Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Ive got spyware... pls help [Closed]

Started by soclueless , Aug 29 2013 01:07 PM

  • This topic is locked This topic is locked

#1
soclueless
Posted 29 August 2013 - 01:07 PM

soclueless

    Member

  • Member
  • PipPip
  • 36 posts
My internet is behaving like i have a lot of spyware running, lots of pop ups and repeated web pages.
  • 0

Advertisements

#2
Nutloaf
Posted 29 August 2013 - 02:10 PM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hello Soclueless :welcome:

My name is Nutloaf, and I will be helping you with Malware Removal.

I am currently in training and my posts will need to be reviewed by an expert, so expect a slight delay between posts. :)

Please read all instructions and fixes thoroughly.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode and access to the GeeksToGo website will be unavailable.
  • Any fixes provided by myself are for this log file only and cannot be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened if you still require assitance.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.

Finally before we start:

Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean.

I strongly recommend you backup your personal files and folders.


Let's begin :) Follow in the order given:

1. DOWNLOAD OTL
  • Using this link Download OTL and save it to your Desktop
  • If saved to another location, right click the OTL icon and Select Cut then right click on Desktop and select Paste
  • Right click the OTL icon and select Run as Administrator.
  • Make sure the following boxes are checked:
  • Scan All Users
  • Use Company-Name WhiteList
  • Skip Microsoft Files
  • Use No-Company-Name WhiteList
  • LOP Check
  • Purity Check
  • In the Extra Registry box select Use Safe List
  • Copy and paste the following into the Custom Scans\Fixes box without the word Quote.

    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    dir C:\ /S /A:L /C

  • Now Click Run Scan
  • OTL will now scan your computer and produce 2 log files. OTL.txt and Extras.txt.
  • Post both in your next reply

2. Run ADWcleaner
  • Using this link Download ADWcleaner and save to Desktop.
  • Right click ADWcleaner and Run as Administrator then select Search
  • Once the scan is complete click Report. Please post this report in your next reply.

3. Security Check
Download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Things I want to see in your next post.
  • OTL.txt
  • ADWcleaner Report
  • checkup.txt

  • 0

#3
soclueless
Posted 01 September 2013 - 02:25 PM

soclueless

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
OTL Extras logfile created on: 01/09/2013 20:35:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Emma\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.96 Gb Total Physical Memory | 1.64 Gb Available Physical Memory | 55.20% Memory free
6.14 Gb Paging File | 4.65 Gb Available in Paging File | 75.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.08 Gb Total Space | 73.24 Gb Free Space | 32.83% Space Free | Partition Type: NTFS
Drive E: | 9.77 Gb Total Space | 4.71 Gb Free Space | 48.27% Space Free | Partition Type: NTFS

Computer Name: EMMA-PC | User Name: Emma | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-3381084808-643164800-2343077201-1000\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"UpdatesDisableNotify" = 0
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06362CCD-1131-4976-ACA4-C2DC95951CFD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{3C1138C6-75B4-4024-8BF9-1EB5A2E52DA0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A309F9CD-89DB-47E3-81F6-2A2D3BF2E733}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FD87CB9F-702B-4F4F-A069-CB9D5062B7AD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A00AFE3-8AA0-49E4-A56C-8B7D8C3E8C6B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0A71E516-AC6A-4C6B-9402-B3542D03DF91}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{24DA3A19-AF84-4A56-93B6-9391867DEE1F}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{402601EA-C0EB-4CBD-BF56-C868CC2FBB1B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{48E632B3-5F57-48AA-AB26-E32891F35126}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{4AD59754-F2C0-4641-A914-F50F9A2A727E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{58090F98-3E25-41C1-B980-435AAEE2F857}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{58A090A9-28AB-4567-97BE-F3ADC5767063}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{6F7F2AD3-CB73-4FF0-AEB0-1570C8A7F2D4}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{73975BE6-F12D-470E-99A4-C68D1B2B51D1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{77D6317A-EA67-49D0-8920-B19355B7DCAE}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{80575437-CDC9-48CF-B43B-F6441CF87A44}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{83F8CBEB-F660-485C-BCC7-BBBDA6E612C9}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{8A0C7AE6-52CD-4C89-B653-73BFDE2C954B}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{9B72D0F7-C6AD-40C1-99E5-1DE7DD68D409}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A4076FC6-DCEC-4E8C-94E9-110C7955DD8D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{ADCBB59F-7FA8-4122-AC02-5C920545C950}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{BD2BD2D9-8C28-4138-A067-BD92D3D7DDAA}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{CC5FFDF3-FB31-4F40-9FCE-F46FD688B60F}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{D4B6A16E-7922-4808-9E8B-1C4F37668624}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DFABEF45-CC0F-417D-B0DB-E271FE21496F}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{E38DE39A-0A65-465C-BB04-3A5CC9FD775F}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{ED6562AC-CB39-4952-85E5-F1823978C12A}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{EF2BB18A-391A-4D6D-8360-CC4A0E6814C2}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{F4C30002-0CE8-464F-8909-D82D25EF9A72}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{FEEACF0E-DFD6-472C-8396-A88B005AA4A1}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"TCP Query User{0A9727E7-8D5A-4B90-AB97-45FE2E50EEFD}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{37799CEF-1459-4266-AB04-E564CCA5A38E}C:\program files\huawei technologies\huawei umts data card\3 usb modem.exe" = protocol=6 | dir=in | app=c:\program files\huawei technologies\huawei umts data card\3 usb modem.exe |
"TCP Query User{7CFA7AEC-D737-440C-A63B-E039769ACDA8}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{B0D3EA00-880B-4D5A-A5E7-ECA626F6B1BE}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{1D2FF6C5-5E0C-4144-9631-F466564386F5}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{72931349-02A9-4199-BEB5-2C276D1BA465}C:\program files\huawei technologies\huawei umts data card\3 usb modem.exe" = protocol=17 | dir=in | app=c:\program files\huawei technologies\huawei umts data card\3 usb modem.exe |
"UDP Query User{8128C47D-D1BF-4A3C-85C0-55053A16499E}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{EBA47B14-FDB1-41EC-A11B-0692DF630C1E}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11E568E0-3244-4BCB-875E-F334269DFDCB}" = iTunes
"{14C35072-D7D0-4B29-B5BF-C94E426D77E9}" = Sky Broadband
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 24
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D9C7DA3-D532-432D-A556-5F6CD186B0A5}" = DJ_AIO_03_F4200_ProductContext
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5BBD0D3F-E4B2-4EE4-806A-07A95D4E2683}" = Sky Broadband Browser Branding
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{62340a00-1b99-4a03-9efc-765636e35146}" = Wallpaper Changer
"{62653245-3DC5-4019-AF6B-4E62D6150D9E}" = F4200_Help
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{67DFCE0D-BBA9-43AC-90B3-548390ECE522}" = F4200
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6A143F03-DFB2-4DE4-9332-8FB34E07281D}" = BTOffer
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DBCE8C7-FE94-4D8F-9FF0-38EF3D8BC99E}" = DJ_AIO_03_F4200_Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A11409F1-CD33-4076-85CB-4EE4A8439BFE}" = Scan
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2}" = HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B29B526D-F027-4122-BC7A-D9E5BC86CC40}" = DJ_AIO_03_F4200_Software_Min
"{B515962D-C979-44AC-9912-F7BB499B4B2C}" = VirtualDJ Home FREE
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C078C299-C2C2-4110-A6EF-8D5E66C228DA}" = e-tax 2011
"{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}" = Dell Best of Web
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F23D228D-FC91-4CD7-A519-4E4F63CBC4C9}" = Wallpaper Changer
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FBE569CA-BFEB-4E57-A674-F94D938E1AEF}" = e-tax 2010
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Windows Driver Package - Nokia Modem (10/07/2010 4.6)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"E5372C32E8562C76C24DBA6525002B1031495F34" = Windows Driver Package - Nokia Modem (06/09/2010 7.01.0.8)
"EPSON SX235 Series" = EPSON SX235 Series Printer Uninstall
"Flvto Youtube Downloader" = Flvto Youtube Downloader
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 23.0.1 (x86 en-GB)" = Mozilla Firefox 23.0.1 (x86 en-GB)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"NetWorx_is1" = NetWorx 5.1.5
"Nokia PC Suite" = Nokia PC Suite
"PC-Doctor for Windows" = My Dell
"Shop for HP Supplies" = Shop for HP Supplies
"TomTom HOME" = TomTom HOME 2.7.6.2056
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3381084808-643164800-2343077201-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{C1C3E833-420E-4D78-9BA7-86AEBB272384}" = TopArcadeHits

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 29/08/2013 10:10:47 | Computer Name = Emma-PC | Source = Perflib | ID = 1010
Description =

Error - 29/08/2013 10:10:49 | Computer Name = Emma-PC | Source = Perflib | ID = 1008
Description =

Error - 29/08/2013 14:45:56 | Computer Name = Emma-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 29/08/2013 14:45:56 | Computer Name = Emma-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6336792

Error - 29/08/2013 14:45:56 | Computer Name = Emma-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6336792

Error - 31/08/2013 03:56:39 | Computer Name = Emma-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 31/08/2013 03:56:39 | Computer Name = Emma-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 143973

Error - 31/08/2013 03:56:39 | Computer Name = Emma-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 143973

Error - 31/08/2013 04:42:16 | Computer Name = Emma-PC | Source = EventSystem | ID = 4622
Description =

Error - 01/09/2013 13:49:04 | Computer Name = Emma-PC | Source = Perflib | ID = 1010
Description =

Error - 01/09/2013 13:49:05 | Computer Name = Emma-PC | Source = Perflib | ID = 1008
Description =

[ Broadcom Wireless LAN Events ]
Error - 10/06/2013 15:59:03 | Computer Name = Emma-PC | Source = WLAN-Tray | ID = 0
Description = 20:59:03, Mon, Jun 10, 13 Error - User "" does not have administrative
privileges on this system

Error - 14/06/2013 01:29:48 | Computer Name = Emma-PC | Source = WLAN-Tray | ID = 0
Description = 06:29:48, Fri, Jun 14, 13 Error - User "" does not have administrative
privileges on this system

Error - 14/06/2013 18:38:00 | Computer Name = Emma-PC | Source = WLAN-Tray | ID = 0
Description = 23:38:00, Fri, Jun 14, 13 Error - User "" does not have administrative
privileges on this system

Error - 09/07/2013 05:05:37 | Computer Name = Emma-PC | Source = WLAN-Tray | ID = 0
Description = 10:05:36, Tue, Jul 09, 13 Error - Unable to gain access to user store


Error - 22/07/2013 08:33:47 | Computer Name = Emma-PC | Source = WLAN-Tray | ID = 0
Description = 13:33:47, Mon, Jul 22, 13 Error - User "" does not have administrative
privileges on this system

Error - 26/07/2013 11:48:24 | Computer Name = Emma-PC | Source = WLAN-Tray | ID = 0
Description = 16:48:24, Fri, Jul 26, 13 Error - Unable to gain access to user store


Error - 06/08/2013 20:20:51 | Computer Name = Emma-PC | Source = WLAN-Tray | ID = 0
Description = 01:20:51, Wed, Aug 07, 13 Error - User "" does not have administrative
privileges on this system

Error - 22/08/2013 13:17:11 | Computer Name = Emma-PC | Source = WLAN-Tray | ID = 0
Description = 18:17:11, Thu, Aug 22, 13 Error - User "" does not have administrative
privileges on this system

Error - 24/08/2013 07:08:16 | Computer Name = Emma-PC | Source = WLAN-Tray | ID = 0
Description = 12:08:15, Sat, Aug 24, 13 Error - Unable to gain access to user store


Error - 31/08/2013 03:50:06 | Computer Name = Emma-PC | Source = WLAN-Tray | ID = 0
Description = 08:50:05, Sat, Aug 31, 13 Error - Unable to gain access to user store


[ System Events ]
Error - 01/09/2013 12:21:33 | Computer Name = Emma-PC | Source = DCOM | ID = 10016
Description =

Error - 01/09/2013 12:22:02 | Computer Name = Emma-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 01/09/2013 12:22:04 | Computer Name = Emma-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 01/09/2013 15:27:23 | Computer Name = Emma-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 20:23:56 on 01/09/2013 was unexpected.

Error - 01/09/2013 15:28:25 | Computer Name = Emma-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 01/09/2013 15:28:25 | Computer Name = Emma-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 01/09/2013 15:28:39 | Computer Name = Emma-PC | Source = DCOM | ID = 10016
Description =

Error - 01/09/2013 15:28:40 | Computer Name = Emma-PC | Source = DCOM | ID = 10016
Description =

Error - 01/09/2013 15:29:06 | Computer Name = Emma-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 01/09/2013 15:29:11 | Computer Name = Emma-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >



OTL logfile created on: 01/09/2013 20:35:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Emma\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.96 Gb Total Physical Memory | 1.64 Gb Available Physical Memory | 55.20% Memory free
6.14 Gb Paging File | 4.65 Gb Available in Paging File | 75.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.08 Gb Total Space | 73.24 Gb Free Space | 32.83% Space Free | Partition Type: NTFS
Drive E: | 9.77 Gb Total Space | 4.71 Gb Free Space | 48.27% Space Free | Partition Type: NTFS

Computer Name: EMMA-PC | User Name: Emma | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/01 20:31:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Emma\Desktop\OTL.exe
PRC - [2013/08/24 14:44:05 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/08/21 20:33:03 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013/07/22 10:47:52 | 000,735,744 | ---- | M] () -- C:\Program Files\Wallpaper Changer\Wallpaper Changer.exe
PRC - [2013/05/22 10:30:52 | 000,661,360 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\saUI.exe
PRC - [2013/03/13 18:40:08 | 001,278,064 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2013/02/19 15:12:14 | 000,172,416 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2013/02/19 15:08:52 | 000,169,320 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2013/02/19 15:06:50 | 000,203,840 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2013/02/05 16:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2012/08/31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/29 07:03:02 | 000,249,440 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIHLE.EXE
PRC - [2010/08/24 10:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010/08/24 10:38:16 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/09/24 05:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/09/17 06:17:12 | 000,225,362 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_85b55258\stacsv.exe
PRC - [2008/09/17 06:17:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_85b55258\AEstSrv.exe
PRC - [2008/09/04 06:29:18 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/09/04 06:29:10 | 000,200,704 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008/09/04 06:29:10 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2008/09/04 06:29:10 | 000,046,376 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/05/23 21:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/05/08 00:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/05/08 00:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/24 14:44:04 | 003,551,640 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/08/21 20:33:02 | 016,166,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013/07/22 10:47:52 | 000,735,744 | ---- | M] () -- C:\Program Files\Wallpaper Changer\Wallpaper Changer.exe
MOD - [2012/06/15 03:17:21 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c06946b464ae8dd22151e0a6f310c976\System.Windows.Forms.ni.dll
MOD - [2012/06/15 03:08:16 | 018,000,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\bcec0e7db1d027328cc8cd702185fa66\PresentationFramework.ni.dll
MOD - [2012/06/15 03:07:32 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b460188cf6862491550a006c3660e2e6\PresentationCore.ni.dll
MOD - [2012/06/15 03:06:51 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\1d3c2d83da69c30ba8edf5cfea3c0057\WindowsBase.ni.dll
MOD - [2012/06/15 03:06:44 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\29e48cb144e24a7b4335d1360cc06642\System.Drawing.ni.dll
MOD - [2012/05/09 03:22:16 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8f0cf05d2b1e46a772312143227cb6ed\System.Xml.Linq.ni.dll
MOD - [2012/05/09 03:22:14 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a181199f8dec15116e1c2eb4a79ec22b\System.Xaml.ni.dll
MOD - [2012/05/09 03:17:03 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\3263fe38362543170c1682381eeac25a\PresentationFramework.Aero.ni.dll
MOD - [2012/05/09 03:09:34 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\3e4f9b3b78f0f13b7469a14e69d756ef\System.Core.ni.dll
MOD - [2012/05/09 03:09:26 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\6711765f90c0082ec393943b924ed277\System.Configuration.ni.dll
MOD - [2012/05/09 03:09:24 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bd2433e160ce2f19acc8ebe10babae8d\System.Xml.ni.dll
MOD - [2012/05/09 03:09:10 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\9cf67ed1b743fbc3dd6b78fbc0595236\System.ni.dll
MOD - [2012/05/09 03:08:52 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\1bdf7de454340e0ea9fc455aeaec49d9\mscorlib.ni.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/09/15 22:15:10 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\9b8e883fd5fa51f026577156a0ee9d57\System.Runtime.Remoting.ni.dll
MOD - [2011/09/15 22:13:53 | 011,804,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\62dfd8797881fd7a0d0de3f448a18c01\System.Web.ni.dll
MOD - [2011/09/15 22:11:11 | 007,949,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ed6ae2749d12c4729ee43ff339de4bb8\System.ni.dll
MOD - [2011/09/15 22:10:19 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\98bbdd8c400493ad228b8283665cc9da\mscorlib.ni.dll
MOD - [2008/08/05 13:16:20 | 000,055,808 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll


========== Services (SafeList) ==========

SRV - [2013/08/24 14:44:05 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/21 20:33:11 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/19 15:12:14 | 000,172,416 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2013/02/19 15:08:52 | 000,169,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2013/02/19 15:06:50 | 000,203,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2013/02/05 16:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2013/01/08 13:55:20 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/11/16 22:07:20 | 000,279,048 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/08/31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2012/08/31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2012/08/31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2012/08/31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2012/08/31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2012/08/31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2012/08/31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/12/08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/08/24 10:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2008/09/24 05:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/09/17 06:17:12 | 000,225,362 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_85b55258\stacsv.exe -- (STacSV)
SRV - [2008/09/17 06:17:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_85b55258\AEstSrv.exe -- (AESTFilters)
SRV - [2008/05/08 00:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\szkgfs.sys -- (szkgfs)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\szkg.sys -- (szkg5)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\is3srv.sys -- (is3srv)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - [2013/02/19 15:15:04 | 000,060,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2013/02/19 15:12:24 | 000,210,608 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2013/02/19 15:10:52 | 000,092,632 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2013/02/19 15:09:52 | 000,565,888 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2013/02/19 15:09:02 | 000,363,080 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2013/02/19 15:08:40 | 000,065,928 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2013/02/19 15:08:20 | 000,235,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2013/02/19 15:07:50 | 000,133,416 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012/04/20 16:40:44 | 000,146,872 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV - [2010/12/30 16:21:59 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\pssdk42.sys -- (PSSDK42)
DRV - [2010/07/30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/07/26 13:24:46 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009/04/11 06:06:26 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2008/09/17 06:17:22 | 000,382,976 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008/09/04 06:29:08 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/05 13:16:06 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/01/21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2008/01/21 03:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2006/11/02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=uk&ibd=2081125
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUK


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUK
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUK
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sky.com
IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-se...120695&tsp=4955
IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-se...120695&tsp=4955
IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\..\SearchScopes\{B95C1320-1397-4D87-8DD0-70C887D09DFD}: "URL" = http://www.google.co...&rlz=1I7DKUK_en
IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://uk.search.yah...p={searchTerms}
IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.order.1: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..extensions.enabledAddons: unplug%40compunach:2.054
FF - prefs.js..extensions.enabledAddons: %7B0113D088-8ED1-468C-B225-585A9C53B5E3%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.736
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.0
FF - prefs.js..keyword.URL: "http://uk.search.yah...h?fr=mcafee&p="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2012/12/16 13:05:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013/07/12 14:39:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/24 22:31:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/17 19:06:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2013/09/01 18:07:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{6B0F28E7-3D48-4432-8138-EBDD51883375}: C:\Users\Emma\AppData\Local\{6B0F28E7-3D48-4432-8138-EBDD51883375}

[2010/07/31 10:09:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Emma\AppData\Roaming\Mozilla\Extensions
[2009/06/24 10:18:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Emma\AppData\Roaming\Mozilla\Extensions\[email protected]
[2009/06/24 09:08:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Emma\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/08/28 22:21:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\extensions
[2013/07/26 23:50:33 | 000,000,000 | ---D | M] (TopArcadeHits) -- C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}
[2012/12/16 13:05:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/03/01 18:31:11 | 000,142,907 | ---- | M] () (No name found) -- C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\extensions\[email protected]
[2013/07/26 23:44:10 | 000,006,507 | ---- | M] () -- C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\searchplugins\babylon.xml
[2013/05/24 22:31:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/03/01 18:50:38 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/24 22:31:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/08/24 14:44:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/08/23 22:36:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions
[2013/08/23 22:36:36 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/07/12 14:39:05 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/09/26 22:19:55 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/

O1 HOSTS File: ([2011/06/12 13:36:11 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (TopArcadeHits Games) - {A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} - C:\Users\Emma\AppData\Local\TopArcadeHits\Toparcadehits.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&NetWorx Desk Band) - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\Program Files\NetWorx\deskband.dll (SoftPerfect Research)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-3381084808-643164800-2343077201-1000..\Run: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIHLE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-3381084808-643164800-2343077201-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-3381084808-643164800-2343077201-1000..\Run: [Wallpaper Changer] C:\Program Files\Wallpaper Changer\Wallpaper Changer.exe ()
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\TEMP.Emma-PC.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\TEMP.Emma-PC.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\TEMP.Emma-PC.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\TEMP.Emma-PC.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\TEMP.Emma-PC.009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\TEMP.Emma-PC.011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O4 - Startup: C:\Users\TEMP.Emma-PC.012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\TEMP.Emma-PC.013\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\TEMP.Emma-PC.014\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\TEMP.Emma-PC.015\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\TEMP.Emma-PC.016\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\TEMP.Emma-PC.017\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\TEMP.Emma-PC.018\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\TEMP.Emma-PC.019\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra Button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Bejeweled%203/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail....NPUplden-au.cab (MSN Photo Upload Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Bejeweled%203/Images/armhelper.ocx (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail....NPUplden-au.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C784ABCF-CEB9-4A70-93CC-38F213549E98}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDE81524-CC82-4BD2-B829-9FD05DD4DDB6}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Emma\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Emma\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/01 20:32:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/09/01 20:31:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Emma\Desktop\OTL.exe
[2013/08/28 20:33:44 | 000,000,000 | ---D | C] -- C:\Users\Emma\AppData\Local\{CE498A39-FAF8-4F39-B98A-C58DE37FA02B}
[2013/08/23 21:07:31 | 000,000,000 | ---D | C] -- C:\Users\Emma\Desktop\New Folder (2)
[2013/08/21 21:31:43 | 000,000,000 | ---D | C] -- C:\Users\Emma\AppData\Local\{DF7D7928-D0C1-4E22-8981-704DDCBF23A3}
[2013/08/19 01:14:45 | 000,000,000 | ---D | C] -- C:\Users\Emma\Desktop\New Folder
[2013/08/18 20:12:54 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/08/08 19:36:11 | 000,000,000 | ---D | C] -- C:\Users\Emma\AppData\Local\{D26E5FFF-6C7E-4F03-9EF7-090B86F5101B}
[2013/08/06 00:29:56 | 000,000,000 | ---D | C] -- C:\Users\Emma\AppData\Local\{30457D25-FF7B-4A63-97A6-CE5E47F32C6D}
[2013/05/20 20:37:18 | 000,632,120 | ---- | C] (Hotger) -- C:\Users\Emma\FlvtoYoutubeDownloaderSetup.exe
[2012/04/10 22:21:28 | 006,950,552 | ---- | C] (Microsoft Corporation) -- C:\Users\Emma\Silverlight.exe
[2011/12/10 18:57:12 | 000,980,104 | ---- | C] (Skype Technologies S.A.) -- C:\Users\Emma\SkypeSetup.exe
[2011/05/03 18:45:34 | 002,832,544 | ---- | C] (Adobe Systems, Inc.) -- C:\Users\Emma\install_flash_player.exe
[2010/12/30 16:20:44 | 001,744,402 | ---- | C] (Softperfect Research ) -- C:\Users\Emma\networx_setup.exe
[2010/11/02 17:02:56 | 000,568,656 | ---- | C] (Google Inc.) -- C:\Users\Emma\GoogleEarthSetup.exe
[2010/10/22 16:32:25 | 008,390,208 | ---- | C] (Mozilla) -- C:\Users\Emma\Firefox Setup 3.6.11.exe
[2010/09/02 17:39:36 | 000,956,344 | ---- | C] (Microsoft Corporation) -- C:\Program Files\SaveAsPDFandXPS.exe
[2010/08/11 08:47:12 | 000,585,584 | ---- | C] (Symantec Corporation) -- C:\Program Files\AutoDetectPkg.exe
[2010/08/10 02:24:23 | 016,062,240 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jre-6u21-windows-i586.exe

========== Files - Modified Within 30 Days ==========

[2013/09/01 20:31:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Emma\Desktop\OTL.exe
[2013/09/01 20:27:43 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/01 20:27:43 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/01 20:27:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/01 20:27:18 | 3181,760,512 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/01 20:02:18 | 000,001,737 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2013/09/01 18:48:34 | 000,000,260 | ---- | M] () -- C:\Windows\tasks\TopArcadeHits.job
[2013/09/01 18:27:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/01 17:56:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/01 17:07:45 | 000,646,360 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/09/01 17:07:45 | 000,124,574 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/08/31 08:51:43 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/21 20:34:56 | 000,057,344 | ---- | M] () -- C:\Users\Emma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2011/11/02 17:22:58 | 000,000,000 | ---- | C] () -- C:\Users\Emma\AppData\Local\{CCBDADD6-CC5D-4B96-A4EE-2C0424F17D80}
[2011/08/31 22:29:29 | 006,921,728 | ---- | C] () -- C:\Users\Emma\etax2011_1.msi
[2010/07/31 12:36:49 | 000,007,144 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2010/07/31 01:44:02 | 000,005,972 | ---- | C] () -- C:\Users\Emma\AppData\Local\d3d9caps.dat
[2009/09/13 08:55:38 | 000,000,552 | ---- | C] () -- C:\Users\Emma\AppData\Local\d3d8caps.dat
[2008/12/27 18:06:45 | 000,057,344 | ---- | C] () -- C:\Users\Emma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/07/26 16:51:48 | 011,584,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/08/28 22:22:50 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\BabSolution
[2013/05/20 21:58:28 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\FlvtoConverter
[2012/12/16 13:05:51 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\GetRightToGo
[2010/09/30 01:59:49 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\iCopyExpert
[2010/09/27 10:03:43 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Nokia
[2009/06/24 13:25:35 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\PC Suite
[2011/03/05 20:18:12 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\PCDr
[2012/12/16 13:05:53 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\SpinTop
[2009/06/24 10:18:19 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\TomTom
[2012/12/16 13:05:53 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\VistaCodecs
[2010/11/17 14:51:44 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Windows Live Writer
[2010/09/27 10:28:55 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Xilisoft

========== Purity Check ==========



========== Custom Scans ==========

< MD5 for: EXPLORER.EXE >
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\System Volume Information\SystemRestore\FRStaging\Windows\ERDNT\cache\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\ERDNT\cache\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\System Volume Information\SystemRestore\FRStaging\Windows\ERDNT\cache\svchost.exe
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\System Volume Information\SystemRestore\FRStaging\Windows\ERDNT\cache\userinit.exe
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\System Volume Information\SystemRestore\FRStaging\Windows\ERDNT\cache\winlogon.exe
[2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\ERDNT\cache\winlogon.exe
[2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< dir C:\ /S /A:L /C >
Volume in drive C is OS
Volume Serial Number is 6EDB-0B0A
Directory of C:\
27/12/2008 17:47 <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
27/12/2008 17:47 <JUNCTION> Application Data [C:\ProgramData]
27/12/2008 17:47 <JUNCTION> Desktop [C:\Users\Public\Desktop]
27/12/2008 17:47 <JUNCTION> Documents [C:\Users\Public\Documents]
27/12/2008 17:47 <JUNCTION> Favorites [C:\Users\Public\Favorites]
27/12/2008 17:47 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
27/12/2008 17:47 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
27/12/2008 17:47 <SYMLINKD> All Users [C:\ProgramData]
27/12/2008 17:47 <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
27/12/2008 17:47 <JUNCTION> Application Data [C:\ProgramData]
27/12/2008 17:47 <JUNCTION> Desktop [C:\Users\Public\Desktop]
27/12/2008 17:47 <JUNCTION> Documents [C:\Users\Public\Documents]
27/12/2008 17:47 <JUNCTION> Favorites [C:\Users\Public\Favorites]
27/12/2008 17:47 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
27/12/2008 17:47 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
27/12/2008 17:47 <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
27/12/2008 17:47 <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
27/12/2008 17:47 <JUNCTION> My Documents [C:\Users\Default\Documents]
27/12/2008 17:47 <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
27/12/2008 17:47 <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
27/12/2008 17:47 <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
27/12/2008 17:47 <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
27/12/2008 17:47 <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
27/12/2008 17:47 <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
27/12/2008 17:47 <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
27/12/2008 17:47 <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
27/12/2008 17:47 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
27/12/2008 17:47 <JUNCTION> My Music [C:\Users\Default\Music]
27/12/2008 17:47 <JUNCTION> My Pictures [C:\Users\Default\Pictures]
27/12/2008 17:47 <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Emma
27/12/2008 17:50 <JUNCTION> Application Data [C:\Users\Emma\AppData\Roaming]
27/12/2008 17:50 <JUNCTION> Cookies [C:\Users\Emma\AppData\Roaming\Microsoft\Windows\Cookies]
27/12/2008 17:50 <JUNCTION> Local Settings [C:\Users\Emma\AppData\Local]
27/12/2008 17:50 <JUNCTION> My Documents [C:\Users\Emma\Documents]
27/12/2008 17:50 <JUNCTION> NetHood [C:\Users\Emma\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
27/12/2008 17:50 <JUNCTION> PrintHood [C:\Users\Emma\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
27/12/2008 17:50 <JUNCTION> Recent [C:\Users\Emma\AppData\Roaming\Microsoft\Windows\Recent]
27/12/2008 17:50 <JUNCTION> SendTo [C:\Users\Emma\AppData\Roaming\Microsoft\Windows\SendTo]
27/12/2008 17:50 <JUNCTION> Start Menu [C:\Users\Emma\AppData\Roaming\Microsoft\Windows\Start Menu]
27/12/2008 17:50 <JUNCTION> Templates [C:\Users\Emma\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Emma\AppData\Local
27/12/2008 17:50 <JUNCTION> Application Data [C:\Users\Emma\AppData\Local]
27/12/2008 17:50 <JUNCTION> History [C:\Users\Emma\AppData\Local\Microsoft\Windows\History]
27/12/2008 17:50 <JUNCTION> Temporary Internet Files [C:\Users\Emma\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Emma\Documents
27/12/2008 17:50 <JUNCTION> My Music [C:\Users\Emma\Music]
27/12/2008 17:50 <JUNCTION> My Pictures [C:\Users\Emma\Pictures]
27/12/2008 17:50 <JUNCTION> My Videos [C:\Users\Emma\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Guest
01/07/2013 19:26 <JUNCTION> Application Data [C:\Users\Guest\AppData\Roaming]
01/07/2013 19:26 <JUNCTION> Cookies [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies]
01/07/2013 19:26 <JUNCTION> Local Settings [C:\Users\Guest\AppData\Local]
01/07/2013 19:26 <JUNCTION> My Documents [C:\Users\Guest\Documents]
01/07/2013 19:26 <JUNCTION> NetHood [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
01/07/2013 19:26 <JUNCTION> PrintHood [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
01/07/2013 19:26 <JUNCTION> Recent [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Recent]
01/07/2013 19:26 <JUNCTION> SendTo [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\SendTo]
01/07/2013 19:26 <JUNCTION> Start Menu [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu]
01/07/2013 19:26 <JUNCTION> Templates [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Guest\AppData\Local
01/07/2013 19:26 <JUNCTION> Application Data [C:\Users\Guest\AppData\Local]
01/07/2013 19:26 <JUNCTION> History [C:\Users\Guest\AppData\Local\Microsoft\Windows\History]
01/07/2013 19:26 <JUNCTION> Temporary Internet Files [C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Guest\Documents
01/07/2013 19:26 <JUNCTION> My Music [C:\Users\Guest\Music]
01/07/2013 19:26 <JUNCTION> My Pictures [C:\Users\Guest\Pictures]
01/07/2013 19:26 <JUNCTION> My Videos [C:\Users\Guest\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
27/12/2008 17:47 <JUNCTION> My Music [C:\Users\Public\Music]
27/12/2008 17:47 <JUNCTION> My Pictures [C:\Users\Public\Pictures]
27/12/2008 17:47 <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.003
15/05/2011 06:21 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.003\AppData\Roaming]
15/05/2011 06:21 <JUNCTION> Cookies [C:\Users\TEMP.Emma-PC.003\AppData\Roaming\Microsoft\Windows\Cookies]
15/05/2011 06:21 <JUNCTION> Local Settings [C:\Users\TEMP.Emma-PC.003\AppData\Local]
15/05/2011 06:21 <JUNCTION> My Documents [C:\Users\TEMP.Emma-PC.003\Documents]
15/05/2011 06:21 <JUNCTION> NetHood [C:\Users\TEMP.Emma-PC.003\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
15/05/2011 06:21 <JUNCTION> PrintHood [C:\Users\TEMP.Emma-PC.003\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
15/05/2011 06:21 <JUNCTION> Recent [C:\Users\TEMP.Emma-PC.003\AppData\Roaming\Microsoft\Windows\Recent]
15/05/2011 06:21 <JUNCTION> SendTo [C:\Users\TEMP.Emma-PC.003\AppData\Roaming\Microsoft\Windows\SendTo]
15/05/2011 06:21 <JUNCTION> Start Menu [C:\Users\TEMP.Emma-PC.003\AppData\Roaming\Microsoft\Windows\Start Menu]
15/05/2011 06:21 <JUNCTION> Templates [C:\Users\TEMP.Emma-PC.003\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.003\AppData\Local
15/05/2011 06:21 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.003\AppData\Local]
15/05/2011 06:21 <JUNCTION> History [C:\Users\TEMP.Emma-PC.003\AppData\Local\Microsoft\Windows\History]
15/05/2011 06:21 <JUNCTION> Temporary Internet Files [C:\Users\TEMP.Emma-PC.003\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.003\Documents
15/05/2011 06:21 <JUNCTION> My Music [C:\Users\TEMP.Emma-PC.003\Music]
15/05/2011 06:21 <JUNCTION> My Pictures [C:\Users\TEMP.Emma-PC.003\Pictures]
15/05/2011 06:21 <JUNCTION> My Videos [C:\Users\TEMP.Emma-PC.003\Videos]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.005
28/08/2011 20:41 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.005\AppData\Roaming]
28/08/2011 20:41 <JUNCTION> Cookies [C:\Users\TEMP.Emma-PC.005\AppData\Roaming\Microsoft\Windows\Cookies]
28/08/2011 20:41 <JUNCTION> Local Settings [C:\Users\TEMP.Emma-PC.005\AppData\Local]
28/08/2011 20:41 <JUNCTION> My Documents [C:\Users\TEMP.Emma-PC.005\Documents]
28/08/2011 20:41 <JUNCTION> NetHood [C:\Users\TEMP.Emma-PC.005\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
28/08/2011 20:41 <JUNCTION> PrintHood [C:\Users\TEMP.Emma-PC.005\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
28/08/2011 20:41 <JUNCTION> Recent [C:\Users\TEMP.Emma-PC.005\AppData\Roaming\Microsoft\Windows\Recent]
28/08/2011 20:41 <JUNCTION> SendTo [C:\Users\TEMP.Emma-PC.005\AppData\Roaming\Microsoft\Windows\SendTo]
28/08/2011 20:41 <JUNCTION> Start Menu [C:\Users\TEMP.Emma-PC.005\AppData\Roaming\Microsoft\Windows\Start Menu]
28/08/2011 20:41 <JUNCTION> Templates [C:\Users\TEMP.Emma-PC.005\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.005\AppData\Local
28/08/2011 20:41 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.005\AppData\Local]
28/08/2011 20:41 <JUNCTION> History [C:\Users\TEMP.Emma-PC.005\AppData\Local\Microsoft\Windows\History]
28/08/2011 20:41 <JUNCTION> Temporary Internet Files [C:\Users\TEMP.Emma-PC.005\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.005\Documents
28/08/2011 20:41 <JUNCTION> My Music [C:\Users\TEMP.Emma-PC.005\Music]
28/08/2011 20:41 <JUNCTION> My Pictures [C:\Users\TEMP.Emma-PC.005\Pictures]
28/08/2011 20:41 <JUNCTION> My Videos [C:\Users\TEMP.Emma-PC.005\Videos]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.006
28/08/2011 20:46 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.006\AppData\Roaming]
28/08/2011 20:46 <JUNCTION> Cookies [C:\Users\TEMP.Emma-PC.006\AppData\Roaming\Microsoft\Windows\Cookies]
28/08/2011 20:46 <JUNCTION> Local Settings [C:\Users\TEMP.Emma-PC.006\AppData\Local]
28/08/2011 20:46 <JUNCTION> My Documents [C:\Users\TEMP.Emma-PC.006\Documents]
28/08/2011 20:46 <JUNCTION> NetHood [C:\Users\TEMP.Emma-PC.006\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
28/08/2011 20:46 <JUNCTION> PrintHood [C:\Users\TEMP.Emma-PC.006\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
28/08/2011 20:46 <JUNCTION> Recent [C:\Users\TEMP.Emma-PC.006\AppData\Roaming\Microsoft\Windows\Recent]
28/08/2011 20:46 <JUNCTION> SendTo [C:\Users\TEMP.Emma-PC.006\AppData\Roaming\Microsoft\Windows\SendTo]
28/08/2011 20:46 <JUNCTION> Start Menu [C:\Users\TEMP.Emma-PC.006\AppData\Roaming\Microsoft\Windows\Start Menu]
28/08/2011 20:46 <JUNCTION> Templates [C:\Users\TEMP.Emma-PC.006\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.006\AppData\Local
28/08/2011 20:46 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.006\AppData\Local]
28/08/2011 20:46 <JUNCTION> History [C:\Users\TEMP.Emma-PC.006\AppData\Local\Microsoft\Windows\History]
28/08/2011 20:46 <JUNCTION> Temporary Internet Files [C:\Users\TEMP.Emma-PC.006\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.006\Documents
28/08/2011 20:46 <JUNCTION> My Music [C:\Users\TEMP.Emma-PC.006\Music]
28/08/2011 20:46 <JUNCTION> My Pictures [C:\Users\TEMP.Emma-PC.006\Pictures]
28/08/2011 20:46 <JUNCTION> My Videos [C:\Users\TEMP.Emma-PC.006\Videos]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.008
11/10/2011 18:55 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.008\AppData\Roaming]
11/10/2011 18:55 <JUNCTION> Cookies [C:\Users\TEMP.Emma-PC.008\AppData\Roaming\Microsoft\Windows\Cookies]
11/10/2011 18:55 <JUNCTION> Local Settings [C:\Users\TEMP.Emma-PC.008\AppData\Local]
11/10/2011 18:55 <JUNCTION> My Documents [C:\Users\TEMP.Emma-PC.008\Documents]
11/10/2011 18:55 <JUNCTION> NetHood [C:\Users\TEMP.Emma-PC.008\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
11/10/2011 18:55 <JUNCTION> PrintHood [C:\Users\TEMP.Emma-PC.008\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
11/10/2011 18:55 <JUNCTION> Recent [C:\Users\TEMP.Emma-PC.008\AppData\Roaming\Microsoft\Windows\Recent]
11/10/2011 18:55 <JUNCTION> SendTo [C:\Users\TEMP.Emma-PC.008\AppData\Roaming\Microsoft\Windows\SendTo]
11/10/2011 18:55 <JUNCTION> Start Menu [C:\Users\TEMP.Emma-PC.008\AppData\Roaming\Microsoft\Windows\Start Menu]
11/10/2011 18:55 <JUNCTION> Templates [C:\Users\TEMP.Emma-PC.008\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.008\AppData\Local
11/10/2011 18:55 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.008\AppData\Local]
11/10/2011 18:55 <JUNCTION> History [C:\Users\TEMP.Emma-PC.008\AppData\Local\Microsoft\Windows\History]
11/10/2011 18:55 <JUNCTION> Temporary Internet Files [C:\Users\TEMP.Emma-PC.008\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.008\Documents
11/10/2011 18:55 <JUNCTION> My Music [C:\Users\TEMP.Emma-PC.008\Music]
11/10/2011 18:55 <JUNCTION> My Pictures [C:\Users\TEMP.Emma-PC.008\Pictures]
11/10/2011 18:55 <JUNCTION> My Videos [C:\Users\TEMP.Emma-PC.008\Videos]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.009
16/11/2011 18:34 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.009\AppData\Roaming]
16/11/2011 18:34 <JUNCTION> Cookies [C:\Users\TEMP.Emma-PC.009\AppData\Roaming\Microsoft\Windows\Cookies]
16/11/2011 18:34 <JUNCTION> Local Settings [C:\Users\TEMP.Emma-PC.009\AppData\Local]
16/11/2011 18:34 <JUNCTION> My Documents [C:\Users\TEMP.Emma-PC.009\Documents]
16/11/2011 18:34 <JUNCTION> NetHood [C:\Users\TEMP.Emma-PC.009\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
16/11/2011 18:34 <JUNCTION> PrintHood [C:\Users\TEMP.Emma-PC.009\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
16/11/2011 18:34 <JUNCTION> Recent [C:\Users\TEMP.Emma-PC.009\AppData\Roaming\Microsoft\Windows\Recent]
16/11/2011 18:34 <JUNCTION> SendTo [C:\Users\TEMP.Emma-PC.009\AppData\Roaming\Microsoft\Windows\SendTo]
16/11/2011 18:34 <JUNCTION> Start Menu [C:\Users\TEMP.Emma-PC.009\AppData\Roaming\Microsoft\Windows\Start Menu]
16/11/2011 18:34 <JUNCTION> Templates [C:\Users\TEMP.Emma-PC.009\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.009\AppData\Local
16/11/2011 18:34 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.009\AppData\Local]
16/11/2011 18:34 <JUNCTION> History [C:\Users\TEMP.Emma-PC.009\AppData\Local\Microsoft\Windows\History]
16/11/2011 18:34 <JUNCTION> Temporary Internet Files [C:\Users\TEMP.Emma-PC.009\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.009\Documents
16/11/2011 18:34 <JUNCTION> My Music [C:\Users\TEMP.Emma-PC.009\Music]
16/11/2011 18:34 <JUNCTION> My Pictures [C:\Users\TEMP.Emma-PC.009\Pictures]
16/11/2011 18:34 <JUNCTION> My Videos [C:\Users\TEMP.Emma-PC.009\Videos]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.011
30/11/2011 21:09 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.011\AppData\Roaming]
30/11/2011 21:09 <JUNCTION> Cookies [C:\Users\TEMP.Emma-PC.011\AppData\Roaming\Microsoft\Windows\Cookies]
30/11/2011 21:09 <JUNCTION> Local Settings [C:\Users\TEMP.Emma-PC.011\AppData\Local]
30/11/2011 21:09 <JUNCTION> My Documents [C:\Users\TEMP.Emma-PC.011\Documents]
30/11/2011 21:09 <JUNCTION> NetHood [C:\Users\TEMP.Emma-PC.011\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
30/11/2011 21:09 <JUNCTION> PrintHood [C:\Users\TEMP.Emma-PC.011\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
30/11/2011 21:09 <JUNCTION> Recent [C:\Users\TEMP.Emma-PC.011\AppData\Roaming\Microsoft\Windows\Recent]
30/11/2011 21:09 <JUNCTION> SendTo [C:\Users\TEMP.Emma-PC.011\AppData\Roaming\Microsoft\Windows\SendTo]
30/11/2011 21:09 <JUNCTION> Start Menu [C:\Users\TEMP.Emma-PC.011\AppData\Roaming\Microsoft\Windows\Start Menu]
30/11/2011 21:09 <JUNCTION> Templates [C:\Users\TEMP.Emma-PC.011\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.011\AppData\Local
30/11/2011 21:09 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.011\AppData\Local]
30/11/2011 21:09 <JUNCTION> History [C:\Users\TEMP.Emma-PC.011\AppData\Local\Microsoft\Windows\History]
30/11/2011 21:09 <JUNCTION> Temporary Internet Files [C:\Users\TEMP.Emma-PC.011\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.011\Documents
30/11/2011 21:09 <JUNCTION> My Music [C:\Users\TEMP.Emma-PC.011\Music]
30/11/2011 21:09 <JUNCTION> My Pictures [C:\Users\TEMP.Emma-PC.011\Pictures]
30/11/2011 21:09 <JUNCTION> My Videos [C:\Users\TEMP.Emma-PC.011\Videos]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.012
31/12/2011 10:23 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.012\AppData\Roaming]
31/12/2011 10:23 <JUNCTION> Cookies [C:\Users\TEMP.Emma-PC.012\AppData\Roaming\Microsoft\Windows\Cookies]
31/12/2011 10:23 <JUNCTION> Local Settings [C:\Users\TEMP.Emma-PC.012\AppData\Local]
31/12/2011 10:23 <JUNCTION> My Documents [C:\Users\TEMP.Emma-PC.012\Documents]
31/12/2011 10:23 <JUNCTION> NetHood [C:\Users\TEMP.Emma-PC.012\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
31/12/2011 10:23 <JUNCTION> PrintHood [C:\Users\TEMP.Emma-PC.012\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
31/12/2011 10:23 <JUNCTION> Recent [C:\Users\TEMP.Emma-PC.012\AppData\Roaming\Microsoft\Windows\Recent]
31/12/2011 10:23 <JUNCTION> SendTo [C:\Users\TEMP.Emma-PC.012\AppData\Roaming\Microsoft\Windows\SendTo]
31/12/2011 10:23 <JUNCTION> Start Menu [C:\Users\TEMP.Emma-PC.012\AppData\Roaming\Microsoft\Windows\Start Menu]
31/12/2011 10:23 <JUNCTION> Templates [C:\Users\TEMP.Emma-PC.012\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.012\AppData\Local
31/12/2011 10:23 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.012\AppData\Local]
31/12/2011 10:23 <JUNCTION> History [C:\Users\TEMP.Emma-PC.012\AppData\Local\Microsoft\Windows\History]
31/12/2011 10:23 <JUNCTION> Temporary Internet Files [C:\Users\TEMP.Emma-PC.012\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.012\Documents
31/12/2011 10:23 <JUNCTION> My Music [C:\Users\TEMP.Emma-PC.012\Music]
31/12/2011 10:23 <JUNCTION> My Pictures [C:\Users\TEMP.Emma-PC.012\Pictures]
31/12/2011 10:23 <JUNCTION> My Videos [C:\Users\TEMP.Emma-PC.012\Videos]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.013
04/01/2012 14:35 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.013\AppData\Roaming]
04/01/2012 14:35 <JUNCTION> Cookies [C:\Users\TEMP.Emma-PC.013\AppData\Roaming\Microsoft\Windows\Cookies]
04/01/2012 14:35 <JUNCTION> Local Settings [C:\Users\TEMP.Emma-PC.013\AppData\Local]
04/01/2012 14:35 <JUNCTION> My Documents [C:\Users\TEMP.Emma-PC.013\Documents]
04/01/2012 14:35 <JUNCTION> NetHood [C:\Users\TEMP.Emma-PC.013\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
04/01/2012 14:35 <JUNCTION> PrintHood [C:\Users\TEMP.Emma-PC.013\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
04/01/2012 14:35 <JUNCTION> Recent [C:\Users\TEMP.Emma-PC.013\AppData\Roaming\Microsoft\Windows\Recent]
04/01/2012 14:35 <JUNCTION> SendTo [C:\Users\TEMP.Emma-PC.013\AppData\Roaming\Microsoft\Windows\SendTo]
04/01/2012 14:35 <JUNCTION> Start Menu [C:\Users\TEMP.Emma-PC.013\AppData\Roaming\Microsoft\Windows\Start Menu]
04/01/2012 14:35 <JUNCTION> Templates [C:\Users\TEMP.Emma-PC.013\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.013\AppData\Local
04/01/2012 14:35 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.013\AppData\Local]
04/01/2012 14:35 <JUNCTION> History [C:\Users\TEMP.Emma-PC.013\AppData\Local\Microsoft\Windows\History]
04/01/2012 14:35 <JUNCTION> Temporary Internet Files [C:\Users\TEMP.Emma-PC.013\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.013\Documents
04/01/2012 14:35 <JUNCTION> My Music [C:\Users\TEMP.Emma-PC.013\Music]
04/01/2012 14:35 <JUNCTION> My Pictures [C:\Users\TEMP.Emma-PC.013\Pictures]
04/01/2012 14:35 <JUNCTION> My Videos [C:\Users\TEMP.Emma-PC.013\Videos]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.014
27/01/2012 15:30 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.014\AppData\Roaming]
27/01/2012 15:30 <JUNCTION> Cookies [C:\Users\TEMP.Emma-PC.014\AppData\Roaming\Microsoft\Windows\Cookies]
27/01/2012 15:30 <JUNCTION> Local Settings [C:\Users\TEMP.Emma-PC.014\AppData\Local]
27/01/2012 15:30 <JUNCTION> My Documents [C:\Users\TEMP.Emma-PC.014\Documents]
27/01/2012 15:30 <JUNCTION> NetHood [C:\Users\TEMP.Emma-PC.014\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
27/01/2012 15:30 <JUNCTION> PrintHood [C:\Users\TEMP.Emma-PC.014\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
27/01/2012 15:30 <JUNCTION> Recent [C:\Users\TEMP.Emma-PC.014\AppData\Roaming\Microsoft\Windows\Recent]
27/01/2012 15:30 <JUNCTION> SendTo [C:\Users\TEMP.Emma-PC.014\AppData\Roaming\Microsoft\Windows\SendTo]
27/01/2012 15:30 <JUNCTION> Start Menu [C:\Users\TEMP.Emma-PC.014\AppData\Roaming\Microsoft\Windows\Start Menu]
27/01/2012 15:30 <JUNCTION> Templates [C:\Users\TEMP.Emma-PC.014\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.014\AppData\Local
27/01/2012 15:30 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.014\AppData\Local]
27/01/2012 15:30 <JUNCTION> History [C:\Users\TEMP.Emma-PC.014\AppData\Local\Microsoft\Windows\History]
27/01/2012 15:30 <JUNCTION> Temporary Internet Files [C:\Users\TEMP.Emma-PC.014\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.014\Documents
27/01/2012 15:30 <JUNCTION> My Music [C:\Users\TEMP.Emma-PC.014\Music]
27/01/2012 15:30 <JUNCTION> My Pictures [C:\Users\TEMP.Emma-PC.014\Pictures]
27/01/2012 15:30 <JUNCTION> My Videos [C:\Users\TEMP.Emma-PC.014\Videos]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.015
03/02/2012 18:41 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.015\AppData\Roaming]
03/02/2012 18:41 <JUNCTION> Cookies [C:\Users\TEMP.Emma-PC.015\AppData\Roaming\Microsoft\Windows\Cookies]
03/02/2012 18:41 <JUNCTION> Local Settings [C:\Users\TEMP.Emma-PC.015\AppData\Local]
03/02/2012 18:41 <JUNCTION> My Documents [C:\Users\TEMP.Emma-PC.015\Documents]
03/02/2012 18:41 <JUNCTION> NetHood [C:\Users\TEMP.Emma-PC.015\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/02/2012 18:41 <JUNCTION> PrintHood [C:\Users\TEMP.Emma-PC.015\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/02/2012 18:41 <JUNCTION> Recent [C:\Users\TEMP.Emma-PC.015\AppData\Roaming\Microsoft\Windows\Recent]
03/02/2012 18:41 <JUNCTION> SendTo [C:\Users\TEMP.Emma-PC.015\AppData\Roaming\Microsoft\Windows\SendTo]
03/02/2012 18:41 <JUNCTION> Start Menu [C:\Users\TEMP.Emma-PC.015\AppData\Roaming\Microsoft\Windows\Start Menu]
03/02/2012 18:41 <JUNCTION> Templates [C:\Users\TEMP.Emma-PC.015\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.015\AppData\Local
03/02/2012 18:41 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.015\AppData\Local]
03/02/2012 18:41 <JUNCTION> History [C:\Users\TEMP.Emma-PC.015\AppData\Local\Microsoft\Windows\History]
03/02/2012 18:41 <JUNCTION> Temporary Internet Files [C:\Users\TEMP.Emma-PC.015\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.015\Documents
03/02/2012 18:41 <JUNCTION> My Music [C:\Users\TEMP.Emma-PC.015\Music]
03/02/2012 18:41 <JUNCTION> My Pictures [C:\Users\TEMP.Emma-PC.015\Pictures]
03/02/2012 18:41 <JUNCTION> My Videos [C:\Users\TEMP.Emma-PC.015\Videos]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.016
14/02/2012 11:27 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.016\AppData\Roaming]
14/02/2012 11:27 <JUNCTION> Cookies [C:\Users\TEMP.Emma-PC.016\AppData\Roaming\Microsoft\Windows\Cookies]
14/02/2012 11:27 <JUNCTION> Local Settings [C:\Users\TEMP.Emma-PC.016\AppData\Local]
14/02/2012 11:27 <JUNCTION> My Documents [C:\Users\TEMP.Emma-PC.016\Documents]
14/02/2012 11:27 <JUNCTION> NetHood [C:\Users\TEMP.Emma-PC.016\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
14/02/2012 11:27 <JUNCTION> PrintHood [C:\Users\TEMP.Emma-PC.016\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14/02/2012 11:27 <JUNCTION> Recent [C:\Users\TEMP.Emma-PC.016\AppData\Roaming\Microsoft\Windows\Recent]
14/02/2012 11:27 <JUNCTION> SendTo [C:\Users\TEMP.Emma-PC.016\AppData\Roaming\Microsoft\Windows\SendTo]
14/02/2012 11:27 <JUNCTION> Start Menu [C:\Users\TEMP.Emma-PC.016\AppData\Roaming\Microsoft\Windows\Start Menu]
14/02/2012 11:27 <JUNCTION> Templates [C:\Users\TEMP.Emma-PC.016\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.016\AppData\Local
14/02/2012 11:27 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.016\AppData\Local]
14/02/2012 11:27 <JUNCTION> History [C:\Users\TEMP.Emma-PC.016\AppData\Local\Microsoft\Windows\History]
14/02/2012 11:27 <JUNCTION> Temporary Internet Files [C:\Users\TEMP.Emma-PC.016\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.016\Documents
14/02/2012 11:27 <JUNCTION> My Music [C:\Users\TEMP.Emma-PC.016\Music]
14/02/2012 11:27 <JUNCTION> My Pictures [C:\Users\TEMP.Emma-PC.016\Pictures]
14/02/2012 11:27 <JUNCTION> My Videos [C:\Users\TEMP.Emma-PC.016\Videos]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.017
07/03/2012 13:45 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.017\AppData\Roaming]
07/03/2012 13:45 <JUNCTION> Cookies [C:\Users\TEMP.Emma-PC.017\AppData\Roaming\Microsoft\Windows\Cookies]
07/03/2012 13:45 <JUNCTION> Local Settings [C:\Users\TEMP.Emma-PC.017\AppData\Local]
07/03/2012 13:45 <JUNCTION> My Documents [C:\Users\TEMP.Emma-PC.017\Documents]
07/03/2012 13:45 <JUNCTION> NetHood [C:\Users\TEMP.Emma-PC.017\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/03/2012 13:45 <JUNCTION> PrintHood [C:\Users\TEMP.Emma-PC.017\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/03/2012 13:45 <JUNCTION> Recent [C:\Users\TEMP.Emma-PC.017\AppData\Roaming\Microsoft\Windows\Recent]
07/03/2012 13:45 <JUNCTION> SendTo [C:\Users\TEMP.Emma-PC.017\AppData\Roaming\Microsoft\Windows\SendTo]
07/03/2012 13:45 <JUNCTION> Start Menu [C:\Users\TEMP.Emma-PC.017\AppData\Roaming\Microsoft\Windows\Start Menu]
07/03/2012 13:45 <JUNCTION> Templates [C:\Users\TEMP.Emma-PC.017\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.017\AppData\Local
07/03/2012 13:45 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.017\AppData\Local]
07/03/2012 13:45 <JUNCTION> History [C:\Users\TEMP.Emma-PC.017\AppData\Local\Microsoft\Windows\History]
07/03/2012 13:45 <JUNCTION> Temporary Internet Files [C:\Users\TEMP.Emma-PC.017\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.017\Documents
07/03/2012 13:45 <JUNCTION> My Music [C:\Users\TEMP.Emma-PC.017\Music]
07/03/2012 13:45 <JUNCTION> My Pictures [C:\Users\TEMP.Emma-PC.017\Pictures]
07/03/2012 13:45 <JUNCTION> My Videos [C:\Users\TEMP.Emma-PC.017\Videos]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.018
10/04/2012 21:37 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.018\AppData\Roaming]
10/04/2012 21:37 <JUNCTION> Cookies [C:\Users\TEMP.Emma-PC.018\AppData\Roaming\Microsoft\Windows\Cookies]
10/04/2012 21:37 <JUNCTION> Local Settings [C:\Users\TEMP.Emma-PC.018\AppData\Local]
10/04/2012 21:37 <JUNCTION> My Documents [C:\Users\TEMP.Emma-PC.018\Documents]
10/04/2012 21:37 <JUNCTION> NetHood [C:\Users\TEMP.Emma-PC.018\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/04/2012 21:37 <JUNCTION> PrintHood [C:\Users\TEMP.Emma-PC.018\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/04/2012 21:37 <JUNCTION> Recent [C:\Users\TEMP.Emma-PC.018\AppData\Roaming\Microsoft\Windows\Recent]
10/04/2012 21:37 <JUNCTION> SendTo [C:\Users\TEMP.Emma-PC.018\AppData\Roaming\Microsoft\Windows\SendTo]
10/04/2012 21:37 <JUNCTION> Start Menu [C:\Users\TEMP.Emma-PC.018\AppData\Roaming\Microsoft\Windows\Start Menu]
10/04/2012 21:37 <JUNCTION> Templates [C:\Users\TEMP.Emma-PC.018\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.018\AppData\Local
10/04/2012 21:37 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.018\AppData\Local]
10/04/2012 21:37 <JUNCTION> History [C:\Users\TEMP.Emma-PC.018\AppData\Local\Microsoft\Windows\History]
10/04/2012 21:37 <JUNCTION> Temporary Internet Files [C:\Users\TEMP.Emma-PC.018\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.018\Documents
10/04/2012 21:37 <JUNCTION> My Music [C:\Users\TEMP.Emma-PC.018\Music]
10/04/2012 21:37 <JUNCTION> My Pictures [C:\Users\TEMP.Emma-PC.018\Pictures]
10/04/2012 21:37 <JUNCTION> My Videos [C:\Users\TEMP.Emma-PC.018\Videos]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.019
16/04/2012 07:01 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.019\AppData\Roaming]
16/04/2012 07:01 <JUNCTION> Cookies [C:\Users\TEMP.Emma-PC.019\AppData\Roaming\Microsoft\Windows\Cookies]
16/04/2012 07:01 <JUNCTION> Local Settings [C:\Users\TEMP.Emma-PC.019\AppData\Local]
16/04/2012 07:01 <JUNCTION> My Documents [C:\Users\TEMP.Emma-PC.019\Documents]
16/04/2012 07:01 <JUNCTION> NetHood [C:\Users\TEMP.Emma-PC.019\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
16/04/2012 07:01 <JUNCTION> PrintHood [C:\Users\TEMP.Emma-PC.019\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
16/04/2012 07:01 <JUNCTION> Recent [C:\Users\TEMP.Emma-PC.019\AppData\Roaming\Microsoft\Windows\Recent]
16/04/2012 07:01 <JUNCTION> SendTo [C:\Users\TEMP.Emma-PC.019\AppData\Roaming\Microsoft\Windows\SendTo]
16/04/2012 07:01 <JUNCTION> Start Menu [C:\Users\TEMP.Emma-PC.019\AppData\Roaming\Microsoft\Windows\Start Menu]
16/04/2012 07:01 <JUNCTION> Templates [C:\Users\TEMP.Emma-PC.019\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.019\AppData\Local
16/04/2012 07:01 <JUNCTION> Application Data [C:\Users\TEMP.Emma-PC.019\AppData\Local]
16/04/2012 07:01 <JUNCTION> History [C:\Users\TEMP.Emma-PC.019\AppData\Local\Microsoft\Windows\History]
16/04/2012 07:01 <JUNCTION> Temporary Internet Files [C:\Users\TEMP.Emma-PC.019\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\TEMP.Emma-PC.019\Documents
16/04/2012 07:01 <JUNCTION> My Music [C:\Users\TEMP.Emma-PC.019\Music]
16/04/2012 07:01 <JUNCTION> My Pictures [C:\Users\TEMP.Emma-PC.019\Pictures]
16/04/2012 07:01 <JUNCTION> My Videos [C:\Users\TEMP.Emma-PC.019\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile
25/11/2008 13:25 <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
25/11/2008 13:25 <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
25/11/2008 13:25 <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
25/11/2008 13:25 <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
25/11/2008 13:25 <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
294 Dir(s) 78,594,002,944 bytes free

========== Alternate Data Streams ==========

@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:2F4A0A6B
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:55422315

< End of report >
  • 0

#4
Nutloaf
Posted 01 September 2013 - 02:34 PM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hi there thanks for the OTL logs. Can you also post the ADWcleaner log and Security Check :thumbsup: Once I have those 2 logs I can crack on with my next post for you :)
  • 0

#5
soclueless
Posted 01 September 2013 - 02:35 PM

soclueless

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
# AdwCleaner v3.002 - Report created 01/09/2013 at 21:29:41
# Updated 01/09/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Emma - EMMA-PC
# Running from : C:\Users\Emma\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\\invalidprefs.js
File Found : C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\searchplugins\Babylon.xml
File Found : C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\user.js
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\Trymedia
Folder Found C:\Users\Emma\AppData\Local\PackageAware
Folder Found C:\Users\Emma\AppData\Roaming\BabSolution
Folder Found C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\Conduit

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\Delta
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\Software\Delta
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Product Found : Google Update Helper

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6002.18005

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=6EDB00225F49235A&affID=120695&tsp=4955

-\\ Mozilla Firefox v23.0.1 (en-GB)

[ File : C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\prefs.js ]

Line Found : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Found : user_pref("CT2438727.CTID", "CT2438727");
Line Found : user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0");
Line Found : user_pref("CT2438727.CurrentServerDate", "17-11-2010");
Line Found : user_pref("CT2438727.DialogsAlignMode", "LTR");
Line Found : user_pref("CT2438727.DownloadReferralCookieData", "");
Line Found : user_pref("CT2438727.FirstServerDate", "3-11-2010");
Line Found : user_pref("CT2438727.FirstTime", true);
Line Found : user_pref("CT2438727.FirstTimeFF3", true);
Line Found : user_pref("CT2438727.FirstTimeSettingsDone", true);
Line Found : user_pref("CT2438727.FixPageNotFoundErrors", true);
Line Found : user_pref("CT2438727.GroupingInvalidateCache", false);
Line Found : user_pref("CT2438727.GroupingLastCheckTime", "0");
Line Found : user_pref("CT2438727.GroupingLastServerUpdateTime", "0");
Line Found : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Line Found : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Found : user_pref("CT2438727.Initialize", true);
Line Found : user_pref("CT2438727.InitializeCommonPrefs", true);
Line Found : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3);
Line Found : user_pref("CT2438727.InstalledDate", "Wed Nov 03 2010 16:39:15 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2438727.InvalidateCache", false);
Line Found : user_pref("CT2438727.IsGrouping", false);
Line Found : user_pref("CT2438727.IsMulticommunity", false);
Line Found : user_pref("CT2438727.IsOpenThankYouPage", true);
Line Found : user_pref("CT2438727.IsOpenUninstallPage", true);
Line Found : user_pref("CT2438727.LanguagePackLastCheckTime", "Wed Nov 17 2010 09:59:22 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Line Found : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Found : user_pref("CT2438727.LastLogin_2.7.1.3", "Wed Nov 17 2010 21:12:36 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2438727.LatestVersion", "2.7.1.3");
Line Found : user_pref("CT2438727.Locale", "en");
Line Found : user_pref("CT2438727.LoginCache", 4);
Line Found : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Line Found : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Found : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Line Found : user_pref("CT2438727.RadioLastCheckTime", "0");
Line Found : user_pref("CT2438727.RadioLastUpdateIPServer", "0");
Line Found : user_pref("CT2438727.RadioLastUpdateServer", "0");
Line Found : user_pref("CT2438727.SearchBoxWidth", 211);
Line Found : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2438727&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Found : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Line Found : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&q=");
Line Found : user_pref("CT2438727.SearchInNewTabEnabled", true);
Line Found : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Line Found : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Wed Nov 17 2010 09:58:57 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT2438727.SearchInNewTabUserEnabled", false);
Line Found : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Line Found : user_pref("CT2438727.SettingsLastCheckTime", "Wed Nov 17 2010 21:12:36 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2438727.SettingsLastUpdate", "1287517459");
Line Found : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Line Found : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Wed Nov 03 2010 16:39:13 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1246790578");
Line Found : user_pref("CT2438727.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
Line Found : user_pref("CT2438727.UserID", "UN41705849267640116");
Line Found : user_pref("CT2438727.ValidationData_Toolbar", 2);
Line Found : user_pref("CT2438727.alertChannelId", "832836");
Line Found : user_pref("CT2438727.backendstorage.currentgame", "706F6B6572");
Line Found : user_pref("CT2438727.clientLogIsEnabled", true);
Line Found : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Found : user_pref("CT2438727.myStuffEnabled", true);
Line Found : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Line Found : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Found : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Line Found : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Found : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1249595/1245268/UK", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/832836/828639/UK", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/UK", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2857573", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "MUj9hNyEiPxkVQ8Q8IYZ6A==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "ZF/VZo7UyQBp8ghNNzhnSQ==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "+RsYuZ9IN1smka6Zuggr5w==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "t6SQZ7j9WsBHhE8zC0kAEQ==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.0.19", "\"0d291c3f9a7cb1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.0.19", "\"0d291c3f9a7cb1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2857573", "\"634289840782570000\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634293235860000000");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2857573/CT2857573", "\"1294152330\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634292354593700000\"");
Line Found : user_pref("CommunityToolbar.EngineOwner", "");
Line Found : user_pref("CommunityToolbar.EngineOwnerGuid", "");
Line Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "");
Line Found : user_pref("CommunityToolbar.IsEngineShown", true);
Line Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line Found : user_pref("CommunityToolbar.OriginalEngineOwner", "");
Line Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");
Line Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");
Line Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://uk.search.yahoo.com/search?fr=mcafee&p=");
Line Found : user_pref("CommunityToolbar.ToolbarsList", "CT2438727");
Line Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727");
Line Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Line Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Jan 04 2011 16:28:40 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Found : user_pref("CommunityToolbar.alert.locale", "en");
Line Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Jan 04 2011 16:28:31 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
Line Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Found : user_pref("CommunityToolbar.alert.userId", "{f412aa28-621c-41d1-ab30-935c5a5b8eb8}");
Line Found : user_pref("CommunityToolbar.globalUserId", "acb6581f-9bd8-414f-88c5-70c6b5a68ae7");
Line Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Found : user_pref("extensions.delta.admin", false);
Line Found : user_pref("extensions.delta.aflt", "babsst");
Line Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Found : user_pref("extensions.delta.autoRvrt", "false");
Line Found : user_pref("extensions.delta.dfltLng", "en");
Line Found : user_pref("extensions.delta.excTlbr", false);
Line Found : user_pref("extensions.delta.ffxUnstlRst", true);
Line Found : user_pref("extensions.delta.id", "6edb0b0a00000000000000225f49235a");
Line Found : user_pref("extensions.delta.instlDay", "15912");
Line Found : user_pref("extensions.delta.instlRef", "sst");
Line Found : user_pref("extensions.delta.newTab", false);
Line Found : user_pref("extensions.delta.prdct", "delta");
Line Found : user_pref("extensions.delta.prtnrId", "delta");
Line Found : user_pref("extensions.delta.rvrt", "false");
Line Found : user_pref("extensions.delta.smplGrp", "none");
Line Found : user_pref("extensions.delta.tlbrId", "base");
Line Found : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Found : user_pref("extensions.delta.vrsn", "1.8.22.0");
Line Found : user_pref("extensions.delta.vrsnTs", "1.8.22.023:44:30");
Line Found : user_pref("extensions.delta.vrsni", "1.8.22.0");
Line Found : user_pref("extensions.delta_i.babExt", "");
Line Found : user_pref("extensions.delta_i.babTrack", "affID=120695&tsp=4955");
Line Found : user_pref("extensions.delta_i.srcExt", "ss");

-\\ Google Chrome v

[ File : C:\Users\Emma\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [14229 octets] - [01/09/2013 21:29:41]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [14290 octets] ##########
  • 0

#6
soclueless
Posted 01 September 2013 - 02:43 PM

soclueless

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Results of screen317's Security Check version 0.99.73
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
McAfee Anti-Virus and Anti-Spyware
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java™ 6 Update 24
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.8.800.94
Adobe Reader 10.1.4 Adobe Reader out of Date!
Mozilla Firefox (23.0.1)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 5 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
  • 0

#7
soclueless
Posted 01 September 2013 - 02:47 PM

soclueless

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Also every time i try to open facebook firefox freezes, the laptop freezes and i have to hold down power to do a shutdown. this only happens when opening facebook which is why i thought it might be worth mentioning.
  • 0

#8
Nutloaf
Posted 01 September 2013 - 02:52 PM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Thanks for those Socluless. There is quite a bit to remove, I will prepare my next post for you. The next reply will be with you tomorrow as the first OTL scan takes some time to look over :)

Facebook freezing is probably due to the infections that are on your machine. Thanks for mentioning that every bit of information helps.

Speak soon - Nutloaf
  • 0

#9
Nutloaf
Posted 02 September 2013 - 08:16 AM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hi there soclueless.

I notice from the logs that there has been some P2P use. Limewire and Bearshare are present in the Firewall entries. I know you haven't those programs installed (good news!) but they are the best and most efficient way to get infected. Please steer clear of any P2P program, particulary when I'm cleaning the PC as this can cause reinfection. I will clear those from the Firewall in a later post which is why it's important to see this through to my close post :thumbsup:

Did you install the Wallpaper Changer program? I couldn't find much information on this program (bad sign) and is not needed. You can use your own pictures and have them changed automatically in Vista. Let me know if you want me to show you how to do this after cleanning. For now I would uninstall this program. Skip step 1 if you are keeping it but give me some info on it.

Let's remove some nasties then, please follow in the order given:


1. Uninstall

  • Click Start then select Control Panel
  • In control panel click Uninstall a Program or Programs and Features and uninstall the following:
  • Wallpaper Changer

2. OTL Fix
  • Right click the OTL icon and select Run as Administrator.
  • Copy the entire text in the Quote box below, do not include the word QUOTE and Paste into the Custom Scans/Fixes box in OTL.


    :COMMANDS
    [CREATERESTOREPOINT]

    :OTL
    IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://uk.search.yah...p={searchTerms}
    IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-se...120695&tsp=4955
    IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
    IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\..\SearchScopes\{B95C1320-1397-4D87-8DD0-70C887D09DFD}: "URL" = http://www.google.co...&rlz=1I7DKUK_en
    IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-se...120695&tsp=4955
    IE - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{6B0F28E7-3D48-4432-8138-EBDD51883375}: C:\Users\Emma\AppData\Local\{6B0F28E7-3D48-4432-8138-EBDD51883375}
    [2013/07/26 23:50:33 | 000,000,000 | ---D | M] (TopArcadeHits) -- C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}
    [2013/07/26 23:44:10 | 000,006,507 | ---- | M] () -- C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\searchplugins\babylon.xml

    O2 - BHO: (TopArcadeHits Games) - {A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} - C:\Users\Emma\AppData\Local\TopArcadeHits\Toparcadehits.dll ()
    O15 - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\..Trusted Domains: localhost ([]http in Local intranet)
    O15 - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\..Trusted Ranges: GD ([http] in Local intranet)
    O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Bejeweled%203/Images/armhelper.ocx (Reg Error: Key error.)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
    O37 - HKU\S-1-5-21-3381084808-643164800-2343077201-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found

    [2013/09/01 18:48:34 | 000,000,260 | ---- | M] () -- C:\Windows\tasks\TopArcadeHits.job
    [2013/08/28 22:22:50 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\BabSolution
    [2013/05/20 21:58:28 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\FlvtoConverter

    :FILES
    C:\Users\Emma\AppData\Local\TopArcadeHits

    :COMMANDS
    [EMPTYTEMP]

  • Then click Run Fix
  • Click O.K to Reboot.
  • An OTL fix log will be saved in the following location: C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log - Where mmddyyy _hhmmss is the date and time of fix.
  • Copy and Paste the Fix Log in your next reply.

3. Run ADWcleaner

  • Right click ADWcleaner and Run as Administrator then select Search
  • The search will complete and a log produced I do not need to see this log.
  • Back to ADWcleaner and click Delete and O.K to remove malware.
  • A reboot will be asked for click O.K
  • On reboot click Report. Please post this report in your next reply.

4. Junkware Removal Tool
Posted Image 1. Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Right-mouse click JRT.exe and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply.

Things I want to see in your next post.

  • OTL fix.txt
  • ADWcleaner report
  • JRT.txt

  • 0

#10
soclueless
Posted 02 September 2013 - 01:45 PM

soclueless

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
I didnt download the wallpaper program, i've uninstaled it now.

OTL log:

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-3381084808-643164800-2343077201-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ not found.
HKEY_USERS\S-1-5-21-3381084808-643164800-2343077201-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3381084808-643164800-2343077201-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-3381084808-643164800-2343077201-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_USERS\S-1-5-21-3381084808-643164800-2343077201-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B95C1320-1397-4D87-8DD0-70C887D09DFD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B95C1320-1397-4D87-8DD0-70C887D09DFD}\ not found.
HKU\S-1-5-21-3381084808-643164800-2343077201-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-3381084808-643164800-2343077201-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{6B0F28E7-3D48-4432-8138-EBDD51883375} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6B0F28E7-3D48-4432-8138-EBDD51883375}\ not found.
File C:\Users\Emma\AppData\Local\{6B0F28E7-3D48-4432-8138-EBDD51883375} not found.
C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}\skin folder moved successfully.
C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome\content folder moved successfully.
C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome folder moved successfully.
C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3} folder moved successfully.
C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\searchplugins\babylon.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA}\ deleted successfully.
C:\Users\Emma\AppData\Local\TopArcadeHits\Toparcadehits.dll moved successfully.
Registry key HKEY_USERS\S-1-5-21-3381084808-643164800-2343077201-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3381084808-643164800-2343077201-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully.
File D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Bejeweled%203/Images/armhelper.ocx not found.
Starting removal of ActiveX control {CC450D71-CC90-424C-8638-1F2DBAC87A54}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CC450D71-CC90-424C-8638-1F2DBAC87A54}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CC450D71-CC90-424C-8638-1F2DBAC87A54}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC450D71-CC90-424C-8638-1F2DBAC87A54}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CC450D71-CC90-424C-8638-1F2DBAC87A54}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC450D71-CC90-424C-8638-1F2DBAC87A54}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_USERS\S-1-5-21-3381084808-643164800-2343077201-1000_Classes\.exe\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3381084808-643164800-2343077201-1000_Classes\exefile\ deleted successfully.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
C:\Windows\Tasks\TopArcadeHits.job moved successfully.
C:\Users\Emma\AppData\Roaming\BabSolution\Shared folder moved successfully.
C:\Users\Emma\AppData\Roaming\BabSolution folder moved successfully.
C:\Users\Emma\AppData\Roaming\FlvtoConverter\temp folder moved successfully.
C:\Users\Emma\AppData\Roaming\FlvtoConverter\preview folder moved successfully.
C:\Users\Emma\AppData\Roaming\FlvtoConverter\customize folder moved successfully.
C:\Users\Emma\AppData\Roaming\FlvtoConverter folder moved successfully.
========== FILES ==========
C:\Users\Emma\AppData\Local\TopArcadeHits folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: Emma
->Temp folder emptied: 636601615 bytes
->Temporary Internet Files folder emptied: 33459150 bytes
->Java cache emptied: 256934 bytes
->FireFox cache emptied: 186312860 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 60635 bytes

User: Guest
->Temp folder emptied: 32193844 bytes
->Temporary Internet Files folder emptied: 93012455 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 379915362 bytes
->Flash cache emptied: 1392 bytes

User: Public
->Temp folder emptied: 0 bytes

User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: TEMP.Emma-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: TEMP.Emma-PC.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: TEMP.Emma-PC.001
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: TEMP.Emma-PC.002
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: TEMP.Emma-PC.003
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: TEMP.Emma-PC.004

User: TEMP.Emma-PC.005
->Temp folder emptied: 31832 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: TEMP.Emma-PC.006
->Temp folder emptied: 31832 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: TEMP.Emma-PC.007

User: TEMP.Emma-PC.008
->Temp folder emptied: 32214 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: TEMP.Emma-PC.009
->Temp folder emptied: 31832 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: TEMP.Emma-PC.010
->Temp folder emptied: 31832 bytes
->Temporary Internet Files folder emptied: 32768 bytes
->FireFox cache emptied: 0 bytes

User: TEMP.Emma-PC.011
->Temp folder emptied: 31832 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: TEMP.Emma-PC.012
->Temp folder emptied: 31832 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: TEMP.Emma-PC.013
->Temp folder emptied: 31832 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: TEMP.Emma-PC.014
->Temp folder emptied: 31832 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: TEMP.Emma-PC.015
->Temp folder emptied: 31832 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: TEMP.Emma-PC.016
->Temp folder emptied: 31832 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: TEMP.Emma-PC.017
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: TEMP.Emma-PC.018
->Temp folder emptied: 31832 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: TEMP.Emma-PC.019
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1997546849 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 31832 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 9900880304 bytes

Total Files Cleaned = 12,647.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 09022013_203422

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

Advertisements

#11
soclueless
Posted 02 September 2013 - 02:02 PM

soclueless

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
oops i closed the report before i had copied it, is it saved somewhere or should i run anoter scan? sorry..
  • 0

#12
Nutloaf
Posted 02 September 2013 - 02:18 PM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Yes there is a report saved in the following location:
C:\AdwCleaner\AdwCleaner[R1].txt

Any problems with this just ask :)
  • 0

#13
soclueless
Posted 02 September 2013 - 02:45 PM

soclueless

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.7 (09.01.2013:1)
OS: Windows Vista ™ Home Premium x86
Ran by Emma on 02/09/2013 at 21:05:38.84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Emma\AppData\Roaming\microsoft\windows\start menu\programs\toparcadehits"
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{00DC77C0-EC11-48A4-8DC0-A9FE666FE420}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{01CDD45C-2793-4378-B9D1-C4692EC4058C}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{02B9165F-8917-4391-BC47-2EF1F9D0E7F4}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{02F57FD5-2BB4-4858-AED7-675D0CAA0CF5}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{037CFBB5-C632-4E1B-A805-9AD182B8C76F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{045F83C8-50AD-4171-B5C1-CFF8C14B3209}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{048B4981-C2CC-4909-834B-481F9DF57C84}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{05B34356-75DE-4EE9-B5E2-6DD4249AA757}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{06255BA9-F5F8-4184-8D75-A2333B72C3B1}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{06861CE1-0B52-48B3-8E9A-68982C474C9C}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{06DF7049-33BF-470B-8619-DE713BF5C01D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{0809865B-9A65-4C64-80D3-2035E6AEDF1A}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{08C5994D-96F7-4841-9EEC-9669FE6DA386}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{09B88CB8-8635-44DE-9A8C-EEE196F8443B}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{0AAAA829-4BDB-4229-A5E4-E7152234BCFA}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{0B412C6F-CE31-427A-8727-3624C1076E2D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{0B756DD3-3E68-4E51-9810-841633B37AF1}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{0BBAE775-1C3B-4562-95CD-B47EEEFC84E5}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{0E1D9CB0-4C1C-44AF-A8F4-3D98CEF46AD5}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{0EBDEFC3-F969-49AB-BBD7-AF8D78C98A34}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{0F41FDFD-40E1-400C-A453-8986B327222B}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{10C408A0-A646-443D-84FC-5ACF7729A5F8}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{110B8CD5-FD36-4AF3-A137-ED2E00381C34}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{120D3258-B3F3-4217-BBD6-1E6851A7B408}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{12DE03F6-81E9-41F6-B10B-CE2C8FA7904D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{14C0A916-4BAF-4B9B-A992-BB23890F9765}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{1586726A-8578-4A65-BB78-2D4C393314EB}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{164F7198-0594-403B-870C-24752E528185}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{187E8112-950A-459A-A8EB-A54740C66E0B}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{192395C9-9025-4804-BE73-5CF3BA79FED4}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{1AB3B350-ED00-4940-91AE-2A6D59AAE1C5}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{1C1A2ADD-D6B7-466B-8D95-5DBCFE59D29A}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{1C433320-4644-454D-8B39-C84EE07C4225}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{1C586431-D402-4600-A3E8-87DA19933AA0}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{1E3334E4-C93E-4B1A-A20E-CCF7F9E05710}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{1E3B2707-BE14-4C60-87F0-DB4CCA97DA99}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{1E848619-875C-4F2C-B04E-F7318D6D5326}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{1F70DB94-BEB3-4440-AF00-3D92CC2D1B64}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{2039A684-C771-4DC1-B8BE-6E5DDC5DE480}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{20D1F565-5FFC-43D6-A9C8-CB7F41827621}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{21E973DE-E60F-4833-A102-2F2063BEFF96}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{22F8B437-8E03-4C54-9AB1-61E5731E1485}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{2303347A-CDE3-4279-99E3-8A7D354690A3}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{23435551-D51A-4B78-AD8A-6A3FF420FDD5}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{24220363-4E18-4B0C-BDD1-200B4F05D9BB}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{255CD5CA-A0A5-4084-B3BB-9DFDD9219393}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{255F1A5B-8274-48A2-B31D-A9EB2C0E266E}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{256157A5-9F29-4474-8FB3-29F303DA6F01}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{25EDEF82-FF6C-4EE5-8011-4464D467A659}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{280F3480-9DE4-4B0C-9CFC-DBE4EA292F73}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{2885049A-2CF2-4CD5-A755-BCB173EA349D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{28F31A34-5C65-450A-9F82-8E671DFF8E75}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{29EC2458-92B1-463B-930E-FC0B5884B971}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{29ED669F-2F4C-47CC-8AC6-7D5AFB13B39A}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{2A174E56-8F65-4CDB-A44F-EB8762F2D610}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{2A77054D-99E5-4B62-8AD2-D288EDCFDB08}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{2B4857AD-023E-466E-991E-77D41B480E94}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{2BED958A-0BDF-43E6-B000-F9D5214BF1AD}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{2CE10D51-6B49-41B1-A670-50D16C1DC4D9}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{2CE6CA44-3BA0-46DE-8F74-CF7930078F82}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{2D212347-35C0-437E-BA8D-249DA6C4421B}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{2EC3E1E9-673E-4B10-9218-9141BA7E07BC}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{30457D25-FF7B-4A63-97A6-CE5E47F32C6D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{30EFDC84-FC1C-425D-B279-3015454E09E6}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{30F82DC6-7D35-41D8-96EE-5434A54C3D71}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{31191D41-D5D9-4B0B-9958-DEBA401D49C3}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{315AD208-7B03-40FA-A72C-9CA8E7D24E27}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{3160CD41-85F6-4BF3-96FC-90E02A657446}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{31F3FBC7-C3DE-4EF5-BDE5-8D8F57C82BE2}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{332B7D85-2DF0-4B7E-A62F-46BF1748B3C4}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{34E1D692-E7A0-49C6-92F8-EBDC8747941D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{3568BD6C-07F6-4440-A6DD-8702B8DB0FE4}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{363B0AE2-74E5-4B0C-ABB3-6837B609CD37}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{367A0BCF-11BA-4046-BEAE-62CDD52FC7AC}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{36E6674E-BE16-4D8D-A6F6-D9D2AF594B7D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{374D8A55-58DC-495D-852E-E22B596EE0A5}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{38373F58-54B4-4A45-8EF7-CE5601E16BD4}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{39A2AF03-C072-4551-A444-58C3CCCA3B98}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{3AB759EB-6AF9-4662-84F6-136F1CF3BE40}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{3B1FC2A3-E4FE-4681-9CDB-488CBA5950AE}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{3B93169D-2738-41DE-A9C3-D0F55E9F0ED3}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{3C259F5D-665D-40EE-B739-ECE36CC758ED}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{3C903ACA-1830-4979-BDB4-F2C22593EACA}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{3CBC9C3A-B892-460B-A356-36961BF914BA}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{3CF2E757-A28E-47BC-9E76-A316561079A0}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{3D29FA18-E65E-42DC-BE6D-F44AA5D2F7D2}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{3DC8A4FF-CB91-4A89-BFB1-40469387943D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{3E395B8E-6C39-4952-A03E-118D18042ED1}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{3F3FDD2A-00F9-4E10-9955-C51709148BD5}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{40200B17-8464-4820-A32A-9BDA2ADE6C5D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{4167E0E0-B509-428F-B6FB-52ECBF2B1857}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{41B980F0-4E81-4C4C-95EB-E1ECB8008969}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{4237626D-D587-45D6-BDE2-BC861E6D088F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{43AC5025-8C37-441F-AE6C-0C59184B532D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{44A55EF6-D889-42F7-BE4F-85DF9E2A6F73}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{45283E03-15A2-4C4A-B3CF-D4F9BC4F1046}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{4619F253-C24C-41B5-A47A-DB4269FEBF66}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{47C8BDEA-4AE4-442A-895A-35B99E981B15}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{47DDCE9A-BAC2-459C-A335-250535EF84B6}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{4813B0EF-87A4-4F76-AC13-CFDB8563416E}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{483FCCBB-FE92-4654-951F-DB5136FFFA44}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{48480B2C-78DB-479C-BE2D-C801FB124369}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{4852FD33-BBDC-40A5-AB23-E48F5D72010C}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{493F6C7C-1066-49FC-889B-E57DE6BB82BB}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{49DD7445-8CDA-49B1-BF33-9EF0E8127176}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{49FE2245-EB1A-4D33-A40F-F861223ACDDB}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{4AE2CFB1-18DC-44DD-807E-9935034EE9D0}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{4B233DE2-F86F-43A7-99C4-A2A31CF2F292}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{4B30C007-9905-4B75-BF16-8911EE468799}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{4B5B2B33-C539-4D9D-B721-F64BB921FC1E}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{4C9034DF-654B-4BA1-90B9-39C864478B62}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{4E90066A-743A-4AD7-8034-019CA9E8B371}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{4F343039-D7B0-4302-86DA-C797F4FD4D51}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{4F3A432A-7EB1-4DE0-A859-9C499D06ADEC}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{4F8066EB-3917-4BD7-A539-86F8A1AEE42D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{4FC3AEE5-7689-440C-A897-834F4D085724}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{512AD6C6-1BE4-4080-B3B9-F8D6BCC28673}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{514D0782-8E97-44F1-A2D7-FB0FD147D14E}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{51F0B2E6-E5D2-41ED-B27C-49AF31AD3C77}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{53C248BD-9501-42BE-A871-08DFACCD9359}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{53F88F9A-5E4A-4EF7-AE04-D8AF0F7B1EEA}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{5470C48A-7BDE-42D6-AF72-8FBEFCEE4532}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{564BDAC1-7E62-4542-9FD9-1518458E5CE9}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{5658B3CF-472C-492C-B7B1-0D0D75EC9D6F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{56855A50-FBEC-491A-A12A-41FE6DE075F0}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{575A6CED-801D-4AFE-9873-F9D723BB30E7}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{592EF29B-36A9-45C2-8343-DDF842509F39}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{596AAE29-8305-4AD1-845E-0236A631D300}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{59C0D352-F058-49F7-89A5-15A3FEE81158}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{59EA68E2-0D02-46E3-9F5B-7D3DC34D7D98}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{5B26F0B8-2309-4079-8129-AB341CF98429}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{5B8E5CB9-9DEE-430B-B771-EF0700DFE8C7}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{5C3D991D-74E1-4E41-BEA1-8A66F7EA1124}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{5D39FED3-132D-41F7-908A-1303E5E4B6C6}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{5D9D4BD5-1681-41D2-8D8F-9F3CD0B1E340}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{5F733465-BF1F-46E0-A0F2-4EC22C118103}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{615A3431-35FC-4C8A-8BDC-01D5675DEE20}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{61EBF14B-B5D8-4BBF-BE33-8A89DC729E8E}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{6284BFF5-7260-492A-9C49-4B2D75BE3836}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{62980382-3502-4AC1-8010-3A3C32B3F030}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{62B6AAC1-0243-448D-840C-BB812EA175AD}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{62B95106-3F04-4DC8-8A7F-5A3FD538403F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{6319DB62-823C-4946-AA20-AA98F933EB58}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{634BBC8C-86CB-4516-9501-CD82C310AF4A}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{64F31474-96A8-4E47-BBC3-E8EBE1B67EC1}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{66134810-4DC0-4812-9279-08DA95306E42}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{6687697D-9F24-402D-BDB4-24BCF07B1BF8}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{67B103DD-FC7A-43CA-B913-CE76FE17E67C}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{688BAF2E-AFEE-4C3F-88E8-D0E57BDC276F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{68AD34C2-E4CD-4928-BA4E-28830538B552}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{690C5105-4955-4D80-ADE1-29E531FC2C7F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{691BFD48-1DF2-44E9-A4C4-C8173DA464E3}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{694EB5CF-3499-4AA7-9849-0B713956BEDC}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{69AEF609-B4D9-4270-86D9-D9C57C90B27B}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{6A485606-E459-4B63-9DA8-63F943C140A9}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{6C6EA5A5-95A9-49CA-957E-593107B9819E}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{6C72F6D0-F82A-4243-A2C0-AD063E770D81}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{6DA1DFA5-694E-47DF-8A2E-E5997B623A61}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{6E853411-0980-454A-BA34-2710CCBB97E9}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{6EFB74A5-7CF9-4F14-B0BA-0B6AFACCEE10}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{6F0C2CA7-4C07-49B0-AD44-0974FE475315}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{705285AC-8DD7-43B0-BEAF-AE87B460C8F9}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{70B7810C-69F0-45D4-8E50-B99558210388}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{732FB8FB-9072-45E1-BFB0-415159B82D7E}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{734BA5AD-CF0F-4624-891F-B9262DA63582}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{739905EA-FD2D-4ED6-AA19-609721674C59}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{73F79CCD-F38D-4160-BD01-A76B8D9B6E62}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{742338FF-BEE2-4567-8FDD-EA5480BDDF40}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{7427143F-28D4-4E29-BC44-7565F7FEDA43}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{74482347-98D6-49C7-89D2-3EDBF26406FE}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{7559F5D8-34D3-4E98-B794-559E765496A9}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{7595BAA6-068F-4AEC-B7A4-1570FEE14F12}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{761B4829-CCF8-4670-AA11-BCB72D23F46A}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{767432AF-B786-44D5-8F79-B013856380B3}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{76CFFAAA-CAF6-4B9D-BE6B-F0FA5B8B22F3}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{77B63805-5DF5-4BD5-8E95-7B0D6F576FFF}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{77D3F22D-1DF5-43E3-BB3E-0E0CE8AE66F3}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{77D89990-5BD3-4BC6-AF68-838C6C4F64AC}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{78B9E3A8-ECC1-44C5-BB31-B763D8A0B177}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{7B7098AA-C14C-4221-8BCD-F4C64FAADC64}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{7D3953A6-FE73-4DD0-8240-3FB4DC7B63A7}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{7D4E0B41-2AC1-4A95-91F3-C916A5FAD5F3}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{7D8A1445-69FB-470A-9F2E-E8D709A7893C}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{7EB835CB-71D7-472E-80B0-07CD67A22501}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{7ECEEC51-EA9B-43EA-817D-7D370E09718D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{7F4E65DE-6D90-4AF6-9F8E-C11A953FF7DC}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{7FAC7FE9-8D2C-48A5-BF03-7254AAE2B601}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8135533F-A71B-43EF-8510-7649B4FF1AA5}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{819FEAF4-A84E-48EF-B392-F2647CA2EE69}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{81A87EB4-7B54-431C-96BE-6D7EE83ABD45}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{82CA292E-CDA0-47CD-A79C-0856A75A1D47}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{82D15164-677F-4789-9726-D8A5D38952C0}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{82D79C9F-DAD5-4D96-AF20-AB79040B43D1}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{84335339-1B53-4D30-A70C-BA687A7540B7}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{84A19643-F1BC-4EDB-9701-0601E7801368}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{85031259-C344-47EB-8633-E9D7551C3F04}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{870241B4-8AE9-4F15-8F09-658EEE9B3BA1}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8769C7B7-704E-4249-BD9E-DBC813002E48}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{886CD0A1-FB97-42F2-8615-700A2865CA4C}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8981BA67-7D2B-4CC5-9D94-87E68125D9AC}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8A3674D2-95A1-4A73-B7CD-FB15232BFC51}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8B075C2F-9BBE-4ACE-AB9C-23A195C474AA}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8B28EADE-61BA-4971-AA10-4D51324EE45F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8B5821D6-F74F-4512-ADB9-CFBF626F0B39}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8B850B67-07E4-4A94-A083-F19F71F25098}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8B9BA165-79B0-4B2B-AB0D-60109E0E8CF4}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8BE6D162-A932-47B5-A7CC-0F974688FD3A}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8BF784C0-73BF-4B7C-8D4A-BD97CA411A54}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8C010DF0-EC9B-4AC0-BE7B-02C8C6DE9E27}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8C4B75DC-73B3-41D3-A1B2-FE89C16A0F60}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8C8F81D7-2743-4811-A7CD-44EC8BB50A4B}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8CEC62DB-F9AF-4E13-9526-8361256D2A2F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8CF7EB5E-7CF5-4562-BFD9-E8FC360BDA75}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8D0BBD9E-EB86-40D9-B6F1-BC29FEBAA4D5}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8D536EB7-60BC-41DF-9CBE-94D7A7A80736}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8D53F3EE-7534-4064-B44D-C21AE7ACF03B}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{8DE7436E-1EE3-44AC-AE78-BEE45379414F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{9020FC47-B6EE-4E41-8453-33DF1E132563}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{903D5471-B05C-4C6D-835E-6F007A20D0C7}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{92031933-6BE8-45CE-8CCB-960E6B535758}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{9217DF87-B43E-4E40-90FA-B2BEC1BAEB64}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{92D18ADB-884E-4787-9BFB-089B77993918}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{9300769C-F032-4E12-B389-590AF131C2D2}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{93BEA610-5687-4353-96B9-085B77B37B9B}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{950CC25D-AD85-45E1-8F4E-E756E828CE2F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{953BBE16-6D01-4C6D-9EBF-9C45CD71035C}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{95517B58-86D9-41FD-B936-A09098BEFB1E}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{95A4846F-AE90-4AF0-B800-9D7868A93E35}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{95DC454F-375F-4780-82B5-980AE2025E90}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{96000746-FA24-4F69-A466-CE6F80DE8B25}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{9722299E-BA9C-472C-A8F9-9CE7D4A24E99}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{974DCF58-C938-46F2-A329-FBFDF20C5E3D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{974E7C8A-73EA-4306-9FBB-1E9E5A9A15C6}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{98563088-484D-41C8-AD8D-FA82E648F077}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{98C8C3B7-0264-4C28-BF82-EBB65356DE4A}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{99B29899-2E5A-435F-A9F9-445C4A69F8F0}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{9AFC1BE1-892D-4AE6-A674-AD2D830D9E45}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{9B7436C7-E9F8-4D31-973D-3192004C4A54}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{9C33D070-5F41-4652-96A3-1233F318A1DA}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{9C8D10FA-82F4-4443-BA59-70166183B129}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{9DFDF05D-1D12-4B67-98C3-7C4ABCB1DCF6}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{9E6ED987-F27C-40AF-8D43-BD9E0494FF73}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{9EF91048-3BB3-44E3-BFFE-97627A582694}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{9F2088E5-32D0-4F27-8EE2-CBCE3A685ADE}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{9FC2E18E-880F-4403-B3C6-993492A5E6F1}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A05DD16A-3C75-4C2B-8668-325AA4638F63}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A073FC0D-63E9-44DC-A738-BE7265F3684D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A0BA24A1-67F9-497D-BFC1-657CD7F24E2E}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A13A6091-186A-47FF-BAF5-0D3D45854480}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A1923EA8-8C52-4D51-BAB9-AA0F75FF6B50}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A1D3F2C0-D1F8-4A04-8528-699C7188B513}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A1DB5321-3889-49D9-8442-5996C798107E}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A1E34B29-B407-46C2-B251-BDE394023B3F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A1EF156E-FB28-4686-B195-6B91705AC3ED}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A213D005-A815-4C33-9144-C73EABF71880}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A24D2A3F-1E9C-4FE4-96E2-906198377A66}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A478899C-39A8-4220-98AA-209DD7BFED5A}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A51E8B78-AFA0-484A-B809-EC828A431EB5}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A62EB181-AE8E-495F-9027-6FF021480A73}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A6CE2E93-BFAE-4303-997F-F059BD578366}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A895290D-B30F-4520-8C53-B03636AC7A0F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A9069EB7-D5E3-4ED6-B6B4-E6F5A50EB371}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A91CCCDC-6210-4674-989E-70CD48595136}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A9B2F684-CCF4-4B70-9827-154A920B499F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{A9BB0B9A-9CA1-430C-956B-5792A3243497}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AA4C7F08-D104-4C43-A427-BE00E272504F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AA905757-6255-4567-A8FE-D64DB2111A81}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AB032DA6-EB98-473B-AAB4-14BE51B08278}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AB211C4B-41B1-4B1E-9F64-46A151070457}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AB703F76-39F4-4F42-8CE8-DC82398FA6A5}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{ABAB92CD-2817-413B-B958-746DABFCE9F8}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{ABC153C6-DA90-4D71-91AC-B44D1545D302}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AC6BE78D-0D68-45D0-949F-3C8A38AF942D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AC7F44BD-14E0-45F5-8910-E6CE067758E7}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AC94C755-2314-4913-91C5-5CB087952B99}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AD416639-E40E-4B71-B356-8B85B467016D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AD5A4B61-1FF2-46EB-8EE6-2E4AAAACE2D6}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AD72DE29-3495-4711-B76A-29BF7617A4F6}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AD9CDF63-3D6B-4B35-B0AF-AA293C78F5D8}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{ADDEAA6F-704C-43E7-B4A3-2685F9CDABC0}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AE18FEB8-7BBE-4BF7-B305-E70ED493035D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AE240B0E-971E-48CA-8952-D4AF0DC4DADD}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AE8BABEF-CB8A-4D0D-AC7C-B554E791826C}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AEF15490-2511-46B9-8BD9-4539CC2702CC}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AEFE44FD-15E8-485C-8E42-54819DF98484}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AF603881-841B-4C45-944E-54EBE98AFB33}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AFB866B6-3DEA-4C8A-829D-0F2469AD5693}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{AFC3B054-1964-4E5C-A8C3-32A27FD8E0C6}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B07D48CA-5AE4-41DF-A9C2-B24A66A9F6A6}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B0FAA0C3-E350-4BAE-A751-227DAEB389EF}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B15D84E6-826E-4D6E-8F91-4BE3D248D921}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B1D4F1CA-C4A9-4C03-8BBE-2D66D22AE8A7}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B24A9522-90D4-4BB7-A832-32FECC34FFD0}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B2B5E48D-DFBA-4622-8D58-11034D078133}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B39D9180-FB5F-460A-8C14-B3F5DCE625C0}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B4330F75-F5CC-4AB2-85CE-FEC8FC170370}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B57CDA6D-8BFC-46A7-82C1-DF553A3CE620}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B5AA3228-DC24-4BAD-B4CF-D736FD115E9D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B5E46D91-0999-44FA-A169-81757AEE0517}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B6000C7E-9750-4040-A2C7-E3810100A2A5}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B869B45B-9771-4BAA-AF91-20A206DC6417}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B89953B1-B36A-4C88-8313-82B4F201DAF1}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B8B85CFE-2B78-4AD4-B82B-2AD3D89FE486}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B8DEB972-3121-45C1-81D4-A112EC6D11B8}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{B9E8C460-C6B6-45F6-9190-9099EE3FC451}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{BA401433-1F4B-442C-B7AF-4D6D7E683FBC}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{BB7F3535-9248-4F8F-923B-0581700BE782}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{BBA5C6DD-D63F-420B-BB79-4E99430F49E1}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{BDC91AD5-1020-4DE8-9304-E87B25633256}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{BE2B04ED-B129-47C3-BA34-1AA40A012B9D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{BE44D121-084B-462A-80E6-6C092F72B873}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C025BDFF-C67B-4711-8850-4DD7D7128126}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C03C3F3A-978D-43A1-A5CF-5929DA5C22A2}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C08E39DC-F037-4E4B-A4AF-8EE48229C62A}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C09C5EF2-AB5C-4AE1-A761-566639E74438}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C30D6E49-5CC7-4DB4-99CE-2F8B5939A5A2}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C449CD66-F24D-4960-A23C-1BF5950E61F4}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C4B1E2CC-F7DC-4845-BC78-28B5D6EEFBAF}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C574693D-8439-432C-9F5A-5B7CB39D9591}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C7551CCF-A0C3-4772-A8A2-338B740E3133}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C7B1724C-6FC6-47D2-AA2E-E2956345885F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C7BBB073-1AED-4886-B1B4-83820FB6EB59}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C7E2E9CA-D8ED-4561-BBD6-C71A4E20054D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C8FCA1CA-B68D-4738-BCE6-F828A304536B}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C9275620-FA8E-454D-9CD9-CA3A245A9561}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C966F94F-8588-461F-A0FB-2BC4BE9E50CB}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C9728E0A-E1FB-4D30-8C35-84AB10110047}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{C9C81ED2-AA2F-473D-ADB4-F357733F06CB}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{CA3C394F-B97C-427D-94E4-1772EECFC3E8}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{CABA1B34-2FD7-46F6-903B-2DE70C0D75A4}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{CB95837F-BCBB-44EB-A506-EFF64D29B38A}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{CBEA01F4-D8DC-4AA6-AE01-875FF0048AF0}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{CC33AD91-4213-4FCC-9112-775FDE4E6148}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{CC4EEE73-E08A-42CD-88BC-E66A78224FAA}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{CCAC0CAD-7A3E-47A6-835E-9D59F360DF40}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{CD4AB6F8-FA19-4471-A010-14714D26EDE5}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{CDEB21AC-74CB-4260-BA9B-069C08E8428A}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{CE2FB840-3507-4809-ADD3-A3830C57AC8D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{CE498A39-FAF8-4F39-B98A-C58DE37FA02B}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{CEEE6476-07CF-4B44-B9BF-38BD0EA88949}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{CF107844-E7B3-4014-A997-817D13C72C38}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{CF451DDC-B9C3-4E5F-A5AD-3BF218522702}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{D0692C9F-2916-45C3-BCA8-A1A633B8516E}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{D0BE14FD-F91D-4AAE-A93D-9F8B4B98DB6B}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{D0DA41FF-C475-4B00-A01F-48A7FADCF0A0}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{D11386B8-32D3-4910-A6CC-D11B5AFC9EB9}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{D23A2A94-BD1E-4FAA-9204-598CD373DC97}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{D26E5FFF-6C7E-4F03-9EF7-090B86F5101B}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{D3AD6370-3ED7-42B6-B3EA-C0122E273925}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{D56E39DB-CED2-4351-AAD0-7D5E3B575E62}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{D7478FCE-8BDB-40C8-832E-D67CE91B8333}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{D91001BB-2FF8-4FE4-89E9-2D27098289D6}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{DC4B5883-D7C6-459B-993B-E1A8D9A59A79}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{DD1E0555-3243-4910-B8BB-4A9ED7ABE1E7}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{DE506EF6-395D-4DC2-97E0-813EAAF2D63B}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{DE8C2DA0-787A-4318-A39C-2B662797BE8F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{DECDB863-8AA7-42A1-ACB2-A74C94C223BB}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{DF7D7928-D0C1-4E22-8981-704DDCBF23A3}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{E037138E-EF1D-43A0-99A9-C702FA561DEB}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{E0EC73E3-8B17-4790-B221-601064F927C3}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{E1B8036B-152A-4BED-8D0C-95054BF30D54}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{E1F6D337-FE4B-4B3F-ACDF-AA58D66D3708}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{E3EFF4F9-1CA9-47F2-AA39-2210C900D3D7}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{E471FDF4-FFD1-4D59-AB41-B80B166B3E5D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{E48798D8-3B20-44E2-B956-3BB8B11AD546}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{E4AAE941-9AFA-4EAB-8671-0C9B03F146AC}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{E5CDB470-7C79-4913-94B7-94E7BCEF2F45}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{E5D2220A-3D84-4313-BEEE-98EC7A7EDB54}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{E5EE0BB4-42F5-4C2B-9EE1-D0B92955B637}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{E6670808-A227-48D3-9F51-9A962ABAE328}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{E89EC983-3004-4480-B8F5-2A12443A7F4D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{EA3B412E-5188-4621-8C67-0EE3F3D27891}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{EA8ED946-B5E0-455D-978D-4F951D0FF8C9}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{EAAAF604-1CD0-475B-BF2D-97373845E66C}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{EC1F5199-47FB-4DD8-93CD-73116EB4F78C}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{EE1F1204-3593-4342-BBD7-DB9F288EDC4F}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{EE6B0552-EFED-4159-B09D-39B8B9278354}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{EE836A02-2DA9-4E9D-8423-FE7EA864CCA1}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{F0713C2E-1540-4B1C-BFA5-9E7684C13E34}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{F1DDA704-4480-43F1-A59B-DC18D976BFC2}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{F2EC0A34-8DBA-40B4-BDF4-B1CDB54F03D7}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{F3C7CAC0-7638-40A9-9736-F3EDB6E5ED34}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{F4D83CA9-1075-4915-A437-B52EDA7414F9}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{F53C1E67-3D4D-4D4E-88C7-5558610651B3}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{F54E9E34-59AD-4B92-A2BC-214CA600765D}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{F64BB501-C8BB-4A00-914A-3AA72FCFEA6A}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{F67B74F9-8C43-484D-A89F-4939CC3FDAFD}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{F9F2463C-C0E6-45BA-9448-32A88CA5B100}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{FCB0BB92-7867-48F0-A16A-E36C71605E9B}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{FDF39797-8F54-4B92-BE88-2BBD6CFCC2EF}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{FF3998C1-9213-4F22-89B0-B401D7F903D7}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{FF435208-2E94-4B55-94A2-0B58BA387045}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{FF516F9F-D557-46D1-B933-FFE54A5AD951}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{FF65EFFA-DC75-452F-97E9-4C6E415A8BA3}
Successfully deleted: [Empty Folder] C:\Users\Emma\appdata\local\{FF7959C5-9CAA-4C8D-AD8F-A9E2A118A22E}



~~~ FireFox

Emptied folder: C:\Users\Emma\AppData\Roaming\mozilla\firefox\profiles\dzf6nx5b.default\minidumps [198 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02/09/2013 at 21:14:42.00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#14
soclueless
Posted 02 September 2013 - 02:46 PM

soclueless

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
# AdwCleaner v3.002 - Report created 02/09/2013 at 20:46:02
# Updated 01/09/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Emma - EMMA-PC
# Running from : C:\Users\Emma\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\\invalidprefs.js
File Found : C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\user.js
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\Trymedia
Folder Found C:\Users\Emma\AppData\Local\PackageAware
Folder Found C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\Conduit

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\Delta
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\Software\Delta
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Product Found : Google Update Helper

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6002.18005


-\\ Mozilla Firefox v23.0.1 (en-GB)

[ File : C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\dzf6nx5b.default\prefs.js ]

Line Found : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Found : user_pref("CT2438727.CTID", "CT2438727");
Line Found : user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0");
Line Found : user_pref("CT2438727.CurrentServerDate", "17-11-2010");
Line Found : user_pref("CT2438727.DialogsAlignMode", "LTR");
Line Found : user_pref("CT2438727.DownloadReferralCookieData", "");
Line Found : user_pref("CT2438727.FirstServerDate", "3-11-2010");
Line Found : user_pref("CT2438727.FirstTime", true);
Line Found : user_pref("CT2438727.FirstTimeFF3", true);
Line Found : user_pref("CT2438727.FirstTimeSettingsDone", true);
Line Found : user_pref("CT2438727.FixPageNotFoundErrors", true);
Line Found : user_pref("CT2438727.GroupingInvalidateCache", false);
Line Found : user_pref("CT2438727.GroupingLastCheckTime", "0");
Line Found : user_pref("CT2438727.GroupingLastServerUpdateTime", "0");
Line Found : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Line Found : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Found : user_pref("CT2438727.Initialize", true);
Line Found : user_pref("CT2438727.InitializeCommonPrefs", true);
Line Found : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3);
Line Found : user_pref("CT2438727.InstalledDate", "Wed Nov 03 2010 16:39:15 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2438727.InvalidateCache", false);
Line Found : user_pref("CT2438727.IsGrouping", false);
Line Found : user_pref("CT2438727.IsMulticommunity", false);
Line Found : user_pref("CT2438727.IsOpenThankYouPage", true);
Line Found : user_pref("CT2438727.IsOpenUninstallPage", true);
Line Found : user_pref("CT2438727.LanguagePackLastCheckTime", "Wed Nov 17 2010 09:59:22 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Line Found : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Found : user_pref("CT2438727.LastLogin_2.7.1.3", "Wed Nov 17 2010 21:12:36 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2438727.LatestVersion", "2.7.1.3");
Line Found : user_pref("CT2438727.Locale", "en");
Line Found : user_pref("CT2438727.LoginCache", 4);
Line Found : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Line Found : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Found : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Line Found : user_pref("CT2438727.RadioLastCheckTime", "0");
Line Found : user_pref("CT2438727.RadioLastUpdateIPServer", "0");
Line Found : user_pref("CT2438727.RadioLastUpdateServer", "0");
Line Found : user_pref("CT2438727.SearchBoxWidth", 211);
Line Found : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2438727&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Found : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Line Found : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&q=");
Line Found : user_pref("CT2438727.SearchInNewTabEnabled", true);
Line Found : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Line Found : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Wed Nov 17 2010 09:58:57 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT2438727.SearchInNewTabUserEnabled", false);
Line Found : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Line Found : user_pref("CT2438727.SettingsLastCheckTime", "Wed Nov 17 2010 21:12:36 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2438727.SettingsLastUpdate", "1287517459");
Line Found : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Line Found : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Wed Nov 03 2010 16:39:13 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1246790578");
Line Found : user_pref("CT2438727.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
Line Found : user_pref("CT2438727.UserID", "UN41705849267640116");
Line Found : user_pref("CT2438727.ValidationData_Toolbar", 2);
Line Found : user_pref("CT2438727.alertChannelId", "832836");
Line Found : user_pref("CT2438727.backendstorage.currentgame", "706F6B6572");
Line Found : user_pref("CT2438727.clientLogIsEnabled", true);
Line Found : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Found : user_pref("CT2438727.myStuffEnabled", true);
Line Found : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Line Found : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Found : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Line Found : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Found : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1249595/1245268/UK", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/832836/828639/UK", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/UK", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2857573", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "MUj9hNyEiPxkVQ8Q8IYZ6A==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "ZF/VZo7UyQBp8ghNNzhnSQ==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "+RsYuZ9IN1smka6Zuggr5w==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "t6SQZ7j9WsBHhE8zC0kAEQ==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.0.19", "\"0d291c3f9a7cb1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.0.19", "\"0d291c3f9a7cb1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2857573", "\"634289840782570000\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634293235860000000");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2857573/CT2857573", "\"1294152330\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634292354593700000\"");
Line Found : user_pref("CommunityToolbar.EngineOwner", "");
Line Found : user_pref("CommunityToolbar.EngineOwnerGuid", "");
Line Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "");
Line Found : user_pref("CommunityToolbar.IsEngineShown", true);
Line Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line Found : user_pref("CommunityToolbar.OriginalEngineOwner", "");
Line Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");
Line Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");
Line Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://uk.search.yahoo.com/search?fr=mcafee&p=");
Line Found : user_pref("CommunityToolbar.ToolbarsList", "CT2438727");
Line Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727");
Line Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Line Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Jan 04 2011 16:28:40 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Found : user_pref("CommunityToolbar.alert.locale", "en");
Line Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Jan 04 2011 16:28:31 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
Line Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Found : user_pref("CommunityToolbar.alert.userId", "{f412aa28-621c-41d1-ab30-935c5a5b8eb8}");
Line Found : user_pref("CommunityToolbar.globalUserId", "acb6581f-9bd8-414f-88c5-70c6b5a68ae7");
Line Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Found : user_pref("extensions.delta.admin", false);
Line Found : user_pref("extensions.delta.aflt", "babsst");
Line Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Found : user_pref("extensions.delta.autoRvrt", "false");
Line Found : user_pref("extensions.delta.dfltLng", "en");
Line Found : user_pref("extensions.delta.excTlbr", false);
Line Found : user_pref("extensions.delta.ffxUnstlRst", true);
Line Found : user_pref("extensions.delta.id", "6edb0b0a00000000000000225f49235a");
Line Found : user_pref("extensions.delta.instlDay", "15912");
Line Found : user_pref("extensions.delta.instlRef", "sst");
Line Found : user_pref("extensions.delta.newTab", false);
Line Found : user_pref("extensions.delta.prdct", "delta");
Line Found : user_pref("extensions.delta.prtnrId", "delta");
Line Found : user_pref("extensions.delta.rvrt", "false");
Line Found : user_pref("extensions.delta.smplGrp", "none");
Line Found : user_pref("extensions.delta.tlbrId", "base");
Line Found : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Found : user_pref("extensions.delta.vrsn", "1.8.22.0");
Line Found : user_pref("extensions.delta.vrsnTs", "1.8.22.023:44:30");
Line Found : user_pref("extensions.delta.vrsni", "1.8.22.0");
Line Found : user_pref("extensions.delta_i.babExt", "");
Line Found : user_pref("extensions.delta_i.babTrack", "affID=120695&tsp=4955");
Line Found : user_pref("extensions.delta_i.srcExt", "ss");

-\\ Google Chrome v

[ File : C:\Users\Emma\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [14371 octets] - [01/09/2013 21:29:41]
AdwCleaner[R1].txt - [13740 octets] - [02/09/2013 20:46:02]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [13801 octets] ##########
  • 0

#15
Nutloaf
Posted 02 September 2013 - 02:55 PM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hi there the JRT scan results are great.......... ADWcleaner wasn't run correctly my instructions need updating so sorry. You only ran a scan, we need to scan and clean this time :)

Run the ADWcleaner scan once more and when finished click the Clean button to remove found items followed by Report and post this report.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP