Boards.ie uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Click here to find out more x
Post Reply  
 
 
Thread Tools Search this Thread
04-03-2012, 14:11   #1
Suas11
Registered User
 
Join Date: Nov 2011
Posts: 1,711
How to get rid of Babylon?

I recently downloaded Babylon and have tried to uninstall it.

I'm using Windows 7 as my operating system, if that's any help. I've tried everything but Babylon is still set as the home page on Firefox. I went to the control panel and have changed the home page to Google. However, when I open up Firefox again, Babylon is still the home page. Even though the control panel still says that Google is set as the home page.

I've gone to Tools and Add-ons and deleted Babylon there and I've also gone to Add Or Remove Programs to delete it there too. However, I'm still stuck with Babylon as my search engine.

Do any of you know what I can do to fix this? Any help would be appreciated.
Suas11 is offline  
Advertisement
04-03-2012, 18:09   #2
ASJ112
Banned
 
Join Date: Jan 2010
Posts: 1,155
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files here
ASJ112 is offline  
Thanks from:
04-03-2012, 21:29   #3
Suas11
Registered User
 
Join Date: Nov 2011
Posts: 1,711
OTL logfile created on: 3/4/2012 9:21:59 PM - Run 1
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Users\Richard\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

3.93 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 52.14% Memory free
7.86 Gb Paging File | 5.58 Gb Available in Paging File | 71.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.87 Gb Total Space | 58.17 Gb Free Space | 12.96% Space Free | Partition Type: NTFS
Drive D: | 16.60 Gb Total Space | 2.70 Gb Free Space | 16.29% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 95.15 Mb Free Space | 96.09% Space Free | Partition Type: FAT32
Drive F: | 5.93 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 148.79 Gb Total Space | 33.35 Gb Free Space | 22.41% Space Free | Partition Type: FAT32

Computer Name: RICHARD-PC | User Name: Richard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/04 21:21:34 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Richard\Downloads\OTL.exe
PRC - [2012/02/16 14:55:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/11/07 09:13:24 | 000,235,232 | ---- | M] () -- C:\Program Files (x86)\PC Speed Up\PCSUService.exe
PRC - [2011/10/26 18:48:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2011/08/28 17:51:20 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/08/04 04:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccsvchst.exe
PRC - [2011/07/28 23:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/06/15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/05/17 14:01:54 | 000,032,849 | ---- | M] (MyWebSearch.com) -- C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSOEMON.EXE
PRC - [2011/05/17 14:01:54 | 000,028,762 | ---- | M] (MyWebSearch.com) -- C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSSVC.EXE
PRC - [2011/05/16 10:22:26 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
PRC - [2011/05/15 22:01:44 | 000,478,720 | ---- | M] (Crossrider) -- C:\Program Files (x86)\CrossriderWebApps\Crossrider.exe
PRC - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/10/27 20:21:54 | 001,155,072 | ---- | M] (Last.fm) -- C:\Program Files (x86)\Last.fm\LastFM.exe
PRC - [2010/06/26 17:09:18 | 000,167,936 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files (x86)\Freecorder\FLVSrvc.exe
PRC - [2010/01/15 12:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/22 09:17:04 | 000,225,280 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2009/12/22 09:13:06 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2009/10/06 06:08:42 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/09/04 20:35:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/08/26 01:34:30 | 000,015,544 | R--- | M] () -- C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
PRC - [2008/11/09 20:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/07/24 18:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/16 14:55:34 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/02/14 21:01:26 | 000,079,872 | ---- | M] () -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\RadioWMPCoreGecko10.dll
MOD - [2011/08/22 00:18:06 | 000,925,696 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2011/08/12 15:58:26 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/07/28 23:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 23:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/04 03:51:59 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Java\jre6\bin\jp2native.dll
MOD - [2010/10/27 20:23:04 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Last.fm\srv_rtaudioplayback.dll
MOD - [2010/10/27 20:22:52 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Last.fm\ext_messengernotify.dll
MOD - [2010/10/27 20:22:42 | 000,058,880 | ---- | M] () -- C:\Program Files (x86)\Last.fm\ext_skypenotify.dll
MOD - [2010/10/27 20:22:08 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Last.fm\srv_madtranscode.dll
MOD - [2010/10/27 20:22:00 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Last.fm\srv_httpinput.dll
MOD - [2010/10/27 20:19:28 | 000,372,736 | ---- | M] () -- C:\Program Files (x86)\Last.fm\LastFmFingerprint1.dll
MOD - [2010/10/27 20:19:06 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Last.fm\breakpad.dll
MOD - [2010/10/27 20:18:50 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Last.fm\Moose1.dll
MOD - [2010/10/27 20:18:34 | 000,540,672 | ---- | M] () -- C:\Program Files (x86)\Last.fm\LastFmTools1.dll
MOD - [2010/10/27 20:13:52 | 001,382,507 | ---- | M] () -- C:\Program Files (x86)\Last.fm\libfftw3f-3.dll
MOD - [2010/10/27 20:13:52 | 000,074,240 | ---- | M] () -- C:\Program Files (x86)\Last.fm\zlibwapi.dll
MOD - [2009/10/06 06:08:38 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009/08/26 01:34:30 | 000,015,544 | R--- | M] () -- C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
MOD - [2009/08/20 19:35:48 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2009/08/20 19:35:46 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2009/08/20 19:35:46 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2008/04/16 16:42:30 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtNetwork4.dll
MOD - [2008/04/16 16:42:16 | 000,524,288 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtSql4.dll
MOD - [2008/04/16 16:42:02 | 006,701,056 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtGui4.dll
MOD - [2008/04/16 16:36:38 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtXml4.dll
MOD - [2008/04/16 16:36:34 | 001,654,784 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtCore4.dll
MOD - [2008/04/02 13:26:50 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\Last.fm\imageformats\qmng4.dll
MOD - [2008/04/02 13:26:34 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Last.fm\imageformats\qgif4.dll
MOD - [2008/04/02 13:26:28 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Last.fm\imageformats\qjpeg4.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/18 17:05:05 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/09/18 17:05:05 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2009/09/04 20:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/14 01:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 20:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV - [2011/11/07 09:13:24 | 000,235,232 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\PC Speed Up\PCSUService.exe -- (PCSUService)
SRV - [2011/10/12 17:06:48 | 004,700,824 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2011/09/09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/08/04 04:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccSvcHst.exe -- (N360)
SRV - [2011/07/07 18:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/05/17 14:01:54 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/07/28 21:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 12:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/12/22 09:17:04 | 000,225,280 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/22 20:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008/11/09 20:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/07/24 18:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/08/22 02:53:36 | 000,451,704 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symtdiv.sys -- (SYMTDIv)
DRV:64bit: - [2011/08/22 02:53:35 | 000,221,304 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/08/04 04:19:26 | 000,593,544 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\cchpx64.sys -- (ccHP)
DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 06:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 06:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/02 21:36:55 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/09/23 17:07:08 | 000,907,904 | ---- | M] (ITE Technologies ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AF9035HB.sys -- (AF9035HB)
DRV:64bit: - [2010/09/18 17:05:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/08/19 12:06:59 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/04/29 05:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/04/28 07:57:50 | 000,061,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/04/22 02:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/04/22 02:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010/04/09 15:24:32 | 000,076,288 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2010/04/07 17:05:00 | 000,250,368 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2010/03/25 10:08:46 | 000,120,704 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010/03/20 11:56:56 | 000,114,560 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2009/10/15 03:50:05 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symds64.sys -- (SymDS)
DRV:64bit: - [2009/10/13 10:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/10/13 03:00:52 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/10/03 03:58:12 | 000,258,560 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/09/17 20:56:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/09/17 20:56:16 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/09/17 20:56:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/09/17 20:56:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/08/22 09:54:04 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/08/15 06:54:54 | 000,286,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/21 03:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 01:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 01:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 23:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/08 20:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 20:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/29 18:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009/06/10 21:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 21:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 21:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 20:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 20:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 20:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 22:17:08 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/29 16:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2011/10/14 23:10:08 | 001,155,704 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20111027.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/10/11 00:54:30 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20111103.024\EX64.SYS -- (NAVEX15)
DRV - [2011/10/11 00:54:30 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/10/11 00:54:30 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20111103.024\ENG64.SYS -- (NAVENG)
DRV - [2011/10/10 13:48:26 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20111103.030\IDSviA64.sys -- (IDSVia64)
DRV - [2011/07/28 21:49:05 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPALL/27
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPALL/27
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear...}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{DB9D82E5-9DE0-4F95-9125-C03E079CE5EA}: "URL" = http://www.bing.com/search?q={search...c=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPALL/27
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPALL/27
IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFre0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebs...r={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear...}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt...ctid=CT1060933
IE - HKLM\..\SearchScopes\{DB9D82E5-9DE0-4F95-9125-C03E079CE5EA}: "URL" = http://www.bing.com/search?q={search...c=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ie.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ie
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFre0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\YTNavAssist.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?cl...B-C07DBEBB9E4D
IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebs...r={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear...rlz=1I7RNRN_en
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt...ctid=CT1060933
IE - HKCU\..\SearchScopes\{DB9D82E5-9DE0-4F95-9125-C03E079CE5EA}: "URL" = http://www.bing.com/search?q={search...c=IE-SearchBox
IE - HKCU\..\SearchScopes\{F29AC30C-6A0B-4F6D-B6AE-9C72B9DCCBCB}: "URL" = http://www.google.co.uk/search?hl=en...rlz=1I7RNRN_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?AF=100888&babsrc=HP_ss&mntrId=829692e200000000000078e4003bfc1c"
FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVfox000&ptnrS=ZVfox000&ptb=dtAjk5pBq_7hYSmLDkOcww&ind=2010102118&n=77cfb966&psa=&st=kwd&searchfor="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVfox000&ptb=dtAjk5pBq_7hYSmLDkOcww&ind=2010102118&ptnrS=ZVfox000&si=&n=77cfb966&psa=&st=kwd&searchfor="


FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files (x86)\MyWebSearch\bar\3.bin\NPMyWebS.dll (MyWebSearch.com)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Richard\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.630.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\3.bin [2011/10/12 15:52:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011/07/20 22:33:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2012/03/04 18:26:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/10/11 04:36:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp435@crossrider.com: C:\ProgramData\CodecCheck\firefox [2011/09/27 21:48:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/04 14:22:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/28 22:41:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/04 14:22:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/28 22:41:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/04 14:22:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/28 22:41:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/04 14:22:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/28 22:41:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/04 14:22:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/28 22:41:32 | 000,000,000 | ---D | M]

[2010/07/29 22:21:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Richard\AppData\Roaming\Mozilla\Extensions
[2012/03/04 14:23:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions
[2011/12/29 15:43:57 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2012/02/15 02:35:56 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2012/01/25 17:52:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/01/15 13:25:29 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011/08/09 20:14:20 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\engine@conduit.com
[2012/03/04 01:39:08 | 000,000,000 | ---D | M] (TheBflix) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\info@bflix.info
[2011/10/12 15:52:13 | 000,000,000 | ---D | M] (My Web Search) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\m3ffxtbr@mywebsearch.com
[2011/05/21 21:09:27 | 000,002,397 | ---- | M] () -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\searchplugins\askcom.xml
[2012/01/05 22:38:02 | 000,000,000 | ---- | M] () -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\searchplugins\mywebsearch.xml
[2012/03/04 14:22:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/10/08 00:59:57 | 000,000,000 | ---D | M] (QueryExplorer) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}
[2012/02/16 14:55:34 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/26 18:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/02/16 11:08:43 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/03/03 23:03:57 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/02/16 10:48:01 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/16 11:08:43 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/02/16 11:08:43 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/02/16 11:08:43 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========


O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFre0.dll (Conduit Ltd.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (CrossRider) - {A876E312-7D08-401a-B7A6-FAFC5DC2F292} - C:\Program Files (x86)\CrossriderWebApps\Crossrider.dll ()
O2 - BHO: (TheBflix Class) - {AA58B172-0968-404D-B9E9-816FAA3C8D37} - C:\ProgramData\TheBflix\bhoclass.dll (Injector)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files (x86)\Freecorder\prxtbFre0.dll (Conduit Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files (x86)\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [CrossRiderPlugin] C:\Program Files (x86)\CrossriderWebApps\Crossrider.exe (Crossrider)
O4 - HKCU..\Run: [DriverScanner] C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [MyWebSearch Email Plugin] C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKCU..\Run: [NortonUpdateAgent] C:\ProgramData\Norton\NUA.exe (Symantec Corporation)
O4 - HKCU..\Run: [osmwacexrn.exe] "C:\Users\Richard\AppData\Local\Temp\osmwacexrn.exe" File not found
O4 - HKCU..\Run: [PCSpeedUp] C:\Program Files (x86)\PC Speed Up\PCSpeedUp.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{224866B8-33AA-4FA8-B959-6A7BFA1C7AB2}: NameServer = 62.40.32.33 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{387AAA8E-EF3D-4123-AED2-64416C4FCD3F}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CBE6DDE-21F0-4694-8BC3-77F341F0F860}: NameServer = 62.40.32.33 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9FA2DB8B-5B6B-43C2-9E09-932B7FF0314D}: NameServer = 62.40.32.33 8.8.8.8
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{126d96ba-ad9f-11e0-80c9-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{126d96ba-ad9f-11e0-80c9-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{331bd6a6-a026-11df-be90-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{331bd6a6-a026-11df-be90-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{331bd6a8-a026-11df-be90-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{331bd6a8-a026-11df-be90-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{33cd20c3-ada1-11e0-9f57-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{33cd20c3-ada1-11e0-9f57-78e4003bfc1c}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{5d6b7fcd-37f9-11e1-842b-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{5d6b7fcd-37f9-11e1-842b-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{709be54d-9fc9-11df-98a7-c599a5451fd3}\Shell - "" = AutoRun
O33 - MountPoints2\{709be54d-9fc9-11df-98a7-c599a5451fd3}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{91761bbb-9b69-11df-a4f2-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{91761bbb-9b69-11df-a4f2-78e4003bfc1c}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{91761bbf-9b69-11df-a4f2-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{91761bbf-9b69-11df-a4f2-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{91761be0-9b69-11df-a4f2-a1dd241c997f}\Shell - "" = AutoRun
O33 - MountPoints2\{91761be0-9b69-11df-a4f2-a1dd241c997f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{91761be3-9b69-11df-a4f2-a1dd241c997f}\Shell - "" = AutoRun
O33 - MountPoints2\{91761be3-9b69-11df-a4f2-a1dd241c997f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{91761be5-9b69-11df-a4f2-a1dd241c997f}\Shell - "" = AutoRun
O33 - MountPoints2\{91761be5-9b69-11df-a4f2-a1dd241c997f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{a78b1476-37dc-11e1-91b7-001e101fe5e1}\Shell - "" = AutoRun
O33 - MountPoints2\{a78b1476-37dc-11e1-91b7-001e101fe5e1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c1cd0f58-b48e-11e0-b546-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{c1cd0f58-b48e-11e0-b546-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c1cd0f64-b48e-11e0-b546-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{c1cd0f64-b48e-11e0-b546-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d62c08c0-232d-11e1-9945-70f3952b37a2}\Shell - "" = AutoRun
O33 - MountPoints2\{d62c08c0-232d-11e1-9945-70f3952b37a2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d62c08ed-232d-11e1-9945-70f3952b37a2}\Shell - "" = AutoRun
O33 - MountPoints2\{d62c08ed-232d-11e1-9945-70f3952b37a2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/04 13:33:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/03/03 23:03:53 | 000,000,000 | ---D | C] -- C:\Users\Richard\AppData\Local\Babylon
[2012/03/03 23:03:52 | 000,000,000 | ---D | C] -- C:\Users\Richard\AppData\Roaming\Babylon
[2012/03/03 23:03:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012/03/03 23:03:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TheBflix
[2012/03/03 23:03:35 | 000,000,000 | ---D | C] -- C:\ProgramData\TheBflix
[2012/02/08 21:46:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/02/08 21:45:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/02/08 21:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/04 20:29:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/04 18:43:20 | 000,001,940 | ---- | M] () -- C:\Users\Richard\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2012/03/04 18:38:15 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/04 18:38:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
[2012/03/04 18:33:30 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/04 18:33:30 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/04 18:26:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/04 18:26:00 | 604,622,042 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/03/04 18:26:00 | 3163,709,440 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/04 14:22:22 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/03/04 01:36:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRichard.job
[2012/03/03 23:04:20 | 000,000,237 | ---- | M] () -- C:\user.js
[2012/03/01 22:17:18 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/01 22:17:18 | 000,628,874 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/01 22:17:18 | 000,111,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/28 17:49:44 | 000,000,502 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Richard.job
[2012/02/17 01:31:17 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/02/16 15:37:48 | 000,000,510 | ---- | M] () -- C:\settings.ini
[2012/02/16 14:49:42 | 000,375,176 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/08 21:46:53 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/04 14:22:21 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/03/04 14:22:17 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/03/03 23:04:19 | 000,000,237 | ---- | C] () -- C:\user.js
[2012/02/16 15:37:48 | 000,000,510 | ---- | C] () -- C:\settings.ini
[2012/02/08 21:46:51 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/12/29 18:26:05 | 006,908,648 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2011/12/29 18:26:05 | 000,017,686 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2011/07/28 17:52:39 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\{F405DB5B-ED8E-4B61-A2BF-6F97862DEA20}
[2011/07/13 22:39:03 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\{936B24B9-02F5-4E6B-AD66-C8615F6B6B56}
[2011/07/13 22:34:35 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\{1280828D-7063-40CA-BF5A-AAD1C9F10C19}
[2011/07/12 19:06:28 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\{F88A05BE-1F1A-49AD-BDA1-A6866371CC26}
[2011/07/01 00:38:19 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\{E2CE062B-1DF6-4EE9-8543-A1E65859F7B3}
[2011/06/09 18:32:17 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\{172A2C70-F88F-4CB9-BBCA-93B55D748A5A}
[2011/06/04 14:58:26 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\{C00B7C07-393C-43C6-8E17-D3EB9D4677F7}
[2011/05/20 18:25:39 | 000,001,940 | ---- | C] () -- C:\Users\Richard\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/03/11 16:24:20 | 000,423,670 | ---- | C] () -- C:\Users\Richard\AppData\Local\tmpDAISY-LOWE-GQ-UK-APRIL-2011-04.0
[2011/03/11 16:24:20 | 000,150,374 | ---- | C] () -- C:\Users\Richard\AppData\Local\tmpDAISY-LOWE-GQ-UK-APRIL-2011-04.JPG
[2010/08/19 20:39:03 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/08/16 23:01:28 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/08/16 23:01:28 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/05/01 09:41:59 | 000,209,040 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll
[2010/05/01 09:41:59 | 000,204,944 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll
[2010/05/01 09:41:59 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll
[2010/05/01 09:41:59 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll
[2010/05/01 09:41:59 | 000,192,656 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll
[2010/05/01 09:41:59 | 000,024,720 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll
[2010/05/01 09:16:23 | 000,000,283 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/05/01 09:16:23 | 000,000,224 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini

========== LOP Check ==========

[2011/08/09 16:52:04 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\Azureus
[2012/03/03 23:03:52 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\Babylon
[2011/12/29 18:40:42 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\dBpoweramp
[2010/09/13 20:02:28 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\EA1248532AB50CF0CDEF927542709C48
[2011/10/11 04:36:09 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\FileHunter
[2011/10/16 19:20:00 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\GrabPro
[2011/12/29 15:43:01 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\OpenCandy
[2012/03/04 15:36:25 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\Orbit
[2010/09/10 22:39:44 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\PlayFirst
[2011/10/16 19:20:06 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\ProgSense
[2010/09/14 17:31:28 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\StoneLoopsWT
[2010/08/30 08:44:43 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\Tific
[2011/10/16 19:21:52 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\Uniblue
[2012/03/04 15:36:25 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\uTorrent
[2010/08/04 17:43:01 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\WildTangent
[2010/09/10 18:23:32 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\_MDLogs
[2012/03/04 18:38:15 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\DriverScanner.job
[2012/02/24 13:43:48 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >





OTL Extras logfile created on: 3/4/2012 9:21:59 PM - Run 1
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Users\Richard\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

3.93 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 52.14% Memory free
7.86 Gb Paging File | 5.58 Gb Available in Paging File | 71.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.87 Gb Total Space | 58.17 Gb Free Space | 12.96% Space Free | Partition Type: NTFS
Drive D: | 16.60 Gb Total Space | 2.70 Gb Free Space | 16.29% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 95.15 Mb Free Space | 96.09% Space Free | Partition Type: FAT32
Drive F: | 5.93 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 148.79 Gb Total Space | 33.35 Gb Free Space | 22.41% Space Free | Partition Type: FAT32

Computer Name: RICHARD-PC | User Name: Richard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86416015FF}" = Java(TM) 6 Update 15 (64-bit)
"{41BC9E31-0D39-462E-8E4C-767B21A3B1C3}" = MobileMe Control Panel
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5AC309D7-93D6-418F-8DCA-DD710724A5B4}" = Windows Live Family Safety
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java(TM) SE Development Kit 6 Update 15 (64-bit)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}" = HP 3D DriveGuard
"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology
"{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"6B8550A319DDC8B17F35F4A89988705E4592349B" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"PCSU-SL_is1" = PC Speed Up - Complete uninstall
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{16D0F2D2-242C-4885-BEF1-4B1655C141AE}" = Bing Bar
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 22
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2EBA8202-FBD5-4004-81EA-BDC38C054CE2}" = HP User Guides 0153
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{37476589-E48E-439E-A706-56189E2ED4C4}" = TheBflix
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{82A213BD-B6AA-4281-A2D3-59D51893CC56}" = HP MediaSmart Software Notebook Demo
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = VideoStudio
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"conduitEngine" = Conduit Engine
"Crossrider" = Crossrider Web Apps
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"DivX Setup" = DivX Setup
"EasyBits Magic Desktop" = Magic Desktop
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"facemoods" = Facemoods Toolbar
"Freecorder Toolbar" = Freecorder Toolbar
"Freecorder4.1" = Freecorder
"Google Chrome" = Google Chrome
"Graboid Video" = Graboid Video 2.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = Corel VideoStudio 12
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"LastFM_is1" = Last.fm 1.5.4.27091
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 10.0.2 (x86 en-GB)" = Mozilla Firefox 10.0.2 (x86 en-GB)
"MyWebSearch bar Uninstall" = My Web Search
"N360" = Norton 360
"NSS" = Norton Security Scan
"O2 Broadband" = O2 Broadband
"Orbit_is1" = Orbit Downloader
"QueryExplorer" = QueryExplorer 1.0 build 121
"RealPlayer 12.0" = RealPlayer
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.1
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WildTangent hp Master Uninstall" = HP Games
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite_Wave3" = Windows Live Essentials
"Xvid_is1" = Xvid 1.2.1 final uninstall
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
"YTdetect" = Yahoo! Detect

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2849135886.www.pcspeedup.com" = PCSpeedUp
"Winamp Detect" = Winamp Detector Plug-in
"Winamp Toolbar" = Winamp Toolbar
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/21/2011 9:42:50 PM | Computer Name = Richard-PC | Source = Bonjour Service | ID = 100
Description = 492: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 5/22/2011 5:58:26 PM | Computer Name = Richard-PC | Source = Bonjour Service | ID = 100
Description = 508: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 5/22/2011 5:58:26 PM | Computer Name = Richard-PC | Source = Bonjour Service | ID = 100
Description = 504: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 5/22/2011 5:58:26 PM | Computer Name = Richard-PC | Source = Bonjour Service | ID = 100
Description = 408: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 5/22/2011 6:02:19 PM | Computer Name = Richard-PC | Source = Bonjour Service | ID = 100
Description = 488: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 5/22/2011 6:02:19 PM | Computer Name = Richard-PC | Source = Bonjour Service | ID = 100
Description = 496: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 5/22/2011 6:02:19 PM | Computer Name = Richard-PC | Source = Bonjour Service | ID = 100
Description = 492: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 5/22/2011 6:07:17 PM | Computer Name = Richard-PC | Source = Bonjour Service | ID = 100
Description = 224: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 5/22/2011 6:07:17 PM | Computer Name = Richard-PC | Source = Bonjour Service | ID = 100
Description = 228: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 5/22/2011 6:07:17 PM | Computer Name = Richard-PC | Source = Bonjour Service | ID = 100
Description = 408: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

[ Hewlett-Packard Events ]
Error - 8/30/2010 7:35:21 AM | Computer Name = Richard-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081030123518.xml
File not created by asset agent

Error - 9/27/2010 5:00:25 PM | Computer Name = Richard-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091027100022.xml
File not created by asset agent

Error - 10/2/2010 12:12:03 PM | Computer Name = Richard-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\101002051200.xml
File not created by asset agent

Error - 11/13/2010 1:44:34 PM | Computer Name = Richard-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\111013054431.xml
File not created by asset agent

Error - 9/17/2011 2:28:00 PM | Computer Name = Richard-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091117072750.xml
File not created by asset agent

Error - 10/8/2011 3:59:03 PM | Computer Name = Richard-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\101108085853.xml
File not created by asset agent

Error - 10/15/2011 11:50:58 AM | Computer Name = Richard-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Object '/c7dd8c80_d8fa_4b4a_86d0_fc6fd27dd95e/loei8kdwhqwirfibcw5cf_u4_5.rem' has
been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 4022 Ram Utilization: 40 TargetSite: Void UpdateDetail(System.String)

Error - 11/12/2011 10:54:39 AM | Computer Name = Richard-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Object '/b308bcb8_e4f5_4025_9813_809d38a07872/hs7qfgtgncgujpo6toyl5psz_5.rem' has
been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 4022 Ram Utilization: 40 TargetSite: Void UpdateDetail(System.String)

[ Media Center Events ]
Error - 7/30/2011 5:47:55 PM | Computer Name = Richard-PC | Source = MCUpdate | ID = 0
Description = 22:47:55 - Error connecting to the internet. 22:47:55 - Unable
to contact server..

Error - 7/30/2011 5:48:09 PM | Computer Name = Richard-PC | Source = MCUpdate | ID = 0
Description = 22:48:00 - Error connecting to the internet. 22:48:00 - Unable
to contact server..

Error - 7/30/2011 6:48:14 PM | Computer Name = Richard-PC | Source = MCUpdate | ID = 0
Description = 23:48:14 - Error connecting to the internet. 23:48:14 - Unable
to contact server..

Error - 7/30/2011 6:48:19 PM | Computer Name = Richard-PC | Source = MCUpdate | ID = 0
Description = 23:48:19 - Error connecting to the internet. 23:48:19 - Unable
to contact server..

Error - 7/30/2011 7:48:51 PM | Computer Name = Richard-PC | Source = MCUpdate | ID = 0
Description = 00:48:51 - Error connecting to the internet. 00:48:51 - Unable
to contact server..

Error - 7/30/2011 7:48:57 PM | Computer Name = Richard-PC | Source = MCUpdate | ID = 0
Description = 00:48:56 - Error connecting to the internet. 00:48:56 - Unable
to contact server..

Error - 7/30/2011 8:49:01 PM | Computer Name = Richard-PC | Source = MCUpdate | ID = 0
Description = 01:49:01 - Error connecting to the internet. 01:49:01 - Unable
to contact server..

Error - 7/30/2011 8:49:07 PM | Computer Name = Richard-PC | Source = MCUpdate | ID = 0
Description = 01:49:06 - Error connecting to the internet. 01:49:06 - Unable
to contact server..

Error - 7/30/2011 9:58:12 PM | Computer Name = Richard-PC | Source = MCUpdate | ID = 0
Description = 02:58:12 - Error connecting to the internet. 02:58:12 - Unable
to contact server..

Error - 7/30/2011 9:58:18 PM | Computer Name = Richard-PC | Source = MCUpdate | ID = 0
Description = 02:58:17 - Error connecting to the internet. 02:58:17 - Unable
to contact server..

[ System Events ]
Error - 3/4/2012 1:05:03 PM | Computer Name = Richard-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume2.

Error - 3/4/2012 1:08:02 PM | Computer Name = Richard-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = A new BITS job could not be created. The current job count for the
user Richard-PC\Richard (60) is equal to or greater than the job limit (60) specified
through group policy. To correct the problem, complete or cancel the BITS jobs
that haven't made progress by looking at the error, and restart the BITS service.
If this error recurs, contact your system administrator and increate the per-user
and per-computer Group Policy job limits.

Error - 3/4/2012 1:17:18 PM | Computer Name = Richard-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume2.

Error - 3/4/2012 1:17:18 PM | Computer Name = Richard-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume2.

Error - 3/4/2012 2:26:02 PM | Computer Name = Richard-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 18:23:42 on ?04/?03/?2012 was unexpected.

Error - 3/4/2012 2:25:43 PM | Computer Name = Richard-PC | Source = NetBT | ID = 4311
Description = Initialization failed because the driver device could not be created.
Use
the string "C80AA98A9517" to identify the interface for which initialization failed.
It represents the MAC address of the failed interface or the Globally Unique Interface
Identifier (GUID) if NetBT was unable to map from GUID to MAC address. If neither
the MAC address nor the GUID were available, the string represents a cluster device
name.

Error - 3/4/2012 2:25:43 PM | Computer Name = Richard-PC | Source = NetBT | ID = 4311
Description = Initialization failed because the driver device could not be created.
Use
the string "C80AA98A9517" to identify the interface for which initialization failed.
It represents the MAC address of the failed interface or the Globally Unique Interface
Identifier (GUID) if NetBT was unable to map from GUID to MAC address. If neither
the MAC address nor the GUID were available, the string represents a cluster device
name.

Error - 3/4/2012 2:26:16 PM | Computer Name = Richard-PC | Source = BugCheck | ID = 1001
Description =

Error - 3/4/2012 2:38:33 PM | Computer Name = Richard-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume2.

Error - 3/4/2012 2:43:30 PM | Computer Name = Richard-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = A new BITS job could not be created. The current job count for the
user Richard-PC\Richard (60) is equal to or greater than the job limit (60) specified
through group policy. To correct the problem, complete or cancel the BITS jobs
that haven't made progress by looking at the error, and restart the BITS service.
If this error recurs, contact your system administrator and increate the per-user
and per-computer Group Policy job limits.


< End of report >
Suas11 is offline  
04-03-2012, 21:41   #4
ASJ112
Banned
 
Join Date: Jan 2010
Posts: 1,155
open OTL, paste this into the custom scan/fixes box



:OTL
SRV - [2011/05/17 14:01:54 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSSVC.EXE -- (MyWebSearchService)
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebs...r={searchTerms}
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebs...r={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?AF=100888&babsrc=HP_ss&mntrId=829692e200000000000078e4003bfc1c"
FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVfox000&ptnrS=ZVfox000&ptb=dtAjk5pBq_7hYSmLDkOcww&ind=2010102118&n=77cfb966&psa=&st=kwd&searchfor="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVfox000&ptb=dtAjk5pBq_7hYSmLDkOcww&ind=2010102118&ptnrS=ZVfox000&si=&n=77cfb966&psa=&st=kwd&searchfor="
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files (x86)\MyWebSearch\bar\3.bin\NPMyWebS.dll (MyWebSearch.com)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\3.bin [2011/10/12 15:52:13 | 000,000,000 | ---D | M]
[2011/10/12 15:52:13 | 000,000,000 | ---D | M] (My Web Search) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\m3ffxtbr@mywebsearch.com
[2012/01/05 22:38:02 | 000,000,000 | ---- | M] () -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\searchplugins\mywebsearch.xml
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKCU..\Run: [osmwacexrn.exe] "C:\Users\Richard\AppData\Local\Temp\osmwacexrn.exe" File not found
O33 - MountPoints2\{126d96ba-ad9f-11e0-80c9-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{126d96ba-ad9f-11e0-80c9-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{331bd6a6-a026-11df-be90-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{331bd6a6-a026-11df-be90-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{331bd6a8-a026-11df-be90-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{331bd6a8-a026-11df-be90-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{33cd20c3-ada1-11e0-9f57-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{33cd20c3-ada1-11e0-9f57-78e4003bfc1c}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{5d6b7fcd-37f9-11e1-842b-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{5d6b7fcd-37f9-11e1-842b-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{709be54d-9fc9-11df-98a7-c599a5451fd3}\Shell - "" = AutoRun
O33 - MountPoints2\{709be54d-9fc9-11df-98a7-c599a5451fd3}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{91761bbb-9b69-11df-a4f2-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{91761bbb-9b69-11df-a4f2-78e4003bfc1c}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{91761bbf-9b69-11df-a4f2-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{91761bbf-9b69-11df-a4f2-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{91761be0-9b69-11df-a4f2-a1dd241c997f}\Shell - "" = AutoRun
O33 - MountPoints2\{91761be0-9b69-11df-a4f2-a1dd241c997f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{91761be3-9b69-11df-a4f2-a1dd241c997f}\Shell - "" = AutoRun
O33 - MountPoints2\{91761be3-9b69-11df-a4f2-a1dd241c997f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{91761be5-9b69-11df-a4f2-a1dd241c997f}\Shell - "" = AutoRun
O33 - MountPoints2\{91761be5-9b69-11df-a4f2-a1dd241c997f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{a78b1476-37dc-11e1-91b7-001e101fe5e1}\Shell - "" = AutoRun
O33 - MountPoints2\{a78b1476-37dc-11e1-91b7-001e101fe5e1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c1cd0f58-b48e-11e0-b546-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{c1cd0f58-b48e-11e0-b546-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c1cd0f64-b48e-11e0-b546-78e4003bfc1c}\Shell - "" = AutoRun
O33 - MountPoints2\{c1cd0f64-b48e-11e0-b546-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d62c08c0-232d-11e1-9945-70f3952b37a2}\Shell - "" = AutoRun
O33 - MountPoints2\{d62c08c0-232d-11e1-9945-70f3952b37a2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d62c08ed-232d-11e1-9945-70f3952b37a2}\Shell - "" = AutoRun
O33 - MountPoints2\{d62c08ed-232d-11e1-9945-70f3952b37a2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
[2012/03/03 23:03:53 | 000,000,000 | ---D | C] -- C:\Users\Richard\AppData\Local\Babylon
[2012/03/03 23:03:52 | 000,000,000 | ---D | C] -- C:\Users\Richard\AppData\Roaming\Babylon
[2012/03/03 23:03:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon

:Commands
[PURITY]
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[EMPTYJAVA]
[CREATERESTOREPOINT]
[Reboot]
:Files
ipconfig /flushdns /c


click Run Fix. Let the PC reboot


then install malwarebytes

http://www.majorgeeks.com/download.php?det=5756

update it and run a quick scan, post that log here
ASJ112 is offline  
Thanks from:
04-03-2012, 23:01   #5
Suas11
Registered User
 
Join Date: Nov 2011
Posts: 1,711
2012/03/04 22:50:14 GMT RICHARD-PC Richard MESSAGE Starting protection
2012/03/04 22:50:14 GMT RICHARD-PC Richard MESSAGE Executing scheduled update: Daily
2012/03/04 22:50:15 GMT RICHARD-PC Richard MESSAGE Database already up-to-date
2012/03/04 22:50:16 GMT RICHARD-PC Richard MESSAGE Protection started successfully
2012/03/04 22:50:19 GMT RICHARD-PC Richard MESSAGE Starting IP protection
2012/03/04 22:50:20 GMT RICHARD-PC Richard MESSAGE IP Protection started successfully
2012/03/04 22:59:38 GMT RICHARD-PC Richard MESSAGE Starting protection
2012/03/04 22:59:48 GMT RICHARD-PC Richard MESSAGE Protection started successfully
2012/03/04 22:59:51 GMT RICHARD-PC Richard MESSAGE Starting IP protection
2012/03/04 22:59:52 GMT RICHARD-PC Richard MESSAGE IP Protection started successfully
Suas11 is offline  
Advertisement
05-03-2012, 01:01   #6
_AVALANCHE_
Closed Account
 
Join Date: Dec 2011
Posts: 1,605
Quote:
Originally Posted by ASJ112 View Post
open OTL, paste this into the custom scan/fixes box

What will that do?
_AVALANCHE_ is offline  
05-03-2012, 13:51   #7
uch
Registered User
 
uch's Avatar
 
Join Date: Oct 2002
Location: Still from South Dublin
Posts: 3,886
Spybot got rid of it for me. Download Spybot search and Destroy or Malwarebytes, do an update then scan and Fix,
uch is offline  
Thanks from:
05-03-2012, 18:42   #8
ASJ112
Banned
 
Join Date: Jan 2010
Posts: 1,155
suas if babylon is still there then run another OTL quick scan and post the log here


and run a mbam quick scan, what you ran before was from the IP protection feature.
ASJ112 is offline  
Thanks from:
05-03-2012, 19:42   #9
Suas11
Registered User
 
Join Date: Nov 2011
Posts: 1,711
Quote:
Originally Posted by ASJ112 View Post
suas if babylon is still there then run another OTL quick scan and post the log here


and run a mbam quick scan, what you ran before was from the IP protection feature.
Babylon appears to be gone now. However, now I have the Mozilla Firefox Start Page as my home page. I've tried changing it to google but it doesn't seem to be working.
Suas11 is offline  
Advertisement
05-03-2012, 19:43   #10
ASJ112
Banned
 
Join Date: Jan 2010
Posts: 1,155
try re-install firefox
ASJ112 is offline  
05-03-2012, 19:48   #11
Suas11
Registered User
 
Join Date: Nov 2011
Posts: 1,711
Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.04.06

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Richard :: RICHARD-PC [administrator]

Protection: Enabled

05/03/2012 19:43:20
mbam-log2-2012-03-05 (19-47-26).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 250713
Time elapsed: 3 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 2
C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll (PUP.FunWebProducts) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3REPROX.DLL (PUP.FunWebProducts) -> No action taken.

Registry Keys Detected: 130
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.FunWebProducts) -> No action taken.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.FunWebProducts) -> No action taken.
HKCR\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> No action taken.
HKCR\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C} (Adware.ClickPotato) -> No action taken.
HKCR\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> No action taken.
HKCR\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> No action taken.
HKCR\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> No action taken.
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.SettingsPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.SettingsPlugin (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.IECookiesManager.1 (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.IECookiesManager (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.DataControl.1 (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.DataControl (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu.2 (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.HTMLPanel.1 (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.HTMLPanel (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.ToolbarPlugin (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterSettingsControl.1 (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterSettingsControl (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.PseudoTransparentPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.PseudoTransparentPlugin (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterBarButton.1 (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterBarButton (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu.1 (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> No action taken.
HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (Adware.MyWebSearch) -> No action taken.
HKCR\ScreenSaverControl.ScreenSaverInstaller (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.OutlookAddin.1 (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.KillerObjManager.1 (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.KillerObjManager (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistoryKillerScheduler.1 (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistoryKillerScheduler (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistorySwatterControlBar.1 (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistorySwatterControlBar (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ChatSessionPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ChatSessionPlugin (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> No action taken.
HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> No action taken.
HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
HKCR\MyWebSearch.MultipleButton (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.MultipleButton.1 (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ThirdPartyInstaller (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ThirdPartyInstaller.1 (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.UrlAlertButton (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.UrlAlertButton.1 (Adware.MyWebSearch) -> No action taken.
HKCR\ShopperReports.Reporter (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.Reporter.1 (Adware.ShopperReports) -> No action taken.
HKCU\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\QueryExplorer (Adware.QueryExplorer) -> No action taken.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QueryExplorer (Adware.QueryExplorer) -> No action taken.
HKCR\CLSID\{67FA02C4-AB30-4e77-A640-78EE8EC8673B} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A} (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61} (Adware.MyWebSearch) -> No action taken.

Registry Values Detected: 5
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (Adware.MyWebSearch) -> Data: C:\PROGRA~2\MYWEBS~1\bar\3.bin\mwsoemon.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (Adware.MyWebSearch) -> Data: C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3SCRCTR.DLL -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E8790572BC765C5736AB98 (Malware.Trace) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (Adware.MyWebSearch) -> Data: -> No action taken.
HKLM\SOFTWARE\Mozilla\Firefox\extensions|ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Data: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.630.0\firefox\extensions -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 28
C:\Users\Richard\AppData\Roaming\FileHunter (PUP.FileHunter) -> No action taken.
C:\Users\Richard\AppData\Roaming\FileHunter\downloads (PUP.FileHunter) -> No action taken.
C:\Users\Richard\AppData\Roaming\FileHunter\metafiles (PUP.FileHunter) -> No action taken.
C:\ProgramData\QueryExplorer (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\FunWebProducts (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464} (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\chrome (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\defaults (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\defaults\preferences (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\MyWebSearch (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\2.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\chrome (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\chrome (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Game (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Message (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Overlay (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\QueryExplorer (Adware.QueryExplorer) -> No action taken.

Files Detected: 86
C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll (PUP.FunWebProducts) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3REPROX.DLL (PUP.FunWebProducts) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3HTML.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3SKIN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3MSG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3REPROX.DLL (Adware.MyWebSearch) -> No action taken.
C:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> No action taken.
C:\Windows\SysWOW64\f3PSSavr.scr (PUP.FunWebProducts) -> No action taken.
C:\Users\Richard\Downloads\Codec-C(1).exe (Affiliate.Downloader) -> No action taken.
C:\Users\Richard\Downloads\Codec-C.exe (Affiliate.Downloader) -> No action taken.
C:\Users\Richard\Downloads\DownloadSetup(2).exe (Affiliate.Downloader) -> No action taken.
C:\Users\Richard\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> No action taken.
C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> No action taken.
C:\Windows\SysWOW64\f3PSSavr.scr (Trojan.Agent) -> No action taken.
C:\Users\Public\Documents\Server\admin.txt (Malware.Trace) -> No action taken.
C:\Users\Public\Documents\Server\server.dat (Malware.Trace) -> No action taken.
C:\Users\Richard\Local Settings\Application Data\Windows Server\admin.txt (Malware.Trace) -> No action taken.
C:\Users\Richard\AppData\Roaming\FileHunter\pumpa.state (PUP.FileHunter) -> No action taken.
C:\Users\Richard\AppData\Roaming\FileHunter\FileHunter.exe (PUP.FileHunter) -> No action taken.
C:\Users\Richard\AppData\Roaming\FileHunter\version (PUP.FileHunter) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\chrome.manifest (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\install.rdf (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\chrome\queryexplorer.jar (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\defaults\preferences\prefs.js (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3FFTBPR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PATCH.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\CHROME.MANIFEST (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3REGHK.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3SPACER.WMV (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\INSTALL.RDF (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3IDLE.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3PATCH.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3TPINST.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3UNPAT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSMLBTN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSUABTN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Overlay\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.

(end)
Suas11 is offline  
05-03-2012, 19:48   #12
Suas11
Registered User
 
Join Date: Nov 2011
Posts: 1,711
Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.04.06

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Richard :: RICHARD-PC [administrator]

Protection: Enabled

05/03/2012 19:43:20
mbam-log2-2012-03-05 (19-47-26).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 250713
Time elapsed: 3 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 2
C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll (PUP.FunWebProducts) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3REPROX.DLL (PUP.FunWebProducts) -> No action taken.

Registry Keys Detected: 130
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.FunWebProducts) -> No action taken.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.FunWebProducts) -> No action taken.
HKCR\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> No action taken.
HKCR\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C} (Adware.ClickPotato) -> No action taken.
HKCR\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> No action taken.
HKCR\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> No action taken.
HKCR\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> No action taken.
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.SettingsPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.SettingsPlugin (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.IECookiesManager.1 (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.IECookiesManager (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.DataControl.1 (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.DataControl (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu.2 (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.HTMLPanel.1 (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.HTMLPanel (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.ToolbarPlugin (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterSettingsControl.1 (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterSettingsControl (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.PseudoTransparentPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.PseudoTransparentPlugin (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterBarButton.1 (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterBarButton (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu.1 (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> No action taken.
HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (Adware.MyWebSearch) -> No action taken.
HKCR\ScreenSaverControl.ScreenSaverInstaller (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.OutlookAddin.1 (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.KillerObjManager.1 (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.KillerObjManager (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistoryKillerScheduler.1 (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistoryKillerScheduler (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistorySwatterControlBar.1 (Adware.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistorySwatterControlBar (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ChatSessionPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ChatSessionPlugin (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> No action taken.
HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> No action taken.
HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
HKCR\MyWebSearch.MultipleButton (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.MultipleButton.1 (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ThirdPartyInstaller (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ThirdPartyInstaller.1 (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.UrlAlertButton (Adware.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.UrlAlertButton.1 (Adware.MyWebSearch) -> No action taken.
HKCR\ShopperReports.Reporter (Adware.ShopperReports) -> No action taken.
HKCR\ShopperReports.Reporter.1 (Adware.ShopperReports) -> No action taken.
HKCU\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\QueryExplorer (Adware.QueryExplorer) -> No action taken.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QueryExplorer (Adware.QueryExplorer) -> No action taken.
HKCR\CLSID\{67FA02C4-AB30-4e77-A640-78EE8EC8673B} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (Adware.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE} (Adware.MyWebSearch) -> No action taken.
HKCR\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A} (Adware.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15} (Adware.MyWebSearch) -> No action taken.
HKCR\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61} (Adware.MyWebSearch) -> No action taken.

Registry Values Detected: 5
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (Adware.MyWebSearch) -> Data: C:\PROGRA~2\MYWEBS~1\bar\3.bin\mwsoemon.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (Adware.MyWebSearch) -> Data: C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3SCRCTR.DLL -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E8790572BC765C5736AB98 (Malware.Trace) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (Adware.MyWebSearch) -> Data: -> No action taken.
HKLM\SOFTWARE\Mozilla\Firefox\extensions|ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Data: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.630.0\firefox\extensions -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 28
C:\Users\Richard\AppData\Roaming\FileHunter (PUP.FileHunter) -> No action taken.
C:\Users\Richard\AppData\Roaming\FileHunter\downloads (PUP.FileHunter) -> No action taken.
C:\Users\Richard\AppData\Roaming\FileHunter\metafiles (PUP.FileHunter) -> No action taken.
C:\ProgramData\QueryExplorer (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\FunWebProducts (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464} (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\chrome (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\defaults (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\defaults\preferences (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\MyWebSearch (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\2.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\chrome (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\chrome (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Game (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Message (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Overlay (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\QueryExplorer (Adware.QueryExplorer) -> No action taken.

Files Detected: 86
C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll (PUP.FunWebProducts) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3REPROX.DLL (PUP.FunWebProducts) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3HTML.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3SKIN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3MSG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3REPROX.DLL (Adware.MyWebSearch) -> No action taken.
C:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> No action taken.
C:\Windows\SysWOW64\f3PSSavr.scr (PUP.FunWebProducts) -> No action taken.
C:\Users\Richard\Downloads\Codec-C(1).exe (Affiliate.Downloader) -> No action taken.
C:\Users\Richard\Downloads\Codec-C.exe (Affiliate.Downloader) -> No action taken.
C:\Users\Richard\Downloads\DownloadSetup(2).exe (Affiliate.Downloader) -> No action taken.
C:\Users\Richard\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> No action taken.
C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> No action taken.
C:\Windows\SysWOW64\f3PSSavr.scr (Trojan.Agent) -> No action taken.
C:\Users\Public\Documents\Server\admin.txt (Malware.Trace) -> No action taken.
C:\Users\Public\Documents\Server\server.dat (Malware.Trace) -> No action taken.
C:\Users\Richard\Local Settings\Application Data\Windows Server\admin.txt (Malware.Trace) -> No action taken.
C:\Users\Richard\AppData\Roaming\FileHunter\pumpa.state (PUP.FileHunter) -> No action taken.
C:\Users\Richard\AppData\Roaming\FileHunter\FileHunter.exe (PUP.FileHunter) -> No action taken.
C:\Users\Richard\AppData\Roaming\FileHunter\version (PUP.FileHunter) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\chrome.manifest (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\install.rdf (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\chrome\queryexplorer.jar (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\defaults\preferences\prefs.js (Adware.QueryExplorer) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3FFTBPR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PATCH.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\CHROME.MANIFEST (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3REGHK.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3SPACER.WMV (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\INSTALL.RDF (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3IDLE.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3PATCH.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3TPINST.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3UNPAT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSMLBTN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSUABTN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\3.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Overlay\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.

(end)
Suas11 is offline  
05-03-2012, 20:06   #13
ASJ112
Banned
 
Join Date: Jan 2010
Posts: 1,155
you can let mbam fix those just in case you didn't do that

did a firefox re-install help with the home page issue ?
ASJ112 is offline  
Thanks from:
05-03-2012, 20:15   #14
Suas11
Registered User
 
Join Date: Nov 2011
Posts: 1,711
Nope, I re-installed Firefox just now and I'm still having the same problem.
Suas11 is offline  
06-03-2012, 10:53   #15
ASJ112
Banned
 
Join Date: Jan 2010
Posts: 1,155
when we removed babylon it set firefox back to its default home page. Try this step out

http://support.mozilla.org/en-US/kb/...your-home-page


Other than that, I'm not sure.
ASJ112 is offline  
Thanks from:
Post Reply

Quick Reply
Message:
Remove Text Formatting
Bold
Italic
Underline

Insert Image
Wrap [QUOTE] tags around selected text
 
Decrease Size
Increase Size
Please sign up or log in to join the discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search



Share Tweet