STRANGE COMPUTER'S BEHAVIOR?

DR M · June 22, 2013, 08:18:18 PM

I ran Combofix, but forgot disable Windows Defender... Combofix asked for installing a new version and I clicked no. Should I run it again? Although, here is the log:

ComboFix 13-06-21.02 - MA RIA 22/06/2013 22:25:36.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1253.30.1033.18.6038.3752 [GMT 3:00]
Running from: c:\users\MA RIA\Desktop\ComboFix.exe
Command switches used :: c:\users\MA RIA\Desktop\CFScript.txt
AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\regid.1986-12.com.adobe"
"c:\users\MA RIA\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1"
"c:\users\MA RIA\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6261\AddOnDownloaded\1f7e3200-2791-441e-8615-1258d84e5f61.dll
c:\programdata\PCDr\6261\AddOnDownloaded\27ada864-54d8-46c9-a6e3-8334fa39b525.dll
c:\programdata\PCDr\6261\AddOnDownloaded\2eccd5d6-e118-4f76-97b6-ba56fb6c597a.dll
c:\programdata\PCDr\6261\AddOnDownloaded\31274d4c-b2a5-4954-874c-18abd8e795fc.dll
c:\programdata\PCDr\6261\AddOnDownloaded\3820d79a-0389-4fd9-b10c-00d2774e8996.dll
c:\programdata\PCDr\6261\AddOnDownloaded\5e1499b7-780b-4b0e-8240-0221e699a647.dll
c:\programdata\PCDr\6261\AddOnDownloaded\7a273375-a427-45b1-8925-a4fd3312f55b.dll
c:\programdata\PCDr\6261\AddOnDownloaded\958decf6-f105-42b7-b2b8-ecb97b06448b.dll
c:\programdata\PCDr\6261\AddOnDownloaded\b3ef58a2-77e9-414a-b8f6-b8cbbf497383.dll
c:\programdata\PCDr\6261\AddOnDownloaded\ba005e12-3139-4327-9f7a-9f2ea6a6c841.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-05-22 to 2013-06-22 )))))))))))))))))))))))))))))))
.
.
2013-06-22 19:34 . 2013-06-22 19:34   --------   d-----w-   c:\users\UpdatusUser\AppData\Local\temp
2013-06-22 19:34 . 2013-06-22 19:34   --------   d-----w-   c:\users\Default\AppData\Local\temp
2013-06-22 19:34 . 2013-06-22 19:34   76232   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{0F270FCA-46E0-4F92-AAEF-1E921D16D668}\offreg.dll
2013-06-21 10:16 . 2013-06-12 03:08   9552976   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{0F270FCA-46E0-4F92-AAEF-1E921D16D668}\mpengine.dll
2013-06-18 20:01 . 2013-06-18 20:01   --------   d-----w-   c:\program files (x86)\MCShield
2013-06-16 09:18 . 2013-06-08 12:28   2706432   ----a-w-   c:\windows\system32\mshtml.tlb
2013-06-16 09:18 . 2013-06-08 11:13   2706432   ----a-w-   c:\windows\SysWow64\mshtml.tlb
2013-06-16 09:18 . 2013-06-08 14:08   279040   ----a-w-   c:\program files\Internet Explorer\sqmapi.dll
2013-06-16 09:18 . 2013-06-08 11:41   218112   ----a-w-   c:\program files (x86)\Internet Explorer\sqmapi.dll
2013-06-16 09:18 . 2013-06-08 14:08   1365504   ----a-w-   c:\windows\system32\urlmon.dll
2013-06-16 09:18 . 2013-06-08 14:06   2648064   ----a-w-   c:\windows\system32\iertutil.dll
2013-06-16 09:17 . 2013-06-08 14:06   526336   ----a-w-   c:\windows\system32\ieui.dll
2013-06-16 09:17 . 2013-06-08 14:06   15404544   ----a-w-   c:\windows\system32\ieframe.dll
2013-06-16 09:17 . 2013-06-08 14:07   19233792   ----a-w-   c:\windows\system32\mshtml.dll
2013-06-12 13:05 . 2013-06-12 13:05   --------   d-----w-   c:\users\MA RIA\AppData\Roaming\NVIDIA
2013-06-12 12:58 . 2013-06-12 12:58   --------   d-----w-   c:\users\MA RIA\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-06-12 12:54 . 2013-06-12 12:54   --------   d-----w-   c:\users\MA RIA\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-06-12 12:52 . 2013-06-12 13:04   --------   d-----w-   c:\programdata\regid.1986-12.com.adobe
2013-05-26 14:57 . 2013-05-26 14:57   1409   ----a-w-   c:\windows\QTFont.for
2013-05-26 14:55 . 2013-05-26 14:55   95648   ----a-w-   c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-26 14:47 . 2013-05-26 14:47   --------   d-----w-   c:\users\MA RIA\AppData\Local\Secunia PSI
2013-05-26 14:47 . 2013-05-26 14:47   --------   d-----w-   c:\program files (x86)\Secunia
2013-05-26 14:10 . 2013-05-26 14:24   --------   d-----w-   c:\programdata\Package Cache
2013-05-26 14:00 . 2013-05-26 14:00   --------   d-----w-   c:\program files (x86)\SystemRequirementsLab
2013-05-24 17:45 . 2013-05-24 17:54   --------   d-----w-   c:\program files (x86)\Realtek
2013-05-24 17:25 . 2013-05-24 17:25   --------   d-----w-   c:\programdata\Intel
2013-05-24 17:23 . 2013-05-24 17:23   --------   d--h--w-   c:\windows\system32\WLANProfiles
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 13:18 . 2012-02-17 13:02   75825640   ----a-w-   c:\windows\system32\MRT.exe
2013-05-26 14:54 . 2012-11-15 18:56   866720   ----a-w-   c:\windows\SysWow64\npDeployJava1.dll
2013-05-26 14:54 . 2012-11-15 18:56   788896   ----a-w-   c:\windows\SysWow64\deployJava1.dll
2013-05-11 10:08 . 2010-06-24 17:33   22240   ----a-w-   c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-01 23:06 . 2010-11-21 03:27   278800   ------w-   c:\windows\system32\MpSigStub.exe
2013-05-01 00:59 . 2013-05-01 00:59   94208   ----a-w-   c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 00:59 . 2013-05-01 00:59   69632   ----a-w-   c:\windows\SysWow64\QuickTime.qts
2013-04-18 13:55 . 2013-04-18 13:55   18456   ----a-w-   c:\windows\system32\drivers\psi_mf_amd64.sys
2013-04-13 05:49 . 2013-05-15 13:50   135168   ----a-w-   c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 13:50   350208   ----a-w-   c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 13:50   308736   ----a-w-   c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 13:50   111104   ----a-w-   c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 13:50   474624   ----a-w-   c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 13:50   2176512   ----a-w-   c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 12:18   1656680   ----a-w-   c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 13:50   265064   ----a-w-   c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 13:50   983400   ----a-w-   c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 13:49   3153920   ----a-w-   c:\windows\system32\win32k.sys
2013-04-04 11:50 . 2012-02-17 14:43   25928   ----a-w-   c:\windows\system32\drivers\mbam.sys
2012-06-06 04:06 . 2012-06-06 04:06   2174976   ----a-w-   c:\program files (x86)\Common Files\atimpenc.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   129272   ----a-w-   c:\users\MA RIA\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   129272   ----a-w-   c:\users\MA RIA\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   129272   ----a-w-   c:\users\MA RIA\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MCShield Monitor"="c:\program files (x86)\MCShield\mcshieldrtm.exe" [2013-04-04 607744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-04-30 885760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R1 fxbiojph;fxbiojph;c:\windows\system32\drivers\fxbiojph.sys;c:\windows\SYSNATIVE\drivers\fxbiojph.sys

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys
R3 BthMtpEnum;Bluetooth MTP Device Enumerator;c:\windows\system32\DRIVERS\BthMtpEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthMtpEnum.sys
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys;c:\windows\SYSNATIVE\DRIVERS\Accelern.sys
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys
S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys
S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys;c:\windows\SYSNATIVE\DRIVERS\qicflt.sys
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt   REG_MULTI_SZ     hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-20 16:19   1165776   ----a-w-   c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-28 15:35]
.
2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA1ce48d96f4bb08f.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-28 15:35]
.
2013-06-22 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
2013-06-22 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task bf64327c-6b9e-43e4-b2d0-cf288408c881.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   162552   ----a-w-   c:\users\MA RIA\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   162552   ----a-w-   c:\users\MA RIA\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   162552   ----a-w-   c:\users\MA RIA\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   162552   ----a-w-   c:\users\MA RIA\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-05 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-05 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-05 416024]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-12-21 6326448]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2012-12-03 11733888]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-09-17 184112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = proxy.unic.ac.cy:8080
uInternet Settings,ProxyOverride = *.local;<local>
IE: Send to Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
TCP: DhcpNameServer = 192.168.10.254
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\LocalService\Software\Wow6432Node\Adobe Acrobat\9.0]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-06-22 22:48:34
ComboFix-quarantined-files.txt 2013-06-22 19:48
ComboFix2.txt 2013-06-21 10:47
.
Pre-Run: 606.955.831.296 bytes free
Post-Run: 606.645.002.240 bytes free
.
- - End Of File - - 71457D94F45C491EE9C6E9848BD05933
D41D8CD98F00B204E9800998ECF8427E

P.S. :)

1. Programs that need java run without internet connection.
2. Password hint when enter a wrong pass from the first time was not an option before. Well, I think so! :huh:
3. Unfortunately Sumatra changes the original image edited in Word (e.g. http://www.landzdown.com/computer-problems-questions-and-solutions!/problem-with-adobe-reader/ ). If there is a solution for this issue, I don't need Adobe Reader.
4. THANK YOU! :mitch:

Corrine · June 22, 2013, 10:47:38 PM

Yes, sUBs updates ComboFix every few days so it is always best to install the new version when prompted, besides the script didn't work because I should have used "folder" instead of "file". :smash: It isn't critical to remove them but worth trying again if you don't mind.

Custom CFScript

Note: The following instructions were created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

Please open Notepad (Click Start -> Run -> type notepad in the Open field -> OK). Copy/Paste all of the text present inside the code box below:

Code Select


RegLock::
[HKEY_USERS\.Default\Software\Wow6432Node\Adobe Acrobat\9.0]
[HKEY_USERS\LocalService\Software\Wow6432Node\Adobe Acrobat\9.0]
[HKEY_USERS\S-1-5-20\Software\Wow6432Node\Adobe Acrobat\9.0]
[HKEY_USERS\S-1-5-21-1297263482-2230557874-2472846458-1001\Software\Wow6432Node\Adobe Acrobat\9.0]

Folder::
c:\users\MA RIA\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
c:\users\MA RIA\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
c:\programdata\regid.1986-12.com.adobe

Save this as CFScript.txt and place it on your desktop.
Close any open browsers.
Close/disable all antivirus and anti-malware programs so they do not interfere with the running of ComboFix.

Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

1. Java: Microsoft released a Fix it solution so that people who need Java for programs on their computer but not the internet can disable Java in Internet Explorer. I provided the instructions in this blog post: Microsoft Fix it to Disable Java in Internet Explorer.

Instructions for disabling Java in other browsers is in section 3 of Java, The Never-Ending Saga. Since you have Chrome installed, you'd need to make the change in both browsers.

2. Password Hint: Perhaps you haven't made enough mistakes with your password before to result in getting the password hint. There is also the option to Create a password reset disk.

3. Sumatra & Word images -- I remember that topic. In a search of the Sumatra PDF Forum (a bit awkward), the closest I came is here: LINKS AND IMAGES IN PDF FORMAT, but that is related to converting to eBook format. This much older item is a bit closer: How is the conversion?.

I was beginning to wonder if the "border" is the grey background leaking through and then came across this: smoothing does not work in 1.4 . Not being knowledgeable in graphics, I wonder if that is related. Also see http://code.google.com/p/sumatrapdf/issues/detail?id=1297

4. You are welcome!!!

DR M · June 23, 2013, 05:00:11 AM

Good morning, Corrine!

I will handle with Java and Sumatra later.

Meanwhile, here is the new Combofix log:

ComboFix 13-06-22.01 - MA RIA 23/06/2013 7:26.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1253.30.1033.18.6038.4057 [GMT 3:00]
Running from: c:\users\MA RIA\Desktop\ComboFix.exe
Command switches used :: c:\users\MA RIA\Desktop\CFScript.txt
AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\regid.1986-12.com.adobe
c:\programdata\regid.1986-12.com.adobe\regid.1986-12.com.adobe_Illustrator-CS6-Win-GM.swidtag
c:\programdata\regid.1986-12.com.adobe\regid.1986-12.com.adobe_Photoshop-CS6-Win-GM.swidtag
c:\users\MA RIA\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
c:\users\MA RIA\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1\Local Store\#ApplicationUpdater\state.xml
c:\users\MA RIA\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1\Local Store\#SharedObjects\s_br.sol
c:\users\MA RIA\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1\Local Store\appDB.db
c:\users\MA RIA\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1\Local Store\chc-pref.xml
c:\users\MA RIA\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
.
.
((((((((((((((((((((((((( Files Created from 2013-05-23 to 2013-06-23 )))))))))))))))))))))))))))))))
.
.
2013-06-23 04:35 . 2013-06-23 04:35   --------   d-----w-   c:\users\UpdatusUser\AppData\Local\temp
2013-06-23 04:35 . 2013-06-23 04:35   --------   d-----w-   c:\users\Default\AppData\Local\temp
2013-06-21 10:16 . 2013-06-12 03:08   9552976   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{0F270FCA-46E0-4F92-AAEF-1E921D16D668}\mpengine.dll
2013-06-18 20:01 . 2013-06-18 20:01   --------   d-----w-   c:\program files (x86)\MCShield
2013-06-16 09:18 . 2013-06-08 12:28   2706432   ----a-w-   c:\windows\system32\mshtml.tlb
2013-06-16 09:18 . 2013-06-08 11:13   2706432   ----a-w-   c:\windows\SysWow64\mshtml.tlb
2013-06-16 09:18 . 2013-06-08 14:08   279040   ----a-w-   c:\program files\Internet Explorer\sqmapi.dll
2013-06-16 09:18 . 2013-06-08 11:41   218112   ----a-w-   c:\program files (x86)\Internet Explorer\sqmapi.dll
2013-06-16 09:18 . 2013-06-08 14:08   1365504   ----a-w-   c:\windows\system32\urlmon.dll
2013-06-16 09:18 . 2013-06-08 14:06   2648064   ----a-w-   c:\windows\system32\iertutil.dll
2013-06-16 09:17 . 2013-06-08 14:06   526336   ----a-w-   c:\windows\system32\ieui.dll
2013-06-16 09:17 . 2013-06-08 14:06   15404544   ----a-w-   c:\windows\system32\ieframe.dll
2013-06-16 09:17 . 2013-06-08 14:07   19233792   ----a-w-   c:\windows\system32\mshtml.dll
2013-06-12 13:05 . 2013-06-12 13:05   --------   d-----w-   c:\users\MA RIA\AppData\Roaming\NVIDIA
2013-05-26 14:57 . 2013-05-26 14:57   1409   ----a-w-   c:\windows\QTFont.for
2013-05-26 14:55 . 2013-05-26 14:55   95648   ----a-w-   c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-26 14:47 . 2013-05-26 14:47   --------   d-----w-   c:\users\MA RIA\AppData\Local\Secunia PSI
2013-05-26 14:47 . 2013-05-26 14:47   --------   d-----w-   c:\program files (x86)\Secunia
2013-05-26 14:10 . 2013-05-26 14:24   --------   d-----w-   c:\programdata\Package Cache
2013-05-26 14:00 . 2013-05-26 14:00   --------   d-----w-   c:\program files (x86)\SystemRequirementsLab
2013-05-24 17:45 . 2013-05-24 17:54   --------   d-----w-   c:\program files (x86)\Realtek
2013-05-24 17:25 . 2013-05-24 17:25   --------   d-----w-   c:\programdata\Intel
2013-05-24 17:23 . 2013-05-24 17:23   --------   d--h--w-   c:\windows\system32\WLANProfiles
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 13:18 . 2012-02-17 13:02   75825640   ----a-w-   c:\windows\system32\MRT.exe
2013-05-26 14:54 . 2012-11-15 18:56   866720   ----a-w-   c:\windows\SysWow64\npDeployJava1.dll
2013-05-26 14:54 . 2012-11-15 18:56   788896   ----a-w-   c:\windows\SysWow64\deployJava1.dll
2013-05-11 10:08 . 2010-06-24 17:33   22240   ----a-w-   c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-01 23:06 . 2010-11-21 03:27   278800   ------w-   c:\windows\system32\MpSigStub.exe
2013-05-01 00:59 . 2013-05-01 00:59   94208   ----a-w-   c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 00:59 . 2013-05-01 00:59   69632   ----a-w-   c:\windows\SysWow64\QuickTime.qts
2013-04-18 13:55 . 2013-04-18 13:55   18456   ----a-w-   c:\windows\system32\drivers\psi_mf_amd64.sys
2013-04-13 05:49 . 2013-05-15 13:50   135168   ----a-w-   c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 13:50   350208   ----a-w-   c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 13:50   308736   ----a-w-   c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 13:50   111104   ----a-w-   c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 13:50   474624   ----a-w-   c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 13:50   2176512   ----a-w-   c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 12:18   1656680   ----a-w-   c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 13:50   265064   ----a-w-   c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 13:50   983400   ----a-w-   c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 13:49   3153920   ----a-w-   c:\windows\system32\win32k.sys
2013-04-04 11:50 . 2012-02-17 14:43   25928   ----a-w-   c:\windows\system32\drivers\mbam.sys
2012-06-06 04:06 . 2012-06-06 04:06   2174976   ----a-w-   c:\program files (x86)\Common Files\atimpenc.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   129272   ----a-w-   c:\users\MA RIA\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   129272   ----a-w-   c:\users\MA RIA\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   129272   ----a-w-   c:\users\MA RIA\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MCShield Monitor"="c:\program files (x86)\MCShield\mcshieldrtm.exe" [2013-04-04 607744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-04-30 885760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R1 fxbiojph;fxbiojph;c:\windows\system32\drivers\fxbiojph.sys;c:\windows\SYSNATIVE\drivers\fxbiojph.sys

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys
R3 BthMtpEnum;Bluetooth MTP Device Enumerator;c:\windows\system32\DRIVERS\BthMtpEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthMtpEnum.sys
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys;c:\windows\SYSNATIVE\DRIVERS\Accelern.sys
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys
S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys
S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys;c:\windows\SYSNATIVE\DRIVERS\qicflt.sys
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt   REG_MULTI_SZ     hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-20 16:19   1165776   ----a-w-   c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-28 15:35]
.
2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA1ce48d96f4bb08f.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-28 15:35]
.
2013-06-22 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
2013-06-22 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task bf64327c-6b9e-43e4-b2d0-cf288408c881.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   162552   ----a-w-   c:\users\MA RIA\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   162552   ----a-w-   c:\users\MA RIA\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   162552   ----a-w-   c:\users\MA RIA\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   162552   ----a-w-   c:\users\MA RIA\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-05 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-05 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-05 416024]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-12-21 6326448]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2012-12-03 11733888]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-09-17 184112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = proxy.unic.ac.cy:8080
uInternet Settings,ProxyOverride = *.local;<local>
IE: Send to Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
TCP: DhcpNameServer = 192.168.10.254
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\LocalService\Software\Wow6432Node\Adobe Acrobat\9.0]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-06-23 07:50:01
ComboFix-quarantined-files.txt 2013-06-23 04:49
ComboFix2.txt 2013-06-22 19:48
ComboFix3.txt 2013-06-21 10:47
.
Pre-Run: 607.555.629.056 bytes free
Post-Run: 608.949.809.152 bytes free
.
- - End Of File - - 99530F3C732F6DA602C6B557FE908F92
D41D8CD98F00B204E9800998ECF8427E

DR M · June 23, 2013, 09:34:57 AM

OK Corrine, I have some news:

1. I installed Adobe Flash Player 11.

2. I disable Java from IE and Chrome. YES!

3. There is an update of Sumatra, version 2.3.2, which SOLVED the problem with formated images in Word!

4. I am waiting for your reply, to solve the other issues.

4. ... I love you! :flowers:

Corrine · June 23, 2013, 01:22:53 PM

:dance:

What are the remaining issues?

DR M · June 23, 2013, 01:54:34 PM

Quote from: Corrine on June 23, 2013, 01:22:53 PM
:dance:

What are the remaining issues?

Well, did Combofix finish the job? Is now the computer free of all those error events etc? :smiley:

Corrine · June 23, 2013, 05:12:04 PM

Hi, Panos.

From what I can tell, it appears that we've covered everything, although there is one more tool I'd like to run. In the meantime, we can clean up the other tools that we used.

1. You can delete the following from your desktop: Farbar Service Scanner and SecurityCheck.

2. Please do the following to implement cleanup procedures and also to reset System Restore points:

Click Start > Run and copy/paste the following bold text into the Run box and click OK:

ComboFix /Uninstall

Note: In the event you wish to contribute to the ongoing development of ComboFix, the developer is accepting donations via PayPal.

3. Please download AdwCleaner by Xplode to your Desktop.

Double-click AdwCleaner.exe to run the tool.
Click Delete.
Everything that was found will be deleted.
Save any open files and approve the reboot. A text file will open after the restart.
Please post the contents of that logfile with your next reply.

Note: The log can also be found at C:\AdwCleaner[XX].txt where XX denotes the number of times the application has been run, i.e., S1

DR M · June 23, 2013, 07:41:48 PM

# AdwCleaner v2.303 - Logfile created 06/23/2013 at 21:56:26
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : MA RIA - DR-M
# Boot Mode : Normal
# Running from : C:\Users\MA RIA\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\user.js
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Wondershare
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Wondershare
Folder Deleted : C:\Users\MA RIA\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\MA RIA\AppData\LocalLow\PriceGong

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Registry is clean.

-\\ Google Chrome v27.0.1453.116

File : C:\Users\MA RIA\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2636 octets] - [23/06/2013 21:56:26]

########## EOF - C:\AdwCleaner[S1].txt - [2696 octets] ##########

Corrine · June 23, 2013, 07:48:17 PM

Excellent! Now I think I know where those files came from that came up in the ComboFix log.

Let's run one final tool that I've noticed will sometimes find additional files that AdwCleaner doesn't see.

Please download Junkware Removal Tool to your desktop.

Disable ESET and Emsisoft to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

DR M · June 23, 2013, 08:04:56 PM

Hi, Corrine. Here is the log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by MA RIA on ‰¬¨ 23/06/2013 at 22:53:51,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{01CB1C89-4FDD-4F61-8339-5B5A48927CAB}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{029023AD-65B6-44BF-967A-4C431C14AAB7}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{02F2690F-7A5C-46E0-87C1-EEFCAEC7FC04}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{031D5677-05B6-451B-B69E-87108C70CC3E}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{03766248-B4CB-4D4A-ACA0-1C173526AC4D}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{0469A0DD-D389-4CE6-AAF8-E0D65C6F7D76}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{04B04090-481D-4B64-9F1A-F54C5BB60B89}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{050D0EB2-3D6B-4752-889B-06BF7B4E53A0}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{055139F1-DF0A-4061-985B-8750D6D1B96D}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{057A2028-C7B1-490F-A461-58AA7A631D72}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{0587B723-B91B-48AD-9A15-E2C65E7DFAEC}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{05C071C0-DB2E-4B5C-9DCD-66E9640DF977}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{05D69201-55E6-459B-8C7B-5ACFE5D0370A}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{07B1CAE1-0B02-49D0-B839-64D7F6FE9B14}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{08CC942C-341E-4D06-9A54-333279644918}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{09908CCE-791C-4A83-AE01-80D0217BD26C}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{0A27A451-FA0B-49C8-91DE-7980B614F9A9}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{0AEF47D4-4E60-4018-8148-A87C4690046E}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{0B2B4084-00A9-418A-B22F-AF4BA9775EFD}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{0BADEFA9-2606-4EC2-BD5F-B4337E40A9C2}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{0C18975D-468B-4EED-B203-D7DF5B155473}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{0E016916-63AF-4563-9D33-3F96BA4A03B0}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{0FDB72B7-BF5B-4A4D-98BC-DE50AA0B79A5}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{10899CAF-370B-47DB-8885-AFD08FB294B2}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{12F852BD-6846-41CD-851F-3BE07C5CD992}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{12FCFE00-7B18-42C4-B04A-D1BC8BB7763F}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{130316EF-06B9-4481-8B35-579ABB70B396}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{130EBE63-6757-4F81-9BF0-D4DD47B9DD35}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{149BB3AB-C06A-4CAD-9314-2BD3516255C8}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{161112FF-EAFF-4D29-842A-8F54B0517265}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{17DF1DFB-BC88-40E4-92D8-63DF9C45C16B}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{191B355F-83F6-486B-B389-9E58EF2E4DDA}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{1A178E57-52C7-4C3F-944F-3A0B562C9D12}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{1B429360-F34F-4D12-BEE8-E59A0B39FDA4}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{1BD45D52-C4AA-4754-88CE-6FD7E491FFA5}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{1D59A4E9-5D7B-4E7F-BB81-10F86C6914CA}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{1D867FDF-7DDC-418E-A6AA-6D4CA6BD9E28}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{1E7A2AE5-907E-4A33-8D69-E8F1CF86304B}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{1EAE4EED-ACC4-4C40-AAA4-D85DD549650E}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{1ECAE951-A00E-4D50-BC42-C848AE3ACBBB}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{1F4E2673-B011-4A8B-A715-D0A5306EA96F}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{20D8857B-3B3B-4778-AF97-AA6C5CC66227}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{22F2E789-53EB-46C0-A6BB-1D36FA98775E}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{23B92E2C-68A4-4566-8CC7-88E3BE4A4E8B}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{244C6310-7FA4-4A70-BFC1-8FAD11523E4B}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{2498462A-3BC4-41E3-A6BA-21A9472890FE}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{26204FFA-1D44-4824-8EB5-CFD0E56CAD8B}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{27A62AB0-0946-4B94-A9C2-21F6AEC5EA15}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{2825F506-28A3-4267-8CA0-3527065AB98F}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{2845E306-BFF9-410E-B75A-837503C286E8}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{28590F8F-F873-4C69-A239-5D60345D06B1}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{28F0850B-DA36-4C0C-8DB5-D54839144F1E}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{2A5F9270-2B91-4743-B659-EE70EC35CA1A}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{2A7CA0E8-C52F-49CF-9932-3A7961E68CC5}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{2AC2CFF5-2F09-4A9E-B855-240566BD2B45}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{2AFE8E88-10DF-4678-88E2-B2243772D6B7}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{2C2F9ED1-83B0-49BC-B2D0-AB3582692486}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{2CE05572-17B1-449D-A335-3FDB468623CE}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{2D1CD4F3-7C98-4B9C-A34B-16D8883BF792}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{2DC74577-AC81-45DC-A93D-5E45C140D84D}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{30DFFD42-8226-4D29-BE56-57BA9C81C095}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{30F909BD-F106-41C0-9870-18FEB81D8CE7}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{31A65EDC-B897-45A5-ADD3-0EB7FED294E0}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{34C13C3B-7097-4DC4-A26D-B158CDA8B7AE}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{353956B8-880C-49C4-8691-72FC2E5C764B}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{357C5812-0DC0-4F6E-96FE-37DA8442FB08}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{357D212E-6175-4BBC-86B7-5CFB7DCF358F}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{35CA8507-05F3-4EC5-9FC6-02F500B8DB61}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{36E66D92-058B-40E2-BABF-4C9ACDFCD3D9}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{373D0326-5020-475B-AC2B-B6396EDEAD40}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{3752D099-FBD9-4C1B-98AF-098274839530}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{3A16A468-9C57-41A7-A0D5-43E33DFF7D77}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{3BA19D55-A2CD-4F7E-8010-3903860903A2}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{3BAF9655-E588-470F-96E8-719938B635C1}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{3C68567F-A611-4AF0-82B3-672DD8E32EFF}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{3D02586C-BF23-430F-A43B-7E360DC0A6AB}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{3E36E44A-9D6F-4ADF-995D-F6E876C019A1}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{3F691B6F-EB1E-4E0B-B419-FB5F9FFC95D5}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{4166DDCF-DEF8-44C7-8A46-751831EC3BF9}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{41EA56AA-2BC1-48AB-953F-D31B6B810C1C}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{42F25462-66BC-4278-8C30-33CC231461A5}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{44931FF6-FAEF-4252-8CF6-5B42EC9215D5}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{44B71110-3513-4C80-8E23-24CD4CAE6FC0}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{454263BF-6FB8-42BF-937A-C84042937065}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{46B896B4-B0A5-496B-9CB4-23B8F02D6BF8}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{4742FF73-70FC-4780-87C1-140770BCFCFD}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{4B4CF9F4-7AD2-4659-9D96-3C419F095003}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{4B6C5160-F460-4F7B-ACF8-5AD5DE17DA36}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{4C08F015-9D46-43A7-B70B-9A0977647278}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{4DB0C53C-A3AB-4226-989D-4D8C45C1332E}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{4E0D6513-9368-43B6-ABF9-595CF3CFEEF3}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{4E7A5F32-6803-4E5C-9FEB-D97D82706581}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{4E7E0B68-E008-417F-AF0F-0F8AD88FA72A}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{4F8FCD94-A608-4DE5-A757-B62EB8F0BFDE}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{4FBE4364-99DD-44F5-8EFC-327523064897}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{501C039F-83B3-4450-B035-A4A370A18E39}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{5097032A-153E-4189-9E64-B10DAF8DFCB8}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{5100DF4D-0D5C-48C7-8B31-566CB3FE7811}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{511462C2-D87F-45D6-80A8-E306C1800984}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{52CE1063-2C96-4BC7-8D79-DB42FF1277E8}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{53F4BA9A-9B15-4DAE-A51F-9BA83049C932}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{545D78C6-552D-432F-80F5-E1FB516E66EE}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{55860643-6EE0-4A3B-8CD2-495A89E199C3}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{55EBFB37-2FD0-4A69-8178-F657A852A261}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{568A8EB5-DED4-4FAD-B4E9-6C9C45B6D30B}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{5A150E99-BC55-43CF-A35C-C0822FDA04E5}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{5B2B14A4-E20E-4B0D-9874-CB3AE3F266F8}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{5B5E3275-4C71-49E5-986C-3DB19E5214DD}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{5DD341B1-8D3F-4897-B5BF-92F4871EB186}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{5E1FBB4D-304C-4AEE-A697-FEBBA10E2298}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{5E2AC6FD-D8E6-4214-AC5C-A0C956367373}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{5F52D872-EFE0-49FD-B05F-6F941E9C4A41}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{5FCFC965-5E00-49E6-A74A-28E95E4CBEE1}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{6092A99C-C22C-44CF-994E-031C505B5C56}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{62F8576D-3872-49D7-9242-F238EF1E8BCF}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{63BBAFCC-DA59-4291-AC09-FDBDF0336A58}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{644FA70C-58B3-44CF-9C5B-18A63EEBF48B}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{6579746A-E84A-4005-89B0-B16360E7D4EF}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{66FF0431-F40F-4329-BCE5-F70552711467}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{68BD3E7C-F592-4BFD-9EBE-A40D6F975E9C}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{68F33DD9-A53B-4165-A25C-2C13D396EFC2}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{6A91A946-6CEB-4122-8DA4-DB98C0D8C4F2}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{6B4CA93B-4A40-49E9-A7EF-EEC1D9BBFB99}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{6B7A7EC7-9797-46DC-9D4C-35EBE50B51B9}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{6C28C51C-98F4-46E1-9A62-5A2A3BA39B4C}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{6CD1BDE3-C0D6-4A05-960C-7FCF08827F4B}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{6CFF2DB6-76B2-46D9-8B4E-E3C23CC627EC}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{6E01CF81-AAC8-4E74-BEE9-AFFD3A0D9D7F}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{6E2450C6-3630-423D-8351-8B621C21A547}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{6FE3B186-5334-47DA-9600-7F01EC0700A1}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{709F7E1B-95C1-466F-A41D-AC52E8939370}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{73041AE1-321B-41A1-A66F-4048506A418A}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{75CACC4D-D1C1-4E57-93C1-46516162DAD2}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{7772586A-CB11-4253-BBAA-3935B7425DC2}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{7877D538-56C2-489C-8262-B869D9D775A0}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{78BC7052-53BF-4784-AC9D-1E6FC770C42D}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{78D65A57-0AB1-4FE1-86B3-1654192A2979}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{78DFB4E1-BB0A-4D46-8955-B02F72C695B3}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{79409984-0F02-471B-B0AC-C6D2C5D8D38B}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{79AAC9EA-AF7C-480D-804B-3CCC890905B5}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{7C9DEECE-FCE8-41A5-AC07-FF16E9647531}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{7CCA16B6-DB52-4322-8901-2B3B0F257D81}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{7E22BD62-945A-45D7-99FD-34AF5A5A5880}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{7EE35A3E-99F6-4FBE-9744-8F4E55A6267B}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{7F91E932-E675-4382-A685-B8AB76DA00C6}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{8038CF2F-3449-4FA3-8899-297E1150AE0C}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{808EA86E-54A4-40D7-AFF2-2D6CDBDBE458}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{80A72B9B-CF20-43F7-8628-45201EFE866F}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{81032D3A-8AF8-4FDC-8454-81DFA2692B69}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{814DCA88-0991-44C2-B022-0BCF0AC3C07D}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{817EF532-0D0A-4274-8F69-3F57A7B6F27E}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{81F8EF08-2F50-42A3-AECC-CF01BE0F5D5E}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{84AE6C97-3BC7-4B42-9D98-56D1CD3C4A6F}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{85155AB6-AF75-4BB0-AA9B-477CEB571F17}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{8557F157-2DB5-4E5F-A5E3-1F552362E291}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{85AC72DC-3BDA-4813-A1D4-3A60BB578175}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{8693721F-BE6A-476A-9E36-588E637A8B2A}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{87965383-A85B-4F68-9985-8F6AEC82134D}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{884D8783-2079-44CB-84C2-5556D3664019}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{8898784E-4C84-4441-A584-E6767F36F5D3}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{889E9853-08C6-431F-A7E1-C98CE3262A88}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{892B1B11-F680-4574-B256-69E2F261134A}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{89823114-9D6A-49CE-B69C-44ED07826DEC}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{89D0AFE7-2B74-4D2E-B724-5692F4E40C7F}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{89E056C9-81E7-45F2-BFF2-1CDCCE38551E}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{8B39AFA3-EEA3-488F-BB0B-C86AAE6B2FE2}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{8B3BC930-4D9B-4886-A590-6127BB47B521}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{8B8CB5A1-2019-43BE-9BC0-969333058FB4}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{8BA6E3C6-DC5D-414F-988A-07D6FF61BF72}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{8D670160-E855-4465-A71E-190C7265E12A}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{8EAC813B-43FF-4852-ACB6-6ADDE14FC649}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{91759230-AC62-47BA-BC7A-6785448925F5}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{91DC3CFA-BE24-4CA8-B720-9F396C17916A}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{9244BF10-216C-4B46-B3D0-55745F90135D}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{930FB3C8-4C82-4253-845F-F15204D77F2E}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{93521A19-4F97-4129-99D8-F53802B84A7D}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{935B6606-3681-476A-A4A6-7AD7B76DD7AD}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{93B8F613-1C2D-46CA-AB15-854D0DCE43F8}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{94721367-E6C1-471E-B210-0DAB88DB3703}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{94AF3A4A-B77D-404E-B66C-BAC819BBB0FE}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{96BB97D8-0BF0-4F62-834E-621055C26879}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{97BCD0BE-CEF0-443E-A974-1E6506894E17}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{988137DD-4691-4AD3-A89E-0C66DC91BDB5}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{98F51261-9CAE-4170-B999-DB90CF8E5F95}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{99058CC0-33A5-4874-896C-E8D58BA46898}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{9ACBF113-09EF-4952-BC3D-B1670E8485C9}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{9B55203B-D45C-4778-BFA3-0DD1FED9FFE4}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{9B5D8204-8B91-4D52-9F42-85F89EECF7F4}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{9C0429C0-42EB-478E-B693-DFE7106A7F18}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{9CB6607A-474B-40EE-A3E6-E7E5D24D83D5}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{9D587B71-4A65-4517-BDCE-54D16E37E420}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{9D6933E6-6286-474D-A685-D204EB527F92}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{9DB0024F-8F87-417F-BA9E-1D4AC5F72077}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{9DF12EDF-65D7-4976-8991-8ACDDE7FCC75}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{9EF72B7C-2B17-45C7-9553-ACB2B39174AE}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{9F862332-5636-4640-9593-7FEB305254D9}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{A16CC561-EF3E-43D7-B168-259ED4DFE2A0}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{A19F6F5C-C590-4493-8294-87DC1F4027C7}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{A1EF0CD6-141E-40B4-899A-1F7266880FF3}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{A224C0B8-A7D9-4956-B79B-B24246069204}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{A23A0442-211E-4B98-BFE6-6F8E40EC926C}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{A242CDC8-2AC2-41DD-87C8-DAD377065A29}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{A3250A47-4635-42B5-9500-2A8A093A5B78}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{A3F37258-4480-4F04-917B-F90065B60E46}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{A41CD61C-0A99-4CAA-81B0-90A7EFB288A7}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{A475354F-A618-4A13-8149-49DC84BE28C5}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{A6A61665-4A89-4483-BE76-0EBA6DD22FDE}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{A8F86FC2-9769-4D89-93B5-E871E7526ADD}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{A920E76D-3488-477E-BEE7-961E1EDE24CE}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{AAC3A253-DD48-4DB5-B100-5CE2EB80044E}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{AB93D39B-8D03-415E-BD8E-CDA079CF3404}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{ABB4211E-0020-4FC7-A2B3-1F3EC552A48D}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{ABE129C2-A46B-42BC-9B21-3B94C2678318}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{AC1A40A6-B968-4E97-BF95-C2E4F772A1A8}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{AE850079-551F-463C-B705-B537DB040832}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{B2936296-880A-4708-ADDD-76A47C197866}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{B2B4C9F3-7398-4C04-8F54-E519D8A90F16}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{B393EB68-EF84-4C6B-8618-80B4DC7083F8}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{B3E60D2B-95C0-4CF3-9C3A-3F09E28BD247}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{B4D5F28A-D3AC-4156-8B81-E68B3E86AE09}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{B5035979-295C-4A14-AB21-0AE2BECCA30E}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{B57B6C92-199F-4114-ACFB-52B20BA30719}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{B80F5DC5-65FB-43CB-BB7E-885919F3AF3D}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{B95A4B7E-1A8A-486E-9C57-E9650A476E81}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{B96BB0DF-485E-436E-9495-88B0DBF6BA5A}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{B9B2E820-F9BC-4F9A-A685-D0A61EA9B9C6}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{BA1C7E3B-57D6-4CB4-8A99-B9B1E5D18E2F}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{BA43E78D-7725-4ABD-8DC4-62D6DF5800DB}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{BACD6180-8B96-4841-83F5-636EA5A4FD3A}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{BB9CF8DB-2361-4C70-96FB-971F149DA6BB}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{BBCB44FC-8D45-445D-824F-025DF36B954D}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{BC43A311-D4C2-447E-871C-F61EA569CB42}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{BDC93E6A-46E2-4562-94A4-2A9DD699DB3C}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{BDDE0807-88A4-4B9D-B6A2-991366F16EE1}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{BEF2A71D-4E6A-4F17-A70E-4E5D55B8019A}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{BF78D8D3-504C-4C9F-AE8B-70B8AF289721}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{BF828F33-3470-4C8A-B659-659732EFDE9A}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C0B5C11F-748B-44AB-8913-861313E8D0CF}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C0EC541F-8077-49F2-A1C3-271986B5F8D3}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C0F44CBC-64DB-4217-AA6F-A9482346AD9F}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C17531D6-DDA0-4283-9A97-7721EEF4E8CF}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C1B80DED-CA65-4483-8B48-51BD60981DE8}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C3DFCF0A-82E6-4DE9-B280-7BC9731EF78F}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C3F06F25-6083-4089-B87E-146BB70EC7E8}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C4860DD1-E7B0-4856-ABA1-C5B0D12997B0}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C56E9667-782C-4C95-BDF1-152F82906B3A}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C5BF2FA0-5285-487D-A918-FCF837EBF532}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C5D7F136-7559-435A-A1D7-AD960E08B8B2}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C5F9F61C-2281-4BC7-8F0F-46973663A9D2}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C609CF29-F0A8-448D-8AA3-167ED5F945CA}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C6A66F36-5BD0-4F00-ABD3-802B57DC3C5B}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C71272B2-98C3-4884-8C10-59CB4B78F6A4}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C7BDB769-F230-44D7-867A-F0827BC91FD6}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C7CF7B39-2BCA-4996-A0DF-9BD323C68C92}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C837F161-D2CA-4260-A638-AEF5FEA59AC0}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{C86A6B7C-4D00-4096-9B11-6E342C1406D5}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{CAEB4343-8041-4061-9F3E-EB026514DE59}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{CCA74979-A739-44BF-BD01-46FB7F87674A}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{CD68F98E-B2C9-449A-92B5-E9A94386A6B6}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{CEBAFC8C-B8D8-4816-9F66-B29A037139DB}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{D0C510C5-8A51-4344-9B54-52DF1EE90B04}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{D207431E-1E34-4D9E-93C1-5E598A9006A7}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{D3C867C4-D420-4413-8CF7-6EFCE2FA9D82}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{D4AFCEB0-B4B0-432B-915A-F14AA8648927}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{D6F2EE81-0316-47E0-AE6B-21C9702A5844}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{D6F3A19D-B480-47E0-941D-79AAB2ACF888}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{D7348155-67C3-42F4-AC3E-6455900987CC}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{D7B90C11-0346-4452-8EDA-B8025F323C8B}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{D82F8710-0074-4040-BCD3-C767A570CBA8}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{D88FDD13-E4ED-460B-8A49-78A7DA455721}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{D8F63422-DFE6-46DD-A04F-0BEF946479AF}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{D9FE8FF9-96DF-460F-9033-4FD19F5E9216}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{DC6B996E-8A53-48DD-8A1C-5C793727D1CA}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{DDDB01AC-ACB1-44FF-A9AE-14753A7C2BEA}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{DE351A5D-8AE2-4125-B2CB-C41663A98766}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{DEBB9BA6-233D-45C9-8B9C-D3792A133E6F}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{DF47AE11-4C3B-41DD-8B4A-864E310E645C}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{E141CE55-5D1D-43C7-8863-AE0491BC515D}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{E17B9A54-1F68-41E1-801D-DF3E48D32C73}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{E20C4235-1507-483B-A920-605A45B29B24}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{E2161BCD-7AA0-47B5-B5DD-E0DE54E432EC}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{E5614854-8471-4034-8082-032093B30641}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{E63BE6DC-042D-4813-9A6C-37CEABCD0D3B}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{E63E2901-787E-4D2B-B5E3-D5D7D867F618}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{E80CC1D3-0409-4F55-A9AA-751A343621EF}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{E846948F-496D-45FB-9E9C-689F4B63ACBA}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{E8F1DE8A-261C-41F3-A831-110729566358}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{E915D293-6D46-43C8-8E98-5976B3D6060D}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{EBE3A8C7-6564-4FF2-9DD6-8B3BE4F604DF}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{EC48E4AD-43C4-4733-B37C-5087C37D53AB}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{ED3438DF-92BA-4888-BF31-0C8FB1484B8B}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{EECD9B93-57C3-4696-83C7-EA71C1A6CDFC}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{EEFE65B7-78A9-4363-BFC8-7D066EA909AC}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{EF2A619B-4CC5-4A3C-B106-62FEB0B59015}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{F0A5CB09-EF81-441B-A00C-AC7AB8108359}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{F6195438-D0BE-488B-A092-F56103119445}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{F759768E-EC7F-47FF-9B8C-35BB93C2509E}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{F76838EA-A1BE-4B14-9C65-9BE6CDAC9455}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{F779DD87-DD76-41C0-B187-4810649FA836}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{F8029F98-1FAF-41DD-BB0E-81A917FAA6BC}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{F86EF589-3286-40BF-9F96-0087D74840AC}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{F8FD66D7-EFAD-4004-BBCD-D8C63E67E2C5}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{FA437060-B5A0-48C7-9787-92BCB2DA3DC5}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{FAA31AE1-5812-41E8-89AD-DC9CC1D0A0E5}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{FC76D89E-3454-4B15-8B3C-CE605CB6B46A}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{FD34AA0F-E307-4155-999B-FA8744349A1A}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{FD5DE40D-0975-434E-A2EE-5DE0EF936CCF}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{FE8CA3D2-1140-449B-B495-81AD217D02D8}
Successfully deleted: [Empty Folder] C:\Users\MA RIA\appdata\local\{FF593722-D5EB-4FA8-9698-1EDBE50A649C}

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ‰¬¨ 23/06/2013 at 22:58:48,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Corrine · June 23, 2013, 08:40:11 PM

Fantastic! You can delete Junkware Removal Tool from your desktop and do the following to uninstall AdwCleaner. (Yes, both are great tools but they do have updates so no sense keeping an old copy around.)

Please do the following to uninstall AdwCleaner.

Double-click AdwCleaner.exe to run the tool.
Click Uninstall
Confirm with yes

Even though you've heard my "words of wisdom" ;) in the past, feel free to refer to the Safe Computing Practices and other recommendations in this updated copy of "So how did I get infected in the first place?".