Assistance required please to remove istart.websearches.com

[Bobby06]

Here is the Second Additional Scan , I'm just about to see if istart.websearches is still in my browsers, I took the precaution of uninstalling Mozilla Firefox thinking if Google Chrome works OK it would mean only IE would have to be fixed. Do you think it will be OK to reinstall back if everything is OK?.Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014 01
Ran by Nigel at 2014-09-03 23:20:55
Running from C:\Users\Nigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\484WHCQX
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Crystal Eye webcam Ver:1.1.95.714 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.95.714 - Chicony Electronics Co.,Ltd.)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3002 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3002 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3004 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.06.0804 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{1CAFFEC6-23B4-484B-B17B-3200BE5C5636}) (Version: 99.9 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.05001 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.17.05001 - Alcor Micro Corp.) Hidden
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
BBC iPlayer Downloads (HKLM-x32\...\{60094A87-D184-4616-9538-F111C02042F8}) (Version: 1.8.0 - BBC)
Bing Bar (HKLM-x32\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.174.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.1.2815o.50 - CyberLink Corp.)
CyberLink PowerDVD 8 (x32 Version: 8.1.2815o.50 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
Foxtel GO (HKCU\...\Foxtel GO 1.5) (Version: 1.5 - Foxtel)
Foxtel GO (x32 Version: 1.5 - Foxtel) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.02 - Acer Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
Octoshape add-in for Adobe Flash Player (HKCU\...\Octoshape add-in for Adobe Flash Player) (Version: - )
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Radioplayer (HKLM-x32\...\com.radioplayer.launcher.radioplayerlauncher) (Version: 1.2.386 - UK Radioplayer Ltd)
Radioplayer (x32 Version: 1.2.386 - UK Radioplayer Ltd) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5888 - Realtek Semiconductor Corp.)
Simple Adblock (HKLM-x32\...\{A9A75A7F-4785-430D-8013-77BC1FD13A4C}) (Version: 1.1.5 - Simple Adblock)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version: - Oberon Media)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
Telstra USB+Wi-Fi Hostless Modem (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation)
TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4116000945-235673462-3313673197-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nigel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4116000945-235673462-3313673197-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4116000945-235673462-3313673197-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4116000945-235673462-3313673197-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4116000945-235673462-3313673197-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4116000945-235673462-3313673197-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4116000945-235673462-3313673197-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nigel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4116000945-235673462-3313673197-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nigel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4116000945-235673462-3313673197-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nigel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4116000945-235673462-3313673197-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nigel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

18-08-2014 11:45:46 Removed BBC iPlayer Downloads
18-08-2014 11:51:20 Installed BBC iPlayer Downloads
22-08-2014 11:31:29 Windows Update
26-08-2014 03:04:32 Cleaner (Spybot - Search & Destroy 2.4, administrator privileges
26-08-2014 03:05:48 Cleaner (Spybot - Search & Destroy 2.4, administrator privileges
26-08-2014 07:32:11 Cleaner (Spybot - Search & Destroy 2.4, administrator privileges
26-08-2014 23:34:08 Installed SpyHunter
27-08-2014 01:20:45 Windows Update
27-08-2014 01:24:26 Removed SpyHunter
27-08-2014 01:40:27 Removed SpyHunter
28-08-2014 00:01:42 Windows Update
30-08-2014 10:54:08 Removed Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ej4
01-09-2014 01:42:56 Cleaner (Spybot - Search & Destroy 2.4, administrator privileges
01-09-2014 01:44:15 Cleaner (Spybot - Search & Destroy 2.4, administrator privileges
02-09-2014 00:08:31 Removed Adobe Photoshop Lightroom 5.3 64-bit.
02-09-2014 09:00:27 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 12:34 - 2014-08-30 15:22 - 00450770 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01159DE2-A011-4764-98F3-346CB60699E4} - System32\Tasks\{D7654395-BFA9-4959-B8B1-44BD951EFB86} => C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
Task: {07368DB1-DCF8-47AB-A46E-953F3BDE07CE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4116000945-235673462-3313673197-1000Core => C:\Users\Nigel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {07640A3E-24EB-4060-9138-1B0278CE8D85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-03] (Google Inc.)
Task: {1383606C-BC21-4B80-98A7-C5E01E568454} - System32\Tasks\{49E65517-C6FF-4662-926A-722036CEACED} => Iexplore.exe http://ui.skype.com/ui/0/6.14.60.104/en/abandoninstall?page=tsProgressBar
Task: {2C08F93E-4D64-4926-9F70-779510E5F131} - System32\Tasks\{3BCAB8DD-A9A8-467A-9DF8-252117296EF5} => Iexplore.exe http://ui.skype.com/ui/0/6.9.0.106/en/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {2FCFC2B7-80A2-4360-96DD-3AF9EC600FA7} - System32\Tasks\{FA2DFFBA-D8D9-43BE-8798-6320337ECC10} => C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
Task: {317C3EBB-645E-452F-B40C-A2081F55861E} - System32\Tasks\{C9EAA295-3EC7-4043-B759-AD03F0D4F849} => C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe [2013-10-08] (Google)
Task: {64AAAF77-2283-490B-A64A-FA5F7C4BC0DE} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-10] (Acer)
Task: {72B05C7B-374E-4737-99DD-92FD310BC9E8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {753965CB-C960-4CC0-8E41-AC154CCB6501} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9B206781-8799-47F6-AFED-FE4F4788E851} - System32\Tasks\{BB110E67-98B9-4BBA-A79C-13A8C150DB91} => Firefox.exe
Task: {ABD943F4-1266-443F-BF02-653F006F58C1} - System32\Tasks\{5E281035-07E3-4953-9823-2E84881987F6} => Iexplore.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {B25C44DA-9D76-4B40-82B2-39157FC488B6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4116000945-235673462-3313673197-1000UA => C:\Users\Nigel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {B6F5E4F0-B8F9-44BB-BD67-0478C4EB57C5} - System32\Tasks\{02776CF1-FDD5-44F5-8243-916C10FDFA96} => Iexplore.exe http://ui.skype.com/ui/0/6.14.60.104/en/abandoninstall?page=tsProgressBar
Task: {BCB89F73-A162-4BB0-8AC8-D72E9CABBC09} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-15] (Adobe Systems Incorporated)
Task: {BCFAE52A-B727-4AD2-8C9D-17A5D5360EEE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {BF43EC88-6689-4721-A7F3-4E66AD29C445} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-02] (AVAST Software)
Task: {D43205E6-142F-4EE2-8BF6-2F60B84CC4F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-03] (Google Inc.)
Task: {DD7E5943-6DD6-4895-AF3D-D129412CC46E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {DE417B94-DA00-4F2E-93FD-B1BDD39475F5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4116000945-235673462-3313673197-1000Core.job => C:\Users\Nigel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4116000945-235673462-3313673197-1000UA.job => C:\Users\Nigel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-06-29 09:36 - 2012-06-29 09:35 - 00200704 _____ () C:\Windows\PLFSetI.exe
2009-07-01 18:54 - 2009-07-01 18:54 - 00173344 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2013-06-12 14:44 - 2012-09-21 00:16 - 00442696 _____ () C:\Program Files (x86)\Hostless Modem\Telstra USB+Wi-Fi\CheckNDISPort_df.exe
2014-07-02 20:32 - 2014-07-02 20:32 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-03 20:30 - 2014-09-03 20:30 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\14090300\algo.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-05 10:17 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-07-05 10:17 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-07-05 10:17 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-07-05 10:17 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-07-05 10:17 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-09-03 23:10 - 2014-09-03 23:10 - 00098816 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\win32api.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00110080 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\pywintypes27.dll
2014-09-03 23:10 - 2014-09-03 23:10 - 00364544 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\pythoncom27.dll
2014-09-03 23:10 - 2014-09-03 23:10 - 00044032 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\_socket.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 01157120 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\_ssl.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00320512 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\win32com.shell.shell.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00712192 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\_hashlib.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 01175040 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\wx._core_.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00805888 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\wx._gdi_.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00811008 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\wx._windows_.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 01062400 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\wx._controls_.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00735232 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\wx._misc_.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00128512 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\_elementtree.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00127488 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\pyexpat.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00557056 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\pysqlite2._sqlite.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00087040 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\_ctypes.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00119808 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\win32file.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00108544 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\win32security.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00018432 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\win32event.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00038912 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\win32inet.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00122368 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\wx._wizard.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00070656 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\wx._html2.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00026624 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\_multiprocessing.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00010240 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\select.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00024064 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\win32pipe.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00686080 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\unicodedata.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00025600 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\win32pdh.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00525640 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\windows._lib_cacheinvalidation.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00011264 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\win32crypt.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00035840 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\win32process.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00017408 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\win32profile.pyd
2014-09-03 23:10 - 2014-09-03 23:10 - 00022528 _____ () C:\Users\Nigel\AppData\Local\Temp\_MEI29162\win32ts.pyd
2014-07-02 20:33 - 2014-07-02 20:33 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:1D32EC29
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\Users\Nigel\Documents\Cut down phone bills with video and voice calls.eml:OECustomProperty
AlternateDataStreams: C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\ninemsn Homepage - Hotmail, Messenger, News, Sport & More.websiteESTICON_favicon-1545051169
AlternateDataStreams: C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\ninemsn Homepage - Hotmail, Messenger, News, Sport & More.websiteESTICON_favicon-2129689956
AlternateDataStreams: C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\ninemsn Homepage - Hotmail, Messenger, News, Sport & More.websiteESTICON_favicon-309781297
AlternateDataStreams: C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\ninemsn Homepage - Hotmail, Messenger, News, Sport & More.websiteESTICON_favicon-571293185
AlternateDataStreams: C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\ninemsn Homepage - Hotmail, Messenger, News, Sport & More.websiteESTICON_favicon730968612
AlternateDataStreams: C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\ninemsn Homepage - Outlook.com, News, Sport & More.websiteESTICON_favicon-1545051169
AlternateDataStreams: C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\ninemsn Homepage - Outlook.com, News, Sport & More.websiteESTICON_favicon-2129689956
AlternateDataStreams: C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\ninemsn Homepage - Outlook.com, News, Sport & More.websiteESTICON_favicon-309781297
AlternateDataStreams: C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\ninemsn Homepage - Outlook.com, News, Sport & More.websiteESTICON_favicon-571293185
AlternateDataStreams: C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\ninemsn Homepage - Outlook.com, News, Sport & More.websiteESTICON_favicon730968612

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: adgnetworktdi
Description: adgnetworktdi
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: adgnetworktdi
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (09/03/2014 11:11:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
adgnetworktdi
cdrom


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-05-22 16:42:33.882
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\KernelBase.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-22 11:37:28.252
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\KernelBase.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-02 17:45:28.582
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-02 17:45:28.322
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 09:43:04.052
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 09:43:03.760
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 09:26:13.733
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 09:26:13.326
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-28 17:17:58.213
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-28 17:17:57.983
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Genuine Intel(R) CPU U4100 @ 1.30GHz
Percentage of memory in use: 78%
Total physical RAM: 1978.91 MB
Available physical RAM: 421.84 MB
Total Pagefile: 3957.83 MB
Available Pagefile: 2191.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:220.79 GB) (Free:162.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E4578272)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=220.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

[Bobby06]

Well that seems to fixed my browsers IE and Google Chrome no more istart.websearches.com, thank God for that. A big thank you Ken for all your help! and to Spybot, I will await to what you think about reinstalling Mozilla Firefox .

 

[ken545]

Go for it and lets see what happens

 

[Bobby06]

Yep! all good Ken , Thanks again all three browsers IE11,Google Chrome and Mozilla Firefox are finally free of istart.websearches.com, we can put this thread to bed, thats just where I'm headed now, a big thanks again and Goodnight.
Nigel

 

[ken545]

Thats great Nigel, glad to hear that this pest is gone and that we could help



Double click on AdwCleaner.exe to run the tool again.

• Click on the Uninstall button.
• Click Yes when asked are you sure you want to uninstall.
• Both AdwCleaner.exe, its folder and all logs will be removed.

==========================================================


Please download DelFix and save the file to your Desktop.

• Double-click DelFix.exe to run the program.
• Place a checkmark next to the following items:

*Activate UAC
*Remove disinfection tools
*Create registry backup
*Reset System Settings


Click the Run button

This will remove the specialised tools we used to clean your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually



==========================================================

• 
  How did I get infected in the first place ?
  Read these links and find out how to prevent getting infected again.
• Tutorial for System Restore <-- Do this first to prevent yourself from being reinfected.
• WhattheTech
• Grinler BleepingComputer
• GeeksTo Go
• Dslreports

Safe Surfn
Ken

 

[ken545]

Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.