Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

How to get rid of Babylon?

  • 04-03-2012 2:11pm
    #1
    Registered Users Posts: 12,933 ✭✭✭✭


    I recently downloaded Babylon and have tried to uninstall it.

    I'm using Windows 7 as my operating system, if that's any help. I've tried everything but Babylon is still set as the home page on Firefox. I went to the control panel and have changed the home page to Google. However, when I open up Firefox again, Babylon is still the home page. Even though the control panel still says that Google is set as the home page.

    I've gone to Tools and Add-ons and deleted Babylon there and I've also gone to Add Or Remove Programs to delete it there too. However, I'm still stuck with Babylon as my search engine.

    Do any of you know what I can do to fix this? Any help would be appreciated.


Comments

  • Site Banned Posts: 1,167 ✭✭✭ASJ112


    Download OTL to your Desktop
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Quick Scan button. Do not change any settings. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files here


  • Registered Users Posts: 12,933 ✭✭✭✭Rothko


    OTL logfile created on: 3/4/2012 9:21:59 PM - Run 1
    OTL by OldTimer - Version 3.2.35.1 Folder = C:\Users\Richard\Downloads
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

    3.93 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 52.14% Memory free
    7.86 Gb Paging File | 5.58 Gb Available in Paging File | 71.05% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 448.87 Gb Total Space | 58.17 Gb Free Space | 12.96% Space Free | Partition Type: NTFS
    Drive D: | 16.60 Gb Total Space | 2.70 Gb Free Space | 16.29% Space Free | Partition Type: NTFS
    Drive E: | 99.02 Mb Total Space | 95.15 Mb Free Space | 96.09% Space Free | Partition Type: FAT32
    Drive F: | 5.93 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
    Drive I: | 148.79 Gb Total Space | 33.35 Gb Free Space | 22.41% Space Free | Partition Type: FAT32

    Computer Name: RICHARD-PC | User Name: Richard | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/03/04 21:21:34 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Richard\Downloads\OTL.exe
    PRC - [2012/02/16 14:55:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2011/11/07 09:13:24 | 000,235,232 | ---- | M] () -- C:\Program Files (x86)\PC Speed Up\PCSUService.exe
    PRC - [2011/10/26 18:48:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
    PRC - [2011/08/28 17:51:20 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    PRC - [2011/08/04 04:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccsvchst.exe
    PRC - [2011/07/28 23:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    PRC - [2011/06/15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    PRC - [2011/05/17 14:01:54 | 000,032,849 | ---- | M] (MyWebSearch.com) -- C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSOEMON.EXE
    PRC - [2011/05/17 14:01:54 | 000,028,762 | ---- | M] (MyWebSearch.com) -- C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSSVC.EXE
    PRC - [2011/05/16 10:22:26 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
    PRC - [2011/05/15 22:01:44 | 000,478,720 | ---- | M] (Crossrider) -- C:\Program Files (x86)\CrossriderWebApps\Crossrider.exe
    PRC - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    PRC - [2010/10/27 20:21:54 | 001,155,072 | ---- | M] (Last.fm) -- C:\Program Files (x86)\Last.fm\LastFM.exe
    PRC - [2010/06/26 17:09:18 | 000,167,936 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files (x86)\Freecorder\FLVSrvc.exe
    PRC - [2010/01/15 12:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    PRC - [2009/12/22 09:17:04 | 000,225,280 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
    PRC - [2009/12/22 09:13:06 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
    PRC - [2009/10/06 06:08:42 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    PRC - [2009/09/04 20:35:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    PRC - [2009/08/26 01:34:30 | 000,015,544 | R--- | M] () -- C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    PRC - [2008/11/09 20:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    PRC - [2007/07/24 18:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/02/16 14:55:34 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    MOD - [2012/02/14 21:01:26 | 000,079,872 | ---- | M] () -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\RadioWMPCoreGecko10.dll
    MOD - [2011/08/22 00:18:06 | 000,925,696 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
    MOD - [2011/08/12 15:58:26 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    MOD - [2011/07/28 23:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
    MOD - [2011/07/28 23:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2011/05/04 03:51:59 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Java\jre6\bin\jp2native.dll
    MOD - [2010/10/27 20:23:04 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Last.fm\srv_rtaudioplayback.dll
    MOD - [2010/10/27 20:22:52 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Last.fm\ext_messengernotify.dll
    MOD - [2010/10/27 20:22:42 | 000,058,880 | ---- | M] () -- C:\Program Files (x86)\Last.fm\ext_skypenotify.dll
    MOD - [2010/10/27 20:22:08 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Last.fm\srv_madtranscode.dll
    MOD - [2010/10/27 20:22:00 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Last.fm\srv_httpinput.dll
    MOD - [2010/10/27 20:19:28 | 000,372,736 | ---- | M] () -- C:\Program Files (x86)\Last.fm\LastFmFingerprint1.dll
    MOD - [2010/10/27 20:19:06 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Last.fm\breakpad.dll
    MOD - [2010/10/27 20:18:50 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Last.fm\Moose1.dll
    MOD - [2010/10/27 20:18:34 | 000,540,672 | ---- | M] () -- C:\Program Files (x86)\Last.fm\LastFmTools1.dll
    MOD - [2010/10/27 20:13:52 | 001,382,507 | ---- | M] () -- C:\Program Files (x86)\Last.fm\libfftw3f-3.dll
    MOD - [2010/10/27 20:13:52 | 000,074,240 | ---- | M] () -- C:\Program Files (x86)\Last.fm\zlibwapi.dll
    MOD - [2009/10/06 06:08:38 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
    MOD - [2009/08/26 01:34:30 | 000,015,544 | R--- | M] () -- C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    MOD - [2009/08/20 19:35:48 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
    MOD - [2009/08/20 19:35:46 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
    MOD - [2009/08/20 19:35:46 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
    MOD - [2008/04/16 16:42:30 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtNetwork4.dll
    MOD - [2008/04/16 16:42:16 | 000,524,288 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtSql4.dll
    MOD - [2008/04/16 16:42:02 | 006,701,056 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtGui4.dll
    MOD - [2008/04/16 16:36:38 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtXml4.dll
    MOD - [2008/04/16 16:36:34 | 001,654,784 | ---- | M] () -- C:\Program Files (x86)\Last.fm\QtCore4.dll
    MOD - [2008/04/02 13:26:50 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\Last.fm\imageformats\qmng4.dll
    MOD - [2008/04/02 13:26:34 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Last.fm\imageformats\qgif4.dll
    MOD - [2008/04/02 13:26:28 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Last.fm\imageformats\qjpeg4.dll


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2010/09/18 17:05:05 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\stacsv64.exe -- (STacSV)
    SRV:64bit: - [2010/09/18 17:05:05 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe -- (AESTFilters)
    SRV:64bit: - [2009/09/04 20:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
    SRV:64bit: - [2009/07/14 01:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2009/07/08 20:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
    SRV - [2011/11/07 09:13:24 | 000,235,232 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\PC Speed Up\PCSUService.exe -- (PCSUService)
    SRV - [2011/10/12 17:06:48 | 004,700,824 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
    SRV - [2011/09/09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
    SRV - [2011/08/04 04:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccSvcHst.exe -- (N360)
    SRV - [2011/07/07 18:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
    SRV - [2011/06/15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
    SRV - [2011/05/17 14:01:54 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSSVC.EXE -- (MyWebSearchService)
    SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
    SRV - [2010/07/28 21:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/01/15 12:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
    SRV - [2009/12/22 09:17:04 | 000,225,280 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
    SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/02/22 20:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
    SRV - [2008/11/09 20:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
    SRV - [2007/07/24 18:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2011/08/22 02:53:36 | 000,451,704 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symtdiv.sys -- (SYMTDIv)
    DRV:64bit: - [2011/08/22 02:53:35 | 000,221,304 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symefa64.sys -- (SymEFA)
    DRV:64bit: - [2011/08/04 04:19:26 | 000,593,544 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\cchpx64.sys -- (ccHP)
    DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2011/03/11 06:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 06:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/02 21:36:55 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
    DRV:64bit: - [2010/09/23 17:07:08 | 000,907,904 | ---- | M] (ITE Technologies ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AF9035HB.sys -- (AF9035HB)
    DRV:64bit: - [2010/09/18 17:05:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
    DRV:64bit: - [2010/08/19 12:06:59 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
    DRV:64bit: - [2010/04/29 05:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\ironx64.sys -- (SymIRON)
    DRV:64bit: - [2010/04/28 07:57:50 | 000,061,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2010/04/22 02:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\srtsp64.sys -- (SRTSP)
    DRV:64bit: - [2010/04/22 02:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
    DRV:64bit: - [2010/04/09 15:24:32 | 000,076,288 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
    DRV:64bit: - [2010/04/07 17:05:00 | 000,250,368 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
    DRV:64bit: - [2010/03/25 10:08:46 | 000,120,704 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
    DRV:64bit: - [2010/03/20 11:56:56 | 000,114,560 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
    DRV:64bit: - [2009/10/15 03:50:05 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symds64.sys -- (SymDS)
    DRV:64bit: - [2009/10/13 10:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2009/10/13 03:00:52 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
    DRV:64bit: - [2009/10/03 03:58:12 | 000,258,560 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2009/09/17 20:56:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
    DRV:64bit: - [2009/09/17 20:56:16 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
    DRV:64bit: - [2009/09/17 20:56:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
    DRV:64bit: - [2009/09/17 20:56:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
    DRV:64bit: - [2009/08/22 09:54:04 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
    DRV:64bit: - [2009/08/15 06:54:54 | 000,286,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2009/07/21 03:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
    DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 01:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009/07/14 01:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 23:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
    DRV:64bit: - [2009/07/08 20:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
    DRV:64bit: - [2009/07/08 20:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
    DRV:64bit: - [2009/06/29 18:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
    DRV:64bit: - [2009/06/10 21:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
    DRV:64bit: - [2009/06/10 21:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
    DRV:64bit: - [2009/06/10 21:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
    DRV:64bit: - [2009/06/10 20:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/06/10 20:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2009/06/10 20:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
    DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/05/18 22:17:08 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2009/04/29 16:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
    DRV - [2011/10/14 23:10:08 | 001,155,704 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20111027.001\BHDrvx64.sys -- (BHDrvx64)
    DRV - [2011/10/11 00:54:30 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20111103.024\EX64.SYS -- (NAVEX15)
    DRV - [2011/10/11 00:54:30 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
    DRV - [2011/10/11 00:54:30 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20111103.024\ENG64.SYS -- (NAVENG)
    DRV - [2011/10/10 13:48:26 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20111103.030\IDSviA64.sys -- (IDSVia64)
    DRV - [2011/07/28 21:49:05 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
    DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPALL/27
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPALL/27
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE:64bit: - HKLM\..\SearchScopes\{DB9D82E5-9DE0-4F95-9125-C03E079CE5EA}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPALL/27
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPALL/27
    IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFre0.dll (Conduit Ltd.)
    IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVfox000&ptnrS=ZVfox000&ptb=dtAjk5pBq_7hYSmLDkOcww&ind=2010102118&n=77cfb966&psa=&st=sb&searchfor={searchTerms}
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933
    IE - HKLM\..\SearchScopes\{DB9D82E5-9DE0-4F95-9125-C03E079CE5EA}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ie.msn.com/?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ie
    IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (MyWebSearch.com)
    IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFre0.dll (Conduit Ltd.)
    IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\YTNavAssist.dll (Yahoo! Inc.)
    IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=UT5V5&o=15793&src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=UP&apn_dtid=YYYYYYYYIE&apn_uid=FFE37268-229E-4E85-96C6-1D05E4CE150B&apn_sauid=05DA421B-7320-469E-A85B-C07DBEBB9E4D
    IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVfox000&ptnrS=ZVfox000&ptb=dtAjk5pBq_7hYSmLDkOcww&ind=2010102118&n=77cfb966&psa=&st=sb&searchfor={searchTerms}
    IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7RNRN_en
    IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933
    IE - HKCU\..\SearchScopes\{DB9D82E5-9DE0-4F95-9125-C03E079CE5EA}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE - HKCU\..\SearchScopes\{F29AC30C-6A0B-4F6D-B6AE-9C72B9DCCBCB}: "URL" = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=&rlz=1I7RNRN_en
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
    FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?AF=100888&babsrc=HP_ss&mntrId=829692e200000000000078e4003bfc1c"
    FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVfox000&ptnrS=ZVfox000&ptb=dtAjk5pBq_7hYSmLDkOcww&ind=2010102118&n=77cfb966&psa=&st=kwd&searchfor="
    FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVfox000&ptb=dtAjk5pBq_7hYSmLDkOcww&ind=2010102118&ptnrS=ZVfox000&si=&n=77cfb966&psa=&st=kwd&searchfor="


    FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files (x86)\MyWebSearch\bar\3.bin\NPMyWebS.dll (MyWebSearch.com)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Richard\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.630.0\firefox\extensions
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\3.bin [2011/10/12 15:52:13 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011/07/20 22:33:27 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2012/03/04 18:26:14 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/10/11 04:36:17 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp435@crossrider.com: C:\ProgramData\CodecCheck\firefox [2011/09/27 21:48:11 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/04 14:22:16 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/28 22:41:32 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/04 14:22:16 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/28 22:41:32 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/04 14:22:16 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/28 22:41:32 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/04 14:22:16 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/28 22:41:32 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/04 14:22:16 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/28 22:41:32 | 000,000,000 | ---D | M]

    [2010/07/29 22:21:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Richard\AppData\Roaming\Mozilla\Extensions
    [2012/03/04 14:23:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions
    [2011/12/29 15:43:57 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
    [2012/02/15 02:35:56 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
    [2012/01/25 17:52:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    [2012/01/15 13:25:29 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
    [2011/08/09 20:14:20 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\engine@conduit.com
    [2012/03/04 01:39:08 | 000,000,000 | ---D | M] (TheBflix) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\info@bflix.info
    [2011/10/12 15:52:13 | 000,000,000 | ---D | M] (My Web Search) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\m3ffxtbr@mywebsearch.com
    [2011/05/21 21:09:27 | 000,002,397 | ---- | M] () -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\searchplugins\askcom.xml
    [2012/01/05 22:38:02 | 000,000,000 | ---- | M] () -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\searchplugins\mywebsearch.xml
    [2012/03/04 14:22:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2010/10/08 00:59:57 | 000,000,000 | ---D | M] (QueryExplorer) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}
    [2012/02/16 14:55:34 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
    [2011/10/26 18:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
    [2012/02/16 11:08:43 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
    [2012/03/03 23:03:57 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
    [2012/02/16 10:48:01 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2012/02/16 11:08:43 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
    [2012/02/16 11:08:43 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
    [2012/02/16 11:08:43 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

    ========== Chrome ==========


    O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
    O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
    O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (MyWebSearch.com)
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
    O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
    O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFre0.dll (Conduit Ltd.)
    O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
    O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (facemoods.com BHO)
    O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ipsbho.dll (Symantec Corporation)
    O2 - BHO: (CrossRider) - {A876E312-7D08-401a-B7A6-FAFC5DC2F292} - C:\Program Files (x86)\CrossriderWebApps\Crossrider.dll ()
    O2 - BHO: (TheBflix Class) - {AA58B172-0968-404D-B9E9-816FAA3C8D37} - C:\ProgramData\TheBflix\bhoclass.dll (Injector)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
    O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
    O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFre0.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
    O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
    O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll (facemoods.com)
    O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files (x86)\Freecorder\prxtbFre0.dll (Conduit Ltd.)
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
    O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
    O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
    O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
    O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
    O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
    O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
    O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe (facemoods.com)
    O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files (x86)\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
    O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3SRCHMN.EXE (MyWebSearch.com)
    O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSOEMON.EXE (MyWebSearch.com)
    O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
    O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
    O4 - HKCU..\Run: [CrossRiderPlugin] C:\Program Files (x86)\CrossriderWebApps\Crossrider.exe (Crossrider)
    O4 - HKCU..\Run: [DriverScanner] C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited)
    O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
    O4 - HKCU..\Run: [MyWebSearch Email Plugin] C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSOEMON.EXE (MyWebSearch.com)
    O4 - HKCU..\Run: [NortonUpdateAgent] C:\ProgramData\Norton\NUA.exe (Symantec Corporation)
    O4 - HKCU..\Run: [osmwacexrn.exe] "C:\Users\Richard\AppData\Local\Temp\osmwacexrn.exe" File not found
    O4 - HKCU..\Run: [PCSpeedUp] C:\Program Files (x86)\PC Speed Up\PCSpeedUp.lnk ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
    O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
    O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
    O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
    O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
    O8:64bit: - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
    O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
    O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
    O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
    O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
    O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
    O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
    O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
    O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
    O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
    O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{224866B8-33AA-4FA8-B959-6A7BFA1C7AB2}: NameServer = 62.40.32.33 8.8.8.8
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{387AAA8E-EF3D-4123-AED2-64416C4FCD3F}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CBE6DDE-21F0-4694-8BC3-77F341F0F860}: NameServer = 62.40.32.33 8.8.8.8
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9FA2DB8B-5B6B-43C2-9E09-932B7FF0314D}: NameServer = 62.40.32.33 8.8.8.8
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{126d96ba-ad9f-11e0-80c9-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{126d96ba-ad9f-11e0-80c9-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{331bd6a6-a026-11df-be90-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{331bd6a6-a026-11df-be90-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{331bd6a8-a026-11df-be90-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{331bd6a8-a026-11df-be90-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{33cd20c3-ada1-11e0-9f57-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{33cd20c3-ada1-11e0-9f57-78e4003bfc1c}\Shell\AutoRun\command - "" = H:\AutoRun.exe
    O33 - MountPoints2\{5d6b7fcd-37f9-11e1-842b-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{5d6b7fcd-37f9-11e1-842b-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{709be54d-9fc9-11df-98a7-c599a5451fd3}\Shell - "" = AutoRun
    O33 - MountPoints2\{709be54d-9fc9-11df-98a7-c599a5451fd3}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{91761bbb-9b69-11df-a4f2-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{91761bbb-9b69-11df-a4f2-78e4003bfc1c}\Shell\AutoRun\command - "" = H:\AutoRun.exe
    O33 - MountPoints2\{91761bbf-9b69-11df-a4f2-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{91761bbf-9b69-11df-a4f2-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{91761be0-9b69-11df-a4f2-a1dd241c997f}\Shell - "" = AutoRun
    O33 - MountPoints2\{91761be0-9b69-11df-a4f2-a1dd241c997f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{91761be3-9b69-11df-a4f2-a1dd241c997f}\Shell - "" = AutoRun
    O33 - MountPoints2\{91761be3-9b69-11df-a4f2-a1dd241c997f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{91761be5-9b69-11df-a4f2-a1dd241c997f}\Shell - "" = AutoRun
    O33 - MountPoints2\{91761be5-9b69-11df-a4f2-a1dd241c997f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{a78b1476-37dc-11e1-91b7-001e101fe5e1}\Shell - "" = AutoRun
    O33 - MountPoints2\{a78b1476-37dc-11e1-91b7-001e101fe5e1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{c1cd0f58-b48e-11e0-b546-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{c1cd0f58-b48e-11e0-b546-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{c1cd0f64-b48e-11e0-b546-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{c1cd0f64-b48e-11e0-b546-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{d62c08c0-232d-11e1-9945-70f3952b37a2}\Shell - "" = AutoRun
    O33 - MountPoints2\{d62c08c0-232d-11e1-9945-70f3952b37a2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{d62c08ed-232d-11e1-9945-70f3952b37a2}\Shell - "" = AutoRun
    O33 - MountPoints2\{d62c08ed-232d-11e1-9945-70f3952b37a2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\G\Shell - "" = AutoRun
    O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/03/04 13:33:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2012/03/03 23:03:53 | 000,000,000 | ---D | C] -- C:\Users\Richard\AppData\Local\Babylon
    [2012/03/03 23:03:52 | 000,000,000 | ---D | C] -- C:\Users\Richard\AppData\Roaming\Babylon
    [2012/03/03 23:03:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
    [2012/03/03 23:03:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TheBflix
    [2012/03/03 23:03:35 | 000,000,000 | ---D | C] -- C:\ProgramData\TheBflix
    [2012/02/08 21:46:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    [2012/02/08 21:45:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2012/02/08 21:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2 C:\*.tmp files -> C:\*.tmp -> ]
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/03/04 20:29:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/03/04 18:43:20 | 000,001,940 | ---- | M] () -- C:\Users\Richard\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
    [2012/03/04 18:38:15 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/03/04 18:38:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
    [2012/03/04 18:33:30 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/03/04 18:33:30 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/03/04 18:26:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/03/04 18:26:00 | 604,622,042 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2012/03/04 18:26:00 | 3163,709,440 | -HS- | M] () -- C:\hiberfil.sys
    [2012/03/04 14:22:22 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2012/03/04 01:36:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRichard.job
    [2012/03/03 23:04:20 | 000,000,237 | ---- | M] () -- C:\user.js
    [2012/03/01 22:17:18 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012/03/01 22:17:18 | 000,628,874 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012/03/01 22:17:18 | 000,111,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012/02/28 17:49:44 | 000,000,502 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Richard.job
    [2012/02/17 01:31:17 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2012/02/16 15:37:48 | 000,000,510 | ---- | M] () -- C:\settings.ini
    [2012/02/16 14:49:42 | 000,375,176 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2012/02/08 21:46:53 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2 C:\*.tmp files -> C:\*.tmp -> ]
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/03/04 14:22:21 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2012/03/04 14:22:17 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    [2012/03/03 23:04:19 | 000,000,237 | ---- | C] () -- C:\user.js
    [2012/02/16 15:37:48 | 000,000,510 | ---- | C] () -- C:\settings.ini
    [2012/02/08 21:46:51 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2011/12/29 18:26:05 | 006,908,648 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
    [2011/12/29 18:26:05 | 000,017,686 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
    [2011/07/28 17:52:39 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\{F405DB5B-ED8E-4B61-A2BF-6F97862DEA20}
    [2011/07/13 22:39:03 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\{936B24B9-02F5-4E6B-AD66-C8615F6B6B56}
    [2011/07/13 22:34:35 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\{1280828D-7063-40CA-BF5A-AAD1C9F10C19}
    [2011/07/12 19:06:28 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\{F88A05BE-1F1A-49AD-BDA1-A6866371CC26}
    [2011/07/01 00:38:19 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\{E2CE062B-1DF6-4EE9-8543-A1E65859F7B3}
    [2011/06/09 18:32:17 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\{172A2C70-F88F-4CB9-BBCA-93B55D748A5A}
    [2011/06/04 14:58:26 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\{C00B7C07-393C-43C6-8E17-D3EB9D4677F7}
    [2011/05/20 18:25:39 | 000,001,940 | ---- | C] () -- C:\Users\Richard\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
    [2011/03/11 16:24:20 | 000,423,670 | ---- | C] () -- C:\Users\Richard\AppData\Local\tmpDAISY-LOWE-GQ-UK-APRIL-2011-04.0
    [2011/03/11 16:24:20 | 000,150,374 | ---- | C] () -- C:\Users\Richard\AppData\Local\tmpDAISY-LOWE-GQ-UK-APRIL-2011-04.JPG
    [2010/08/19 20:39:03 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
    [2010/08/16 23:01:28 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
    [2010/08/16 23:01:28 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
    [2010/05/01 09:41:59 | 000,209,040 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll
    [2010/05/01 09:41:59 | 000,204,944 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll
    [2010/05/01 09:41:59 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll
    [2010/05/01 09:41:59 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll
    [2010/05/01 09:41:59 | 000,192,656 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll
    [2010/05/01 09:41:59 | 000,024,720 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll
    [2010/05/01 09:16:23 | 000,000,283 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
    [2010/05/01 09:16:23 | 000,000,224 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini

    ========== LOP Check ==========

    [2011/08/09 16:52:04 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\Azureus
    [2012/03/03 23:03:52 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\Babylon
    [2011/12/29 18:40:42 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\dBpoweramp
    [2010/09/13 20:02:28 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\EA1248532AB50CF0CDEF927542709C48
    [2011/10/11 04:36:09 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\FileHunter
    [2011/10/16 19:20:00 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\GrabPro
    [2011/12/29 15:43:01 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\OpenCandy
    [2012/03/04 15:36:25 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\Orbit
    [2010/09/10 22:39:44 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\PlayFirst
    [2011/10/16 19:20:06 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\ProgSense
    [2010/09/14 17:31:28 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\StoneLoopsWT
    [2010/08/30 08:44:43 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\Tific
    [2011/10/16 19:21:52 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\Uniblue
    [2012/03/04 15:36:25 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\uTorrent
    [2010/08/04 17:4


  • Site Banned Posts: 1,167 ✭✭✭ASJ112


    open OTL, paste this into the custom scan/fixes box



    :OTL
    SRV - [2011/05/17 14:01:54 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSSVC.EXE -- (MyWebSearchService)
    IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebs...r={searchTerms}
    IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (MyWebSearch.com)
    IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebs...r={searchTerms}
    FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
    FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
    FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?AF=100888&babsrc=HP_ss&mntrId=829692e200000000000078e4003bfc1c"
    FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVfox000&ptnrS=ZVfox000&ptb=dtAjk5pBq_7hYSmLDkOcww&ind=2010102118&n=77cfb966&psa=&st=kwd&searchfor="
    FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVfox000&ptb=dtAjk5pBq_7hYSmLDkOcww&ind=2010102118&ptnrS=ZVfox000&si=&n=77cfb966&psa=&st=kwd&searchfor="
    FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files (x86)\MyWebSearch\bar\3.bin\NPMyWebS.dll (MyWebSearch.com)
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\3.bin [2011/10/12 15:52:13 | 000,000,000 | ---D | M]
    [2011/10/12 15:52:13 | 000,000,000 | ---D | M] (My Web Search) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\extensions\m3ffxtbr@mywebsearch.com
    [2012/01/05 22:38:02 | 000,000,000 | ---- | M] () -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\yd444qm1.default\searchplugins\mywebsearch.xml
    O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (MyWebSearch.com)
    O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
    O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
    O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3SRCHMN.EXE (MyWebSearch.com)
    O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSOEMON.EXE (MyWebSearch.com)
    O4 - HKCU..\Run: [osmwacexrn.exe] "C:\Users\Richard\AppData\Local\Temp\osmwacexrn.exe" File not found
    O33 - MountPoints2\{126d96ba-ad9f-11e0-80c9-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{126d96ba-ad9f-11e0-80c9-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{331bd6a6-a026-11df-be90-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{331bd6a6-a026-11df-be90-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{331bd6a8-a026-11df-be90-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{331bd6a8-a026-11df-be90-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{33cd20c3-ada1-11e0-9f57-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{33cd20c3-ada1-11e0-9f57-78e4003bfc1c}\Shell\AutoRun\command - "" = H:\AutoRun.exe
    O33 - MountPoints2\{5d6b7fcd-37f9-11e1-842b-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{5d6b7fcd-37f9-11e1-842b-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{709be54d-9fc9-11df-98a7-c599a5451fd3}\Shell - "" = AutoRun
    O33 - MountPoints2\{709be54d-9fc9-11df-98a7-c599a5451fd3}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{91761bbb-9b69-11df-a4f2-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{91761bbb-9b69-11df-a4f2-78e4003bfc1c}\Shell\AutoRun\command - "" = H:\AutoRun.exe
    O33 - MountPoints2\{91761bbf-9b69-11df-a4f2-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{91761bbf-9b69-11df-a4f2-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{91761be0-9b69-11df-a4f2-a1dd241c997f}\Shell - "" = AutoRun
    O33 - MountPoints2\{91761be0-9b69-11df-a4f2-a1dd241c997f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{91761be3-9b69-11df-a4f2-a1dd241c997f}\Shell - "" = AutoRun
    O33 - MountPoints2\{91761be3-9b69-11df-a4f2-a1dd241c997f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{91761be5-9b69-11df-a4f2-a1dd241c997f}\Shell - "" = AutoRun
    O33 - MountPoints2\{91761be5-9b69-11df-a4f2-a1dd241c997f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{a78b1476-37dc-11e1-91b7-001e101fe5e1}\Shell - "" = AutoRun
    O33 - MountPoints2\{a78b1476-37dc-11e1-91b7-001e101fe5e1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{c1cd0f58-b48e-11e0-b546-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{c1cd0f58-b48e-11e0-b546-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{c1cd0f64-b48e-11e0-b546-78e4003bfc1c}\Shell - "" = AutoRun
    O33 - MountPoints2\{c1cd0f64-b48e-11e0-b546-78e4003bfc1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{d62c08c0-232d-11e1-9945-70f3952b37a2}\Shell - "" = AutoRun
    O33 - MountPoints2\{d62c08c0-232d-11e1-9945-70f3952b37a2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{d62c08ed-232d-11e1-9945-70f3952b37a2}\Shell - "" = AutoRun
    O33 - MountPoints2\{d62c08ed-232d-11e1-9945-70f3952b37a2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\G\Shell - "" = AutoRun
    O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
    [2012/03/03 23:03:53 | 000,000,000 | ---D | C] -- C:\Users\Richard\AppData\Local\Babylon
    [2012/03/03 23:03:52 | 000,000,000 | ---D | C] -- C:\Users\Richard\AppData\Roaming\Babylon
    [2012/03/03 23:03:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon

    :Commands
    [PURITY]
    [EMPTYTEMP]
    [EMPTYFLASH]
    [RESETHOSTS]
    [EMPTYJAVA]
    [CREATERESTOREPOINT]
    [Reboot]
    :Files
    ipconfig /flushdns /c


    click Run Fix. Let the PC reboot


    then install malwarebytes

    http://www.majorgeeks.com/download.php?det=5756

    update it and run a quick scan, post that log here


  • Registered Users Posts: 12,933 ✭✭✭✭Rothko


    2012/03/04 22:50:14 GMT RICHARD-PC Richard MESSAGE Starting protection
    2012/03/04 22:50:14 GMT RICHARD-PC Richard MESSAGE Executing scheduled update: Daily
    2012/03/04 22:50:15 GMT RICHARD-PC Richard MESSAGE Database already up-to-date
    2012/03/04 22:50:16 GMT RICHARD-PC Richard MESSAGE Protection started successfully
    2012/03/04 22:50:19 GMT RICHARD-PC Richard MESSAGE Starting IP protection
    2012/03/04 22:50:20 GMT RICHARD-PC Richard MESSAGE IP Protection started successfully
    2012/03/04 22:59:38 GMT RICHARD-PC Richard MESSAGE Starting protection
    2012/03/04 22:59:48 GMT RICHARD-PC Richard MESSAGE Protection started successfully
    2012/03/04 22:59:51 GMT RICHARD-PC Richard MESSAGE Starting IP protection
    2012/03/04 22:59:52 GMT RICHARD-PC Richard MESSAGE IP Protection started successfully


  • Closed Accounts Posts: 1,620 ✭✭✭_AVALANCHE_


    ASJ112 wrote: »
    open OTL, paste this into the custom scan/fixes box

    What will that do?


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 7,019 ✭✭✭uch


    Spybot got rid of it for me. Download Spybot search and Destroy or Malwarebytes, do an update then scan and Fix,

    21/25



  • Site Banned Posts: 1,167 ✭✭✭ASJ112


    suas if babylon is still there then run another OTL quick scan and post the log here


    and run a mbam quick scan, what you ran before was from the IP protection feature.


  • Registered Users Posts: 12,933 ✭✭✭✭Rothko


    ASJ112 wrote: »
    suas if babylon is still there then run another OTL quick scan and post the log here


    and run a mbam quick scan, what you ran before was from the IP protection feature.

    Babylon appears to be gone now. However, now I have the Mozilla Firefox Start Page as my home page. I've tried changing it to google but it doesn't seem to be working.


  • Site Banned Posts: 1,167 ✭✭✭ASJ112


    try re-install firefox


  • Registered Users Posts: 12,933 ✭✭✭✭Rothko


    Malwarebytes Anti-Malware (Trial) 1.60.1.1000
    www.malwarebytes.org

    Database version: v2012.03.04.06

    Windows 7 x64 NTFS
    Internet Explorer 8.0.7600.16385
    Richard :: RICHARD-PC [administrator]

    Protection: Enabled

    05/03/2012 19:43:20
    mbam-log2-2012-03-05 (19-47-26).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 250713
    Time elapsed: 3 minute(s), 56 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 2
    C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll (PUP.FunWebProducts) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3REPROX.DLL (PUP.FunWebProducts) -> No action taken.

    Registry Keys Detected: 130
    HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.FunWebProducts) -> No action taken.
    HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.FunWebProducts) -> No action taken.
    HKCR\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> No action taken.
    HKCR\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C} (Adware.ClickPotato) -> No action taken.
    HKCR\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> No action taken.
    HKCR\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> No action taken.
    HKCR\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> No action taken.
    HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearchToolBar.SettingsPlugin.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearchToolBar.SettingsPlugin (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.IECookiesManager.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.IECookiesManager (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.DataControl.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.DataControl (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.HTMLMenu.2 (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.HTMLMenu (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.HTMLPanel.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.HTMLPanel (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearchToolBar.ToolbarPlugin (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.PopSwatterSettingsControl.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.PopSwatterSettingsControl (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.PseudoTransparentPlugin.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.PseudoTransparentPlugin (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.PopSwatterBarButton.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.PopSwatterBarButton (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.HTMLMenu.1 (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> No action taken.
    HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\ScreenSaverControl.ScreenSaverInstaller (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.OutlookAddin.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.KillerObjManager.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.KillerObjManager (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.HistoryKillerScheduler.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.HistoryKillerScheduler (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.HistorySwatterControlBar.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.HistorySwatterControlBar (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.ChatSessionPlugin.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.ChatSessionPlugin (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> No action taken.
    HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> No action taken.
    HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
    HKCR\MyWebSearch.MultipleButton (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.MultipleButton.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.ThirdPartyInstaller (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.ThirdPartyInstaller.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.UrlAlertButton (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.UrlAlertButton.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\ShopperReports.Reporter (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.Reporter.1 (Adware.ShopperReports) -> No action taken.
    HKCU\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\QueryExplorer (Adware.QueryExplorer) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QueryExplorer (Adware.QueryExplorer) -> No action taken.
    HKCR\CLSID\{67FA02C4-AB30-4e77-A640-78EE8EC8673B} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A} (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61} (Adware.MyWebSearch) -> No action taken.

    Registry Values Detected: 5
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (Adware.MyWebSearch) -> Data: C:\PROGRA~2\MYWEBS~1\bar\3.bin\mwsoemon.exe -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (Adware.MyWebSearch) -> Data: C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3SCRCTR.DLL -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E8790572BC765C5736AB98 (Malware.Trace) -> Data: -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (Adware.MyWebSearch) -> Data: -> No action taken.
    HKLM\SOFTWARE\Mozilla\Firefox\extensions|ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Data: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.630.0\firefox\extensions -> No action taken.

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 28
    C:\Users\Richard\AppData\Roaming\FileHunter (PUP.FileHunter) -> No action taken.
    C:\Users\Richard\AppData\Roaming\FileHunter\downloads (PUP.FileHunter) -> No action taken.
    C:\Users\Richard\AppData\Roaming\FileHunter\metafiles (PUP.FileHunter) -> No action taken.
    C:\ProgramData\QueryExplorer (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\FunWebProducts (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464} (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\chrome (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\defaults (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\defaults\preferences (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\MyWebSearch (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\2.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\2.bin\chrome (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\chrome (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Game (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\icons (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Message (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Overlay (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\QueryExplorer (Adware.QueryExplorer) -> No action taken.

    Files Detected: 86
    C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll (PUP.FunWebProducts) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3REPROX.DLL (PUP.FunWebProducts) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3HTML.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3SKIN.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3MSG.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3REPROX.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> No action taken.
    C:\Windows\SysWOW64\f3PSSavr.scr (PUP.FunWebProducts) -> No action taken.
    C:\Users\Richard\Downloads\Codec-C(1).exe (Affiliate.Downloader) -> No action taken.
    C:\Users\Richard\Downloads\Codec-C.exe (Affiliate.Downloader) -> No action taken.
    C:\Users\Richard\Downloads\DownloadSetup(2).exe (Affiliate.Downloader) -> No action taken.
    C:\Users\Richard\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> No action taken.
    C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> No action taken.
    C:\Windows\SysWOW64\f3PSSavr.scr (Trojan.Agent) -> No action taken.
    C:\Users\Public\Documents\Server\admin.txt (Malware.Trace) -> No action taken.
    C:\Users\Public\Documents\Server\server.dat (Malware.Trace) -> No action taken.
    C:\Users\Richard\Local Settings\Application Data\Windows Server\admin.txt (Malware.Trace) -> No action taken.
    C:\Users\Richard\AppData\Roaming\FileHunter\pumpa.state (PUP.FileHunter) -> No action taken.
    C:\Users\Richard\AppData\Roaming\FileHunter\FileHunter.exe (PUP.FileHunter) -> No action taken.
    C:\Users\Richard\AppData\Roaming\FileHunter\version (PUP.FileHunter) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\chrome.manifest (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\install.rdf (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\chrome\queryexplorer.jar (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\defaults\preferences\prefs.js (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3FFTBPR.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PATCH.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\2.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\CHROME.MANIFEST (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3REGHK.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3SPACER.WMV (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\INSTALL.RDF (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3IDLE.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3PATCH.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3TPINST.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3UNPAT.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSMLBTN.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSUABTN.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Overlay\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.

    (end)


  • Advertisement
  • Registered Users Posts: 12,933 ✭✭✭✭Rothko


    Malwarebytes Anti-Malware (Trial) 1.60.1.1000
    www.malwarebytes.org

    Database version: v2012.03.04.06

    Windows 7 x64 NTFS
    Internet Explorer 8.0.7600.16385
    Richard :: RICHARD-PC [administrator]

    Protection: Enabled

    05/03/2012 19:43:20
    mbam-log2-2012-03-05 (19-47-26).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 250713
    Time elapsed: 3 minute(s), 56 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 2
    C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll (PUP.FunWebProducts) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3REPROX.DLL (PUP.FunWebProducts) -> No action taken.

    Registry Keys Detected: 130
    HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.FunWebProducts) -> No action taken.
    HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.FunWebProducts) -> No action taken.
    HKCR\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> No action taken.
    HKCR\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C} (Adware.ClickPotato) -> No action taken.
    HKCR\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> No action taken.
    HKCR\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> No action taken.
    HKCR\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> No action taken.
    HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearchToolBar.SettingsPlugin.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearchToolBar.SettingsPlugin (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.IECookiesManager.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.IECookiesManager (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.DataControl.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.DataControl (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.HTMLMenu.2 (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.HTMLMenu (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.HTMLPanel.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.HTMLPanel (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearchToolBar.ToolbarPlugin (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.PopSwatterSettingsControl.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.PopSwatterSettingsControl (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.PseudoTransparentPlugin.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.PseudoTransparentPlugin (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.PopSwatterBarButton.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.PopSwatterBarButton (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.HTMLMenu.1 (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> No action taken.
    HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\ScreenSaverControl.ScreenSaverInstaller (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.OutlookAddin.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.KillerObjManager.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.KillerObjManager (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.HistoryKillerScheduler.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.HistoryKillerScheduler (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.HistorySwatterControlBar.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\FunWebProducts.HistorySwatterControlBar (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.ChatSessionPlugin.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.ChatSessionPlugin (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> No action taken.
    HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> No action taken.
    HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
    HKCR\MyWebSearch.MultipleButton (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.MultipleButton.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.ThirdPartyInstaller (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.ThirdPartyInstaller.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.UrlAlertButton (Adware.MyWebSearch) -> No action taken.
    HKCR\MyWebSearch.UrlAlertButton.1 (Adware.MyWebSearch) -> No action taken.
    HKCR\ShopperReports.Reporter (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.Reporter.1 (Adware.ShopperReports) -> No action taken.
    HKCU\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\QueryExplorer (Adware.QueryExplorer) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QueryExplorer (Adware.QueryExplorer) -> No action taken.
    HKCR\CLSID\{67FA02C4-AB30-4e77-A640-78EE8EC8673B} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (Adware.MyWebSearch) -> No action taken.
    HKCR\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE} (Adware.MyWebSearch) -> No action taken.
    HKCR\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A} (Adware.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15} (Adware.MyWebSearch) -> No action taken.
    HKCR\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61} (Adware.MyWebSearch) -> No action taken.

    Registry Values Detected: 5
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (Adware.MyWebSearch) -> Data: C:\PROGRA~2\MYWEBS~1\bar\3.bin\mwsoemon.exe -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (Adware.MyWebSearch) -> Data: C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3SCRCTR.DLL -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E8790572BC765C5736AB98 (Malware.Trace) -> Data: -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (Adware.MyWebSearch) -> Data: -> No action taken.
    HKLM\SOFTWARE\Mozilla\Firefox\extensions|ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Data: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.630.0\firefox\extensions -> No action taken.

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 28
    C:\Users\Richard\AppData\Roaming\FileHunter (PUP.FileHunter) -> No action taken.
    C:\Users\Richard\AppData\Roaming\FileHunter\downloads (PUP.FileHunter) -> No action taken.
    C:\Users\Richard\AppData\Roaming\FileHunter\metafiles (PUP.FileHunter) -> No action taken.
    C:\ProgramData\QueryExplorer (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\FunWebProducts (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464} (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\chrome (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\defaults (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\defaults\preferences (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\MyWebSearch (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\2.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\2.bin\chrome (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\chrome (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Game (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\icons (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Message (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Overlay (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\QueryExplorer (Adware.QueryExplorer) -> No action taken.

    Files Detected: 86
    C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll (PUP.FunWebProducts) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3REPROX.DLL (PUP.FunWebProducts) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3HTML.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3SKIN.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3MSG.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3REPROX.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> No action taken.
    C:\Windows\SysWOW64\f3PSSavr.scr (PUP.FunWebProducts) -> No action taken.
    C:\Users\Richard\Downloads\Codec-C(1).exe (Affiliate.Downloader) -> No action taken.
    C:\Users\Richard\Downloads\Codec-C.exe (Affiliate.Downloader) -> No action taken.
    C:\Users\Richard\Downloads\DownloadSetup(2).exe (Affiliate.Downloader) -> No action taken.
    C:\Users\Richard\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> No action taken.
    C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> No action taken.
    C:\Windows\SysWOW64\f3PSSavr.scr (Trojan.Agent) -> No action taken.
    C:\Users\Public\Documents\Server\admin.txt (Malware.Trace) -> No action taken.
    C:\Users\Public\Documents\Server\server.dat (Malware.Trace) -> No action taken.
    C:\Users\Richard\Local Settings\Application Data\Windows Server\admin.txt (Malware.Trace) -> No action taken.
    C:\Users\Richard\AppData\Roaming\FileHunter\pumpa.state (PUP.FileHunter) -> No action taken.
    C:\Users\Richard\AppData\Roaming\FileHunter\FileHunter.exe (PUP.FileHunter) -> No action taken.
    C:\Users\Richard\AppData\Roaming\FileHunter\version (PUP.FileHunter) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\chrome.manifest (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\install.rdf (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\chrome\queryexplorer.jar (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}\defaults\preferences\prefs.js (Adware.QueryExplorer) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3FFTBPR.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PATCH.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\2.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\CHROME.MANIFEST (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3REGHK.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3SPACER.WMV (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\INSTALL.RDF (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3IDLE.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3PATCH.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3TPINST.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\M3UNPAT.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSMLBTN.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSUABTN.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\3.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Overlay\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.

    (end)


  • Site Banned Posts: 1,167 ✭✭✭ASJ112


    you can let mbam fix those just in case you didn't do that

    did a firefox re-install help with the home page issue ?


  • Registered Users Posts: 12,933 ✭✭✭✭Rothko


    Nope, I re-installed Firefox just now and I'm still having the same problem.


  • Site Banned Posts: 1,167 ✭✭✭ASJ112


    when we removed babylon it set firefox back to its default home page. Try this step out

    http://support.mozilla.org/en-US/kb/How%20to%20set%20the%20home%20page#w_set-a-single-web-site-as-your-home-page


    Other than that, I'm not sure.


  • Registered Users Posts: 12,933 ✭✭✭✭Rothko


    I tried that out and it seems to have worked. Thanks for all the help.


  • Registered Users, Registered Users 2 Posts: 7,604 ✭✭✭petethedrummer


    I have this problem on a 2nd hand laptop I acquired.

    Babylon creates entries all over the registry and in the extensions and add-ins in Firefox and other places too.

    Installing Spybot Search and Destroy should remove it all.
    199631.JPG


Advertisement