0 Members and 1 Guest are viewing this topic.
:OTLIE - HKU\S-1-5-21-1399003062-4201162359-2867435019-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=66520IE - HKU\S-1-5-21-1399003062-4201162359-2867435019-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value foundIE - HKU\S-1-5-21-1399003062-4201162359-2867435019-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=0.0.0.0:80FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{7458E393-F3C7-11E1-8270-B8AC6F996F26}: C:\Users\drewroz\AppData\Local\{7458E393-F3C7-11E1-8270-B8AC6F996F26}\ [2012/08/31 16:58:28 | 000,000,000 | ---D | M][2011/01/10 13:55:34 | 000,000,935 | ---- | M] () -- C:\Users\drewroz\AppData\Roaming\Mozilla\Firefox\Profiles\kh5mk534.default\searchplugins\conduit.xml[2011/12/07 12:21:14 | 000,001,210 | ---- | M] () -- C:\Users\drewroz\AppData\Roaming\Mozilla\Firefox\Profiles\kh5mk534.default\searchplugins\search.xml[2012/08/31 16:58:28 | 000,000,000 | ---D | M] (Mozilla Safe Browsing) -- C:\USERS\DREWROZ\APPDATA\LOCAL\{7458E393-F3C7-11E1-8270-B8AC6F996F26}[2011/10/06 18:23:40 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xmlO2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll (Babylon BHO)O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll (Babylon Ltd.)O3 - HKU\S-1-5-21-1399003062-4201162359-2867435019-1000\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.O4 - HKU\S-1-5-21-1399003062-4201162359-2867435019-1000..\Run: [tpuseb] "C:\Windows\System32\rundll32.exe" "C:\Users\drewroz\AppData\Roaming\tpuseb.dll",List_Type File not found[2012/08/31 16:58:28 | 000,000,000 | ---D | C] -- C:\Users\drewroz\AppData\Local\{7458E393-F3C7-11E1-8270-B8AC6F996F26}[2012/08/29 14:30:31 | 000,681,472 | ---- | C] (C-Media Electronics Inc.) -- C:\Users\drewroz\AppData\Roaming\wocre.dll[2011/05/12 17:25:18 | 000,586,752 | -HS- | C] (Microsoft Corporation) -- C:\Users\drewroz\AppData\Local\kpb.exe[2012/09/11 20:57:03 | 000,000,000 | ---- | M] () -- C:\Users\drewroz\AppData\Local\¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿ[2011/08/18 19:23:40 | 000,010,984 | -HS- | C] () -- C:\Users\drewroz\AppData\Local\82p6qrw8l0gqk643spti3e804q07bl8p0o2d86557876b[2011/08/18 19:23:40 | 000,010,984 | -HS- | C] () -- C:\ProgramData\82p6qrw8l0gqk643spti3e804q07bl8p0o2d86557876b[2011/07/21 13:15:37 | 000,010,532 | -HS- | C] () -- C:\Users\drewroz\AppData\Local\7k5163102wde7353x17fe6b3dbxjdpch1[2011/07/21 13:15:37 | 000,010,532 | -HS- | C] () -- C:\ProgramData\7k5163102wde7353x17fe6b3dbxjdpch1[2011/07/13 11:54:05 | 000,009,082 | -HS- | C] () -- C:\Users\drewroz\AppData\Local\43sn62iuivpq5p6avdx3[2011/07/13 11:54:05 | 000,009,082 | -HS- | C] () -- C:\ProgramData\43sn62iuivpq5p6avdx3[2011/06/04 16:25:10 | 000,009,186 | -HS- | C] () -- C:\Users\drewroz\AppData\Local\806jq53806334f47p2e2s0n[2011/06/04 16:25:10 | 000,009,186 | -HS- | C] () -- C:\ProgramData\806jq53806334f47p2e2s0n[2011/05/29 08:51:16 | 000,009,098 | -HS- | C] () -- C:\Users\drewroz\AppData\Local\455e18762l34t[2011/05/29 08:51:16 | 000,009,098 | -HS- | C] () -- C:\ProgramData\455e18762l34t[2011/05/12 17:25:24 | 000,009,550 | -HS- | C] () -- C:\Users\drewroz\AppData\Local\mxfvglcuf5lp6c06n0118lap1tpbhyoa0242p836ls[2011/05/12 17:25:24 | 000,009,550 | -HS- | C] () -- C:\ProgramData\mxfvglcuf5lp6c06n0118lap1tpbhyoa0242p836ls:FilesC:\Program Files (x86)\BabylonToolbaripconfig /flushdns /cnetsh int ip reset c:\resetlog.txt /cipconfig /release /cipconfig /renew /c:Commands[purity][resethosts][emptytemp][CREATERESTOREPOINT][Reboot]
O1 HOSTS File: ([2012/01/30 15:26:38 | 000,001,401 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hostsO1 - Hosts: 127.0.0.1 localhostO1 - Hosts: ::1 localhostO1 - Hosts: 109.163.226.208 www.google-analytics.com.O1 - Hosts: 109.163.226.208 ad-emea.doubleclick.net.O1 - Hosts: 109.163.226.208 www.statcounter.com.O1 - Hosts: 69.72.252.254 www.google-analytics.com.O1 - Hosts: 69.72.252.254 ad-emea.doubleclick.net.O1 - Hosts: 69.72.252.254 www.statcounter.com.