:OTL MOD - [2012-06-19 22:37:26 | 000,145,412 | R-S- | M] () – C:\Users\mj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mmthn.exe DRV - File not found [Kernel | On_Demand | Stopped] – system32\DRIVERS\nwlnkfwd.sys – (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] – system32\DRIVERS\nwlnkflt.sys – (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] – system32\DRIVERS\ipinip.sys – (IpInIp) IE - HKU\S-1-5-21-4005174588-13755670-66238132-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1335270296_813665 IE - HKU\S-1-5-21-4005174588-13755670-66238132-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://domredi.com/1/ IE - HKU\S-1-5-21-4005174588-13755670-66238132-1000…\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-4005174588-13755670-66238132-1000…\SearchScopes{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: “URL” = http://search.babylon.com/?q={searchTerms}&babsrc=SP_def&AF=17284 FF - prefs.js…browser.search.defaultenginename,S: S", “Search the web (Babylon)” FF - prefs.js…browser.search.order.1,S: S", “Search the web (Babylon)” FF - prefs.js…browser.search.selectedEngine,S: S", “Search the web (Babylon)” FF - prefs.js…browser.startup.homepage: “http://domredi.com/1/” FF - prefs.js…browser.startup.homepage: h", “h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,http://search.babylon.com/home?AF=17284” FF - prefs.js…keyword.URL,h: h", “http://search.babylon.com/?babsrc=KW_def&AF=17284&q=” O4 - HKU\S-1-5-21-4005174588-13755670-66238132-1000…\Run: [] File not found O4 - Startup: C:\Users\mj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mmthn.exe () O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\groove.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\infopath.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\mspub.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\onenote.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\outlook.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\winword.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) [2012-06-19 22:37:26 | 000,145,412 | R-S- | M] () – C:\Users\mj\AppData\Local\nydoaf.exe [2012-06-19 22:37:26 | 000,145,412 | R-S- | M] () – C:\Users\mj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mmthn.exe :Reg [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] :Commands [emptytemp]