I'm getting persistent LogonUI.exe Bad Image Popup windows on my PC, It's running Windows MediaCentre OS
Here is the OTL log
OTL logfile created on: 27/06/2013 20:05:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.47 Gb Total Physical Memory | 2.33 Gb Available Physical Memory | 67.36% Memory free
6.93 Gb Paging File | 5.71 Gb Available in Paging File | 82.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 59.53 Gb Total Space | 34.46 Gb Free Space | 57.89% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1819.41 Gb Free Space | 97.66% Space Free | Partition Type: NTFS
Computer Name: MEDIACENTRE-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/06/27 20:05:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Downloads\OTL.exe
PRC - [2013/06/15 17:50:09 | 000,814,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
PRC - [2013/06/03 10:57:49 | 003,085,264 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
PRC - [2013/05/18 16:44:46 | 000,884,616 | ---- | M] (Innovative Apps) -- C:\Program Files\Supreme Savings\Supreme Savings-bg.exe
PRC - [2013/04/25 16:22:36 | 001,648,264 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2013/02/13 03:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/10 18:58:36 | 000,082,944 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Program Files\WinTV\WinTV7\WinTVTray.exe
PRC - [2010/11/10 18:18:20 | 000,380,928 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files\WinTV\TVServer\CaptureGenPCI.exe
PRC - [2010/11/03 19:31:44 | 000,558,592 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe
PRC - [2009/12/27 15:32:34 | 001,646,080 | ---- | M] (V.L.System Co., Ltd) -- C:\Program Files\M.Play MX\MMX.exe
PRC - [2007/01/10 06:59:52 | 000,115,816 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2007/01/10 06:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
========== Modules (No Company Name) ==========
MOD - [2013/06/16 19:55:52 | 000,107,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MCESidebarCtrl\04963ea62d2cf90bfc1225bf11f11e59\MCESidebarCtrl.ni.dll
MOD - [2013/06/16 19:55:46 | 018,686,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehshell\8b774924750abed3185570922871989a\ehshell.ni.dll
MOD - [2013/06/16 19:55:34 | 000,705,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\e26eca09671bb3080b96ef36cc2e11ba\Microsoft.MediaCenter.Sports.ni.dll
MOD - [2013/06/16 19:55:32 | 000,849,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\7c6a11cf74acbfe5c8c8d654c7cadf45\Microsoft.MediaCenter.Shell.ni.dll
MOD - [2013/06/16 19:55:28 | 000,364,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\b8e516ed0f2c0bee78580ac0a758d7b3\mcstoredb.ni.dll
MOD - [2013/06/16 19:55:27 | 002,035,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mcstore\744604b4a3bb3625de9541f0f81a3893\mcstore.ni.dll
MOD - [2013/06/16 19:55:26 | 003,328,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mcepg\1355556186a0cfcef21dadab36b38355\mcepg.ni.dll
MOD - [2013/06/16 19:55:23 | 000,693,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\cefccb1ed79e63eddf972c6c20ae240b\ehRecObj.ni.dll
MOD - [2013/06/16 19:55:22 | 006,499,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\840830c6a4fd76901574202fa9e7c9ef\Microsoft.MediaCenter.UI.ni.dll
MOD - [2013/06/16 19:55:18 | 001,009,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\a0715e7b679c7dd85fa64ab9e7b7ead0\Microsoft.MediaCenter.ni.dll
MOD - [2013/06/16 19:55:17 | 000,442,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\454ecc5a1795270b2dbe55bfe3dd87be\ehiProxy.ni.dll
MOD - [2013/06/16 19:54:53 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013/06/16 19:54:37 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/06/16 19:54:24 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/06/16 19:54:19 | 000,621,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\c575fae8f07583615f50ca8058271a01\BDATunePIA.ni.dll
MOD - [2013/06/16 19:54:18 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/06/16 19:54:11 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013/02/13 03:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013/02/13 03:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/11/20 22:29:32 | 000,238,080 | ---- | M] () -- C:\Windows\assembly\GAC_32\BDATunePIA\6.1.0.0__31bf3856ad364e35\BDATunePIA.dll
MOD - [2010/11/20 22:29:29 | 000,134,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll
MOD - [2010/11/10 18:58:26 | 000,019,456 | ---- | M] () -- C:\Program Files\WinTV\TVServer\HauppaugeTVServerps.dll
========== Services (SafeList) ==========
SRV - [2013/06/15 17:50:12 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/03 10:57:49 | 003,085,264 | ---- | M] () [Auto | Running] -- C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2012/12/26 13:13:11 | 001,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2011/10/11 09:17:59 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/11/12 15:24:12 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_B91CB6D3)
SRV - [2010/11/03 19:31:44 | 000,558,592 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe -- (HauppaugeTVServer)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/29 18:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/09/12 18:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/01/13 04:40:58 | 000,049,248 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/10 06:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2007/01/10 06:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007/01/10 06:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/01/10 06:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\Drivers\AsrCDDrv.sys -- (AsrCDDrv)
DRV - [2013/06/17 09:00:00 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20130627.001\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/06/17 09:00:00 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20130627.001\NAVENG.SYS -- (NAVENG)
DRV - [2012/12/26 13:13:43 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/12/04 22:42:04 | 000,287,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20130620.001\IDSvix86.sys -- (IDSvix86)
DRV - [2012/08/15 17:36:30 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/08/15 17:36:30 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/03/04 16:00:16 | 000,309,224 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asmtxhci.sys -- (asmtxhci)
DRV - [2011/03/04 16:00:14 | 000,100,328 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asmthub3.sys -- (asmthub3)
DRV - [2010/11/20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/09/01 16:25:44 | 001,603,712 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV - [2010/07/23 10:53:23 | 001,501,696 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmudaxp.sys -- (cmudaxp)
DRV - [2010/07/12 14:49:18 | 000,060,104 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2010/07/12 14:48:56 | 000,073,032 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2007/12/01 00:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/12/01 00:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/12/01 00:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/04/14 03:49:32 | 000,418,104 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2007/01/09 23:32:13 | 000,191,544 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2007/01/09 23:32:13 | 000,145,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\symfw.sys -- (SYMFW)
DRV - [2007/01/09 23:32:13 | 000,040,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\symids.sys -- (SYMIDS)
DRV - [2007/01/09 23:32:13 | 000,038,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\symndisv.sys -- (SYMNDISV)
DRV - [2007/01/09 23:32:13 | 000,027,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2007/01/09 23:32:13 | 000,012,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\symdns.sys -- (SYMDNS)
DRV - [2006/11/02 08:57:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www1.delta-se...4CB002522E089F3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-se...4CB002522E089F3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 24 09 E2 12 F3 87 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-se...4CB002522E089F3
IE - HKCU\..\SearchScopes\{6D0707AF-3C53-4575-A47C-D63B5A365BCD}: "URL" = http://websearch.ask...E8-148E3216C495
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/05/18 16:52:28 | 000,000,000 | ---D | M]
[2013/05/18 16:44:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
========== Chrome ==========
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkeoookbpemkdccdccdmacnidhooohk\1.23.49_1\crossrider
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkeoookbpemkdccdccdmacnidhooohk\1.23.49_1\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkeoookbpemkdccdccdmacnidhooohk\1.23.51_0\crossrider
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkeoookbpemkdccdccdmacnidhooohk\1.23.51_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172\
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Supreme Savings) - {11111111-1111-1111-1111-110111991162} - C:\Program Files\Supreme Savings\Supreme Savings-bho.dll (Innovative Apps)
O2 - BHO: (Reg Error: Value error.) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll (Symantec Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.21.0\bh\delta.dll (Delta-search.com)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.21.0\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [MMX] C:\Program Files\M.Play MX\MMX.exe (V.L.System Co., Ltd)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6C98FBB-EC24-4D75-9B0E-6B239A84AB1F}: DhcpNameServer = 192.168.0.1
O20 - AppInit_DLLs: (c:\progra~2\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/06/27 19:38:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiseFixer
[2013/06/27 19:38:43 | 000,000,000 | ---D | C] -- C:\Program Files\WiseFixer
[2013/06/27 19:34:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Symantec
[108 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/06/27 20:05:36 | 000,664,532 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/06/27 20:05:36 | 000,125,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/06/27 20:04:04 | 000,022,080 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/27 20:04:04 | 000,022,080 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/27 19:57:32 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/27 19:56:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/27 19:56:44 | 2791,112,704 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/27 19:50:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/27 19:38:44 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\WiseFixer.lnk
[2013/06/27 19:25:03 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/23 19:28:12 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/06/15 17:38:40 | 000,280,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[108 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/06/27 19:38:44 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\WiseFixer.lnk
[2012/12/26 13:13:34 | 000,002,432 | ---- | C] () -- C:\Windows\wds.dat
[2012/12/26 13:13:34 | 000,001,680 | ---- | C] () -- C:\Windows\rmt.dat
[2012/09/02 19:30:56 | 000,000,000 | ---- | C] () -- C:\Windows\WinInit.ini
[2011/10/11 11:05:28 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/10/11 11:05:28 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/10/11 11:05:13 | 000,142,337 | ---- | C] () -- C:\Windows\System32\Wait.exe
[2011/10/11 11:04:46 | 000,005,065 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2011/10/11 09:15:04 | 000,066,048 | ---- | C] () -- C:\Windows\System32\hcwxds.dll
[2011/10/11 09:07:02 | 000,561,152 | ---- | C] () -- C:\Windows\System32\Cmeauoxy.exe
[2011/10/11 09:07:02 | 000,042,252 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl
[2011/10/11 09:06:54 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2011/10/11 09:06:54 | 000,004,211 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg
[2011/10/11 09:06:54 | 000,000,861 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi
[2011/10/11 08:59:18 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/10/11 08:58:38 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011/10/11 08:58:37 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2011/10/11 08:58:37 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2011/10/11 08:58:37 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2011/10/11 08:58:37 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 05:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011/10/11 09:08:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ASUS
[2013/05/18 16:44:40 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BabSolution
[2013/05/18 16:44:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Babylon
[2013/05/18 16:44:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Delta
[2013/05/18 16:47:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\player
[2013/02/19 18:22:00 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Sammsoft
[2012/09/03 19:27:17 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Spotify
========== Purity Check ==========
< End of report >
Any help you can give is much appreciated
Thanks
Scott