Hi,
Well done with logs. Where is aswMBR logs? You need to run that as well.
Re-run OTL.exe.
[*]Copy and paste the following text written inside of the quote box into the Custom Scans/Fixes box.
:commands
[CREATERESTOREPOINT]
:files
C:\$Recycle.Bin\S-1-5-21-112790860-2575705475-4214353926-1000
C:\Users\Jack\AppData\Local\Temp\iswizard\dwm.exe
C:\Users\Jack\AppData\Local\Temp\iswizard\iswizard.7z
C:\Users\Jack\AppData\Local\Temp\iswizard
C:\ProgramData\IBUpdaterService\repository.xml
C:\ProgramData\BrowserDefender
C:\Users\Jack\AppData\Local\Temp\tsiVi232.dll
C:\Users\Jack\AppData\Roaming\Spotify\Data\libcef.dll
C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
C:\Program Files (x86)\mixidj
dir C:\Users\Jack\AppData\Local\Programs /c
C:\Users\Jack\AppData\Roaming\BabSolution
C:\Users\Jack\AppData\Roaming\Babylon
C:\Users\Jack\AppData\Roaming\Softonic
ipconfig /flushdns /c
:OTL
IE - HKU\S-1-5-21-112790860-2575705475-4214353926-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=D82F00A0C6000000&affID=121124&tsp=4927
IE - HKU\S-1-5-21-112790860-2575705475-4214353926-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=D82F00A0C6000000&affID=121124&tsp=4927
IE - HKU\S-1-5-21-112790860-2575705475-4214353926-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_din2g&mntrId=D82F00A0C6000000&affID=121124&tsp=4927
IE - HKU\S-1-5-21-112790860-2575705475-4214353926-1000\..\SearchScopes\{2008C2ED-C644-4A1E-AC7E-59412B282E70}: "URL" = http://search.softonic.com/MOY00014/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=d82f47e300000000000000a0c6000000&r=168
IE - HKU\S-1-5-21-112790860-2575705475-4214353926-1001\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=D82F00A0C6000000&affID=121124&tsp=4927
IE - HKU\S-1-5-21-112790860-2575705475-4214353926-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=D82F00A0C6000000&affID=121124&tsp=4927
IE - HKU\S-1-5-21-112790860-2575705475-4214353926-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_din2g&mntrId=D82F00A0C6000000&affID=121124&tsp=4927
IE - HKU\S-1-5-21-112790860-2575705475-4214353926-1001\..\SearchScopes\{2008C2ED-C644-4A1E-AC7E-59412B282E70}: "URL" = http://search.softonic.com/MOY00014/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=d82f47e300000000000000a0c6000000&r=168
CHR - homepage: http://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=D82F00A0C6000000&affID=121124&tsp=4927
O2 - BHO: (mixidj Helper Object) - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll (MixiDJ)
O3 - HKLM\..\Toolbar: (MixiDJ Toolbar) - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll (MixiDJ)
O4 - HKU\S-1-5-21-112790860-2575705475-4214353926-1000..\Run: [tsiVideo] C:\Users\Jack\AppData\Local\Temp\tsiVi232.dll ()
O33 - MountPoints2\{becefc5b-c118-11e2-ad1e-74d02b25dbd8}\Shell - "" = AutoRun
O33 - MountPoints2\{becefc5b-c118-11e2-ad1e-74d02b25dbd8}\Shell\AutoRun\command - "" = F:\windows\Data\AutoRun.exe -- [2011-08-24 17:56:07 | 000,179,736 | R--- | M] (ZTE Corporation)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\windows\Data\AutoRun.exe -- [2011-08-24 17:56:07 | 000,179,736 | R--- | M] (ZTE Corporation)
@Alternate Data Stream - 1213 bytes -> C:\Users\Jack\AppData\Local\Temp:5t81qv0SW5Zvlit7VYps
:commands
[emptytemp]
[*]Then click the Run Fix button at the top.
[*]Let the program run unhindered; it will reboot the system when it is done and open notepad with logreport. Attach here that logreport.
If the log doesn’t appear, it can be found here:
c:_OTL\MovedFiles\mmddyyyy_hhmmss.log
======= THEN ========
Check USB storage devices / removable drives
Download MCShield from one of the following links:
MyCity - Official download link
Softpedija - Mirror download link
[*] Double click MCShield-Setup to install the application.
[*] Wait a few seconds to MCShield finish initial scan.
Recommendation to under General and Scanner tab you click on Defaults button to choose recommended options.
[*] Connect your USB storage devices to the computer one at a time. Scanning will be done automatically.
When all scanning is done, you need to attach a logreport that has made MCShield.
Start → All Programs → MCShield → Logs
Attach here → AllScans.txt
Explanation: USB storage devices are all the USB devices that get their own partition letter at connecting to the PC,
e.g. flash drives (thumb/pen drives, USB sticks), external HDDs, MP3/MP4 players, digital cameras,
memory cards (SD cards, Sony Memory Stick, MultiMedia Cards etc.), some mobile phones, some GPS navigation devices etc.
======= THEN ========
Re-check:
Please download Farbar Recovery Scan Tool and save it to your desktop.
[color=green]Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Under Optional Scan ensure “List BCD” and “Driver MD5” are ticked.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.