Possible Virus - Delta Search, Babylon.Toolbar

[OCD]

Hi Luney Loz,

1. Run OTL.exe

Windows Vista and Windows 7 users Right Click and select "Run as Administrator"

• Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
  
  
  Code:

  :Files
  C:\Windows\System32\?I /U /S
  C:\Windows\System32\?H /U /S
  C:\Windows\System32\?g /U /S
  C:\Windows\System32\?G /U /S
  
  :Commands
  [purity]
  [createrestorepoint]
  [emptytemp]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot when it is done
• Then re-run OTL and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

=========================

In your next post please provide the following:

• OTL.fix log
• Fresh OTL.txt
• Any remaining issues?

[Luney Loz]

All processes killed
========== FILES ==========
File\Folder C:\Windows\System32\?I not found.
File\Folder C:\Windows\System32\?H not found.
File\Folder C:\Windows\System32\?g not found.
File\Folder C:\Windows\System32\?G not found.
========== COMMANDS ==========
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: lauren
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 05232013_173500

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[OCD]

Hi Luney Loz,

Let's try a slighly different approach.

1. Run OTL.exe

Windows Vista and Windows 7 users Right Click and select "Run as Administrator"

• Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
  
  
  Code:

  :OTL
  [2013/02/24 17:41:17 | 000,000,072 | ---- | M] ()(C:\Windows\System32\?I) -- C:\Windows\System32\纈Ī
  [2013/02/24 17:41:17 | 000,000,072 | ---- | C] ()(C:\Windows\System32\?I) -- C:\Windows\System32\纈Ī
  [2013/02/09 19:32:24 | 000,000,036 | ---- | M] ()(C:\Windows\System32\?H) -- C:\Windows\System32\簘Ħ
  [2013/02/09 19:32:24 | 000,000,036 | ---- | C] ()(C:\Windows\System32\?H) -- C:\Windows\System32\簘Ħ
  [2012/12/29 21:50:04 | 000,000,036 | ---- | M] ()(C:\Windows\System32\?I) -- C:\Windows\System32\䚰Ĭ
  [2012/12/29 21:50:04 | 000,000,036 | ---- | C] ()(C:\Windows\System32\?I) -- C:\Windows\System32\䚰Ĭ
  [2012/09/23 20:57:10 | 000,000,036 | ---- | M] ()(C:\Windows\System32\?g) -- C:\Windows\System32\풰ġ
  [2012/09/23 20:57:10 | 000,000,036 | ---- | C] ()(C:\Windows\System32\?g) -- C:\Windows\System32\풰ġ
  [2012/09/13 20:57:40 | 000,000,036 | ---- | M] ()(C:\Windows\System32\?G) -- C:\Windows\System32\쩸Ĝ
  [2012/09/13 20:57:40 | 000,000,036 | ---- | C] ()(C:\Windows\System32\?G) -- C:\Windows\System32\쩸Ĝ
  
  :Commands
  [purity]
  [createrestorepoint]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot when it is done

=========================

In your next post please provide the following:

• OTL fix log
• Any remaining issues?

[Luney Loz]

Hi,

Not sure if this is the log or not. I had to manually search after the reboot. How do things appear to be looking?

----------

========== OTL ==========
C:\Windows\System32\纈Ī moved successfully.
File C:\Windows\System32\纈Ī not found.
C:\Windows\System32\簘Ħ moved successfully.
File C:\Windows\System32\簘Ħ not found.
C:\Windows\System32\䚰Ĭ moved successfully.
File C:\Windows\System32\䚰Ĭ not found.
C:\Windows\System32\풰ġ moved successfully.
File C:\Windows\System32\풰ġ not found.
C:\Windows\System32\쩸Ĝ moved successfully.
File C:\Windows\System32\쩸Ĝ not found.
========== COMMANDS ==========
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 05242013_130431

[OCD]

Hi fujymo,

How do things appear to be looking?

We are making good progress. Run OTL again for a fresh scan, if all looks good we will clean up and send you on your way.

=========================

1. Re-run OTL (it should be located on your desktop).

Windows Vista and Windows 7 users Right Click and select "Run as Administrator" on the icon to run it.

• Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top change it to Minimal Output.
• Uncheck the boxes beside LOP Check and Purity Check.
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

• When the scan completes, it will open one notepad window. OTL.Txt. (No Extras.txt will be produced)
  Note:The log can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
• Please copy (Edit->Select All, Edit->Copy) the contents of the file, and post it with your next reply.

=========================

In your next post please provide the following:

• OTL.txt

[Luney Loz]

Hi,

My Dad wanted me to mention that WOT doesn't show those circles beside search results to show if a site isn't safe or not. He uses Internet Explorer. They show in Firefox. They used to show in Internet Explorer before my Dad deleted WOT, thinking it was the virus. I re-installed it but it didn't show in search results.

----------

OTL logfile created on: 27/05/2013 10:48:58 AM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\lauren\Desktop\Spybot Forums
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

2.00 Gb Total Physical Memory | 1.20 Gb Available Physical Memory | 60.21% Memory free
4.00 Gb Paging File | 2.78 Gb Available in Paging File | 69.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.66 Gb Total Space | 335.00 Gb Free Space | 71.94% Space Free | Partition Type: NTFS
Drive D: | 4.37 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: LAUREN-PC | User Name: lauren | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Lauren\Desktop\Spybot Forums\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
PRC - C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe (Affinegy, Inc.)
PRC - C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
PRC - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe (BitDefender S.R.L.)
PRC - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender S.R.L.)
PRC - C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe (BitDefender S.R.L.)
PRC - C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Users\Lauren\AppData\Local\Temp\CmdLineExt03.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll ()
MOD - C:\Program Files\BitDefender\BitDefender 2010\framework.dll ()
MOD - C:\Windows\System32\txmlutil.dll ()


========== Services (SafeList) ==========

SRV - (SDWSCService) -- C:\Program Files\Spybot File not found
SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found
SRV - (SDScannerService) -- C:\Program Files\Spybot File not found
SRV - (NMIndexingService) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer8) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (AffinegyService) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe (BitDefender S.R.L.)
SRV - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender S.R.L.)
SRV - (scan) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L)
SRV - (Arrakis3) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe (BitDefender S.R.L. http://www.bitdefender.com)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (EagleXNt) -- C:\Windows\system32\drivers\EagleXNt.sys File not found
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (BDFM) -- C:\Windows\System32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (bdfwfpf) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys (BitDefender LLC)
DRV - (BdfNdisf) -- C:\Windows\System32\drivers\BdfNdisf6.sys (BitDefender LLC)
DRV - (BDVEDISK) -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys (BitDefender)
DRV - (Profos) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys (BitDefender S.R.L.)
DRV - (L1E) -- C:\Windows\System32\drivers\L1E62x86.sys (Atheros Communications, Inc.)
DRV - (bdfsfltr) -- C:\Windows\System32\drivers\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (BrSerIb) -- C:\Windows\System32\drivers\BrSerIb.sys (Brother Industries Ltd.)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (BrUsbSIb) -- C:\Windows\System32\drivers\BrUsbSIb.sys (Brother Industries Ltd.)
DRV - (Trufos) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys (BitDefender S.R.L.)
DRV - (KMWDFILTERx86) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (RT61) -- C:\Windows\System32\drivers\rt61.sys (Ralink Technology Corp.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ipstar.com.au/nbn/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D8 67 70 F8 11 DA CA 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {800AD787-4E99-402F-AB8A-3C9F0B8BF537}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&r=726
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{800AD787-4E99-402F-AB8A-3C9F0B8BF537}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20111253,17023,0,16,0"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.172
FF - prefs.js..extensions.enabledAddons: clickclean%40hotcleaner.com:4.1
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: clickclean@hotcleaner.com:3.6.5.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.911
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF - prefs.js..extensions.enabledItems: avg@toolbar:9.0.0.18.1
FF - prefs.js..extensions.enabledItems: addon@defaulttab.com:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.4.2.20111006100951
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.6.0
FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com/?Programid=132&Elementname=Keyword&Applicationid={101A0EC6-CB3D-495A-B32F-16F906F795F9}&Version=3.6.5&Vintage=20111253&Defaultbrowserid=16&Productid=2723&Vendorid=6384&Offerid=17029&searchterm="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010/06/06 18:51:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/04/01 15:53:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/19 19:24:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/19 19:24:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/19 19:24:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/19 19:24:25 | 000,000,000 | ---D | M]

[2012/04/20 20:54:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lauren\AppData\Roaming\Mozilla\Extensions
[2012/04/20 20:54:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lauren\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2013/05/21 21:17:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lauren\AppData\Roaming\Mozilla\Firefox\Profiles\7v4sz15g.default\extensions
[2013/05/17 08:07:39 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Lauren\AppData\Roaming\Mozilla\Firefox\Profiles\7v4sz15g.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013/03/28 16:28:44 | 000,000,000 | ---D | M] (Click&Clean) -- C:\Users\Lauren\AppData\Roaming\Mozilla\Firefox\Profiles\7v4sz15g.default\extensions\clickclean@hotcleaner.com
[2013/05/09 21:01:13 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Lauren\AppData\Roaming\Mozilla\Firefox\Profiles\7v4sz15g.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/05/19 19:24:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/19 19:24:30 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/04/01 15:53:31 | 000,000,000 | ---D | M] (No name found) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5

O1 HOSTS File: ([2013/05/13 12:47:01 | 000,447,225 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15354 more lines...
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" File not found
O4 - HKCU..\Run: [BlazeServoTool] "C:\Program Files\BlazeVideo\BlazeDVD 5 Professional\MediaDetector.exe" File not found
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{305EE8BF-5C5A-4252-A9EB-0BF282A6E190}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 07:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/09/05 00:37:47 | 001,064,960 | R--- | M] (Codemasters Software Co.) - D:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2009/09/17 23:10:53 | 000,000,067 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{097c7de7-4204-11df-b3c8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{097c7de7-4204-11df-b3c8-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2009/09/05 00:37:47 | 001,064,960 | R--- | M] (Codemasters Software Co.)
O33 - MountPoints2\{56cde57c-72c7-11df-8715-002215977ef7}\Shell - "" = AutoRun
O33 - MountPoints2\{56cde57c-72c7-11df-8715-002215977ef7}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{fffa45f9-6365-11e1-bb8d-002215977ef7}\Shell - "" = AutoRun
O33 - MountPoints2\{fffa45f9-6365-11e1-bb8d-002215977ef7}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/22 22:27:21 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/05/22 20:12:54 | 000,000,000 | ---D | C] -- C:\Users\lauren\Desktop\AIR CON
[2013/05/22 10:28:08 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/05/21 22:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\WOT
[2013/05/19 19:24:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/05/18 16:55:00 | 000,000,000 | ---D | C] -- C:\Users\lauren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/05/15 21:14:18 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/05/15 21:14:17 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/05/15 21:14:17 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/05/15 21:14:17 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/05/15 21:14:16 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/05/15 21:14:16 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/05/15 21:14:16 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/05/15 21:14:16 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/05/15 21:14:16 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/05/15 21:14:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/05/15 17:22:42 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/05/15 17:22:41 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2013/05/15 17:22:29 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013/05/15 17:22:29 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2013/05/13 14:55:42 | 000,000,000 | ---D | C] -- C:\Users\lauren\Desktop\Spybot Forums
[2013/05/03 13:30:13 | 000,000,000 | ---D | C] -- C:\Users\lauren\AppData\Local\DDMSettings

========== Files - Modified Within 30 Days ==========

[2013/05/27 10:48:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/27 10:44:06 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/27 10:44:06 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/27 10:43:56 | 000,636,792 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/27 10:43:56 | 000,114,234 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/05/27 10:39:04 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/27 10:36:53 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/27 10:36:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/27 10:36:42 | 1609,867,264 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/25 11:42:55 | 000,000,024 | ---- | M] () -- C:\Users\lauren\random.dat
[2013/05/25 11:42:31 | 000,000,024 | ---- | M] () -- C:\Users\lauren\jagexappletviewer.preferences
[2013/05/25 11:42:01 | 000,000,032 | ---- | M] () -- C:\Users\lauren\jagex_cl_runescape_LIVE.dat
[2013/05/24 13:23:24 | 000,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
[2013/05/21 21:17:46 | 000,000,106 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013/05/18 16:54:53 | 000,000,551 | ---- | M] () -- C:\Windows\eReg.dat
[2013/05/16 16:54:50 | 000,310,128 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/15 18:50:47 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/05/15 18:50:47 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/05/13 14:46:05 | 000,000,512 | ---- | M] () -- C:\Users\lauren\Desktop\MBR.dat
[2013/05/13 12:47:01 | 000,447,225 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/05/13 12:34:44 | 000,447,225 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130513-124701.backup
[2013/05/10 20:18:40 | 000,001,457 | ---- | M] () -- C:\Users\lauren\Desktop\Operation Flashpoint - Dragon Rising v1.0 + 4 Trainer - Shortcut.lnk
[2013/05/02 02:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013/04/29 19:20:43 | 000,000,250 | ---- | M] () -- C:\Users\lauren\Desktop\Operation Flashpoint - Dragon Rising.lnk
[2013/04/28 16:48:17 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk

========== Files Created - No Company Name ==========

[2013/05/21 21:17:42 | 000,000,106 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013/05/18 16:54:53 | 000,000,551 | ---- | C] () -- C:\Windows\eReg.dat
[2013/05/13 14:46:05 | 000,000,512 | ---- | C] () -- C:\Users\lauren\Desktop\MBR.dat
[2013/05/10 20:18:40 | 000,001,457 | ---- | C] () -- C:\Users\lauren\Desktop\Operation Flashpoint - Dragon Rising v1.0 + 4 Trainer - Shortcut.lnk
[2013/04/29 19:20:43 | 000,000,250 | ---- | C] () -- C:\Users\lauren\Desktop\Operation Flashpoint - Dragon Rising.lnk
[2013/04/07 11:41:10 | 000,000,045 | ---- | C] () -- C:\Users\lauren\jagex_cl_oldschool_LIVE.dat
[2013/04/07 11:41:10 | 000,000,024 | ---- | C] () -- C:\Users\lauren\random.dat
[2013/03/23 20:42:08 | 000,000,032 | ---- | C] () -- C:\Users\lauren\jagex_cl_runescape_LIVE.dat
[2013/03/23 20:41:07 | 000,000,024 | ---- | C] () -- C:\Users\lauren\jagexappletviewer.preferences
[2012/04/27 17:21:30 | 000,000,057 | ---- | C] () -- C:\Users\lauren\AppData\Roaming\mbam.context.scan
[2012/01/05 06:59:17 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/01/05 06:57:18 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012/01/04 15:45:43 | 000,022,328 | ---- | C] () -- C:\Users\lauren\AppData\Roaming\PnkBstrK.sys
[2012/01/04 15:45:21 | 000,107,832 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012/01/01 12:53:24 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/05/31 21:47:27 | 000,000,025 | ---- | C] () -- C:\Users\lauren\AppData\Roaming\bdfvconp.ini
[2010/04/27 20:43:08 | 000,000,000 | ---- | C] () -- C:\Users\lauren\AppData\Local\prvlcl.dat
[2010/04/19 19:38:42 | 000,000,088 | RHS- | C] () -- C:\ProgramData\6AC54BA7A2.sys
[2010/04/19 19:38:41 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/04/12 23:33:09 | 000,000,087 | ---- | C] () -- C:\Users\lauren\jagex_runescape_preferences2.dat
[2010/04/12 23:33:09 | 000,000,000 | ---- | C] () -- C:\Users\lauren\jagex__preferences3.dat
[2010/04/12 23:29:28 | 000,000,042 | ---- | C] () -- C:\Users\lauren\jagex_runescape_preferences.dat
[2010/04/07 18:00:49 | 000,007,597 | ---- | C] () -- C:\Users\lauren\AppData\Local\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009/07/14 14:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 14:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 11:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

[OCD]

Hi Luney Loz,

We have a few options to try and clear up the WOT issue:

Try step 1 first and check the results, if that fails to correct the problem go to step 2.

=========================

1. Clear Browser Cache in IE9

• Close all Internet Explorer and Windows Explorer windows that are currently open.
• Open Internet Explorer.
• Click the Tools button , and then expand theSafety menu, then select Delete browsing history.
• Select the check box next to each of the following categories.
  
  • Temporary Internet files and website files
  • History
• Click Delete

=========================

2. To Reset Internet Explorer Settings

1. Close all Internet Explorer and Windows Explorer windows that are currently open.
2. Open Internet Explorer.
3. Click the Tools button , and then click Internet Options.
4. Click the Advanced tab, and then click Reset.
5. Select the Delete personal settings check box if you would also like to remove browsing history, search providers, Accelerators, home pages, Tracking Protection, and ActiveX Filtering data.
6. In the Reset Internet Explorer Settings dialog box, click Reset.
7. When Internet Explorer finishes applying default settings, click Close, and then click OK.
8. Close Internet Explorer.

=========================

In your next post please provide the following:

• Update on the WOT issue
• Any remaining issues we haven't addressed?

[Luney Loz]

Hi,

For some reason, it still doesn't show up beside search results in Internet Explorer. It only shows in FireFox even though it's installed on both. Dunno what my Dad did to stuff it up.

[OCD]

Hi Luney Loz,

If it's working in Firefox but not in Internet Explorer it's definitely an IE issue.

Let's try these steps in this sequence and see if we can correct this issue. (I know quite a few steps)

1. Uninstall via Programs and Features

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:

• WOT for IE

=========================

2. Disable WOT add-on in Internet Explorer

• With Internet Explorer open locate the (gear icon) in the top right corner.
• Select in choose Manage add-ons >> in the Add-on Types category select Toolbars and Extensions
• Scroll down to WOT and disable any that might be present, confirm the Disable add-on pop-up
• Close the Manage Add-on window

=========================

3. Clear Browser Cache in IE9

• Close all Internet Explorer and Windows Explorer windows that are currently open.
• Open Internet Explorer.
• Click the Tools button , and then expand theSafety menu, then select Delete browsing history.
• Select the check box next to each of the following categories.
  
  • Temporary Internet files and website files
  • History
• Click Delete

=========================

4. Reboot

=========================

5. Download a new copy of WOT for IE

• Go to http://www.mywot.com/en/download and download and install a fresh copy
• Follow the onscreen instructions
• Remember to close any open Internet Explorer windows that may be open.

=========================

6. Reboot Again

=========================

7. Check WOT in IE

Now check to see if WOT shows in the Manage Add-ons section, and also see if it functions in Internet Explorer.

=========================

[Luney Loz]

Hi,

That worked. Thanks very much for all your help. I really appreciate it! :-)