Chrome hijacked by Delta Search

[claiidd]

Google Chrome taken over by Delta Search redirect.

Avast gave me 4 files that "could not be scanned" and they appear to be malware, however I cannot move to the chest.

Thanks!

[MrCharlie]

Welcome to the forum, please start at the link below:

http://forums.malwar...?showtopic=9573

Post back the 2 logs here.....DDS.txt and Attach.txt

(please don't put logs in code or quotes)

P2P Warning:

If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

<====><====><====><====><====><====><====><====>

Next................

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes)

MrC

Note:

Please read all of my instructions completely including these.

Make sure you're subscribed to this topic:

Click on the

Follow This Topic Button

(at the top right of this page), make sure that the

Receive notification

box is checked and that it is set to

Instantly

Removing malware can be unpredictable

...things can go very wrong!

Backup

any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>

Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>

Please stick with me until I give you the "all clear" and

Please don't waste my time by leaving before that

.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

[claiidd]

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.21.2

Run by CRAIG at 11:44:18 on 2013-05-17

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3539.1660 [GMT -6:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Online Armor Firewall *Disabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_450b431403c091e3\STacSV.exe

C:\Program Files\Online Armor\OAcat.exe

C:\Program Files\Online Armor\oasrv.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe

c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe

C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe

C:\Program Files\Flip Video\FlipShare\FlipShareService.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe

C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe

C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Brother\ControlCenter3\brccMCtl.exe

C:\Program Files\Brother\Brmfcmon\BrMfimon.exe

C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Online Armor\oaui.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Online Armor\OAhlp.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Schwab\StreetSmart Edge\QuickLaunch.exe

C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe

C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

C:\Windows\system32\igfxext.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Wat\WatUX.exe

C:\Program Files\Intuit\QuickBooks 2009\qbw32.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://yahoo.com/

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Fast Free Converter 4.1: {8232785C-5C98-4A6E-B7B4-911FFBED7582} - c:\program files\fast free converter\fastfreeconverter\FastFreeConverter.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: WinZip Courier BHO: {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - c:\program files\winzip courier\wzwmcie.dll

BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - c:\program files\delta\delta\1.8.16.16\bh\delta.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: avast! Ad Blocker: {FFCB3198-32F3-4E8B-9539-4324694ED663} - c:\program files\avast software\avast! ad blocker ie\Adblocker32.dll

TB: Upromise TurboSaver: {06E58E5E-F8CB-4049-991E-A41C03BD419E} -

TB: Upromise TurboSaver: {06E58E5E-F8CB-4049-991E-A41C03BD419E} -

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll

TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} -

uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe

uRun: [eFax 4.4] "c:\program files\efax messenger 4.4\J2GDllCmd.exe" /R

uRun: [QuickLaunch] c:\program files\schwab\streetsmart edge\QuickLaunch.exe

uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_7_700_169_ActiveX.exe -update activex

mRun: [Apoint] c:\program files\delltpad\Apoint.exe

mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe

mRun: [DellControlPoint] "c:\program files\dell\dell controlpoint\Dell.ControlPoint.exe"

mRun: [DellConnectionManager] "c:\program files\dell\dell controlpoint\connection manager\Dell.UCM.exe"

mRun: [ChangeTPMAuth] c:\program files\wave systems corp\common\ChangeTPMAuth.exe /T:NTRU12

mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe

mRun: [uSCService] c:\program files\dell\dell controlpoint\security manager\BcmDeviceAndTaskStatusService.exe

mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"

mRun: [brMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN

mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun

mRun: [brStsWnd] c:\program files\brownie\BrstsWnd.exe Autorun

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot

mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"

mRun: [indexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"

mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\11\config\ereg\Ereg.ini"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

mRun: [@OnlineArmor GUI] "c:\program files\online armor\oaui.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

StartupFolder: c:\users\craig\appdata\roaming\micros~1\windows\startm~1\programs\startup\efax44~1.lnk - c:\program files\efax messenger 4.4\J2GTray.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dellco~1.lnk - c:\program files\dell\dell controlpoint\system manager\DCPSysMgr.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\intuit~1.lnk - c:\program files\common files\intuit\dataprotect\IntuitDataProtect.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~2.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\intuit\quickbooks 2009\QBW32.EXE

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: EnableShellExecuteHooks = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

Trusted Zone: advisoryworld.com

Trusted Zone: schwabintsitutional.com

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\157756374775966496 : DHCPNameServer = 192.168.9.1 64.134.255.2 64.134.255.10

TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\16474777966696 : DHCPNameServer = 192.168.5.1

TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\265656B6D616E6 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\3425149474D20534F5E4564777F627B6 : DHCPNameServer = 66.118.220.37 66.118.220.38

TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\3456461627336303 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{7AB33C30-1CBB-40AB-A4A7-AE8AEF573132}\34F607075627541676C656 : DHCPNameServer = 68.105.28.12 68.105.29.12 68.105.28.11

TCP: Interfaces\{D7D7965B-28EC-4EA1-B211-FBBFD5AFE895} : DHCPNameServer = 192.168.1.1

Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - c:\program files\intuit\quickbooks 2009\HelpAsyncPluggableProtocol.dll

Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: igfxcui - igfxdev.dll

SSODL: WebCheck - <orphaned>

SEH: OA Shell Helper - {4F07DA45-8170-4859-9B5F-037EF2970034} - c:\program files\online armor\oaevent.dll

LSA: Authentication Packages = msv1_0 wvauth

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\craig\appdata\roaming\mozilla\firefox\profiles\l75bkxec.default\

FF - prefs.js: browser.search.selectedEngine - Delta Search

FF - prefs.js: browser.startup.homepage - hxxp://www1.delta-search.com/?affID=119351&tt=gc_150213_alt&babsrc=HP_ss&mntrId=C24F0024D667F5C5

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_169.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.delta.tlbrSrchUrl -

FF - user.js: extensions.delta.id - c24f22b30000000000000024d667f5c5

FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

FF - user.js: extensions.delta.instlDay - 15841

FF - user.js: extensions.delta.vrsn - 1.8.16.16

FF - user.js: extensions.delta.vrsni - 1.8.16.16

FF - user.js: extensions.delta.vrsnTs - 1.8.16.169:38:48

FF - user.js: extensions.delta.prtnrId - delta

FF - user.js: extensions.delta.prdct - delta

FF - user.js: extensions.delta.aflt - babsst

FF - user.js: extensions.delta.smplGrp - none

FF - user.js: extensions.delta.tlbrId - base

FF - user.js: extensions.delta.instlRef - sst

FF - user.js: extensions.delta.dfltLng - en

FF - user.js: extensions.delta.excTlbr - false

FF - user.js: extensions.delta.ffxUnstlRst - true

FF - user.js: extensions.delta.admin - false

FF - user.js: extensions.delta.autoRvrt - false

FF - user.js: extensions.delta.rvrt - false

FF - user.js: extensions.delta.newTab - false

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-8 49248]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-11-19 765736]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-11-19 368176]

R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2012-11-22 208320]

R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [2012-11-22 44992]

R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2012-11-22 27648]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-11-19 29816]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-11-19 66336]

R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-3-8 45248]

R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\dell\dell controlpoint\DCPButtonSvc.exe [2009-4-27 293968]

R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2009-7-16 382752]

R2 FastFreeConverterUpdt;FastFreeConverterUpdt;c:\program files\fast free converter\FastFreeConverterUpdt.exe [2012-11-26 687104]

R2 FlipShareServer;FlipShare Server;c:\program files\flip video\flipshareserver\FlipShareServer.exe [2011-5-6 1085440]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-21 418376]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-11-21 701512]

R2 OAcat;Online Armor Helper Service;c:\program files\online armor\oacat.exe [2012-11-23 216072]

R2 QBVSS;QBIDPService;c:\program files\common files\intuit\dataprotect\QBIDPService.exe [2012-3-14 1248256]

R2 SMManager;Smith Micro Connection Manager Service;c:\program files\dell\dell controlpoint\connection manager\SMManager.exe [2009-10-5 76288]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2010-1-15 260648]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-1-15 122368]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-11-21 22856]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-5-17 40776]

R3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2010-1-15 6114816]

R3 OAnet;OnlineArmor Service;c:\windows\system32\drivers\OAnet.sys [2012-11-22 31768]

S2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2009-5-15 1803512]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 acpials;ALS Sensor Filter;c:\windows\system32\drivers\acpials.sys [2009-7-14 7680]

S3 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-8 164736]

S3 BrSerIb;Brother MFC Serial Interface Driver(WDM);c:\windows\system32\drivers\BrSerIb.sys [2009-7-13 265088]

S3 BrUsbSIb;Brother MFC Serial USB Driver(WDM);c:\windows\system32\drivers\BrUsbSIb.sys [2009-7-13 11904]

S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088]

S3 rimspci;rimspci;c:\windows\system32\drivers\rimspe86.sys [2010-1-15 47104]

S3 risdpcie;risdpcie;c:\windows\system32\drivers\risdpe86.sys [2010-1-15 49152]

S3 rixdpcie;rixdpcie;c:\windows\system32\drivers\rixdpe86.sys [2010-1-15 38400]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-2 52224]

.

=============== Created Last 30 ================

.

2013-05-16 15:54:10 -------- d-----w- c:\program files\File Type Helper

2013-05-16 15:53:54 -------- d-----w- c:\program files\Fast Free Converter

2013-05-16 15:38:41 -------- d-----w- c:\program files\Delta

2013-05-16 15:38:35 -------- d-----w- c:\users\craig\appdata\roaming\Delta

2013-05-16 15:37:12 -------- d-----w- c:\users\craig\appdata\roaming\Babylon

2013-05-16 15:37:12 -------- d-----w- c:\programdata\Babylon

2013-05-16 15:37:11 -------- d-----w- c:\users\craig\appdata\roaming\DSite

2013-05-09 09:45:13 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{a632f45e-fc5a-4e90-96dd-c153f5f4d218}\offreg.dll

2013-05-09 09:43:34 6906960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{a632f45e-fc5a-4e90-96dd-c153f5f4d218}\mpengine.dll

2013-04-23 14:14:21 -------- d-----w- c:\users\craig\appdata\local\{64055D0C-098C-4A12-9616-954173DC0FD8}

2013-04-19 02:38:46 -------- d-----w- c:\program files\MSECache

.

==================== Find3M ====================

.

2013-04-28 14:54:24 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-04-28 14:54:24 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-04-17 14:49:42 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-04-17 14:49:36 866720 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-04-17 14:49:36 788896 ----a-w- c:\windows\system32\deployJava1.dll

2013-04-04 20:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-06 23:33:24 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-03-06 23:33:24 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2013-03-06 23:33:24 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2013-03-06 23:33:23 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-03-06 23:33:23 60656 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2013-03-06 23:32:51 41664 ----a-w- c:\windows\avastSS.scr

.

============= FINISH: 11:49:16.18 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 3/19/2010 2:30:50 PM

System Uptime: 5/17/2013 8:41:20 AM (3 hours ago)

.

Motherboard: Dell Inc. | | 0DW634

Processor: Intel® Core2 Duo CPU P8700 @ 2.53GHz | Microprocessor | 2535/266mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 232 GiB total, 62.947 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP803: 4/17/2013 8:47:16 AM - Installed Java 7 Update 21

RP804: 5/4/2013 10:54:08 PM - Scheduled Checkpoint

RP805: 5/10/2013 2:43:29 PM - Installed StreetSmart Edge

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

401(k) Easy

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.6)

Adobe SVG Viewer 3.0

All Day Battery Life Configuration

Apple Application Support

Apple Mobile Device Support

Apple Software Update

AuthenTec Fingerprint Software

avast! Ad Blocker

avast! Free Antivirus

BioAPI Framework

Bonjour

Broadcom NetXtreme-I Netlink Driver and Management Installer

Brother HL-3070CW

Brother MFL-Pro Suite

Brother MFL-Pro Suite MFC-9320CW

Canon RAW Image Task for ZoomBrowser EX

Canon Utilities CameraWindow

Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX

Canon Utilities Digital Photo Professional 3.4

Canon Utilities EOS Utility

Canon Utilities MyCamera

Canon Utilities Original Data Security Tools

Canon Utilities PhotoStitch

Canon Utilities Picture Style Editor

Canon Utilities RemoteCapture Task for ZoomBrowser EX

Canon Utilities WFT-E1/E2/E3 Utility

Canon Utilities ZoomBrowser EX

Canon ZoomBrowser EX Memory Card Utility

D3DX10

DCP32MMWrapper

Dell Control Point

Dell ControlPoint Connection Manager

Dell ControlPoint Security Manager

Dell ControlPoint System Manager

Dell Edoc Viewer

Dell Embassy Trust Suite by Wave Systems

Dell Security Device Driver Pack

Dell Touchpad

Delta toolbar

Document Manager Lite

eFax Messenger

EMBASSY Security Center

EMBASSY Security Setup

EOS USB WIA Driver

ESC Home Page Plugin

Fast Free Converter

FlipShare

Football Playbook v007

Gemalto

Google Chrome

Google Drive

Google Earth Plug-in

Google Update Helper

GoToMeeting 5.2.0.952

iCloud

Intel® Graphics Media Accelerator Driver

Intel® TV Wizard

Intel® Matrix Storage Manager

iTunes

Java 7 Update 21

Java Auto Updater

join.me

Junk Mail filter update

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Access 2002 Runtime

Microsoft Application Error Reporting

Microsoft Office 2007 Primary Interop Assemblies

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual Studio 2005 Tools for Office Runtime

Microsoft Works 6-9 Converter

Mozilla Firefox 19.0.2 (x86 en-US)

Mozilla Thunderbird 17.0.6 (x86 en-US)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB973685)

NTRU TCG Software Stack

Online Armor 5.5

PaperPort Image Printer

Play Designer Series 2012

PowerDVD DX

Preboot Manager

Private Information Manager

QuickBooks

QuickBooks Pro 2012

QuickTime

ScanSoft PaperPort 11

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition

Security Wizards

SO32MMWrapper

Spelling Dictionaries Support For Adobe Reader 9

StreetSmart Edge

SupportSoft Assisted Service

TouchCopy 09

Trusted Drive Manager

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

UPEK TouchChip Fingerprint Reader

Wave Infrastructure Installer

Wave Support Software

WebEx

Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (05/13/2009 8.4.2.0)

Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Player Firefox Plugin

WinZip 16.0

WinZip Courier

.

==== Event Viewer Messages From Past Week ========

.

5/17/2013 8:43:15 AM, Error: Service Control Manager [7034] - The AuthenTec Fingerprint Service service terminated unexpectedly. It has done this 1 time(s).

5/17/2013 8:42:20 AM, Error: Service Control Manager [7001] - The NTRU TSS v1.2.1.29 TCS service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully.

5/17/2013 8:42:12 AM, Error: Service Control Manager [7000] - The sbapifs service failed to start due to the following error: The system cannot find the file specified.

5/17/2013 8:37:48 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

5/17/2013 8:20:07 AM, Error: Service Control Manager [7034] - The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).

5/16/2013 9:54:03 AM, Error: Service Control Manager [7030] - The FastFreeConverterUpdt service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

5/16/2013 8:55:46 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

5/16/2013 7:39:30 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

5/16/2013 12:57:55 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: Access is denied.

5/16/2013 1:28:09 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the FlipShare Service service to connect.

5/16/2013 1:28:09 PM, Error: Service Control Manager [7000] - The FlipShare Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

5/15/2013 7:32:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FlipShare Service service.

5/15/2013 12:44:53 AM, Error: Service Control Manager [7034] - The Google Update Service (gupdate) service terminated unexpectedly. It has done this 2 time(s).

5/14/2013 10:43:59 AM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

5/13/2013 3:57:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

5/12/2013 4:52:20 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.

.

==== End Of File ===========================

[claiidd]

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version

Started in : Normal mode

User : CRAIG [Admin rights]

Mode : Scan -- Date : 05/17/2013 11:59:51

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500BEVT-75ZCT2 +++++

--- User ---

[MBR] d85e28f24e6b15457e4402eecee0e541

[bSP] 03f896d43fd327991aba875e0b041025 : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 86 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 178176 | Size: 750 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1714176 | Size: 237637 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_05172013_02d1159.txt >>

RKreport[1]_S_05172013_02d1159.txt

[MrCharlie]

Uninstall these from your add/remove programs if you can:

Fast Free Converter

Delta toolbar

Then............

Please download AdwCleaner from here and save it on your Desktop.

AdwCleaner is a reliable removal tool for Adware, Foistware, toolbars and potentially unwanted programs.

AdwCleaner is a tool that deletes :

· Adwares (software ads)

· PUP/LPI (Potentially Undesirable Program)

· Toolbars

· Hijacker (Hijack of the browser's homepage)

It works with a Search and Deletion method. It can be easily uninstalled using the "Uninstall" mode.

1. Right-click on adwcleaner.exe and select Run As Administrator (for XP just double click) to launch the application.
   
2. Now click on the Search tab.
   
3. Please post the contents of the log-file created in your next post.
   

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

Note:

Please look over what was found......especially any folders, we're going to permanently delete it all in the next step....if there's something you may want to keep...please let me know and I'll explain to why it shouldn't be on your system.

If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.

Please note that Antivir Webguard uses ASK Toolbar as part of its web security. If you remove ASK by using Adwcleaner, Antivir Webguard will no longer work properly. Therefore, if you use this program please use the instructions below to access the options screen where you should enable /DisableAskDetections before using AdwCleaner.

You can click on the question mark (?) in the upper left corner of the program and then click on Options. You will then be presented with a dialog where you can disable various detections. These options are described below:

/DisableAskDetection - This option disables Ask Toolbar detection.

MrC

[claiidd]

I have tried to remove them, it will not let me.

[claiidd]

# AdwCleaner v2.301 - Logfile created 05/17/2013 at 14:25:38

# Updated 16/05/2013 by Xplode

# Operating system : Windows 7 Professional Service Pack 1 (32 bits)

# User : CRAIG - CRAIG-PC

# Boot Mode : Normal

# Running from : C:\Users\CRAIG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LTFKL85K\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

File Found : C:\END

File Found : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\searchplugins\Babylon.xml

File Found : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\searchplugins\delta.xml

Folder Found : C:\Program Files\Delta

Folder Found : C:\ProgramData\Babylon

Folder Found : C:\Users\CRAIG\AppData\Local\PackageAware

Folder Found : C:\Users\CRAIG\AppData\LocalLow\Delta

Folder Found : C:\Users\CRAIG\AppData\Roaming\Babylon

Folder Found : C:\Users\CRAIG\AppData\Roaming\Delta

Folder Found : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\extensions\ffxtlbr@delta.com

***** [Registry] *****

Key Found : HKCU\Software\BabylonToolbar

Key Found : HKCU\Software\DataMngr

Key Found : HKCU\Software\DataMngr_Toolbar

Key Found : HKCU\Software\Delta

Key Found : HKCU\Software\InstallCore

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{06E58E5E-F8CB-4049-991E-A41C03BD419E}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06E58E5E-F8CB-4049-991E-A41C03BD419E}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}

Key Found : HKCU\Software\YahooPartnerToolbar

Key Found : HKLM\SOFTWARE\84da8fb63ebe42

Key Found : HKLM\Software\Babylon

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}

Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe

Key Found : HKLM\SOFTWARE\Classes\CLSID\{06E58E5E-F8CB-4049-991E-A41C03BD419E}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}

Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore

Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore.1

Key Found : HKLM\SOFTWARE\Classes\delta.deltadskBnd

Key Found : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1

Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr

Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1

Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane

Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1

Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc

Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1

Key Found : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}

Key Found : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}

Key Found : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}

Key Found : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}

Key Found : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}

Key Found : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}

Key Found : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}

Key Found : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}

Key Found : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}

Key Found : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}

Key Found : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}

Key Found : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}

Key Found : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}

Key Found : HKLM\SOFTWARE\Classes\Prod.cap

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Found : HKLM\Software\DataMngr

Key Found : HKLM\Software\Delta

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta

Key Found : HKU\S-1-5-21-2270400815-616284404-3630716744-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{06E58E5E-F8CB-4049-991E-A41C03BD419E}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{06E58E5E-F8CB-4049-991E-A41C03BD419E}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\CRAIG\AppData\Roaming\Mozilla\Firefox\Profiles\l75bkxec.default\prefs.js

Found : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?affID=119351&tt=gc_150213_alt&babsrc=[...]

Found : user_pref("browser.search.selectedEngine", "Delta Search");

Found : user_pref("browser.startup.homepage", "hxxp://www1.delta-search.com/?affID=119351&tt=gc_150213_alt&b[...]

Found : user_pref("extensions.delta.admin", false);

Found : user_pref("extensions.delta.aflt", "babsst");

Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

Found : user_pref("extensions.delta.autoRvrt", "false");

Found : user_pref("extensions.delta.dfltLng", "en");

Found : user_pref("extensions.delta.excTlbr", false);

Found : user_pref("extensions.delta.ffxUnstlRst", true);

Found : user_pref("extensions.delta.id", "c24f22b30000000000000024d667f5c5");

Found : user_pref("extensions.delta.instlDay", "15841");

Found : user_pref("extensions.delta.instlRef", "sst");

Found : user_pref("extensions.delta.newTab", false);

Found : user_pref("extensions.delta.prdct", "delta");

Found : user_pref("extensions.delta.prtnrId", "delta");

Found : user_pref("extensions.delta.rvrt", "false");

Found : user_pref("extensions.delta.smplGrp", "none");

Found : user_pref("extensions.delta.tlbrId", "base");

Found : user_pref("extensions.delta.tlbrSrchUrl", "");

Found : user_pref("extensions.delta.vrsn", "1.8.16.16");

Found : user_pref("extensions.delta.vrsnTs", "1.8.16.169:38:48");

Found : user_pref("extensions.delta.vrsni", "1.8.16.16");

-\\ Google Chrome v26.0.1410.64

File : C:\Users\CRAIG\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.2426] : homepage = "hxxp://www1.delta-search.com/?affID=119351&tt=gc_150213_alt&babsrc=HP_ss&mntrId=C24F0024D667F5C5",

Found [l.3017] : urls_to_restore_on_startup = [ "hxxp://www1.delta-search.com/?affID=119351&tt=gc_150213_alt&babsrc=HP_ss&mntrId=C24F0024D667F5C5" ]

*************************

AdwCleaner[R1].txt - [7113 octets] - [21/11/2012 19:53:51]

AdwCleaner[R2].txt - [7173 octets] - [21/11/2012 20:12:02]

AdwCleaner[R3].txt - [1143 octets] - [06/12/2012 09:45:25]

AdwCleaner[R4].txt - [9183 octets] - [17/05/2013 14:25:38]

AdwCleaner[s1].txt - [7337 octets] - [21/11/2012 20:12:43]

########## EOF - C:\AdwCleaner[R4].txt - [9303 octets] ##########

[MrCharlie]

How is it???

If there's still a problem....

First make sure you have the latest version of Chrome:

Open up Chrome > Click on the 3 bars in the upper right hand corner

Click on About Google Chrome

If there's an update available it will automatically update

Next:

Go to Tools > Clear Browser Data

Put a check next to all of these:

1. Clear browsing history
   
2. Clear download history
   
3. Empty the cache
   

Click "Clear Browsing Data"

-------------------------------

Next:

Click the Chrome menu on the browser toolbar.

Select Settings.

In the "Search" section, click Manage search engines.

Check if (Default) is displayed next to your preferred search engine. If not, mouse over it and click Make default.

Mouse over any other suspicious search engine entries that are not familiar and click X to remove them.

-------------------------------------

Click the Chrome menu .

Select Settings.

In the "On startup" section, select Open a specific page or set of pages.

Click Set pages. (in blue to the right)

Remove any unfamiliar pages.

-----------------------

Click the Chrome menu .

Select Settings.

In the "Appearance" section, if the "Show Home button" checkbox is selected, see if the page listed below is the home page you’d like to use.

If the page isn't the home page you'd like to use, click Change and select your preferred page.

MrC

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!