Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

MyStart Incredibar infection in Chrome [Closed]

Started by seahippo , Jun 26 2012 10:07 AM

  • This topic is locked This topic is locked

#1
seahippo
Posted 26 June 2012 - 10:07 AM

seahippo

    New Member

  • Member
  • Pip
  • 1 posts
Hi please help, my son has managed to download Mystart Incredibar. It comes up when we open a new tab in Chrome. I have managed to clean other infections up that were present but this is the last bit and I cannot seem to get rid of it. I have included an OTL log below:


OTL logfile created on: 26/06/2012 16:49:20 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Documents and Settings\Anne\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1022.07 Mb Total Physical Memory | 368.00 Mb Available Physical Memory | 36.00% Memory free
2.40 Gb Paging File | 1.69 Gb Available in Paging File | 70.22% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.30 Gb Total Space | 23.02 Gb Free Space | 15.95% Space Free | Partition Type: NTFS
Drive D: | 659.06 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 323.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive K: | 298.02 Gb Total Space | 18.27 Gb Free Space | 6.13% Space Free | Partition Type: FAT32

Computer Name: AIRDESKTOP | User Name: Anne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/26 16:46:39 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anne\My Documents\Downloads\OTL.exe
PRC - [2012/06/07 09:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/06/06 09:16:00 | 000,185,856 | ---- | M] () -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
PRC - [2012/05/26 06:32:24 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Documents and Settings\Anne\Local Settings\Application Data\Akamai\netsession_win.exe
PRC - [2012/04/04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/01/31 16:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2012/01/17 21:03:24 | 003,593,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgui.exe
PRC - [2012/01/17 21:03:24 | 002,339,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/11/02 18:28:33 | 000,123,488 | ---- | M] () -- C:\Program Files\GameBox\vprot.exe
PRC - [2011/09/09 03:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/08/18 01:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/05/23 14:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2009/05/21 09:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/17 17:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007/10/31 16:11:34 | 000,354,648 | ---- | M] (Rosetta Stone Ltd.) -- C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdController.exe
PRC - [2007/10/31 16:11:34 | 000,015,696 | ---- | M] (Rosetta Stone Ltd.) -- C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServer.exe
PRC - [2007/05/21 00:37:36 | 000,124,512 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
PRC - [2007/01/31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006/02/24 01:38:22 | 001,138,688 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Sun\StarOffice 8\program\soffice.bin
PRC - [2006/02/24 01:38:18 | 000,991,232 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Sun\StarOffice 8\program\soffice.exe
PRC - [2005/07/22 08:03:00 | 000,425,984 | ---- | M] (Dell) -- C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
PRC - [2005/06/21 09:19:38 | 000,491,520 | ---- | M] () -- C:\WINDOWS\system32\dlcccoms.exe
PRC - [2005/03/23 01:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2003/02/21 08:27:02 | 000,266,240 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\PD6000SM.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/07 09:14:43 | 000,441,880 | ---- | M] () -- C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.56\ppgooglenaclpluginchrome.dll
MOD - [2012/06/07 09:14:42 | 003,922,456 | ---- | M] () -- C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.56\pdf.dll
MOD - [2012/06/07 09:13:16 | 000,134,696 | ---- | M] () -- C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.56\avutil-51.dll
MOD - [2012/06/07 09:13:15 | 000,250,408 | ---- | M] () -- C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.56\avformat-54.dll
MOD - [2012/06/07 09:13:14 | 002,375,720 | ---- | M] () -- C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll
MOD - [2012/06/07 08:23:19 | 009,252,040 | ---- | M] () -- C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
MOD - [2012/06/06 09:16:00 | 000,185,856 | ---- | M] () -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
MOD - [2012/05/29 23:25:32 | 003,417,376 | ---- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_80c2ffa.dll
MOD - [2012/05/10 03:11:11 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/10 03:10:54 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/05/10 03:10:34 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012/05/03 16:55:09 | 004,050,944 | ---- | M] () -- C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.0.2\libGLESv2.dll
MOD - [2012/05/03 16:55:09 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.0.2\libEGL.dll
MOD - [2011/11/03 16:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/11/02 18:28:33 | 000,123,488 | ---- | M] () -- C:\Program Files\GameBox\vprot.exe
MOD - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2008/04/14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/02/10 22:31:10 | 000,828,416 | ---- | M] () -- C:\Program Files\Sun\StarOffice 8\program\libxml2.dll
MOD - [2005/06/21 09:22:06 | 000,483,328 | ---- | M] () -- C:\WINDOWS\system32\dlcclmpm.dll
MOD - [2005/06/21 09:19:38 | 000,491,520 | ---- | M] () -- C:\WINDOWS\system32\dlcccoms.exe
MOD - [2005/06/21 09:18:24 | 000,155,648 | ---- | M] () -- C:\WINDOWS\system32\dlccprox.dll
MOD - [2005/06/06 04:58:38 | 000,065,536 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 924\dlcccfg.dll
MOD - [2005/04/27 10:30:44 | 000,118,784 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 924\dlccdrec.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll -- (helpsvc)
SRV - File not found [On_Demand | Running] -- C:\WINDOWS\system32\qmgr.dllvgwdsvc.exe -- (BITS)
SRV - [2012/06/06 09:16:00 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - [2012/05/29 23:25:32 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_80c2ffa.dll -- (Akamai)
SRV - [2012/05/17 22:49:02 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/01/31 16:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007/10/31 16:11:34 | 000,354,648 | ---- | M] (Rosetta Stone Ltd.) [Auto | Running] -- C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdController.exe -- (RosettaStoneLtdController)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005/06/21 09:19:38 | 000,491,520 | ---- | M] () [On_Demand | Running] -- C:\WINDOWS\system32\dlcccoms.exe -- (dlcc_device)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DDMI2.sys -- (SDDMI2)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Anne\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - [2011/05/27 19:05:44 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/01/28 13:34:32 | 000,113,280 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2010/01/28 13:34:32 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/01/28 13:34:32 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2008/12/30 11:55:20 | 000,102,656 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/05/01 21:44:49 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2006/03/10 15:55:18 | 000,039,424 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fantom.sys -- (FANTOM)
DRV - [2005/12/21 17:44:28 | 000,299,904 | ---- | M] (A/WLAN-1) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MRVW225.sys -- (MRVW225)
DRV - [2005/08/04 05:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/06/14 23:40:08 | 000,180,864 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2003/11/17 22:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 22:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 22:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2001/08/17 13:02:50 | 000,002,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HIDSwvd.sys -- (HIDSwvd)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.co.uk/myway
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.co.uk/myway
IE - HKU\S-1-5-18\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\..\SearchScopes\{0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF}: "URL" = http://po.toolbarhom...Terms}&srch=dsp
IE - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...urceid=ie7&rlz=
IE - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3072253
IE - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {01187ACB-A140-451E-860D-C833A1DE7FCA}:1.0
FF - prefs.js..extensions.enabledItems: {03D48D5C-63E1-408A-8F0B-609482F84BD5}:1.0
FF - prefs.js..extensions.enabledItems: {08F948F0-2B3D-4381-9DD3-F1DEC7B40914}:1.0
FF - prefs.js..extensions.enabledItems: {28D7BA4E-2834-4820-AD3F-BB287FC20222}:1.0
FF - prefs.js..extensions.enabledItems: {333150A5-D70B-4C98-80F1-27F2C00C15CB}:1.0
FF - prefs.js..extensions.enabledItems: {38BA461B-C21D-408D-B869-3B7A7E653AE6}:1.0
FF - prefs.js..extensions.enabledItems: {437C7153-F16E-421A-A47B-58A2EEE625EF}:1.0
FF - prefs.js..extensions.enabledItems: {6DA16FE4-03F9-404D-932C-0835653CD434}:1.0
FF - prefs.js..extensions.enabledItems: {7D8FF734-C414-424B-A6CF-B4247867BECD}:1.0
FF - prefs.js..extensions.enabledItems: {7D90DBE3-8F96-4A2E-BF0D-87CAB1B3099D}:1.0
FF - prefs.js..extensions.enabledItems: {862B6D0A-ED2C-4F41-A703-C0DE291DB3C5}:1.0
FF - prefs.js..extensions.enabledItems: {8C2BF2B7-7A86-4910-B5DF-E281046162AD}:1.0
FF - prefs.js..extensions.enabledItems: {94D2AB60-B5CC-417D-9FDA-54C77E5C6098}:1.0
FF - prefs.js..extensions.enabledItems: {9E7A648D-B057-488C-899A-784B746D715A}:1.0
FF - prefs.js..extensions.enabledItems: {A2AB11AD-D982-4B76-A74C-427682DA736E}:1.0
FF - prefs.js..extensions.enabledItems: {BCF7BAB5-BF84-4744-8843-5B6578844123}:1.0
FF - prefs.js..extensions.enabledItems: {C1B12A9E-89B6-44E0-BE4D-87687A8D4E42}:1.0
FF - prefs.js..extensions.enabledItems: {C66C1212-8639-4C0B-B4D6-45FFE513DF75}:1.0
FF - prefs.js..extensions.enabledItems: {CFD6B079-39CF-49AF-BF93-67D7974F5544}:1.0
FF - prefs.js..extensions.enabledItems: {D07EF7E7-31CB-4282-AA0D-B25B57BD7108}:1.0
FF - prefs.js..extensions.enabledItems: {D3A257D1-1639-44B0-A9D2-6ABB09FF195E}:1.0
FF - prefs.js..extensions.enabledItems: {D68EABA4-32A9-4104-9F26-0FCCFF6E1FFC}:1.0
FF - prefs.js..extensions.enabledItems: {E65557F4-8D69-4178-92A1-583CB2117187}:1.0
FF - prefs.js..extensions.enabledItems: {ED3C8BEA-7212-4ED7-8DAB-153ED752B822}:1.0
FF - prefs.js..extensions.enabledItems: {ED433E9A-40AF-4A73-92DA-1DB0ACF5CAC8}:1.0
FF - prefs.js..extensions.enabledItems: {F075B778-15ED-4A06-A7EE-4F2CCC68B5DC}:1.0
FF - prefs.js..extensions.enabledItems: {F970DFA2-3081-4756-82D0-9F8EF35781BC}:1.0
FF - prefs.js..extensions.enabledItems: {FB0287A5-8AC6-4A8D-962E-8A2C551479EF}:1.0
FF - prefs.js..keyword.URL: "http://mystart.incre...&&i=26&search="
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://mystart.incre...R8x5kRaa6&i=26"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Documents and Settings\Anne\Local Settings\Application Data\RobloxVersions\version-7cacfdcf8d724c45\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Anne\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2012/02/17 16:41:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/06/25 17:17:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/12 00:43:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/17 20:28:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 1.0.6\Extensions\\Components: C:\Program Files\Mozilla Firefox\Components [2011/11/12 00:43:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 1.0.6\Extensions\\Plugins: C:\Program Files\Mozilla Firefox\Plugins [2012/05/17 20:28:39 | 000,000,000 | ---D | M]

[2009/06/07 09:18:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anne\Application Data\Mozilla\Extensions
[2012/06/26 10:51:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anne\Application Data\Mozilla\Firefox\Profiles\1osb08dp.default\extensions
[2009/12/15 20:46:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Anne\Application Data\Mozilla\Firefox\Profiles\1osb08dp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/03/24 20:09:16 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Documents and Settings\Anne\Application Data\Mozilla\Firefox\Profiles\1osb08dp.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012/06/25 17:17:44 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Documents and Settings\Anne\Application Data\Mozilla\Firefox\Profiles\1osb08dp.default\extensions\[email protected]
[2011/11/02 18:28:58 | 000,000,000 | ---D | M] (PlayedOnline) -- C:\Documents and Settings\Anne\Application Data\Mozilla\Firefox\Profiles\1osb08dp.default\extensions\gamebox@toolbar
[2012/06/25 17:16:30 | 000,002,203 | ---- | M] () -- C:\Documents and Settings\Anne\Application Data\Mozilla\Firefox\Profiles\1osb08dp.default\searchplugins\MyStart Search.xml
[2012/06/26 16:32:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/17 16:41:10 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
File not found (No name found) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/11/12 00:43:22 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007/09/28 19:57:26 | 006,275,816 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll
[2011/11/12 00:43:18 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java™ Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: ScorchPlugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSibelius.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Roblox Launcher Plugin (Enabled) = C:\Documents and Settings\Anne\Local Settings\Application Data\RobloxVersions\version-7cacfdcf8d724c45\\NPRobloxProxy.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Anne\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Command & Conquer Tiberium Alliances = C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jgaeopgjojikeoiidmfaejkifhgjoooe\1.0.6_0\
CHR - Extension: New Tab for Chrome = C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Anne\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\

O1 HOSTS File: ([2011/06/22 15:47:40 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DLCCCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.DLL ()
O4 - HKLM..\Run: [dlccmon.exe] C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe (Dell)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PD6000StatusMonitor] C:\WINDOWS\System32\PD6000SM.EXE (Eastman Kodak Company)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Anne\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005..\Run: [vProt] C:\Program Files\GameBox\vprot.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe File not found
O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\Anne\Start Menu\Programs\Startup\StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Ian\Start Menu\Programs\Startup\SpamBayes Tray Icon.lnk = C:\Program Files\SpamBayes\bin\sb_tray.exe ()
O4 - Startup: C:\Documents and Settings\Ian\Start Menu\Programs\Startup\StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Ian\Start Menu\Programs\Startup\WallMaster.lnk = C:\Program Files\WallMaster\wallmast.exe (Tropical Wares)
O4 - Startup: C:\Documents and Settings\Ryan\Start Menu\Programs\Startup\StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O7 - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AutoRun = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: ImTranslator - C:\Program Files\Smart Link\ImTranslator for IE\startup.html ()
O15 - HKU\.DEFAULT\..Trusted Domains: hostingerr.com ([]http in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: hostingerr.com ([]http in Local intranet)
O15 - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\..Trusted Domains: hostingerr.com ([]http in Local intranet)
O16 - DPF: {00000075-9980-0010-8000-00AA00389B71} http://codecs.micros...i386/voxacm.CAB (Reg Error: Key error.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} http://cdn2.zone.msn...gr.cab31267.cab (ZoneAxRcMgr Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{17BCEF40-C547-42FA-AB1C-6FA7E50F0CF7}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\gameboxchrome - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - http://www.jbutler.o.../e2e/pw/Map.gif
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Anne\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Anne\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002/07/10 18:16:58 | 000,000,121 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/26 16:18:05 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/06/26 16:17:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anne\Start Menu\Programs\Administrative Tools
[2012/06/26 16:01:52 | 000,000,000 | ---D | C] -- C:\_OTM
[2012/06/26 15:47:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne\Start Menu\Programs\Revo Uninstaller
[2012/06/26 15:47:40 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012/06/26 15:00:46 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.9879.deleteme
[2012/06/26 15:00:22 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2012/06/26 11:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/26 11:30:11 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/06/26 11:30:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/06/26 11:02:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne\Local Settings\Application Data\Deployment
[2012/06/25 17:22:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anne\Start Menu\Programs\Video Downloader
[2012/06/25 17:18:28 | 000,000,000 | ---D | C] -- C:\Program Files\v-Grabber
[2012/06/25 17:18:01 | 000,000,000 | ---D | C] -- C:\Program Files\Perion
[2012/06/25 17:16:59 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant
[2012/06/04 16:56:47 | 000,000,000 | ---D | C] -- C:\Program Files\Uncompressor

========== Files - Modified Within 30 Days ==========

File not found -- C:\Documents and Settings\Anne\My Documents\CAL3FHC8.
[2012/06/26 16:45:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/26 16:43:45 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/26 16:43:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/26 16:43:38 | 1071,796,224 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/26 15:47:43 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Anne\Desktop\Revo Uninstaller.lnk
[2012/06/26 15:35:09 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/26 15:33:04 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3609718805-3172858772-3784228649-1005UA.job
[2012/06/26 15:31:03 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/26 15:19:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3609718805-3172858772-3784228649-1006UA.job
[2012/06/26 15:00:40 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\mfevtps.exe.9879.deleteme
[2012/06/26 12:09:04 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/06/26 11:30:15 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/26 08:44:50 | 100,702,278 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/06/26 03:33:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3609718805-3172858772-3784228649-1005Core.job
[2012/06/25 19:19:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3609718805-3172858772-3784228649-1006Core.job
[2012/06/25 18:03:23 | 000,468,767 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/06/25 17:22:00 | 000,001,560 | ---- | M] () -- C:\Documents and Settings\Anne\Desktop\Video Downloader.lnk
[2012/06/25 17:17:58 | 000,000,684 | ---- | M] () -- C:\user.js
[2012/06/14 03:40:37 | 002,216,648 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/14 03:20:59 | 000,442,888 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/14 03:20:59 | 000,072,154 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/14 03:08:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/06/13 15:59:00 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/12 02:36:48 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\Anne\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/06/12 02:36:47 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\Anne\Desktop\Google Chrome.lnk
[2012/06/11 15:47:05 | 000,002,795 | ---- | M] () -- C:\Documents and Settings\Anne\Desktop\Command & Conquer Tiberium Alliances.lnk
[2012/06/09 19:41:29 | 000,138,752 | ---- | M] () -- C:\Documents and Settings\Anne\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

File not found -- C:\Documents and Settings\Anne\My Documents\CAL3FHC8.
[2012/06/26 16:18:17 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/06/26 16:18:17 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/06/26 15:47:43 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\Anne\Desktop\Revo Uninstaller.lnk
[2012/06/26 11:30:15 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/25 17:21:58 | 000,001,560 | ---- | C] () -- C:\Documents and Settings\Anne\Desktop\Video Downloader.lnk
[2012/06/11 15:47:04 | 000,002,795 | ---- | C] () -- C:\Documents and Settings\Anne\Desktop\Command & Conquer Tiberium Alliances.lnk
[2012/06/04 16:57:21 | 000,000,684 | ---- | C] () -- C:\user.js
[2012/04/23 08:38:07 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/04/18 12:55:19 | 000,000,418 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012/01/01 00:22:37 | 000,013,406 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\vh76r2cm27r
[2011/10/27 18:01:39 | 000,000,032 | R--- | C] () -- C:\Documents and Settings\All Users\hash.dat
[2011/05/22 14:49:43 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Anne\jagex_runescape_preferences2.dat
[2011/05/22 14:48:02 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Anne\jagex_runescape_preferences.dat
[2011/02/17 19:25:54 | 000,000,091 | ---- | C] () -- C:\WINDOWS\CIV.INI
[2009/03/26 13:03:28 | 006,196,768 | ---- | C] () -- C:\Program Files\SUPERAntiSpyware.exe
[2009/03/20 14:40:42 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Anne\Application Data\$_hpcst$.hpc
[2007/01/21 17:58:54 | 000,138,752 | ---- | C] () -- C:\Documents and Settings\Anne\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/12/14 21:06:18 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2005/12/14 20:27:49 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Anne\Local Settings\Application Data\fusioncache.dat

========== LOP Check ==========

[2011/11/02 18:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
[2011/06/22 15:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2012/04/18 16:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
[2012/04/18 15:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Birdstep Technology
[2012/04/18 16:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/05/18 20:48:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/05/18 20:54:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2010/10/20 18:03:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2009/04/29 20:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Channel4
[2011/06/07 16:08:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2005/08/16 21:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2007/01/29 21:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EIDOS
[2010/04/24 19:41:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3
[2011/11/02 19:25:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3_Arctica
[2012/04/21 16:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Firefly Studios
[2009/03/09 20:18:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009/04/29 20:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kontiki
[2012/06/26 08:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2007/12/08 00:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2007/12/18 20:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2005/12/14 21:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Otto
[2009/03/09 19:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2012/05/05 10:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2008/03/27 19:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RosettaStoneLtdServices
[2008/02/02 15:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2007/06/26 20:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Transparent
[2012/06/11 17:09:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\.minecraft
[2010/10/05 15:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\Ace
[2011/06/07 16:19:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\AVG10
[2011/07/12 16:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\BAMZOOKi SW
[2009/11/03 21:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2011/06/17 14:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\Canon
[2012/05/17 19:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\ElevatedDiagnostics
[2012/04/21 17:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\Firefly Studios
[2011/05/13 17:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\FOG Downloader
[2011/11/02 18:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\GameBox
[2007/02/23 20:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\Leadertech
[2009/06/01 19:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\Mobipocket Reader
[2009/03/09 21:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\Nokia
[2012/05/17 20:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\Oracle
[2005/12/14 21:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\Otto
[2009/03/09 19:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\PC Suite
[2011/03/26 20:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\Photo! 3D ScreenSaver
[2011/10/27 18:08:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\spiral
[2012/06/26 16:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\StarOffice8
[2005/12/14 21:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\Template
[2011/06/13 17:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\Unity
[2012/04/25 03:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne\Application Data\uTorrent
[2010/07/08 17:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ian\Application Data\BAMZOOKi SW
[2010/10/20 18:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ian\Application Data\Canon
[2007/10/25 17:03:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ian\Application Data\Datalayer
[2011/11/03 17:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ian\Application Data\GameBox
[2005/12/25 21:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ian\Application Data\Leadertech
[2007/12/18 20:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ian\Application Data\Nokia
[2007/10/25 17:06:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ian\Application Data\Nokia Multimedia Player
[2006/06/22 19:20:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ian\Application Data\Otto
[2009/03/10 18:51:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ian\Application Data\PC Suite
[2012/04/10 16:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ian\Application Data\PriceGong
[2008/04/23 20:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ian\Application Data\SpamBayes
[2012/01/04 23:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ian\Application Data\StarOffice8
[2006/01/15 17:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ian\Application Data\Template
[2007/05/19 21:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ian\Application Data\uTorrent
[2010/09/30 18:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Birdstep Technology
[2012/05/18 08:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\.minecraft
[2007/10/21 10:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\Ace
[2011/06/20 15:35:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\AVG10
[2010/07/13 17:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\BAMZOOKi SW
[2012/05/18 07:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\GameBox
[2008/02/23 11:27:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\iScreensaver
[2007/12/23 19:36:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\Leadertech
[2007/10/16 17:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\LEGO Company
[2006/11/11 16:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\Nokia
[2005/12/15 19:00:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\Otto
[2009/03/16 18:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\PC Suite
[2012/05/18 07:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\StarOffice8
[2007/03/04 21:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\Template
[2010/07/05 17:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\Unity
[2010/06/28 17:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\uTorrent

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Essexboy
Posted 26 June 2012 - 11:36 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there let me know if this works

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
    SRV - [2012/06/06 09:16:00 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
    IE - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\..\SearchScopes\{0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF}: "URL" = http://po.toolbarhom...Terms}&srch=dsp
    IE - HKU\S-1-5-21-3609718805-3172858772-3784228649-1005\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3072253
    FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
    FF - prefs.js..extensions.enabledItems: {01187ACB-A140-451E-860D-C833A1DE7FCA}:1.0
    FF - prefs.js..extensions.enabledItems: {03D48D5C-63E1-408A-8F0B-609482F84BD5}:1.0
    FF - prefs.js..extensions.enabledItems: {08F948F0-2B3D-4381-9DD3-F1DEC7B40914}:1.0
    FF - prefs.js..extensions.enabledItems: {28D7BA4E-2834-4820-AD3F-BB287FC20222}:1.0
    FF - prefs.js..extensions.enabledItems: {333150A5-D70B-4C98-80F1-27F2C00C15CB}:1.0
    FF - prefs.js..extensions.enabledItems: {38BA461B-C21D-408D-B869-3B7A7E653AE6}:1.0
    FF - prefs.js..extensions.enabledItems: {437C7153-F16E-421A-A47B-58A2EEE625EF}:1.0
    FF - prefs.js..extensions.enabledItems: {6DA16FE4-03F9-404D-932C-0835653CD434}:1.0
    FF - prefs.js..extensions.enabledItems: {7D8FF734-C414-424B-A6CF-B4247867BECD}:1.0
    FF - prefs.js..extensions.enabledItems: {7D90DBE3-8F96-4A2E-BF0D-87CAB1B3099D}:1.0
    FF - prefs.js..extensions.enabledItems: {862B6D0A-ED2C-4F41-A703-C0DE291DB3C5}:1.0
    FF - prefs.js..extensions.enabledItems: {8C2BF2B7-7A86-4910-B5DF-E281046162AD}:1.0
    FF - prefs.js..extensions.enabledItems: {94D2AB60-B5CC-417D-9FDA-54C77E5C6098}:1.0
    FF - prefs.js..extensions.enabledItems: {9E7A648D-B057-488C-899A-784B746D715A}:1.0
    FF - prefs.js..extensions.enabledItems: {A2AB11AD-D982-4B76-A74C-427682DA736E}:1.0
    FF - prefs.js..extensions.enabledItems: {BCF7BAB5-BF84-4744-8843-5B6578844123}:1.0
    FF - prefs.js..extensions.enabledItems: {C1B12A9E-89B6-44E0-BE4D-87687A8D4E42}:1.0
    FF - prefs.js..extensions.enabledItems: {C66C1212-8639-4C0B-B4D6-45FFE513DF75}:1.0
    FF - prefs.js..extensions.enabledItems: {CFD6B079-39CF-49AF-BF93-67D7974F5544}:1.0
    FF - prefs.js..extensions.enabledItems: {D07EF7E7-31CB-4282-AA0D-B25B57BD7108}:1.0
    FF - prefs.js..extensions.enabledItems: {D3A257D1-1639-44B0-A9D2-6ABB09FF195E}:1.0
    FF - prefs.js..extensions.enabledItems: {D68EABA4-32A9-4104-9F26-0FCCFF6E1FFC}:1.0
    FF - prefs.js..extensions.enabledItems: {E65557F4-8D69-4178-92A1-583CB2117187}:1.0
    FF - prefs.js..extensions.enabledItems: {ED3C8BEA-7212-4ED7-8DAB-153ED752B822}:1.0
    FF - prefs.js..extensions.enabledItems: {ED433E9A-40AF-4A73-92DA-1DB0ACF5CAC8}:1.0
    FF - prefs.js..extensions.enabledItems: {F075B778-15ED-4A06-A7EE-4F2CCC68B5DC}:1.0
    FF - prefs.js..extensions.enabledItems: {F970DFA2-3081-4756-82D0-9F8EF35781BC}:1.0
    FF - prefs.js..extensions.enabledItems: {FB0287A5-8AC6-4A8D-962E-8A2C551479EF}:1.0
    FF - prefs.js..keyword.URL: "http://mystart.incre...&&i=26&search="
    FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
    FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
    FF - prefs.js..browser.startup.homepage: "http://mystart.incre...R8x5kRaa6&i=26"
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/06/25 17:17:05 | 000,000,000 | ---D | M]
    [2012/06/25 17:17:44 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Documents and Settings\Anne\Application Data\Mozilla\Firefox\Profiles\1osb08dp.default\extensions\[email protected]
    [2012/06/25 17:16:30 | 000,002,203 | ---- | M] () -- C:\Documents and Settings\Anne\Application Data\Mozilla\Firefox\Profiles\1osb08dp.default\searchplugins\MyStart Search.xml
    O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe File not found
    O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe File not found
    [2012/06/25 17:16:59 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant
    File not found -- C:\Documents and Settings\Anne\My Documents\CAL3FHC8.
    [2012/06/25 17:17:58 | 000,000,684 | ---- | M] () -- C:\user.js
    [2012/01/01 00:22:37 | 000,013,406 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\vh76r2cm27r


    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#3
Essexboy
Posted 30 June 2012 - 04:57 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP