canon Utilities CameraWindow Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Utilities Digital Photo Professional 3.4 Canon Utilities EOS Utility Canon Utilities MyCamera Canon Utilities Original Data Security Tools Canon Utilities PhotoStitch Canon Utilities Picture Style Editor Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Utilities WFT-E1/E2/E3 Utility Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility D3DX10 DCP32MMWrapper Dell Control Point Dell ControlPoint Connection Manager Dell ControlPoint Security Manager Dell ControlPoint System Manager Dell Edoc Viewer Dell Embassy Trust Suite by Wave Systems Dell Security Device Driver Pack Dell Touchpad Document Manager Lite eFax Messenger EMBASSY Security Center EMBASSY Security Setup EOS USB WIA Driver ESC Home Page Plugin FlipShare Football Playbook v007 Gemalto Google Chrome Google Drive Google Earth Plug-in Google Update Helper GoToMeeting 5.2.0.952 iCloud Intel® Graphics Media Accelerator Driver Intel® TV Wizard Intel® Matrix Storage Manager iTunes Java 7 Update 25 Java Auto Updater join.me Junk Mail filter update Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Access 2002 Runtime Microsoft Application Error Reporting Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual Studio 2005 Tools for Office Runtime Mozilla Firefox 23.0.1 (x86 en-US) Mozilla Maintenance Service Mozilla Thunderbird 17.0.8 (x86 en-US) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB973685) NTRU TCG Software Stack Online Armor 5.5 PaperPort Image Printer Play Designer Series 2012 PlayMaker Football 2.5 PowerDVD DX Preboot Manager Private Information Manager QuickBooks QuickBooks Pro 2012 QuickTime ScanSoft PaperPort 11 Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition Security Wizards SO32MMWrapper Spelling Dictionaries Support For Adobe Reader 9 StreetSmart Edge SupportSoft Assisted Service TouchCopy 09 Trusted Drive Manager Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) UPEK TouchChip Fingerprint Reader Wave Infrastructure Installer Wave Support Software WebEx Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (05/13/2009 8.4.2.0) Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin WinZip 16.0 WinZip Courier . ==== Event Viewer Messages From Past Week ======== . 8/22/2013 10:10:45 AM, Error: Service Control Manager [7001] - The NTRU TSS v1.2.1.29 TCS service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully. 8/22/2013 10:10:33 AM, Error: Service Control Manager [7000] - The sbapifs service failed to start due to the following error: The system cannot find the file specified. 8/21/2013 9:00:34 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 8/20/2013 8:41:25 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 8/20/2013 4:54:05 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FlipShare Service service. 8/16/2013 1:08:54 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service. 8/16/2013 1:08:54 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service. . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.25.2 Run by CRAIG at 10:51:47 on 2013-08-22 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3539.1683 [GMT -6:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Online Armor Firewall *Disabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Program Files\Fingerprint Sensor\AtService.exe C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_450b431403c091e3\STacSV.exe C:\Program Files\Online Armor\OAcat.exe C:\Program Files\Online Armor\oasrv.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe C:\Program Files\Flip Video\FlipShare\FlipShareService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskhost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\DellTPad\Apoint.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe C:\Program Files\DellTPad\Apntex.exe C:\Windows\system32\conhost.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\Brother\Brmfcmon\BrMfimon.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Online Armor\oaui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Online Armor\OAhlp.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Schwab\StreetSmart Edge\QuickLaunch.exe C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe C:\Program Files\Intuit\QuickBooks 2009\QBW32.EXE C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\igfxext.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\conhost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted . ============== Pseudo HJT Report =============== . BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Fast Free Converter 4.1: {8232785C-5C98-4A6E-B7B4-911FFBED7582} - c:\program files\fast free converter\fastfreeconverter\FastFreeConverter.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: WinZip Courier BHO: {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - c:\program files\winzip courier\wzwmcie.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll BHO: avast! Ad Blocker: {FFCB3198-32F3-4E8B-9539-4324694ED663} - c:\program files\avast software\avast! ad blocker ie\Adblocker32.dll TB: Upromise TurboSaver: {06E58E5E-F8CB-4049-991E-A41C03BD419E} - TB: Upromise TurboSaver: {06E58E5E-F8CB-4049-991E-A41C03BD419E} - TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe uRun: [eFax 4.4] "c:\program files\efax messenger 4.4\J2GDllCmd.exe" /R uRun: [QuickLaunch] c:\program files\schwab\streetsmart edge\QuickLaunch.exe mRun: [Apoint] c:\program files\delltpad\Apoint.exe mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [DellControlPoint] "c:\program files\dell\dell controlpoint\Dell.ControlPoint.exe" mRun: [DellConnectionManager] "c:\program files\dell\dell controlpoint\connection manager\Dell.UCM.exe" mRun: [ChangeTPMAuth] c:\program files\wave systems corp\common\ChangeTPMAuth.exe /T:NTRU12 mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe mRun: [uSCService] c:\program files\dell\dell controlpoint\security manager\BcmDeviceAndTaskStatusService.exe mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe" mRun: [brMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun mRun: [brStsWnd] c:\program files\brownie\BrstsWnd.exe Autorun mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe" mRun: [indexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe" mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\11\config\ereg\Ereg.ini" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [@OnlineArmor GUI] "c:\program files\online armor\oaui.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" StartupFolder: c:\users\craig\appdata\roaming\micros~1\windows\startm~1\programs\startup\efax44~1.lnk - c:\program files\efax messenger 4.4\J2GTray.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dellco~1.lnk - c:\program files\dell\dell controlpoint\system manager\DCPSysMgr.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\intuit~1.lnk - c:\program files\common files\intuit\dataprotect\IntuitDataProtect.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~2.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\intuit\quickbooks 2009\QBW32.EXE uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: EnableShellExecuteHooks = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} Trusted Zone: advisoryworld.com Trusted Zone: schwabintsitutional.com TCP: NameServer = 192.168.1.1 TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\157756374775966496 : DHCPNameServer = 192.168.9.1 64.134.255.2 64.134.255.10 TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\16474777966696 : DHCPNameServer = 192.168.5.1 TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\265656B6D616E6 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\3425149474D20534F5E4564777F627B6 : DHCPNameServer = 66.118.220.37 66.118.220.38 TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\3456461627336303 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\34F607075627541676C656 : DHCPNameServer = 68.105.28.12 68.105.29.12 68.105.28.11 TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\564786F63747275616D683 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{D7D7965B-28EC-4EA1-B211-FBBFD5AFE895} : DHCPNameServer = 192.168.1.1 Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - c:\program files\intuit\quickbooks 2009\HelpAsyncPluggableProtocol.dll Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: igfxcui - igfxdev.dll SSODL: WebCheck - <orphaned> SEH: OA Shell Helper - {4F07DA45-8170-4859-9B5F-037EF2970034} - c:\program files\online armor\oaevent.dll LSA: Authentication Packages = msv1_0 wvauth mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ================= FIREFOX =================== . FF - ProfilePath - c:\users\craig\appdata\roaming\mozilla\firefox\profiles\l75bkxec.default\ FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - c24f22b30000000000000024d667f5c5 FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15841 FF - user.js: extensions.delta.vrsn - 1.8.16.16 FF - user.js: extensions.delta.vrsni - 1.8.16.16 FF - user.js: extensions.delta.vrsnTs - 1.8.16.169:38:48 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-8 49376] R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-8 174664] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-11-19 765736] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-11-19 368944] R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2012-11-22 208320] R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [2012-11-22 44992] R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2012-11-22 27648] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-11-19 29816] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-11-19 66336] R2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2009-5-15 1803512] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-5-21 46808] R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\dell\dell controlpoint\DCPButtonSvc.exe [2009-4-27 293968] R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2009-7-16 382752] R2 FastFreeConverterUpdt;FastFreeConverterUpdt;c:\program files\fast free converter\FastFreeConverterUpdt.exe [2012-11-26 687104] R2 FlipShareServer;FlipShare Server;c:\program files\flip video\flipshareserver\FlipShareServer.exe [2011-5-6 1085440] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-21 418376] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-11-21 701512] R2 OAcat;Online Armor Helper Service;c:\program files\online armor\oacat.exe [2012-11-23 216072] R2 QBVSS;QBIDPService;c:\program files\common files\intuit\dataprotect\QBIDPService.exe [2012-3-14 1248256] R2 SMManager;Smith Micro Connection Manager Service;c:\program files\dell\dell controlpoint\connection manager\SMManager.exe [2009-10-5 76288] R2 SvcOnlineArmor;Online Armor;c:\program files\online armor\OAsrv.exe [2012-11-23 4463864] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2010-1-15 260648] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-1-15 122368] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-11-21 22856] R3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2010-1-15 6114816] R3 OAnet;OnlineArmor Service;c:\windows\system32\drivers\OAnet.sys [2012-11-22 31768] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 acpials;ALS Sensor Filter;c:\windows\system32\drivers\acpials.sys [2009-7-14 7680] S3 BrSerIb;Brother MFC Serial Interface Driver(WDM);c:\windows\system32\drivers\BrSerIb.sys [2009-7-13 265088] S3 BrUsbSIb;Brother MFC Serial USB Driver(WDM);c:\windows\system32\drivers\BrUsbSIb.sys [2009-7-13 11904] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088] S3 rimspci;rimspci;c:\windows\system32\drivers\rimspe86.sys [2010-1-15 47104] S3 risdpcie;risdpcie;c:\windows\system32\drivers\risdpe86.sys [2010-1-15 49152] S3 rixdpcie;rixdpcie;c:\windows\system32\drivers\rixdpe86.sys [2010-1-15 38400] S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-2 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-4 1343400] . =============== Created Last 30 ================ . 2013-08-19 02:35:17 -------- d-----w- c:\users\craig\appdata\local\{636195DC-67FE-4F23-8E35-833F83E07AA3} 2013-08-18 14:31:34 -------- d-----w- c:\users\craig\appdata\local\{A062EA6B-FDA1-4B13-9E73-D518156D429B} 2013-08-18 02:31:11 -------- d-----w- c:\users\craig\appdata\local\{EB3DF760-341A-4100-9D86-F66B44EDB314} 2013-08-14 16:59:43 -------- d-----w- c:\users\craig\appdata\local\{AB460F7C-C0C4-47D1-BD3B-66C4D6AF1209} 2013-08-13 17:04:39 -------- d-----w- c:\users\craig\appdata\local\PlayMaker 2013-08-13 17:04:36 -------- d-----w- c:\program files\PlayMaker . ==================== Find3M ==================== . 2013-07-29 20:28:42 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-07-29 20:28:41 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-07-09 16:25:58 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-07-09 16:25:50 867240 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-07-09 16:25:50 789416 ----a-w- c:\windows\system32\deployJava1.dll . ============= FINISH: 10:55:26.75 ===============

Running Avast, Malywarebytes, and online armor Malwarebytes Anti-Malware (PRO) 1.75.0.1300www.malwarebytes.org Database version: v2013.08.21.06 Windows 7 Service Pack 1 x86 NTFSInternet Explorer 9.0.8112.16421CRAIG :: CRAIG-PC [administrator] Protection: Enabled 8/22/2013 10:21:28 AMMBAM-log-2013-08-22 (10-43-11).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 242203Time elapsed: 20 minute(s), 56 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 6HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> No action taken.HKCR\Typelib\{4599D05A-D545-4069-BB42-5895B4EAE05B} (PUP.Optional.Delta.A) -> No action taken.HKCR\Interface\{1231839B-064E-4788-B865-465A1B5266FD} (PUP.Optional.Delta.A) -> No action taken.HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr) -> No action taken.HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> No action taken.HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> No action taken. Registry Values Detected: 1HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0L1N1H2O1S -> No action taken. Registry Data Items Detected: 0(No malicious items detected)

Cannot remove fast free converter. Not showing up in Chrome, but is in Firefox,(have disabled it) and Explorer (cannot disable). Additionally, I get a Windows error claiming I am not running an authentic version of windows 7 pro ... related?

# AdwCleaner v2.301 - Logfile created 05/17/2013 at 14:25:38 # Updated 16/05/2013 by Xplode # Operating system : Windows 7 Professional Service Pack 1 (32 bits) # User : CRAIG - CRAIG-PC # Boot Mode : Normal # Running from : C:\Users\CRAIG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LTFKL85K\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\END File Found : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\searchplugins\Babylon.xml File Found : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\searchplugins\delta.xml Folder Found : C:\Program Files\Delta Folder Found : C:\ProgramData\Babylon Folder Found : C:\Users\CRAIG\AppData\Local\PackageAware Folder Found : C:\Users\CRAIG\AppData\LocalLow\Delta Folder Found : C:\Users\CRAIG\AppData\Roaming\Babylon Folder Found : C:\Users\CRAIG\AppData\Roaming\Delta Folder Found : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\extensions\ffxtlbr@delta.com ***** [Registry] ***** Key Found : HKCU\Software\BabylonToolbar Key Found : HKCU\Software\DataMngr Key Found : HKCU\Software\DataMngr_Toolbar Key Found : HKCU\Software\Delta Key Found : HKCU\Software\InstallCore Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{06E58E5E-F8CB-4049-991E-A41C03BD419E} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06E58E5E-F8CB-4049-991E-A41C03BD419E} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Key Found : HKCU\Software\YahooPartnerToolbar Key Found : HKLM\SOFTWARE\84da8fb63ebe42 Key Found : HKLM\Software\Babylon Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe Key Found : HKLM\SOFTWARE\Classes\CLSID\{06E58E5E-F8CB-4049-991E-A41C03BD419E} Key Found : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} Key Found : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} Key Found : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} Key Found : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore.1 Key Found : HKLM\SOFTWARE\Classes\delta.deltadskBnd Key Found : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1 Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1 Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1 Key Found : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Key Found : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Key Found : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Key Found : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Key Found : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Key Found : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Key Found : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Key Found : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Key Found : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Key Found : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Key Found : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Key Found : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Key Found : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Key Found : HKLM\SOFTWARE\Classes\Prod.cap Key Found : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Found : HKLM\Software\DataMngr Key Found : HKLM\Software\Delta Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Key Found : HKU\S-1-5-21-2270400815-616284404-3630716744-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{06E58E5E-F8CB-4049-991E-A41C03BD419E}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{06E58E5E-F8CB-4049-991E-A41C03BD419E}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16455 [OK] Registry is clean. -\\ Mozilla Firefox v19.0.2 (en-US) File : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\prefs.js Found : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?affID=119351&tt=gc_150213_alt&babsrc=[...] Found : user_pref("browser.search.selectedEngine", "Delta Search"); Found : user_pref("browser.startup.homepage", "hxxp://www1.delta-search.com/?affID=119351&tt=gc_150213_alt&b[...] Found : user_pref("extensions.delta.admin", false); Found : user_pref("extensions.delta.aflt", "babsst"); Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); Found : user_pref("extensions.delta.autoRvrt", "false"); Found : user_pref("extensions.delta.dfltLng", "en"); Found : user_pref("extensions.delta.excTlbr", false); Found : user_pref("extensions.delta.ffxUnstlRst", true); Found : user_pref("extensions.delta.id", "c24f22b30000000000000024d667f5c5"); Found : user_pref("extensions.delta.instlDay", "15841"); Found : user_pref("extensions.delta.instlRef", "sst"); Found : user_pref("extensions.delta.newTab", false); Found : user_pref("extensions.delta.prdct", "delta"); Found : user_pref("extensions.delta.prtnrId", "delta"); Found : user_pref("extensions.delta.rvrt", "false"); Found : user_pref("extensions.delta.smplGrp", "none"); Found : user_pref("extensions.delta.tlbrId", "base"); Found : user_pref("extensions.delta.tlbrSrchUrl", ""); Found : user_pref("extensions.delta.vrsn", "1.8.16.16"); Found : user_pref("extensions.delta.vrsnTs", "1.8.16.169:38:48"); Found : user_pref("extensions.delta.vrsni", "1.8.16.16"); -\\ Google Chrome v26.0.1410.64 File : C:\Users\CRAIG\AppData\Local\Google\Chrome\User Data\Default\Preferences Found [l.2426] : homepage = "hxxp://www1.delta-search.com/?affID=119351&tt=gc_150213_alt&babsrc=HP_ss&mntrId=C24F0024D667F5C5", Found [l.3017] : urls_to_restore_on_startup = [ "hxxp://www1.delta-search.com/?affID=119351&tt=gc_150213_alt&babsrc=HP_ss&mntrId=C24F0024D667F5C5" ] ************************* AdwCleaner[R1].txt - [7113 octets] - [21/11/2012 19:53:51] AdwCleaner[R2].txt - [7173 octets] - [21/11/2012 20:12:02] AdwCleaner[R3].txt - [1143 octets] - [06/12/2012 09:45:25] AdwCleaner[R4].txt - [9183 octets] - [17/05/2013 14:25:38] AdwCleaner[s1].txt - [7337 octets] - [21/11/2012 20:12:43] ########## EOF - C:\AdwCleaner[R4].txt - [9303 octets] ##########

I have tried to remove them, it will not let me.

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version Started in : Normal mode User : CRAIG [Admin rights] Mode : Scan -- Date : 05/17/2013 11:59:51 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 5 ¤¤¤ [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD2500BEVT-75ZCT2 +++++ --- User --- [MBR] d85e28f24e6b15457e4402eecee0e541 [bSP] 03f896d43fd327991aba875e0b041025 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 86 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 178176 | Size: 750 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1714176 | Size: 237637 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_05172013_02d1159.txt >> RKreport[1]_S_05172013_02d1159.txt

DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.21.2 Run by CRAIG at 11:44:18 on 2013-05-17 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3539.1660 [GMT -6:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Online Armor Firewall *Disabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_450b431403c091e3\STacSV.exe C:\Program Files\Online Armor\OAcat.exe C:\Program Files\Online Armor\oasrv.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe C:\Program Files\Flip Video\FlipShare\FlipShareService.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe C:\Program Files\DellTPad\Apoint.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe C:\Windows\system32\conhost.exe C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\Brother\Brmfcmon\BrMfimon.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Online Armor\oaui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Online Armor\OAhlp.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Schwab\StreetSmart Edge\QuickLaunch.exe C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe C:\Windows\system32\igfxext.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Wat\WatUX.exe C:\Program Files\Intuit\QuickBooks 2009\qbw32.exe C:\Windows\system32\conhost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted . ============== Pseudo HJT Report =============== . uStart Page = hxxp://yahoo.com/ BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Fast Free Converter 4.1: {8232785C-5C98-4A6E-B7B4-911FFBED7582} - c:\program files\fast free converter\fastfreeconverter\FastFreeConverter.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: WinZip Courier BHO: {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - c:\program files\winzip courier\wzwmcie.dll BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - c:\program files\delta\delta\1.8.16.16\bh\delta.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll BHO: avast! Ad Blocker: {FFCB3198-32F3-4E8B-9539-4324694ED663} - c:\program files\avast software\avast! ad blocker ie\Adblocker32.dll TB: Upromise TurboSaver: {06E58E5E-F8CB-4049-991E-A41C03BD419E} - TB: Upromise TurboSaver: {06E58E5E-F8CB-4049-991E-A41C03BD419E} - TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe uRun: [eFax 4.4] "c:\program files\efax messenger 4.4\J2GDllCmd.exe" /R uRun: [QuickLaunch] c:\program files\schwab\streetsmart edge\QuickLaunch.exe uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_7_700_169_ActiveX.exe -update activex mRun: [Apoint] c:\program files\delltpad\Apoint.exe mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [DellControlPoint] "c:\program files\dell\dell controlpoint\Dell.ControlPoint.exe" mRun: [DellConnectionManager] "c:\program files\dell\dell controlpoint\connection manager\Dell.UCM.exe" mRun: [ChangeTPMAuth] c:\program files\wave systems corp\common\ChangeTPMAuth.exe /T:NTRU12 mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe mRun: [uSCService] c:\program files\dell\dell controlpoint\security manager\BcmDeviceAndTaskStatusService.exe mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe" mRun: [brMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun mRun: [brStsWnd] c:\program files\brownie\BrstsWnd.exe Autorun mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe" mRun: [indexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe" mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\11\config\ereg\Ereg.ini" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [@OnlineArmor GUI] "c:\program files\online armor\oaui.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" StartupFolder: c:\users\craig\appdata\roaming\micros~1\windows\startm~1\programs\startup\efax44~1.lnk - c:\program files\efax messenger 4.4\J2GTray.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dellco~1.lnk - c:\program files\dell\dell controlpoint\system manager\DCPSysMgr.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\intuit~1.lnk - c:\program files\common files\intuit\dataprotect\IntuitDataProtect.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~2.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\intuit\quickbooks 2009\QBW32.EXE uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: EnableShellExecuteHooks = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} Trusted Zone: advisoryworld.com Trusted Zone: schwabintsitutional.com DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\157756374775966496 : DHCPNameServer = 192.168.9.1 64.134.255.2 64.134.255.10 TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\16474777966696 : DHCPNameServer = 192.168.5.1 TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\265656B6D616E6 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\3425149474D20534F5E4564777F627B6 : DHCPNameServer = 66.118.220.37 66.118.220.38 TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\3456461627336303 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\34F607075627541676C656 : DHCPNameServer = 68.105.28.12 68.105.29.12 68.105.28.11 TCP: Interfaces\{D7D7965B-28EC-4EA1-B211-FBBFD5AFE895} : DHCPNameServer = 192.168.1.1 Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - c:\program files\intuit\quickbooks 2009\HelpAsyncPluggableProtocol.dll Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: igfxcui - igfxdev.dll SSODL: WebCheck - <orphaned> SEH: OA Shell Helper - {4F07DA45-8170-4859-9B5F-037EF2970034} - c:\program files\online armor\oaevent.dll LSA: Authentication Packages = msv1_0 wvauth mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ================= FIREFOX =================== . FF - ProfilePath - c:\users\craig\appdata\roaming\mozilla\firefox\profiles\l75bkxec.default\ FF - prefs.js: browser.search.selectedEngine - Delta Search FF - prefs.js: browser.startup.homepage - hxxp://www1.delta-search.com/?affID=119351&tt=gc_150213_alt&babsrc=HP_ss&mntrId=C24F0024D667F5C5 FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_169.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - c24f22b30000000000000024d667f5c5 FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15841 FF - user.js: extensions.delta.vrsn - 1.8.16.16 FF - user.js: extensions.delta.vrsni - 1.8.16.16 FF - user.js: extensions.delta.vrsnTs - 1.8.16.169:38:48 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-8 49248] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-11-19 765736] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-11-19 368176] R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2012-11-22 208320] R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [2012-11-22 44992] R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2012-11-22 27648] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-11-19 29816] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-11-19 66336] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-3-8 45248] R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\dell\dell controlpoint\DCPButtonSvc.exe [2009-4-27 293968] R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2009-7-16 382752] R2 FastFreeConverterUpdt;FastFreeConverterUpdt;c:\program files\fast free converter\FastFreeConverterUpdt.exe [2012-11-26 687104] R2 FlipShareServer;FlipShare Server;c:\program files\flip video\flipshareserver\FlipShareServer.exe [2011-5-6 1085440] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-21 418376] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-11-21 701512] R2 OAcat;Online Armor Helper Service;c:\program files\online armor\oacat.exe [2012-11-23 216072] R2 QBVSS;QBIDPService;c:\program files\common files\intuit\dataprotect\QBIDPService.exe [2012-3-14 1248256] R2 SMManager;Smith Micro Connection Manager Service;c:\program files\dell\dell controlpoint\connection manager\SMManager.exe [2009-10-5 76288] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2010-1-15 260648] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-1-15 122368] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-11-21 22856] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-5-17 40776] R3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2010-1-15 6114816] R3 OAnet;OnlineArmor Service;c:\windows\system32\drivers\OAnet.sys [2012-11-22 31768] S2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2009-5-15 1803512] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 acpials;ALS Sensor Filter;c:\windows\system32\drivers\acpials.sys [2009-7-14 7680] S3 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-8 164736] S3 BrSerIb;Brother MFC Serial Interface Driver(WDM);c:\windows\system32\drivers\BrSerIb.sys [2009-7-13 265088] S3 BrUsbSIb;Brother MFC Serial USB Driver(WDM);c:\windows\system32\drivers\BrUsbSIb.sys [2009-7-13 11904] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088] S3 rimspci;rimspci;c:\windows\system32\drivers\rimspe86.sys [2010-1-15 47104] S3 risdpcie;risdpcie;c:\windows\system32\drivers\risdpe86.sys [2010-1-15 49152] S3 rixdpcie;rixdpcie;c:\windows\system32\drivers\rixdpe86.sys [2010-1-15 38400] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-2 52224] . =============== Created Last 30 ================ . 2013-05-16 15:54:10 -------- d-----w- c:\program files\File Type Helper 2013-05-16 15:53:54 -------- d-----w- c:\program files\Fast Free Converter 2013-05-16 15:38:41 -------- d-----w- c:\program files\Delta 2013-05-16 15:38:35 -------- d-----w- c:\users\craig\appdata\roaming\Delta 2013-05-16 15:37:12 -------- d-----w- c:\users\craig\appdata\roaming\Babylon 2013-05-16 15:37:12 -------- d-----w- c:\programdata\Babylon 2013-05-16 15:37:11 -------- d-----w- c:\users\craig\appdata\roaming\DSite 2013-05-09 09:45:13 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{a632f45e-fc5a-4e90-96dd-c153f5f4d218}\offreg.dll 2013-05-09 09:43:34 6906960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{a632f45e-fc5a-4e90-96dd-c153f5f4d218}\mpengine.dll 2013-04-23 14:14:21 -------- d-----w- c:\users\craig\appdata\local\{64055D0C-098C-4A12-9616-954173DC0FD8} 2013-04-19 02:38:46 -------- d-----w- c:\program files\MSECache . ==================== Find3M ==================== . 2013-04-28 14:54:24 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-04-28 14:54:24 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-04-17 14:49:42 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-04-17 14:49:36 866720 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-04-17 14:49:36 788896 ----a-w- c:\windows\system32\deployJava1.dll 2013-04-04 20:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-03-06 23:33:24 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-03-06 23:33:24 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-03-06 23:33:24 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-03-06 23:33:23 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-03-06 23:33:23 60656 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2013-03-06 23:32:51 41664 ----a-w- c:\windows\avastSS.scr . ============= FINISH: 11:49:16.18 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2 Install Date: 3/19/2010 2:30:50 PM System Uptime: 5/17/2013 8:41:20 AM (3 hours ago) . Motherboard: Dell Inc. | | 0DW634 Processor: Intel® Core2 Duo CPU P8700 @ 2.53GHz | Microprocessor | 2535/266mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 232 GiB total, 62.947 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP803: 4/17/2013 8:47:16 AM - Installed Java 7 Update 21 RP804: 5/4/2013 10:54:08 PM - Scheduled Checkpoint RP805: 5/10/2013 2:43:29 PM - Installed StreetSmart Edge . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 401(k) Easy Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.6) Adobe SVG Viewer 3.0 All Day Battery Life Configuration Apple Application Support Apple Mobile Device Support Apple Software Update AuthenTec Fingerprint Software avast! Ad Blocker avast! Free Antivirus BioAPI Framework Bonjour Broadcom NetXtreme-I Netlink Driver and Management Installer Brother HL-3070CW Brother MFL-Pro Suite Brother MFL-Pro Suite MFC-9320CW Canon RAW Image Task for ZoomBrowser EX Canon Utilities CameraWindow Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Utilities Digital Photo Professional 3.4 Canon Utilities EOS Utility Canon Utilities MyCamera Canon Utilities Original Data Security Tools Canon Utilities PhotoStitch Canon Utilities Picture Style Editor Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Utilities WFT-E1/E2/E3 Utility Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility D3DX10 DCP32MMWrapper Dell Control Point Dell ControlPoint Connection Manager Dell ControlPoint Security Manager Dell ControlPoint System Manager Dell Edoc Viewer Dell Embassy Trust Suite by Wave Systems Dell Security Device Driver Pack Dell Touchpad Delta toolbar Document Manager Lite eFax Messenger EMBASSY Security Center EMBASSY Security Setup EOS USB WIA Driver ESC Home Page Plugin Fast Free Converter FlipShare Football Playbook v007 Gemalto Google Chrome Google Drive Google Earth Plug-in Google Update Helper GoToMeeting 5.2.0.952 iCloud Intel® Graphics Media Accelerator Driver Intel® TV Wizard Intel® Matrix Storage Manager iTunes Java 7 Update 21 Java Auto Updater join.me Junk Mail filter update Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Access 2002 Runtime Microsoft Application Error Reporting Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual Studio 2005 Tools for Office Runtime Microsoft Works 6-9 Converter Mozilla Firefox 19.0.2 (x86 en-US) Mozilla Thunderbird 17.0.6 (x86 en-US) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB973685) NTRU TCG Software Stack Online Armor 5.5 PaperPort Image Printer Play Designer Series 2012 PowerDVD DX Preboot Manager Private Information Manager QuickBooks QuickBooks Pro 2012 QuickTime ScanSoft PaperPort 11 Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition Security Wizards SO32MMWrapper Spelling Dictionaries Support For Adobe Reader 9 StreetSmart Edge SupportSoft Assisted Service TouchCopy 09 Trusted Drive Manager Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) UPEK TouchChip Fingerprint Reader Wave Infrastructure Installer Wave Support Software WebEx Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (05/13/2009 8.4.2.0) Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin WinZip 16.0 WinZip Courier . ==== Event Viewer Messages From Past Week ======== . 5/17/2013 8:43:15 AM, Error: Service Control Manager [7034] - The AuthenTec Fingerprint Service service terminated unexpectedly. It has done this 1 time(s). 5/17/2013 8:42:20 AM, Error: Service Control Manager [7001] - The NTRU TSS v1.2.1.29 TCS service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully. 5/17/2013 8:42:12 AM, Error: Service Control Manager [7000] - The sbapifs service failed to start due to the following error: The system cannot find the file specified. 5/17/2013 8:37:48 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. 5/17/2013 8:20:07 AM, Error: Service Control Manager [7034] - The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s). 5/16/2013 9:54:03 AM, Error: Service Control Manager [7030] - The FastFreeConverterUpdt service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 5/16/2013 8:55:46 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 5/16/2013 7:39:30 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service. 5/16/2013 12:57:55 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: Access is denied. 5/16/2013 1:28:09 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the FlipShare Service service to connect. 5/16/2013 1:28:09 PM, Error: Service Control Manager [7000] - The FlipShare Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 5/15/2013 7:32:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FlipShare Service service. 5/15/2013 12:44:53 AM, Error: Service Control Manager [7034] - The Google Update Service (gupdate) service terminated unexpectedly. It has done this 2 time(s). 5/14/2013 10:43:59 AM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 5/13/2013 3:57:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service. 5/12/2013 4:52:20 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service. . ==== End Of File ===========================

Google Chrome taken over by Delta Search redirect. Avast gave me 4 files that "could not be scanned" and they appear to be malware, however I cannot move to the chest. Thanks!

Jeff, System is running well ... no more redirect. Browsing at normal speeds while running multiple apps. here is the log: All processes killed ========== SERVICES/DRIVERS ========== ========== OTL ========== Prefs.js: vhixznmnss@vhixznmnss.org:2.5 removed from extensions.enabledAddons C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\extensions\vhixznmnss@vhixznmnss.org.xpi moved successfully. C:\Windows\CD95F661A5C411AFB2CCABCD21A325B8.TMP folder deleted successfully. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\CRAIG\Desktop\cmd.bat deleted successfully. C:\Users\CRAIG\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: CRAIG ->Temp folder emptied: 54978185 bytes ->Temporary Internet Files folder emptied: 94742365 bytes ->Java cache emptied: 5692243 bytes ->FireFox cache emptied: 237214311 bytes ->Google Chrome cache emptied: 394121619 bytes ->Flash cache emptied: 3867048 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 56502 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 147183 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 2215445770 bytes Total Files Cleaned = 2,867.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 12072012_083927 Files\Folders moved on Reboot... File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot...

No, not at all!

here is the one from adwclearner: # AdwCleaner v2.011 - Logfile created 12/06/2012 at 08:45:25 # Updated 02/12/2012 by Xplode # Operating system : Windows 7 Professional Service Pack 1 (32 bits) # User : CRAIG - CRAIG-PC # Boot Mode : Normal # Running from : C:\Users\CRAIG\Desktop\AdwCleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16455 [OK] Registry is clean. -\\ Mozilla Firefox v16.0.2 (en-US) Profile name : default File : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\prefs.js [OK] File is clean. -\\ Google Chrome v23.0.1271.95 File : C:\Users\CRAIG\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [7113 octets] - [21/11/2012 18:53:51] AdwCleaner[R2].txt - [7173 octets] - [21/11/2012 19:12:02] AdwCleaner[R3].txt - [955 octets] - [06/12/2012 08:45:25] AdwCleaner[s1].txt - [7337 octets] - [21/11/2012 19:12:43] ########## EOF - C:\AdwCleaner[R3].txt - [1074 octets] ##########

second otl file: OTL Extras logfile created on: 12/6/2012 8:14:03 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\CRAIG\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.46 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 55.58% Memory free 6.91 Gb Paging File | 5.08 Gb Available in Paging File | 73.50% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232.07 Gb Total Space | 82.73 Gb Free Space | 35.65% Space Free | Partition Type: NTFS Computer Name: CRAIG-PC | User Name: CRAIG | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-2270400815-616284404-3630716744-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01849879-10C3-43A6-BCED-34484722FD29}" = rport=138 | protocol=17 | dir=out | app=system | "{097B81AD-047A-4CEB-B56E-158A515EDFD8}" = lport=24726 | protocol=6 | dir=in | name=flipshareserver | "{0F025ABF-82A6-45DA-ADFA-5F5E9BA26DE6}" = lport=139 | protocol=6 | dir=in | app=system | "{159CB440-4D26-41E8-B0EE-834A2D3821BB}" = rport=139 | protocol=6 | dir=out | app=system | "{23BE3105-F1B8-4F9A-BA3B-37151A97F137}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{25A1F9DF-919F-424A-A9A7-9A672C0C55B2}" = lport=2869 | protocol=6 | dir=in | app=system | "{2FB715C0-E04A-4FB4-97D9-8AE43A0A73BB}" = lport=2869 | protocol=6 | dir=in | app=system | "{3A726CB9-2803-4285-B295-6A59318D8F5D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3AC5ED09-2D32-498B-A943-5EAA42B134EC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{47B49FE6-F428-4DB9-92F7-63CF67569C73}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4942378F-968F-4834-BD3D-03138A7B6FDA}" = rport=445 | protocol=6 | dir=out | app=system | "{4A948273-BADF-428D-8D98-E3761AAF5B33}" = lport=10243 | protocol=6 | dir=in | app=system | "{573F9B37-7119-42AB-B06D-046C0EDDCA40}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{580C88D2-C4F2-4EFE-80F3-080088676FD2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{639A5583-FA4E-4A30-8D64-B8B996A44518}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{63F615CC-3C9B-4769-B09C-590DC7667B5D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{6986D38B-437E-453F-87A8-BAB2D48D92BE}" = rport=10243 | protocol=6 | dir=out | app=system | "{71A80F8D-0BA7-4623-BDCF-26EB2C656D1D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{740EA220-DE2A-46BB-9CB9-1EC9EA29D4F1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{76EE72B9-D92D-4A83-96CB-F856D5BF9DCD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{99CD0C4D-63A5-4588-B298-93B8AE105189}" = rport=137 | protocol=17 | dir=out | app=system | "{A6602296-5BFF-4A63-863E-36604ACA1E52}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{AC496DCA-8AE6-43F4-8DB3-CE47672772E4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{AEFF4D7E-5EC8-4FB0-8C71-81312055F312}" = lport=24727 | protocol=6 | dir=in | name=flipshareserver | "{AF1424D6-A7E0-4167-A357-F8E47CF6EE87}" = lport=445 | protocol=6 | dir=in | app=system | "{B33A7DC6-D1F7-4BD9-9EA1-EBA6372E884B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{CA63D2F5-9C62-40AF-B311-5B7711341568}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner | "{DF5B92D7-77A7-4F15-85FF-1D5A24A68093}" = lport=138 | protocol=17 | dir=in | app=system | "{E7444156-A458-4FEA-955B-39430C8C760D}" = lport=137 | protocol=17 | dir=in | app=system | "{FECBD797-D0B6-434F-B959-45D01BB25B1A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0124A0D1-E440-4BF1-96A1-AF56B9C17A51}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{027C4706-F27D-401C-9AA8-89D3CB02565B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{0F5BA4F2-EE77-41F1-A30F-30BBA69F6A42}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{22B4A4AF-7A29-4A9A-806A-C191FE72E124}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2CE0F860-8E55-4135-B4DD-5D7A721985CB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{33C69D07-0B59-48A6-8C40-9FEF4F05E67A}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe | "{3926886C-C327-429F-8439-64D108D28A41}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe | "{420662E0-90C3-483B-AC9C-D86C29A68672}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{4D6DDD35-324F-4113-9B60-BB0CEA31C412}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{51F64099-9707-4347-BD8D-24961573DC83}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{55B01D97-9578-4084-996F-6C5F039842B2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{693027BC-BC22-43B0-85AF-B9C23396463C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6A615607-6E8B-49B2-963D-384909247D0F}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl08j\faxrx.exe | "{706A42DF-A9B2-4E18-9A83-76B0567CBC27}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{7153519A-72AD-48E0-9AD4-70634B2354C4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{727841EF-74F9-400E-9FC5-1D17C7DF9094}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{7AC00F1B-09B5-4172-8E85-FE9A67D3F251}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{7D119DC9-CC57-405C-B910-84CD0FC17F8D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7F5A6F82-7622-4E6A-8160-EFAEABECE2FE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{A57293C9-E054-43B0-95C8-7FE7A3CD318C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A9FEC4B0-EBE7-49AB-B2AD-79264A23290D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{B358272F-89AF-4099-A671-1753EB018D40}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BDD092A5-FC13-4372-ACD5-C6B4224C39CC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{D5DEBEED-4838-4602-B493-4CAD051EAD11}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D68FECB0-8A77-465A-8477-28530A9328D4}" = protocol=6 | dir=out | app=system | "{E365A667-6CD1-429E-9B74-BA114BDDD9CA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{E4738EAF-BC07-41D5-85ED-30F28E520C42}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{F26BDD44-2FD3-4B3E-A77D-AE4B6EF77747}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl08j\faxrx.exe | "TCP Query User{098D0ACA-3BDA-415B-A374-FFB83B08C002}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "TCP Query User{38DDCABD-AEF8-41EC-BBE8-34A368D277DE}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{4EEAD9CC-5FFF-40FB-A738-02D0E10A07E6}C:\windows\system32\taskhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskhost.exe | "TCP Query User{F1E67C2E-46EC-48F8-A86C-5CE996822848}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "TCP Query User{F5405012-5390-42FE-9501-42EB8D818C07}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "TCP Query User{FBCE9F70-79D5-479D-A13A-4989BB977693}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{2C847039-C527-46B1-A7FC-7089D2D6DA58}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{557F436E-D692-4EFF-BA3C-4C80CEAB3703}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{56692C11-8F8C-4298-B40A-F580E3816A15}C:\windows\system32\taskhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskhost.exe | "UDP Query User{973747AA-03C8-4682-B1BD-E0571EA975AB}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "UDP Query User{D9F00663-6A24-4B3A-BEB0-CED3767328ED}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11 "{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software "{08C603B3-6023-42FE-B967-1CBB4C7CEBBF}" = Play Designer Series 2012 "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{11DB380B-48CF-46EA-8B03-51874E2733C9}" = Dell Control Point "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{22057D8D-7CC8-46FF-AD8C-9BD24F9014F3}" = QuickBooks Pro 2012 "{2220CF3A-EBD6-4070-94D0-0C7337B537A7}" = All Day Battery Life Configuration "{25E202D1-D8E7-46AF-B4B0-157D9993A93E}" = QuickBooks "{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9 "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger "{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer "{2E98C5B7-D64C-4D7E-BFC3-A7D078569F28}" = Broadcom NetXtreme-I Netlink Driver and Management Installer "{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer "{3237887D-8AC4-4C27-BDF4-57D7CB0351D6}" = SO32MMWrapper "{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime "{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{40B420D0-5B97-4FF9-B5D1-0D839882BA91}" = Brother HL-3070CW "{460B7EDA-9425-471B-AC11-C2E80049DEB4}" = TouchCopy 09 "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{46E1B1F2-A279-4356-9B17-029F9CC72EAE}" = Brother MFL-Pro Suite "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite "{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{59333B51-EA3C-4D7B-9AFE-96AD51B3C266}" = AuthenTec Fingerprint Software "{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service "{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes "{71084075-ABA7-48BC-9733-F56A9ABD184D}" = DCP32MMWrapper "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{79B520D5-CE72-4661-A054-804BC3412516}" = Wave Infrastructure Installer "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{901C0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Access 2002 Runtime "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{9143F2FA-BF20-4311-8618-4CCF51B1B80C}" = Dell ControlPoint System Manager "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{97C658D2-61FB-027F-0D76-E9CDC84AFEC7}" = FlipShare "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager "{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}" = Brother MFL-Pro Suite MFC-9320CW "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3) "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{BB93D30B-B395-44BB-A9ED-A0E057F07E53}" = NTRU TCG Software Stack "{BC52E419-B185-488F-9973-049A88E5DCBE}" = Gemalto "{C3FA63E2-AFD3-41FD-B48F-1D942CC71943}" = UPEK TouchChip Fingerprint Reader "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{CD95F661-A5C4-11AF-B2CC-ABCD21A325B8}" = WinZip Courier "{CD95F661-A5C4-44F5-A6AA-ECDD91C240CA}" = WinZip 16.0 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E63A7E64-AD93-47E7-AC5C-BA042AA740CA}" = Dell ControlPoint Connection Manager "{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin "{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards "{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F4487649-7368-4217-AEA3-1E04DB3E2C5C}" = Dell ControlPoint Security Manager "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack "401(k) Easy" = 401(k) Easy "9D57DE505B6D8C710EF3B74BE638DBB936EED8A3" = Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5) "ActiveTouchMeetingClient" = WebEx "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe SVG Viewer" = Adobe SVG Viewer 3.0 "avast" = avast! Free Antivirus "CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX "CameraWindowLauncher" = Canon Utilities CameraWindow "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "D3F88C3864C8C031A7C5D5E63A76571EC1B047DF" = Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (05/13/2009 8.4.2.0) "DPP" = Canon Utilities Digital Photo Professional 3.4 "EOS USB WIA Driver" = EOS USB WIA Driver "EOS Utility" = Canon Utilities EOS Utility "Football Playbook v007" = Football Playbook v007 "Google Chrome" = Google Chrome "HDMI" = Intel® Graphics Media Accelerator Driver "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software "InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager "InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite "InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup "InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin "InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards "InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime "Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US) "Mozilla Thunderbird 16.0.2 (x86 en-US)" = Mozilla Thunderbird 16.0.2 (x86 en-US) "MyCamera" = Canon Utilities MyCamera "OnlineArmor_is1" = Online Armor 5.5 "Original Data Security Tools" = Canon Utilities Original Data Security Tools "PhotoStitch" = Canon Utilities PhotoStitch "Picture Style Editor" = Canon Utilities Picture Style Editor "RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX "RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX "TVWiz" = Intel® TV Wizard "WFTK" = Canon Utilities WFT-E1/E2/E3 Utility "WinLiveSuite" = Windows Live Essentials "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2270400815-616284404-3630716744-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GoToMeeting" = GoToMeeting 5.2.0.952 "JoinMe" = join.me ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 12/6/2012 11:32:57 AM | Computer Name = CRAIG-PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2012/12/06 08:32:57.523]: [00004072]: GetDeviceIpAddress: GetAddressByName [bRW5CAC4CB8A17B] Error Error - 12/6/2012 11:33:32 AM | Computer Name = CRAIG-PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2012/12/06 08:33:32.678]: [00004072]: GetDeviceIpAddress: GetAddressByName [bRW5CAC4CB8A17B] Error Error - 12/6/2012 11:34:16 AM | Computer Name = CRAIG-PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2012/12/06 08:34:16.305]: [00004072]: GetDeviceIpAddress: GetAddressByName [bRW5CAC4CB8A17B] Error Error - 12/6/2012 11:34:55 AM | Computer Name = CRAIG-PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2012/12/06 08:34:55.591]: [00004072]: GetDeviceIpAddress: GetAddressByName [bRW5CAC4CB8A17B] Error Error - 12/6/2012 11:35:32 AM | Computer Name = CRAIG-PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2012/12/06 08:35:32.177]: [00004072]: GetDeviceIpAddress: GetAddressByName [bRW5CAC4CB8A17B] Error Error - 12/6/2012 11:36:15 AM | Computer Name = CRAIG-PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2012/12/06 08:36:15.354]: [00004072]: GetDeviceIpAddress: GetAddressByName [bRW5CAC4CB8A17B] Error Error - 12/6/2012 11:36:50 AM | Computer Name = CRAIG-PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2012/12/06 08:36:50.473]: [00004072]: GetDeviceIpAddress: GetAddressByName [bRW5CAC4CB8A17B] Error Error - 12/6/2012 11:37:25 AM | Computer Name = CRAIG-PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2012/12/06 08:37:25.625]: [00004072]: GetDeviceIpAddress: GetAddressByName [bRW5CAC4CB8A17B] Error Error - 12/6/2012 11:38:00 AM | Computer Name = CRAIG-PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2012/12/06 08:38:00.814]: [00004072]: GetDeviceIpAddress: GetAddressByName [bRW5CAC4CB8A17B] Error Error - 12/6/2012 11:38:36 AM | Computer Name = CRAIG-PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2012/12/06 08:38:36.184]: [00004072]: GetDeviceIpAddress: GetAddressByName [bRW5CAC4CB8A17B] Error [ Media Center Events ] Error - 2/17/2012 7:20:48 AM | Computer Name = CRAIG-PC | Source = MCUpdate | ID = 0 Description = 4:20:47 AM - Failed to retrieve SportsSchedule (Error: Unable to connect to the remote server) Error - 2/17/2012 8:24:39 AM | Computer Name = CRAIG-PC | Source = MCUpdate | ID = 0 Description = 5:24:38 AM - Failed to retrieve SportsSchedule (Error: Unable to connect to the remote server) Error - 2/17/2012 9:28:30 AM | Computer Name = CRAIG-PC | Source = MCUpdate | ID = 0 Description = 6:28:29 AM - Failed to retrieve SportsSchedule (Error: Unable to connect to the remote server) Error - 8/31/2012 6:48:17 PM | Computer Name = CRAIG-PC | Source = MCUpdate | ID = 0 Description = 4:48:08 PM - Error connecting to the internet. 4:48:09 PM - Unable to contact server.. Error - 9/2/2012 11:35:10 AM | Computer Name = CRAIG-PC | Source = MCUpdate | ID = 0 Description = 9:35:10 AM - Error connecting to the internet. 9:35:10 AM - Unable to contact server.. Error - 9/2/2012 11:36:30 AM | Computer Name = CRAIG-PC | Source = MCUpdate | ID = 0 Description = 9:35:39 AM - Error connecting to the internet. 9:35:39 AM - Unable to contact server.. Error - 9/9/2012 6:42:21 PM | Computer Name = CRAIG-PC | Source = MCUpdate | ID = 0 Description = 4:42:20 PM - Error connecting to the internet. 4:42:20 PM - Unable to contact server.. Error - 9/9/2012 6:42:56 PM | Computer Name = CRAIG-PC | Source = MCUpdate | ID = 0 Description = 4:42:50 PM - Error connecting to the internet. 4:42:50 PM - Unable to contact server.. Error - 9/9/2012 7:43:45 PM | Computer Name = CRAIG-PC | Source = MCUpdate | ID = 0 Description = 5:43:45 PM - Error connecting to the internet. 5:43:45 PM - Unable to contact server.. Error - 9/9/2012 7:44:20 PM | Computer Name = CRAIG-PC | Source = MCUpdate | ID = 0 Description = 5:44:15 PM - Error connecting to the internet. 5:44:15 PM - Unable to contact server.. [ OSession Events ] Error - 9/18/2011 12:58:23 PM | Computer Name = CRAIG-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 135995 seconds with 480 seconds of active time. This session ended with a crash. [ System Events ] Error - 11/30/2012 6:24:04 PM | Computer Name = CRAIG-PC | Source = DCOM | ID = 10010 Description = Error - 12/3/2012 2:52:26 PM | Computer Name = CRAIG-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service. Error - 12/3/2012 7:49:15 PM | Computer Name = CRAIG-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HomeGroupListener service. Error - 12/4/2012 10:35:48 AM | Computer Name = CRAIG-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service. Error - 12/4/2012 5:04:15 PM | Computer Name = CRAIG-PC | Source = Service Control Manager | ID = 7000 Description = The sbapifs service failed to start due to the following error: %%2 Error - 12/4/2012 5:05:39 PM | Computer Name = CRAIG-PC | Source = Service Control Manager | ID = 7001 Description = The NTRU TSS v1.2.1.29 TCS service depends on the TPM Base Services service which failed to start because of the following error: %%0 Error - 12/4/2012 5:06:12 PM | Computer Name = CRAIG-PC | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: cdrom Error - 12/4/2012 11:55:49 PM | Computer Name = CRAIG-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service. Error - 12/5/2012 11:13:27 AM | Computer Name = CRAIG-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinDefend service. Error - 12/5/2012 4:55:19 PM | Computer Name = CRAIG-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. < End of report >

here is the first otl file: OTL logfile created on: 12/6/2012 8:14:03 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\CRAIG\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.46 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 55.58% Memory free 6.91 Gb Paging File | 5.08 Gb Available in Paging File | 73.50% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232.07 Gb Total Space | 82.73 Gb Free Space | 35.65% Space Free | Partition Type: NTFS Computer Name: CRAIG-PC | User Name: CRAIG | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\CRAIG\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files\Online Armor\oaui.exe (Emsisoft GmbH) PRC - C:\Program Files\Online Armor\OAsrv.exe (Emsisoft GmbH) PRC - C:\Program Files\Online Armor\oahlp.exe (Emsisoft GmbH) PRC - C:\Program Files\Online Armor\oacat.exe (Emsisoft GmbH) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.) PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit) PRC - C:\Program Files\QuickTime\QuickTimePlayer.exe (Apple Inc.) PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe (Intuit Inc.) PRC - C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe (Apple Inc.) PRC - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe () PRC - C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe (Smith Micro Software, Inc.) PRC - C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe (Smith Micro Software, Inc.) PRC - C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_450b431403c091e3\stacsv.exe (IDT, Inc.) PRC - C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.) PRC - C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe (Dell Inc.) PRC - c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe (Dell Inc.) PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.) PRC - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.) PRC - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.) PRC - C:\Program Files\Fingerprint Sensor\AtService.exe (AuthenTec, Inc.) PRC - C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe (Dell Inc.) PRC - C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe (Brother Industries, Ltd.) PRC - C:\Program Files\Brother\Brmfcmon\BrMfimon.exe (Brother Industries, Ltd.) PRC - C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) ========== Modules (No Company Name) ========== MOD - C:\Program Files\Google\Chrome\Application\23.0.1271.95\ppgooglenaclpluginchrome.dll () MOD - C:\Program Files\Google\Chrome\Application\23.0.1271.95\pdf.dll () MOD - C:\Program Files\Google\Chrome\Application\23.0.1271.95\libglesv2.dll () MOD - C:\Program Files\Google\Chrome\Application\23.0.1271.95\libegl.dll () MOD - C:\Program Files\Google\Chrome\Application\23.0.1271.95\avutil-51.dll () MOD - C:\Program Files\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll () MOD - C:\Program Files\Google\Chrome\Application\23.0.1271.95\avformat-54.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3cdcb033f930eb60badfa4500d795edb\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll () MOD - C:\Program Files\Intuit\QuickBooks 2009\boost_regex-vc90-mt-p-1_33.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Windows\assembly\GAC_MSIL\Status Lib\1.6.320.13950__f25c74fcad379103\Status Lib.dll () MOD - C:\Windows\assembly\GAC_MSIL\StatusInterfaces\1.6.320.13949__4ca2a925deedf37d\StatusInterfaces.dll () MOD - C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SmithMicro.Message.XmlSerializers.dll () MOD - C:\Windows\System32\wxvault.dll () MOD - C:\Windows\System32\Wavx_ESC_Logging.dll () MOD - C:\Program Files\Brother\BrUtilities\BrLogAPI.dll () MOD - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll () ========== Services (SafeList) ========== SRV - (RoxLiveShare9) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe File not found SRV - (SvcOnlineArmor) -- C:\Program Files\Online Armor\OAsrv.exe (Emsisoft GmbH) SRV - (OAcat) -- C:\Program Files\Online Armor\oacat.exe (Emsisoft GmbH) SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (QBVSS) -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe (Intuit Inc.) SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.) SRV - (FlipShare Service) -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe () SRV - (FlipShareServer) -- C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe () SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (SMManager) -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe (Smith Micro Software, Inc.) SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_450b431403c091e3\stacsv.exe (IDT, Inc.) SRV - (dcpsysmgrsvc) -- c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe (Dell Inc.) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (TdmService) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.) SRV - (SecureStorageService) -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe (Wave Systems Corp.) SRV - (ATService) -- C:\Program Files\Fingerprint Sensor\AtService.exe (AuthenTec, Inc.) SRV - (buttonsvc32) -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe (Dell Inc.) SRV - (tcsd_win32.exe) -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe () ========== Driver Services (SafeList) ========== DRV - (sbapifs) -- system32\DRIVERS\sbapifs.sys File not found DRV - (RimUsb) -- System32\Drivers\RimUsb.sys File not found DRV - (NvtSp50) -- System32\Drivers\NvtSp50.sys File not found DRV - (mbr) -- C:\Users\CRAIG\AppData\Local\Temp\mbr.sys File not found DRV - (catchme) -- C:\Users\CRAIG\AppData\Local\Temp\catchme.sys File not found DRV - (aswMBR) -- C:\Users\CRAIG\AppData\Local\Temp\aswMBR.sys File not found DRV - (OAnet) -- C:\Windows\System32\drivers\OAnet.sys (Emsisoft) DRV - (OAmon) -- C:\Windows\System32\drivers\OAmon.sys (Emsisoft) DRV - (oahlpXX) -- C:\Windows\System32\drivers\oahlp32.sys () DRV - (OADevice) -- C:\Windows\System32\drivers\OADriver.sys () DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software) DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV - (NETw5s32) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation) DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.) DRV - (WavxDMgr) -- C:\Windows\System32\drivers\WavxDMgr.sys (Wave Systems Corp.) DRV - (BrSerIb) -- C:\Windows\System32\drivers\BrSerIb.sys (Brother Industries Ltd.) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (acpials) -- C:\Windows\System32\drivers\acpials.sys (Microsoft Corporation) DRV - (BrUsbSIb) -- C:\Windows\System32\drivers\BrUsbSIb.sys (Brother Industries Ltd.) DRV - (rixdpcie) -- C:\Windows\System32\drivers\rixdpe86.sys (REDC) DRV - (rimspci) -- C:\Windows\System32\drivers\rimspe86.sys (REDC) DRV - (risdpcie) -- C:\Windows\System32\drivers\risdpe86.sys (REDC) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (IntcHdmiAddService) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel® Corporation) DRV - (Blfp) -- C:\Windows\System32\drivers\basp.sys (Broadcom Corporation) DRV - (PBADRV) -- C:\Windows\System32\drivers\PBADRV.sys (Dell Inc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{2525ADB0-4794-4F41-BA96-EEEE08B66B25}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2270400815-616284404-3630716744-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ IE - HKU\S-1-5-21-2270400815-616284404-3630716744-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2270400815-616284404-3630716744-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-2270400815-616284404-3630716744-1000\..\SearchScopes\{064CE71C-B002-46AC-8BF2-38AA2FD3B510}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}'>http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKU\S-1-5-21-2270400815-616284404-3630716744-1000\..\SearchScopes\{63140ECF-C629-BE59-8F0E-90B4FF340C03}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z128&form=ZGAIDF&install_date=20110901&iesrc={referrer:source} IE - HKU\S-1-5-21-2270400815-616284404-3630716744-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2270400815-616284404-3630716744-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com" FF - prefs.js..extensions.enabledAddons: vhixznmnss@vhixznmnss.org:2.5 FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/19 10:29:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/27 14:41:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/27 14:40:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/10/30 11:16:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012/02/23 11:53:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CRAIG\AppData\Roaming\Mozilla\Extensions [2012/11/21 19:12:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\extensions [2009/07/13 16:11:12 | 000,004,816 | ---- | M] () (No name found) -- C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\extensions\vhixznmnss@vhixznmnss.org.xpi [2012/10/27 14:40:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/11/19 10:29:35 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2012/10/27 14:41:10 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012/03/27 08:11:19 | 000,061,832 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\npatgpc.dll [2012/09/10 07:18:59 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/10/14 09:41:00 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - homepage: http://www.google.com CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://www.google.com CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npatgpc.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Java Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: Google Drive = C:\Users\CRAIG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: WOT = C:\Users\CRAIG\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.12_0\ CHR - Extension: YouTube = C:\Users\CRAIG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\CRAIG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: avast! WebRep = C:\Users\CRAIG\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\ CHR - Extension: Gmail = C:\Users\CRAIG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012/11/21 12:24:35 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (WinZip Courier BHO) - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\Program Files\WinZip Courier\wzwmcie.dll (WinZip Computing, S.L.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll File not found O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKU\S-1-5-21-2270400815-616284404-3630716744-1000\..\Toolbar\WebBrowser: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll File not found O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Online Armor\oaui.exe (Emsisoft GmbH) O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [brStsWnd] C:\Program Files\Brownie\BrstsWnd.exe (brother) O4 - HKLM..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe (Wave Systems Corp.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [DellConnectionManager] C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe (Smith Micro Software, Inc.) O4 - HKLM..\Run: [DellControlPoint] c:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.) O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.) O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.) O4 - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [uSCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation) O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.) O4 - HKU\S-1-5-21-2270400815-616284404-3630716744-1000..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-21-2270400815-616284404-3630716744-1000\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-21-2270400815-616284404-3630716744-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2270400815-616284404-3630716744-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKU\S-1-5-21-2270400815-616284404-3630716744-1000\..Trusted Domains: schwabintsitutional.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-2270400815-616284404-3630716744-1000\..Trusted Domains: wallst.com ([*.sim] * in Trusted sites) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.118.220.37 66.118.220.38 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}: DhcpNameServer = 66.118.220.37 66.118.220.38 O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Online Armor\oaevent.dll (Emsisoft GmbH) O30 - LSA: Authentication Packages - (wvauth) - C:\Windows\System32\wvauth.dll (Wave Systems Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012/12/06 08:10:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\CRAIG\Desktop\OTL.exe [2012/12/05 14:39:14 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\CRAIG\Desktop\dds.com [2012/12/05 14:37:02 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\CRAIG\Desktop\aswMBR (1).exe [2012/12/05 14:08:06 | 000,000,000 | -H-D | C] -- C:\Windows\PIF [2012/11/27 08:55:33 | 000,000,000 | ---D | C] -- C:\Users\CRAIG\AppData\Local\Macromedia [2012/11/22 12:24:21 | 000,000,000 | ---D | C] -- C:\Users\CRAIG\AppData\Local\{D4DF8825-ABC1-4DA0-B1D5-8129B2AF3F61} [2012/11/22 09:56:37 | 000,000,000 | ---D | C] -- C:\Users\CRAIG\AppData\Roaming\Roxio Log Files [2012/11/22 09:45:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012/11/22 09:43:52 | 000,000,000 | ---D | C] -- C:\Users\CRAIG\AppData\Roaming\OnlineArmor [2012/11/22 09:43:52 | 000,000,000 | ---D | C] -- C:\ProgramData\OnlineArmor [2012/11/22 09:42:30 | 000,027,648 | ---- | C] (Emsisoft) -- C:\Windows\System32\drivers\OAmon.sys [2012/11/22 09:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Armor [2012/11/22 09:42:29 | 000,031,768 | ---- | C] (Emsisoft) -- C:\Windows\System32\drivers\OAnet.sys [2012/11/22 09:42:21 | 000,000,000 | ---D | C] -- C:\Program Files\Online Armor [2012/11/22 09:14:49 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/11/21 22:04:00 | 000,000,000 | ---D | C] -- C:\Users\CRAIG\AppData\Roaming\Malwarebytes [2012/11/21 22:03:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/11/21 22:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/11/21 22:03:46 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012/11/21 22:03:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012/11/21 21:56:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012/11/21 09:45:43 | 000,000,000 | ---D | C] -- C:\Users\CRAIG\AppData\Local\temp [2012/11/20 22:53:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\Logs [2012/11/20 20:42:16 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/11/20 20:42:01 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012/11/19 15:20:27 | 000,000,000 | ---D | C] -- C:\Users\CRAIG\AppData\Local\{F56D79DB-4B6C-4056-A91B-2D8440F3D8E1} [2012/11/19 12:45:40 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012/11/19 10:34:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012/11/19 10:30:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012/11/19 10:30:46 | 000,361,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2012/11/19 10:30:46 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2012/11/19 10:30:38 | 000,044,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys [2012/11/19 10:30:37 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2012/11/19 10:30:35 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2012/11/19 10:30:30 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2012/11/19 10:29:05 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012/11/19 10:29:03 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2012/11/19 10:28:42 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012/11/19 10:28:42 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012/11/16 10:04:13 | 000,000,000 | ---D | C] -- C:\Users\CRAIG\AppData\Local\{6D23612F-138F-456F-96BA-A0AB5C528A9E} [2012/11/06 10:18:39 | 000,000,000 | ---D | C] -- C:\Users\CRAIG\AppData\Local\{57324580-4267-4FC3-9EF8-B1AE015904D6} [2011/10/26 19:38:11 | 000,940,544 | ---- | C] (Apache Software Foundation) -- C:\Users\CRAIG\AppData\Local\log4cxx.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/12/06 08:10:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\CRAIG\Desktop\OTL.exe [2012/12/06 07:41:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/12/06 07:41:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/12/05 19:43:30 | 000,000,512 | ---- | M] () -- C:\Users\CRAIG\Desktop\MBR.dat [2012/12/05 14:39:17 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\CRAIG\Desktop\dds.com [2012/12/05 14:38:36 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\CRAIG\Desktop\aswMBR (1).exe [2012/12/05 13:55:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/12/04 14:30:51 | 000,000,363 | ---- | M] () -- C:\Windows\Brownie.ini [2012/12/04 14:30:48 | 000,000,000 | ---- | M] () -- C:\Users\CRAIG\AppData\Local\WavXMapDrive.bat [2012/12/04 14:13:17 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/12/04 14:13:17 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/12/04 14:04:15 | 000,001,024 | ---- | M] () -- C:\.rnd [2012/12/04 12:30:03 | 2783,313,920 | -HS- | M] () -- C:\hiberfil.sys [2012/12/04 09:54:21 | 000,000,426 | ---- | M] () -- C:\Windows\BRWMARK.INI [2012/12/02 22:44:06 | 000,044,909 | ---- | M] () -- C:\Users\CRAIG\Desktop\sales nov 29.pdf [2012/12/01 00:15:16 | 000,002,322 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012/11/28 09:02:43 | 000,709,507 | ---- | M] () -- C:\Users\CRAIG\Desktop\2011 Federal Client Copy Return for Arnwine.pdf [2012/11/27 13:37:10 | 000,660,318 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/11/27 13:37:10 | 000,121,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/11/23 10:04:14 | 000,031,768 | ---- | M] (Emsisoft) -- C:\Windows\System32\drivers\OAnet.sys [2012/11/23 10:04:12 | 000,027,648 | ---- | M] (Emsisoft) -- C:\Windows\System32\drivers\OAmon.sys [2012/11/23 10:02:31 | 000,044,992 | ---- | M] () -- C:\Windows\System32\drivers\oahlp32.sys [2012/11/23 09:59:49 | 000,208,320 | ---- | M] () -- C:\Windows\System32\drivers\OADriver.sys [2012/11/22 10:56:29 | 000,317,440 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012/11/22 09:57:24 | 000,000,181 | ---- | M] () -- C:\Windows\WININIT.INI [2012/11/22 09:46:17 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif [2012/11/21 22:56:51 | 000,001,441 | ---- | M] () -- C:\scu.dat [2012/11/21 22:03:48 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/11/21 12:24:35 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012/11/19 10:34:34 | 000,002,221 | ---- | M] () -- C:\Users\CRAIG\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012/11/19 10:30:48 | 000,002,113 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012/11/19 10:30:29 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2012/11/19 09:22:14 | 407,603,165 | ---- | M] () -- C:\Windows\MEMORY.DMP [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/12/05 19:43:30 | 000,000,512 | ---- | C] () -- C:\Users\CRAIG\Desktop\MBR.dat [2012/12/04 14:04:15 | 000,001,024 | ---- | C] () -- C:\.rnd [2012/12/02 22:44:03 | 000,044,909 | ---- | C] () -- C:\Users\CRAIG\Desktop\sales nov 29.pdf [2012/11/28 09:02:14 | 000,709,507 | ---- | C] () -- C:\Users\CRAIG\Desktop\2011 Federal Client Copy Return for Arnwine.pdf [2012/11/22 09:57:24 | 000,000,181 | ---- | C] () -- C:\Windows\WININIT.INI [2012/11/22 09:46:58 | 000,094,208 | ---- | C] () -- C:\Users\CRAIG\AppData\Local\common_functions.dll [2012/11/22 09:42:30 | 000,044,992 | ---- | C] () -- C:\Windows\System32\drivers\oahlp32.sys [2012/11/22 09:42:29 | 000,208,320 | ---- | C] () -- C:\Windows\System32\drivers\OADriver.sys [2012/11/21 22:35:33 | 000,001,441 | ---- | C] () -- C:\scu.dat [2012/11/21 22:03:48 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/11/19 10:34:34 | 000,002,322 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012/11/19 10:34:34 | 000,002,221 | ---- | C] () -- C:\Users\CRAIG\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012/11/19 10:30:48 | 000,002,113 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012/11/16 03:03:03 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012/11/16 03:01:59 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012/06/21 14:33:58 | 000,000,000 | ---- | C] () -- C:\Users\CRAIG\AppData\Roaming\bibstats [2012/04/03 20:21:46 | 000,157,440 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2012/01/17 14:37:25 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BD9320CW.DAT [2012/01/17 14:34:22 | 000,031,767 | ---- | C] () -- C:\Windows\maxlink.ini [2011/09/02 04:08:50 | 000,102,400 | ---- | C] () -- C:\Users\CRAIG\AppData\Local\ie_runner_app.exe [2011/08/22 14:08:55 | 000,095,232 | ---- | C] () -- C:\Users\CRAIG\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/07/02 13:54:12 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011/02/02 10:42:46 | 000,000,141 | ---- | C] () -- C:\Windows\BRVIDEO.INI [2011/02/02 10:42:46 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini [2011/02/02 10:42:21 | 000,022,892 | ---- | C] () -- C:\Windows\HL-3070CW.INI [2011/02/02 10:37:18 | 000,000,363 | ---- | C] () -- C:\Windows\Brownie.ini [2011/01/07 12:11:46 | 000,038,912 | ---- | C] () -- C:\Windows\System32\FirmwareRecovery.exe [2011/01/04 13:17:12 | 000,237,637 | ---- | C] () -- C:\Windows\System32\nbt.exe [2010/03/19 13:31:47 | 000,000,000 | ---- | C] () -- C:\Users\CRAIG\AppData\Local\WavXMapDrive.bat ========== ZeroAccess Check ========== [2009/07/13 21:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 21:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2010/03/19 13:31:47 | 000,000,000 | ---D | M] -- C:\Users\CRAIG\AppData\Roaming\Broadcom [2010/07/05 14:29:46 | 000,000,000 | ---D | M] -- C:\Users\CRAIG\AppData\Roaming\Canon [2012/11/22 09:48:33 | 000,000,000 | ---D | M] -- C:\Users\CRAIG\AppData\Roaming\CoffeeCup Software [2012/02/23 16:42:27 | 000,000,000 | ---D | M] -- C:\Users\CRAIG\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011/12/09 15:10:55 | 000,000,000 | ---D | M] -- C:\Users\CRAIG\AppData\Roaming\FixTDSS [2011/08/22 14:08:41 | 000,000,000 | ---D | M] -- C:\Users\CRAIG\AppData\Roaming\Flip Video [2011/09/13 13:44:08 | 000,000,000 | ---D | M] -- C:\Users\CRAIG\AppData\Roaming\GeoVid [2012/11/22 09:44:02 | 000,000,000 | ---D | M] -- C:\Users\CRAIG\AppData\Roaming\OnlineArmor [2012/01/17 14:50:41 | 000,000,000 | ---D | M] -- C:\Users\CRAIG\AppData\Roaming\ScanSoft [2012/05/07 20:56:40 | 000,000,000 | ---D | M] -- C:\Users\CRAIG\AppData\Roaming\Thunderbird [2010/03/19 13:31:47 | 000,000,000 | ---D | M] -- C:\Users\CRAIG\AppData\Roaming\Wave Systems Corp [2012/03/27 08:12:07 | 000,000,000 | ---D | M] -- C:\Users\CRAIG\AppData\Roaming\webex [2011/08/09 13:14:56 | 000,000,000 | ---D | M] -- C:\Users\CRAIG\AppData\Roaming\WheelBarrow Software Inc [2012/02/15 08:30:13 | 000,000,000 | ---D | M] -- C:\Users\CRAIG\AppData\Roaming\Windows Live Writer [2012/01/17 14:50:49 | 000,000,000 | ---D | M] -- C:\Users\CRAIG\AppData\Roaming\Zeon ========== Purity Check ========== ========== Custom Scans ========== < MD5 for: EXPLORER.EXE > [2010/01/15 12:36:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_523cdab8f40fe558\explorer.exe [2011/02/25 22:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2009/07/13 18:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2011/02/25 22:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe [2009/10/30 22:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2011/02/25 22:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe [2010/11/20 05:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\erdnt\cache\explorer.exe [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [2010/01/15 12:36:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2010/01/15 12:36:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2009/10/30 23:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe [2010/01/15 12:36:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_51c00e6ddae85c4b\explorer.exe < MD5 for: SVCHOST.EXE > [2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe [2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe [2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe [2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe < MD5 for: USERINIT.EXE > [2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache\userinit.exe [2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WINLOGON.EXE > [2009/10/27 23:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009/10/27 22:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010/11/20 05:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\erdnt\cache\winlogon.exe [2010/11/20 05:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010/11/20 05:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009/07/13 18:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe ========== Alternate Data Streams ========== @Alternate Data Stream - 76 bytes -> C:\Users\CRAIG\Desktop\joe card.JPG:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\CRAIG\Desktop\champs picture.jpg:Roxio EMC Stream < End of report >

Got it to work. Here you go aswMBR1.txt attach1txt.txt dds1.txt

when I right click on dds, i do not get a "run as admin" option. When I do try to run it, it freezes.

Jeff, It's back. Let's take a look and see I guess. I will try to find operating disks this evening. Thanks

Jeff, Satisfied! Thank you

It's running well. I'm on a much slower connection at my house vs. office, and I don't run near as many apps. However, everything appears fine! I was only (erroneously) using Micorsoft Security Essentials. Now running avast as well. What would you recommend I use with those?

the second found 3 threats and they were deleted. However, it did not give a log. Two were html.canadian pharmacy?

<p>done.</p> <p> </p> <p>here is the log from the first. found nothing.</p> <p> </p> <p> </p> <div>Malwarebytes Anti-Malware 1.65.1.1000</div> <div>www.malwarebytes.org</div> <div> </div> <div>Database version: v2012.11.22.01</div> <div> </div> <div>Windows 7 Service Pack 1 x86 NTFS</div> <div>Internet Explorer 9.0.8112.16421</div> <div>CRAIG :: CRAIG-PC [administrator]</div> <div> </div> <div>11/21/2012 10:05:08 PM</div> <div>mbam-log-2012-11-21 (22-05-08).txt</div> <div> </div> <div>Scan type: Quick scan</div> <div>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM</div> <div>Scan options disabled: P2P</div> <div>Objects scanned: 225772</div> <div>Time elapsed: 8 minute(s), 48 second(s)</div> <div> </div> <div>Memory Processes Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Memory Modules Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Registry Keys Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Registry Values Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Registry Data Items Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Folders Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>Files Detected: 0</div> <div>(No malicious items detected)</div> <div> </div> <div>(end)</div> <div> </div>

Jeff, I think we got it! Running good and no redirect. Here is the log: # AdwCleaner v2.008 - Logfile created 11/21/2012 at 19:12:43 # Updated 17/11/2012 by Xplode # Operating system : Windows 7 Professional Service Pack 1 (32 bits) # User : CRAIG - CRAIG-PC # Boot Mode : Normal # Running from : C:\Users\CRAIG\Downloads\AdwCleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Billeo.lnk File Deleted : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\searchplugins\Search_Results.xml Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\Free_TV_Bar_c3 Folder Deleted : C:\ProgramData\boost_interprocess Folder Deleted : C:\Users\CRAIG\AppData\Local\Ilivid Player Folder Deleted : C:\Users\CRAIG\AppData\LocalLow\Billeo Folder Deleted : C:\Users\CRAIG\AppData\LocalLow\Conduit Folder Deleted : C:\Users\CRAIG\AppData\LocalLow\Free_TV_Bar_c3 Folder Deleted : C:\Users\CRAIG\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\extensions\{4be68a18-deba-49e0-9e09-ee7796f3b62a} Folder Deleted : C:\Users\CRAIG\Documents\Billeo ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\Compete Key Deleted : HKCU\Software\AppDataLow\Software\CompeteInc Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\Free_TV_Bar_c3 Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\Compete Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{465E08E7-F005-4389-980F-1D8764B3486C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{465E08E7-F005-4389-980F-1D8764B3486C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6576EBAA-B570-4345-98E4-96153C77CF24} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} Key Deleted : HKLM\Software\Billeo Key Deleted : HKLM\SOFTWARE\Classes\Ahika.IEExtn.ExplrBar Key Deleted : HKLM\SOFTWARE\Classes\Ahika.IEExtn.ExplrBar.1 Key Deleted : HKLM\SOFTWARE\Classes\Ahika.IEExtn.ToolBar Key Deleted : HKLM\SOFTWARE\Classes\Ahika.IEExtn.ToolBar.1 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A57F7191-1E7F-4852-BAAF-F80A43E2687A} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{DBBBC528-9C8C-4051-9187-ED6F01A457C9} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{DD7C44CC-0F60-4FD9-A38F-5CF30D698AC2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\CptUrlPassthru.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\dca-api.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\dca-bho.DLL Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{465E08E7-F005-4389-980F-1D8764B3486C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60260024-AA48-4A2F-84DA-2C2DCB24AAD0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6576EBAA-B570-4345-98E4-96153C77CF24} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D0C15E-16CF-434C-94DA-8EB24BD5D399} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94510F77-E53C-4273-BD91-77AA8909902F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} Key Deleted : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor Key Deleted : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor.1 Key Deleted : HKLM\SOFTWARE\Classes\dcabho.Dca Key Deleted : HKLM\SOFTWARE\Classes\dcabho.Dca.1 Key Deleted : HKLM\SOFTWARE\Classes\IEExtn.BilleoToolbarCommand Key Deleted : HKLM\SOFTWARE\Classes\IEExtn.BilleoToolbarCommand.1 Key Deleted : HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4} Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2399412 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7BAB653D-88FB-4F60-AFC2-8E6FD59FAFF3} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A57F7191-1E7F-4852-BAAF-F80A43E2687A} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C8758BC4-4581-48C7-BA38-C1A650477AE9} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D0D64E3C-4B40-3020-B26E-0AB9B12B38A9} Key Deleted : HKLM\Software\CompeteInc Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\Free_TV_Bar_c3 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{465E08E7-F005-4389-980F-1D8764B3486C} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{85D0C15E-16CF-434C-94DA-8EB24BD5D399} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Free_TV_Bar_c3 Toolbar Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111}] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{6576EBAA-B570-4345-98E4-96153C77CF24}] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{3EE8D0BE-F450-4EF2-97B9-AC2222D14DB3}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v16.0.2 (en-US) Profile name : default File : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\prefs.js C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\user.js ... Deleted ! Deleted : user_pref("browser.search.defaultenginename", "Search Results"); Deleted : user_pref("browser.search.order.1", "Search Results"); -\\ Google Chrome v [unable to get version] File : C:\Users\CRAIG\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [7113 octets] - [21/11/2012 18:53:51] AdwCleaner[R2].txt - [7173 octets] - [21/11/2012 19:12:02] AdwCleaner[s1].txt - [7208 octets] - [21/11/2012 19:12:43] ########## EOF - C:\AdwCleaner[s1].txt - [7268 octets] ##########

Thanks Jeff, Here is the log. # AdwCleaner v2.008 - Logfile created 11/21/2012 at 18:53:51 # Updated 17/11/2012 by Xplode # Operating system : Windows 7 Professional Service Pack 1 (32 bits) # User : CRAIG - CRAIG-PC # Boot Mode : Normal # Running from : C:\Users\CRAIG\Downloads\AdwCleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Billeo.lnk File Found : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\searchplugins\Search_Results.xml Folder Found : C:\Program Files\Conduit Folder Found : C:\Program Files\Free_TV_Bar_c3 Folder Found : C:\ProgramData\boost_interprocess Folder Found : C:\Users\CRAIG\AppData\Local\Ilivid Player Folder Found : C:\Users\CRAIG\AppData\LocalLow\Billeo Folder Found : C:\Users\CRAIG\AppData\LocalLow\Conduit Folder Found : C:\Users\CRAIG\AppData\LocalLow\Free_TV_Bar_c3 Folder Found : C:\Users\CRAIG\AppData\LocalLow\PriceGong Folder Found : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\extensions\{4be68a18-deba-49e0-9e09-ee7796f3b62a} Folder Found : C:\Users\CRAIG\Documents\Billeo ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Compete Key Found : HKCU\Software\AppDataLow\Software\CompeteInc Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\Free_TV_Bar_c3 Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Toolbar Key Found : HKCU\Software\Compete Key Found : HKCU\Software\ilivid Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{465E08E7-F005-4389-980F-1D8764B3486C} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{465E08E7-F005-4389-980F-1D8764B3486C} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6576EBAA-B570-4345-98E4-96153C77CF24} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} Key Found : HKLM\Software\Billeo Key Found : HKLM\SOFTWARE\Classes\Ahika.IEExtn.ExplrBar Key Found : HKLM\SOFTWARE\Classes\Ahika.IEExtn.ExplrBar.1 Key Found : HKLM\SOFTWARE\Classes\Ahika.IEExtn.ToolBar Key Found : HKLM\SOFTWARE\Classes\Ahika.IEExtn.ToolBar.1 Key Found : HKLM\SOFTWARE\Classes\AppID\{A57F7191-1E7F-4852-BAAF-F80A43E2687A} Key Found : HKLM\SOFTWARE\Classes\AppID\{DBBBC528-9C8C-4051-9187-ED6F01A457C9} Key Found : HKLM\SOFTWARE\Classes\AppID\{DD7C44CC-0F60-4FD9-A38F-5CF30D698AC2} Key Found : HKLM\SOFTWARE\Classes\AppID\CptUrlPassthru.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\dca-api.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\dca-bho.DLL Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{465E08E7-F005-4389-980F-1D8764B3486C} Key Found : HKLM\SOFTWARE\Classes\CLSID\{60260024-AA48-4A2F-84DA-2C2DCB24AAD0} Key Found : HKLM\SOFTWARE\Classes\CLSID\{6576EBAA-B570-4345-98E4-96153C77CF24} Key Found : HKLM\SOFTWARE\Classes\CLSID\{6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} Key Found : HKLM\SOFTWARE\Classes\CLSID\{85D0C15E-16CF-434C-94DA-8EB24BD5D399} Key Found : HKLM\SOFTWARE\Classes\CLSID\{94510F77-E53C-4273-BD91-77AA8909902F} Key Found : HKLM\SOFTWARE\Classes\CLSID\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} Key Found : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor Key Found : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor.1 Key Found : HKLM\SOFTWARE\Classes\dcabho.Dca Key Found : HKLM\SOFTWARE\Classes\dcabho.Dca.1 Key Found : HKLM\SOFTWARE\Classes\IEExtn.BilleoToolbarCommand Key Found : HKLM\SOFTWARE\Classes\IEExtn.BilleoToolbarCommand.1 Key Found : HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C} Key Found : HKLM\SOFTWARE\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4} Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2399412 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{7BAB653D-88FB-4F60-AFC2-8E6FD59FAFF3} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A57F7191-1E7F-4852-BAAF-F80A43E2687A} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C8758BC4-4581-48C7-BA38-C1A650477AE9} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D0D64E3C-4B40-3020-B26E-0AB9B12B38A9} Key Found : HKLM\Software\CompeteInc Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\Free_TV_Bar_c3 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{465E08E7-F005-4389-980F-1D8764B3486C} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{85D0C15E-16CF-434C-94DA-8EB24BD5D399} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Free_TV_Bar_c3 Toolbar Key Found : HKU\S-1-5-21-2270400815-616284404-3630716744-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111}] Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{6576EBAA-B570-4345-98E4-96153C77CF24}] Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{3EE8D0BE-F450-4EF2-97B9-AC2222D14DB3}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v16.0.2 (en-US) Profile name : default File : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\prefs.js Found : user_pref("browser.search.defaultenginename", "Search Results"); Found : user_pref("browser.search.order.1", "Search Results"); -\\ Google Chrome v [unable to get version] File : C:\Users\CRAIG\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [6984 octets] - [21/11/2012 18:53:51] ########## EOF - C:\AdwCleaner[R1].txt - [7044 octets] ##########

Hey Jeff, Everything seems to be running faster. I still have a redirect on firefox. Also, when the machine rebooted it said there was an error in removing the upromise toolbar. Here is the log: ComboFix 12-11-21.01 - CRAIG 11/21/2012 12:11:08.4.2 - x86 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3539.1525 [GMT -7:00] Running from: c:\users\CRAIG\Desktop\ComboFix.exe Command switches used :: c:\users\CRAIG\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\free_tv_bar_c3\tbFree.dll c:\program files\upromise\upromisetoolbar.dll c:\users\craig\appdata\roaming\Cyelm c:\users\craig\appdata\roaming\Muwao c:\users\craig\appdata\roaming\Pyow c:\users\craig\appdata\roaming\Pyow\padog.gaq c:\windows\system32\logs\log-00003.xml c:\windows\system32\logs . . . . Failed to delete . . ((((((((((((((((((((((((( Files Created from 2012-10-21 to 2012-11-21 ))))))))))))))))))))))))))))))) . . 2012-11-21 19:22 . 2012-11-21 19:22 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-21 16:45 . 2012-11-21 19:25 -------- d-----w- c:\users\CRAIG\AppData\Local\temp 2012-11-21 05:53 . 2012-11-21 19:24 -------- d-----w- c:\windows\system32\Logs 2012-11-21 02:28 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{547CEB22-0816-4932-8843-11D408533927}\mpengine.dll 2012-11-20 19:08 . 2012-11-20 19:08 -------- d-----w- c:\program files\Common Files\Java 2012-11-20 19:08 . 2012-11-20 19:07 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-11-20 19:07 . 2012-11-20 19:07 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-11-20 18:55 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-11-19 17:30 . 2012-10-30 23:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-11-19 17:30 . 2012-10-30 23:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-11-19 17:30 . 2012-10-15 16:59 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-11-19 17:30 . 2012-10-30 23:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-11-19 17:30 . 2012-10-30 23:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-11-19 17:30 . 2012-10-30 23:51 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-11-19 17:29 . 2012-10-30 23:51 41224 ----a-w- c:\windows\avastSS.scr 2012-11-19 17:29 . 2012-10-30 23:50 227648 ----a-w- c:\windows\system32\aswBoot.exe 2012-11-19 17:28 . 2012-11-19 17:28 -------- d-----w- c:\programdata\AVAST Software 2012-11-19 17:28 . 2012-11-19 17:28 -------- d-----w- c:\program files\AVAST Software 2012-11-16 10:02 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-11-16 10:02 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-11-16 10:02 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-11-16 10:02 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2012-11-16 10:02 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2012-11-16 10:02 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll 2012-11-16 10:02 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll 2012-11-16 10:02 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe 2012-11-16 10:02 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2012-11-14 16:07 . 2012-10-03 16:58 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-11-14 16:07 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll 2012-11-14 16:07 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll 2012-11-14 16:07 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll 2012-11-14 16:07 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll 2012-11-14 16:07 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll 2012-11-14 16:07 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll 2012-11-14 16:07 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-11-14 16:07 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll 2012-11-14 16:07 . 2012-10-18 17:59 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-11-14 16:07 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-11-14 16:07 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-10-30 18:16 . 2012-11-21 17:13 -------- d-----w- c:\program files\Mozilla Thunderbird . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-21 19:24 . 2010-03-19 20:31 0 ----a-w- c:\users\CRAIG\AppData\Local\WavXMapDrive.bat 2012-11-20 19:07 . 2010-04-18 16:33 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-28 15:00 . 2012-10-20 17:52 740784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6A01E92D-E9F0-4A19-80BB-290C7B1301A7}\gapaengine.dll 2012-09-28 15:00 . 2012-06-13 15:31 740784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-09-21 04:38 . 2011-09-01 19:12 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2012-09-21 04:38 . 2010-11-17 20:24 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2012-09-14 18:28 . 2012-10-10 05:00 2048 ----a-w- c:\windows\system32\tzres.dll 2012-09-10 14:26 . 2010-11-17 20:25 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2012-09-10 14:26 . 2010-11-17 20:25 4278384 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2012-09-10 14:25 . 2011-09-01 19:10 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2012-09-10 14:25 . 2010-11-17 20:24 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-09-02 17:08 . 2011-10-02 23:39 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll 2012-09-02 16:37 . 2010-12-10 15:23 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2012-08-31 17:18 . 2012-10-10 05:00 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys 2012-08-31 04:03 . 2012-08-31 04:03 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-08-31 04:03 . 2010-10-25 04:25 99272 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-08-30 17:12 . 2012-10-10 05:00 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-30 17:12 . 2012-10-10 05:00 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-08-24 16:57 . 2012-10-10 05:00 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-10-27 21:41 . 2012-10-27 21:40 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 23:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay] @="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}" [HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}] 2009-06-12 00:41 49152 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay] @="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}" [HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}] 2009-06-12 00:41 49152 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Upromise Update"="c:\program files\Upromise\dca-ua.exe" [2011-08-04 267584] "Upromise Tray"="c:\program files\Upromise\UpromiseTray.exe" [2011-09-02 279896] "MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] "BIBLauncher"="c:\program files\Business-in-a-Box\BIBLauncher.exe" [2012-05-16 915248] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-06-19 249856] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-08-01 458844] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-03 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-03 174104] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-03 151064] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-07 186904] "DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2009-06-12 656384] "DellConnectionManager"="c:\program files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe" [2009-10-06 1826816] "ChangeTPMAuth"="c:\program files\Wave Systems Corp\Common\ChangeTPMAuth.exe" [2009-06-03 184320] "WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2009-07-27 134656] "USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2009-08-14 15872] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2008-03-06 236016] "BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2009-08-19 3618104] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-10 29984] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-10 46368] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712] "Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2012-03-14 2215768] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-08 421776] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Billeo.lnk - c:\program files\Billeo\billeo.exe [N/A] Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2009-7-16 1245472] Intuit Data Protect.lnk - c:\program files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe [2012-6-5 5982040] QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2012-6-5 1176464] QuickBooks_Standard_21.lnk - c:\program files\Intuit\QuickBooks 2009\QBW32.EXE [2012-6-5 1181584] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 wvauth . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [x] R3 acpials;ALS Sensor Filter;c:\windows\system32\DRIVERS\acpials.sys [x] R3 BrSerIb;Brother MFC Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys [x] R3 BrUsbSIb;Brother MFC Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys [x] R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 NvtSp50;NvtSp50 NDIS Protocol Driver;c:\windows\system32\Drivers\NvtSp50.sys [x] R3 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe86.sys [x] R3 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe86.sys [x] R3 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe86.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [x] S2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [x] S2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [x] S2 FlipShareServer;FlipShare Server;c:\program files\Flip Video\FlipShareServer\FlipShareServer.exe [x] S2 QBVSS;QBIDPService;c:\program files\Common Files\Intuit\DataProtect\QBIDPService.exe [x] S2 SMManager;Smith Micro Connection Manager Service;c:\program files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [x] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x] S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2012-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-02-21 21:52] . 2012-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-02-21 21:52] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/ uInternet Settings,ProxyOverride = *.local Trusted Zone: schwabintsitutional.com Trusted Zone: wallst.com\*.sim TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2012-11-19 10:39; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2270400815-616284404-3630716744-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (S-1-5-21-2270400815-616284404-3630716744-1000) @Denied: (2) (LocalSystem) "Progid"="ThunderbirdEML" . [HKEY_USERS\S-1-5-21-2270400815-616284404-3630716744-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (S-1-5-21-2270400815-616284404-3630716744-1000) @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'lsass.exe'(604) c:\windows\system32\wvauth.DLL . - - - - - - - > 'Explorer.exe'(3252) c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Microsoft Security Client\MsMpEng.exe c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_450b431403c091e3\STacSV.exe c:\program files\AVAST Software\Avast\AvastSvc.exe c:\windows\system32\taskhost.exe c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Flip Video\FlipShare\FlipShareService.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\program files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe c:\windows\system32\conhost.exe c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\igfxsrvc.exe c:\program files\Brother\ControlCenter3\brccMCtl.exe c:\program files\Brother\Brmfcmon\BrMfimon.exe c:\program files\Brother\Brmfcmon\BrMfcmon.exe c:\windows\system32\msiexec.exe c:\program files\Common Files\Apple\Apple Application Support\distnoted.exe c:\windows\system32\conhost.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\igfxext.exe c:\windows\system32\sppsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Completion time: 2012-11-21 12:30:43 - machine was rebooted ComboFix-quarantined-files.txt 2012-11-21 19:30 ComboFix2.txt 2012-11-21 16:53 ComboFix3.txt 2012-11-21 15:50 ComboFix4.txt 2012-11-21 06:01 . Pre-Run: 84,321,107,968 bytes free Post-Run: 84,269,613,056 bytes free . - - End Of File - - 5322CB59EDFD83B6A52E8836DF1C8099