Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Bookmarks missing & Firefox disabled

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Bookmarks missing & Firefox disabled

Unread postby SBdaKiller » January 7th, 2014, 3:25 am

Hello -

On a windows XP SP3 machine, I downloaded a drawing program from Cnet called Smart Draw. I installed it and unchecked the usual suspects as I usually do.

From then on I started getting major ads through everything, including Craigslist, using my latest version of Firefox browser.

I then tried deleting the program, but could not find the offending files. I could find nothing with avast.

Soooo I resorted to a system restore. While this did remove the program and the adware, for some reason Firefox now no longer works. The Icons for launch are still there, but nothing happens when I try to start it.

Re-installing Firefox is no big deal, ( I have not done that yet ) however the most important thing for me is my bookmarks which now seem to be missing. I have searched for them several different ways, but nada ! I have now been using Explorer instead, and tried importing but there are no files. I have tried several restore points as well. Any suggestions ?

I never realized how much I would miss my bookmarks - I will start backing them up.

Thanks for you help !





.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Scott Booth at 22:50:28.68 on Mon 01/06/2014
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.45.2
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.1024 [GMT -8:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
c:\docume~1\scottb~1\locals~1\temp\cdm\{f029f5a5-aa57-415b-83a3-6de641976423}\STacSV.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Nuance\PaperPort\pptd40nt.exe
C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\VIA\VIAudioi\EnvyADeck\EnMixCPL.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Browny02\Brother\BrStMonW.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Documents and Settings\Scott Booth\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\G7-630\G7_8-in-Right.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Browny02\BrYNSvc.exe
C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\agent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\winamp toolbar\winamptbServer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Java\jre7\bin\java.exe
C:\Program Files\OpenOffice 4\program\swriter.exe
C:\Program Files\OpenOffice 4\program\soffice.exe
C:\Program Files\OpenOffice 4\program\soffice.bin
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Scott Booth\Local Settings\Temporary Internet Files\Content.IE5\98I8N5T3\dds[1].scr
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.google.com/ie
uStart Page = hxxp://www.savagelovecast.com/seasons/16
uInternet Settings,ProxyOverride = *.local
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll
BHO: PlusIEEventHelper Class: {551a852f-39a6-44a7-9c13-afbec9185a9d} - c:\program files\nuance\pdf viewer plus\bin\PlusIEContextMenu.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
uRun: [SansaDispatch] c:\documents and settings\scott booth\application data\sandisk\sansa updater\SansaDispatch.exe
uRun: [ISUSPM] c:\documents and settings\all users\application data\flexnet\connect\11\ISUSPM.exe -scheduler
uRun: [AdobeBridge]
uRun: [OscarEditor] "c:\program files\g7-630\G7_8-in-Right.exe" Minimum
uRun: [NBJ] "c:\program files\ahead\nero backitup\NBJ.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [C-Media Mixer] Mixer.exe /startup
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [EPSON Stylus CX6600 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9EA.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB002" /M "Stylus CX6600"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [HotSync] "c:\program files\palmsource\desktop\HotSync.exe" -AllUsers
mRun: [IndexSearch] "c:\program files\nuance\paperport\IndexSearch.exe"
mRun: [PaperPort PTD] "c:\program files\nuance\paperport\pptd40nt.exe"
mRun: [PPort12reminder] "c:\program files\nuance\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\12\config\ereg\Ereg.ini"
mRun: [PDFHook] c:\program files\nuance\pdf viewer plus\pdfpro5hook.exe
mRun: [PDF5 Registry Controller] c:\program files\nuance\pdf viewer plus\RegistryController.exe
mRun: [EnvyHFCPL] c:\program files\via\viaudioi\envyadeck\EnMixCPL.exe 1
mRun: [ControlCenter4] c:\program files\controlcenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\scottb~1\startm~1\programs\startup\seagat~1.lnk - c:\documents and settings\scott booth\application data\leadertech\powerregister\Seagate Product Registration.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palm\Hotsync.exe
IE: Open with PDF Viewer Plus - c:\program files\nuance\pdf viewer plus\bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\scottb~1\applic~1\mozilla\firefox\profiles\oo64cyzp.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.thrillist.com/|http://www.ny ... picks=true
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\progra~1\palm\packag~1\NPInstal.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_152.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: browser.sessionstore.resume_from_crash - false
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-5-22 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-1-12 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-1-12 20568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-12 44768]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files\nuance\paperport\PDFProFiltSrvPP.exe [2010-3-9 144672]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2012-1-22 92592]
R3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2013-3-17 245760]
R3 Envy24HFS;ICE Envy24 Family Audio Controller WDM;c:\windows\system32\drivers\Envy24HF.sys [2007-11-30 673600]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-4-20 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-29 257416]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-4-20 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-25 119408]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
.
=============== Created Last 30 ================
.
2013-12-10 04:28:34 -------- d-----w- c:\windows\system32\wbem\repository\FS
2013-12-10 04:28:34 -------- d-----w- c:\windows\system32\wbem\Repository
.
==================== Find3M ====================
.
2013-12-11 06:39:17 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 06:39:17 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-13 02:59:42 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38:51 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03:31 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:26:17 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:57:34 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:57:33 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-29 07:57:33 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 07:57:33 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-29 00:45:02 385024 ------w- c:\windows\system32\html.iec
2013-10-23 23:45:49 172032 ----a-w- c:\windows\system32\scrrun.dll
2013-10-13 07:25:38 920064 ----a-w- c:\windows\system32\wininet(2)(4).dll
2013-10-13 07:25:31 1215488 ----a-w- c:\windows\system32\urlmon(2)(4).dll
2013-10-13 07:25:27 105984 ----a-w- c:\windows\system32\url(2)(4).dll
2013-10-13 07:24:59 2006016 ----a-w- c:\windows\system32\iertutil(2)(2)(2).dll
2013-10-13 07:24:46 11113472 ----a-w- c:\windows\system32\ieframe(2)(2)(2).dll
2013-10-12 15:56:19 278528 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:12:48 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-09 13:12:48 287744 ----a-w- c:\windows\system32\gdi32(2)(2)(2).dll
.
============= FINISH: 22:56:57.90 ===============
You do not have the required permissions to view the files attached to this post.
SBdaKiller
Regular Member
 
Posts: 22
Joined: August 26th, 2008, 8:30 pm
Advertisement
Register to Remove

Re: Bookmarks missing & Firefox disabled

Unread postby Gary R » January 7th, 2014, 7:39 am

Re-install a new copy of Firefox ... DO NOT uninstall the previous version first.

Re-installing over an existing install should maintain your user profile, which is where any copies of your Bookmarks will be kept.

Firefox normally makes a series of automatic backups of your bookmarks, to restore to one of those backups please do the following ...

  • Open Firefox and click on Bookmarks
  • Click on Show all Bookmarks to open the Library window.
  • Click on Import and Backup then click on Restore
  • To the right of Restore there should be a list of backups of your Bookmarks.
  • Click on the copy you want to restore to.
  • You will be prompted as to whether to allow the import, click Yes

This will install the backup copy of your Bookmarks over the existing bookmarks.

There's a few minor issues showing in your DDS logs that could do with attention, but no signs of any real infection.

Let me know if you've been able to restore your Bookmarks, and whether you want to attend to the other issues.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Bookmarks missing & Firefox disabled

Unread postby SBdaKiller » January 8th, 2014, 7:34 pm

Hello - i am quite relieved that my bookmarks are now found - Thanks so much for that ! I am curious and interested in resolving the other issues - what is involved in that ? Currently this computer seems very glitchy and slow in firefox anyway, I may need to tinker with the settings since the install. There is a lag when inputting data with the keyboard or the mouse.
CPU usage seems high (60% or more) . . with on the browser running. This was not the case previously. I have done a Avast scan and it shows clean. Any suggestions ? Thanks,

Scott
SBdaKiller
Regular Member
 
Posts: 22
Joined: August 26th, 2008, 8:30 pm

Re: Bookmarks missing & Firefox disabled

Unread postby Gary R » January 9th, 2014, 5:58 am

Glad to hear you were able to successfully restore your Bookmarks, I know what a nuisance it can be to be without them. As well as the auto copies that Firefox makes, I usually also export a copy to an external drive just in case.

OK, to take care of the other minor issues, first I need you to run a scan for me with another tool ...

Download OTL by OldTimer to your Desktop.

If you already have a copy of OTL delete it and use this version.

  • Double click OTL.exe to launch the programme.
  • Check the following.
    • Scan all users.
    • Standard Output.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Bookmarks missing & Firefox disabled

Unread postby SBdaKiller » January 9th, 2014, 5:03 pm

Thanks much - here are the two logs - Scott
====================================



OTL logfile created on: 1/9/2014 12:41:26 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Scott Booth\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 60.07% Memory free
5.09 Gb Paging File | 3.97 Gb Available in Paging File | 78.10% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 253.24 Gb Free Space | 54.37% Space Free | Partition Type: NTFS
Drive D: | 1.28 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: YOUR-C2066A5B01 | User Name: Scott Booth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/09 12:39:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Scott Booth\Desktop\OTL.exe
PRC - [2013/12/05 11:34:42 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/10/08 06:48:23 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/07/16 14:53:56 | 009,837,056 | ---- | M] (Apache Software Foundation) -- C:\Program Files\OpenOffice 4\program\soffice.exe
PRC - [2013/07/16 14:53:56 | 009,828,864 | ---- | M] (Apache Software Foundation) -- C:\Program Files\OpenOffice 4\program\soffice.bin
PRC - [2013/07/16 14:53:56 | 000,103,936 | ---- | M] (Apache Software Foundation) -- C:\Program Files\OpenOffice 4\program\swriter.exe
PRC - [2013/07/02 11:28:15 | 000,613,888 | ---- | M] (SanDisk Corporation) -- C:\Documents and Settings\Scott Booth\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
PRC - [2012/01/22 20:43:08 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2012/01/22 20:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/12/09 09:22:26 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2011/11/28 10:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/11/28 10:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/10/12 15:54:56 | 003,267,072 | ---- | M] () -- C:\Program Files\G7-630\G7_8-in-Right.exe
PRC - [2010/06/10 12:42:44 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe
PRC - [2010/03/09 00:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\pptd40nt.exe
PRC - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2010/03/05 20:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
PRC - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\BrYNSvc.exe
PRC - [2009/08/07 13:20:04 | 002,654,208 | R--- | M] (VIA TECH) -- C:\Program Files\VIA\VIAudioi\EnvyADeck\EnMixCPL.exe
PRC - [2009/05/05 16:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/10 20:08:44 | 000,212,992 | ---- | M] (IDT, Inc.) -- c:\Documents and Settings\Scott Booth\Local Settings\Temp\CDM\{F029F5A5-AA57-415B-83A3-6DE641976423}\stacsv.exe
PRC - [2008/01/03 18:28:08 | 001,392,640 | R--- | M] (PalmSource, Inc) -- C:\Program Files\Palm\Hotsync.exe
PRC - [2006/06/29 21:33:09 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2002/10/15 18:00:20 | 001,818,624 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINDOWS\mixer.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/09 01:20:45 | 002,246,144 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\14010900\algo.dll
MOD - [2014/01/07 11:01:15 | 002,244,608 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\14010701\algo.dll
MOD - [2013/12/10 22:39:16 | 016,242,056 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013/12/05 11:36:56 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/08/17 08:12:27 | 000,988,160 | ---- | M] () -- C:\Program Files\OpenOffice 4\program\libxml2.dll
MOD - [2013/08/17 08:12:27 | 000,170,496 | ---- | M] () -- C:\Program Files\OpenOffice 4\program\libxslt.dll
MOD - [2013/01/01 22:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/02/28 14:37:32 | 000,180,624 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll
MOD - [2010/11/17 13:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/10/12 15:54:56 | 003,267,072 | ---- | M] () -- C:\Program Files\G7-630\G7_8-in-Right.exe
MOD - [2010/10/11 09:13:52 | 000,087,040 | ---- | M] () -- C:\Program Files\G7-630\dll\DLL_MouseDeviceManager.dll
MOD - [2010/09/20 13:19:05 | 000,034,304 | ---- | M] () -- C:\Program Files\G7-630\dll\DLL_MouseEventHook.dll
MOD - [2010/09/20 13:19:04 | 000,062,976 | ---- | M] () -- C:\Program Files\G7-630\dll\DLL_AnalyzeGesturesInOne.dll
MOD - [2010/09/20 13:19:01 | 000,062,976 | ---- | M] () -- C:\Program Files\G7-630\dll\DLL_AnalyzeGesturesInRight.dll
MOD - [2010/09/20 13:18:57 | 000,085,504 | ---- | M] () -- C:\Program Files\G7-630\dll\DLL_ZoomControl.dll
MOD - [2010/09/20 13:18:54 | 000,054,272 | ---- | M] () -- C:\Program Files\G7-630\dll\DLL_ScrollbarControl.dll
MOD - [2010/09/20 13:18:50 | 000,117,760 | ---- | M] () -- C:\Program Files\G7-630\dll\DLL_Wheel4D.dll
MOD - [2010/09/08 08:33:21 | 000,071,680 | ---- | M] () -- C:\Program Files\G7-630\Data\K3G\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
MOD - [2010/08/30 08:59:51 | 000,066,048 | ---- | M] () -- C:\Program Files\G7-630\Data\K3G\Forms\VisualSkin\VisualSkin.dll
MOD - [2009/12/17 16:55:54 | 000,111,104 | ---- | M] () -- C:\Program Files\G7-630\Data\K3G\Forms\KeyboardLEDForm\KeyboardLEDForm.dll
MOD - [2009/11/30 09:58:29 | 000,032,768 | ---- | M] () -- C:\Program Files\G7-630\Data\K3G\Forms\GetMultiLanguageTexts\GetMultiLanguageTexts.dll
MOD - [2009/06/10 17:06:12 | 000,167,936 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\EnvyADeck\Envy24Api.dll
MOD - [2009/02/27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
MOD - [2002/07/04 08:38:00 | 000,053,248 | ---- | M] () -- C:\Program Files\ArcSoft\Software Suite\PhotoImpression 5\Share\PIHook.dll


========== Services (SafeList) ==========

SRV - [2013/12/10 22:39:17 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/05 11:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/08 06:48:23 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/01/22 20:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/11/28 10:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2008/04/10 20:08:44 | 000,212,992 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Documents and Settings\Scott Booth\Local Settings\Temp\CDM\{F029F5A5-AA57-415B-83A3-6DE641976423}\stacsv.exe -- (STacSV)
SRV - [2006/06/29 21:33:09 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2011/11/28 09:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 09:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 09:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 09:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 09:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 09:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 09:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/08/09 16:33:58 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt)
DRV - [2008/06/04 16:29:12 | 000,673,600 | R--- | M] (VIA - IC Ensemble, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Envy24HF.sys -- (Envy24HFS)
DRV - [2008/04/14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/10 20:10:10 | 001,271,032 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/08/02 13:07:52 | 001,681,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/06/19 12:18:56 | 000,043,264 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI)
DRV - [2002/11/18 15:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci)
DRV - [2001/08/17 11:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman)
DRV - [2001/08/17 11:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1)
DRV - [2001/08/17 11:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k)
DRV - [2001/08/17 11:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKU\S-1-5-21-1193922072-980858553-3859031258-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1193922072-980858553-3859031258-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.studio360.org/story/jul [Binary data over 200 bytes]
IE - HKU\S-1-5-21-1193922072-980858553-3859031258-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.savagelovecast.com/seasons/16
IE - HKU\S-1-5-21-1193922072-980858553-3859031258-1006\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1193922072-980858553-3859031258-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1193922072-980858553-3859031258-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1193922072-980858553-3859031258-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://www.thrillist.com/|http://www.nytimes.com/|http://www.marcandangel.com/2012/09/12/8-ways-youre-wasting-your-life/|http://sandiego.craigslist.org/nsd/cto/4187475664.html|https://medium.com/better-humans/5ae6fb285d1|https://twitter.com/Tweetldeee|https://novoed.com/users/sign_in|http://www.studio360.org/story/soldier-stories-and-nico-muhly/|https://news.google.com/news/section?pz=1&cf=all&ned=us&topic=b&siidp=d71f1132119a4b5695c0fcfc3e0f3537fe92&ict=ln&ar=1384910226|http://online.barrons.com/article/SB50001424053111904227604579195861696541996.html?mod=BOL_GoogleNews&google_editors_picks=true"
FF - prefs.js..extensions.enabledAddons: feedly%40devhd:16.0.528
FF - prefs.js..extensions.enabledAddons: %7B0113D088-8ED1-468C-B225-585A9C53B5E3%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:6.0.1367
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@palmsource.com/installer,version=1.0: C:\PROGRA~1\Palm\PACKAG~1\NPInstal.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/01/19 22:09:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011/06/16 06:59:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/12/09 20:14:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/12/09 20:14:07 | 000,000,000 | ---D | M]

[2011/03/25 05:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Extensions
[2011/03/25 05:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Extensions\home2@tomtom.com
[2013/11/19 16:32:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions
[2013/12/09 20:21:17 | 000,000,000 | ---D | M] (ScorpionSaver) -- C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack
[2013/07/01 20:43:51 | 000,027,050 | ---- | M] () (No name found) -- C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\feedly@devhd.xpi
[2013/06/03 13:05:38 | 000,001,793 | ---- | M] () -- C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\searchplugins\Bing.xml
[2013/12/09 20:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/12/09 20:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/12/09 20:14:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/12/09 20:14:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/01/07 09:31:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/12/09 20:14:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)
[2013/12/09 20:14:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)
[2013/12/09 20:14:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)
[2013/12/09 20:14:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated(2)\browser(2)\extensions(2)
[2013/11/19 17:44:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated(2)\browser(2)\extensions(2)\{972ce4c6-7e08-4474-a285-3208198ce6fd}(2)
[2013/06/04 13:26:28 | 000,000,000 | ---D | M] (TopArcadeHits) -- C:\DOCUMENTS AND SETTINGS\SCOTT BOOTH\APPLICATION DATA\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}
[2012/01/19 22:09:58 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2011/01/09 23:12:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/12/09 09:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

O1 HOSTS File: ([2004/08/04 18:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3 - HKU\S-1-5-21-1193922072-980858553-3859031258-1006\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EnvyHFCPL] C:\Program Files\VIA\VIAudioi\EnvyADeck\EnMixCPL.exe (VIA TECH)
O4 - HKLM..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HotSync] "C:\Program Files\PalmSource\Desktop\HotSync.exe" -AllUsers File not found
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe (HP)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort12reminder] C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-1193922072-980858553-3859031258-1006..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-1193922072-980858553-3859031258-1006..\Run: [ISUSPM] C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-1193922072-980858553-3859031258-1006..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - HKU\S-1-5-21-1193922072-980858553-3859031258-1006..\Run: [OscarEditor] C:\Program Files\G7-630\G7_8-in-Right.exe ()
O4 - HKU\S-1-5-21-1193922072-980858553-3859031258-1006..\Run: [SansaDispatch] C:\Documents and Settings\Scott Booth\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - HKU\S-1-5-21-1193922072-980858553-3859031258-1006..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe (PalmSource, Inc)
O4 - Startup: C:\Documents and Settings\Scott Booth\Start Menu\Programs\Startup\Seagate Product Registration.lnk = C:\Documents and Settings\Scott Booth\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1193922072-980858553-3859031258-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Open with PDF Viewer Plus - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00BD9081-809F-4E85-9471-13A09C315935}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Scott Booth\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Scott Booth\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/05/31 19:32:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/09 12:39:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Scott Booth\Desktop\OTL.exe
[2014/01/08 18:37:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott Booth\Desktop\Solomons DVD
[2013/12/11 18:02:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/09 12:48:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A1CFFD1A-EF38-4452-B639-E426D19A58F2}.job
[2014/01/09 12:39:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Scott Booth\Desktop\OTL.exe
[2014/01/09 12:39:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/01/08 21:01:00 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/08 19:12:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\GreatArcadeHits.job
[2014/01/08 17:51:36 | 000,020,037 | ---- | M] () -- C:\Documents and Settings\Scott Booth\My Documents\The Beers 2014.odt
[2014/01/08 17:51:36 | 000,000,157 | -H-- | M] () -- C:\Documents and Settings\Scott Booth\My Documents\.~lock.The Beers 2014.odt#
[2014/01/08 14:50:24 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/01/08 14:50:01 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/08 14:50:01 | 000,000,476 | ---- | M] () -- C:\WINDOWS\tasks\SDMsgUpdate (TE).job
[2014/01/08 14:49:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/01/08 14:49:02 | 3487,338,496 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/07 13:03:41 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Scott Booth\Start Menu\Programs\Startup\Seagate Product Registration.lnk
[2014/01/07 10:10:56 | 000,217,020 | ---- | M] () -- C:\Documents and Settings\Scott Booth\Desktop\Gateway bookmarks 1-7-14.html
[2014/01/07 09:31:23 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Scott Booth\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/01/07 09:31:16 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/12/16 17:01:06 | 003,509,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/12/13 18:59:52 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/12/13 14:40:18 | 000,035,442 | ---- | M] () -- C:\Documents and Settings\Scott Booth\Desktop\breif 2.jpg
[2013/12/13 14:39:48 | 000,038,664 | ---- | M] () -- C:\Documents and Settings\Scott Booth\Desktop\breif 1.jpg
[2013/12/13 02:00:00 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-YOUR-C2066A5B01-Scott Booth.job
[2013/12/10 22:39:17 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/12/10 22:39:17 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/08 17:25:39 | 000,000,157 | -H-- | C] () -- C:\Documents and Settings\Scott Booth\My Documents\.~lock.The Beers 2014.odt#
[2014/01/07 10:10:53 | 000,217,020 | ---- | C] () -- C:\Documents and Settings\Scott Booth\Desktop\Gateway bookmarks 1-7-14.html
[2014/01/07 09:31:16 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2014/01/07 09:24:58 | 000,020,037 | ---- | C] () -- C:\Documents and Settings\Scott Booth\My Documents\The Beers 2014.odt
[2013/12/13 14:40:15 | 000,035,442 | ---- | C] () -- C:\Documents and Settings\Scott Booth\Desktop\breif 2.jpg
[2013/12/13 14:39:45 | 000,038,664 | ---- | C] () -- C:\Documents and Settings\Scott Booth\Desktop\breif 1.jpg
[2012/10/11 20:30:39 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2012/07/26 21:04:43 | 000,036,512 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/02/15 07:11:49 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/15 15:15:49 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2012/01/15 15:15:49 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2012/01/15 15:15:49 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRADM10A.DAT
[2011/07/01 00:32:22 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\Scott Booth\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/05/31 19:49:55 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/04/16 08:09:07 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 04:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/01/12 18:14:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2012/09/04 06:50:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask
[2013/03/17 11:17:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ControlCenter4
[2011/12/24 09:04:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/09/24 11:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MakeMusic
[2012/11/06 07:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2011/06/16 10:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2012/11/06 07:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2013/06/03 13:07:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2011/03/25 05:52:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2013/06/04 13:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WeCareReminder
[2012/01/15 15:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\zeon
[2011/02/13 08:01:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/11/15 20:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Nuance
[2014/01/07 21:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\Audacity
[2013/04/08 19:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/03/17 06:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\com.adobe.DC3Module.AdobeADC
[2013/03/17 11:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\ControlCenter4
[2011/08/20 21:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\EPSON
[2011/12/24 09:04:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\HotSync
[2011/04/10 09:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\Leadertech
[2011/09/24 11:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\MakeMusic
[2012/01/15 16:06:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\Nuance
[2013/08/20 10:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\OpenOffice
[2011/01/10 18:04:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\OpenOffice.org
[2013/08/08 18:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\PhotoScape
[2013/11/08 13:53:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\PrimoPDF
[2011/04/30 09:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\SanDisk
[2011/08/20 20:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\Smart Panel
[2013/12/09 20:21:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\SmartDraw
[2012/03/17 06:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/01/06 22:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\streamripper
[2011/03/25 05:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\TomTom
[2011/10/09 15:36:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\VirtualStore
[2012/01/15 16:06:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott Booth\Application Data\Zeon

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 1/9/2014 12:41:26 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Scott Booth\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 60.07% Memory free
5.09 Gb Paging File | 3.97 Gb Available in Paging File | 78.10% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 253.24 Gb Free Space | 54.37% Space Free | Partition Type: NTFS
Drive D: | 1.28 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: YOUR-C2066A5B01 | User Name: Scott Booth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1193922072-980858553-3859031258-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{109D28C7-FB38-483A-9C91-001CB59E2699}" = EPSON CardMonitor
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus
"{34114603-98DD-4FD8-9EBB-20679E138D17}" = 8-in-Right
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}" = Brother MFL-Pro Suite DCP-7065DN
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}" = OpenOffice 4.0.0
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{66C8BE35-8BBB-472B-96C7-C7C9A499F988}" = ArcSoft Software Suite
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}" = Nuance PaperPort 12
"{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel
"{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}" = PaperPort Image Printer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0017-0000-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer 2010
"{90140000-0017-0409-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{AE704636-ECD0-426C-952E-05B8DABD1949}" = EPSON PhotoStarter3.2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint Plus
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{FBB02B04-C034-4382-A3F6-57416E2752C4}" = Adobe Creative Suite 5 Master Collection
"{FC053571-8507-44E4-8B6D-AACEAB8CA57C}" = Sansa Media Converter
"{FD6034A3-655C-49F0-B496-D4CBFD74D7A7}" = Palm Desktop by ACCESS
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 2.0.2
"avast" = avast! Free Antivirus
"Belarc Advisor" = Belarc Advisor 8.2
"BookSmart® 3.4.3 3.4.3" = BookSmart® 3.4.3 3.4.3
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DVD Shrink_is1" = DVD Shrink 3.2
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"Finale NotePad 2011" = Finale NotePad 2011
"Finale Reader" = Finale Reader 2011
"hp deskjet 5550 series" = hp deskjet 5550 series (Remove only)
"hp deskjet 5550 series_Driver" = hp deskjet 5550 series
"hp print screen utility" = hp print screen utility
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{34114603-98DD-4FD8-9EBB-20679E138D17}" = 8-in-Right
"LAME_is1" = LAME v3.99.3 (for Windows)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Office14.SharePointDesigner" = Microsoft SharePoint Designer 2010
"PCI Audio Driver" = PCI Audio Driver
"PhotoScape" = PhotoScape
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"Silent Package Run-Time Sample" = EPSON CX6600 Reference Guide
"SmartMorph" = SmartMorph
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Streamripper" = Streamripper (Remove only)
"TomTom HOME" = TomTom HOME 2.8.3.2499
"VMidi" = vanBasco's Karaoke Player
"WGA" = Windows Genuine Advantage Validation Tool
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"YTdetect" = Yahoo! Detect

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1193922072-980858553-3859031258-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Sansa Updater" = Sansa Updater
"Winamp Detect" = Winamp Detector Plug-in
"Winamp Toolbar" = Winamp Toolbar

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/3/2014 1:50:06 AM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/02 21:50:06.765]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/3/2014 1:50:07 AM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/02 21:50:07.765]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/3/2014 1:50:08 AM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/02 21:50:08.765]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/3/2014 1:50:09 AM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/02 21:50:09.765]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/3/2014 1:50:10 AM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/02 21:50:10.765]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/3/2014 1:50:11 AM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/02 21:50:11.765]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/3/2014 1:50:12 AM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/02 21:50:12.765]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/6/2014 11:01:05 PM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/06 19:01:05.000]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/6/2014 11:01:09 PM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/06 19:01:09.000]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/7/2014 12:15:18 AM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/06 20:15:18.000]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

[ Application Events ]
Error - 1/3/2014 1:50:06 AM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/02 21:50:06.765]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/3/2014 1:50:07 AM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/02 21:50:07.765]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/3/2014 1:50:08 AM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/02 21:50:08.765]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/3/2014 1:50:09 AM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/02 21:50:09.765]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/3/2014 1:50:10 AM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/02 21:50:10.765]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/3/2014 1:50:11 AM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/02 21:50:11.765]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/3/2014 1:50:12 AM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/02 21:50:12.765]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/6/2014 11:01:05 PM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/06 19:01:05.000]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/6/2014 11:01:09 PM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/06 19:01:09.000]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

Error - 1/7/2014 12:15:18 AM | Computer Name = YOUR-C2066A5B01 | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2014/01/06 20:15:18.000]: [00002332]: CUsbScnDev: DeviceIoControl
Illegal response [0x0]

[ System Events ]
Error - 12/17/2013 1:33:07 AM | Computer Name = YOUR-C2066A5B01 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 12/17/2013 1:33:07 AM | Computer Name = YOUR-C2066A5B01 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 12/24/2013 12:59:59 PM | Computer Name = YOUR-C2066A5B01 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 12/24/2013 12:59:59 PM | Computer Name = YOUR-C2066A5B01 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 12/24/2013 12:59:59 PM | Computer Name = YOUR-C2066A5B01 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 12/24/2013 12:59:59 PM | Computer Name = YOUR-C2066A5B01 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 1/3/2014 1:37:32 AM | Computer Name = YOUR-C2066A5B01 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 1/3/2014 1:37:32 AM | Computer Name = YOUR-C2066A5B01 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 1/3/2014 1:37:32 AM | Computer Name = YOUR-C2066A5B01 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 1/3/2014 1:37:32 AM | Computer Name = YOUR-C2066A5B01 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.


< End of report >
SBdaKiller
Regular Member
 
Posts: 22
Joined: August 26th, 2008, 8:30 pm

Re: Bookmarks missing & Firefox disabled

Unread postby Gary R » January 9th, 2014, 5:56 pm

OK, lets get going ...

First

Please go to Control Panel > Add/Remove Programs and Uninstall the following:

Java(TM) 6 Update 22


Out of date versions of Java can be exploited even if you have the latest version installed as well.

Reboot your computer once it is uninstalled.

Next

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box. (do not include the words Code: Select all)
Code: Select all
:OTL
IE - HKU\S-1-5-21-1193922072-980858553-3859031258-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.savagelovecast.com/seasons/16
FF - prefs.js..browser.startup.homepage: "http://www.thrillist.com/|http://www.nytimes.com/|http://www.marcandangel.com/2012/09/12/8-ways-youre-wasting-your-life/|http://sandiego.craigslist.org/nsd/cto/4187475664.html|https://medium.com/better-humans/5ae6fb285d1|https://twitter.com/Tweetldeee|https://novoed.com/users/sign_in|http://www.studio360.org/story/soldier-stories-and-nico-muhly/|https://news.google.com/news/section?pz=1&cf=all&ned=us&topic=b&siidp=d71f1132119a4b5695c0fcfc3e0f3537fe92&ict=ln&ar=1384910226|http://online.barrons.com/article/SB50001424053111904227604579195861696541996.html?mod=BOL_GoogleNews&google_editors_picks=true"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
[2013/12/09 20:21:17 | 000,000,000 | ---D | M] (ScorpionSaver) -- C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack
[2013/12/09 20:14:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)
[2013/12/09 20:14:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)
[2013/06/04 13:26:28 | 000,000,000 | ---D | M] (TopArcadeHits) -- C:\DOCUMENTS AND SETTINGS\SCOTT BOOTH\APPLICATION DATA\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.45.2)
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2013/06/03 13:07:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM

:Files
ipconfig /flushdns /c

:Commands
[emptytemp]
[resethosts]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Please let me know how your computer is running now.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Bookmarks missing & Firefox disabled

Unread postby SBdaKiller » January 9th, 2014, 10:58 pm

Browser SEEMs to be running fast now . . . . see below

Thanks,

Scott
=====================


All processes killed
========== OTL ==========
HKU\S-1-5-21-1193922072-980858553-3859031258-1006\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "http://www.thrillist.com/|http://www.nytimes.com/|http://www.marcandangel.com/2012/09/12/8-ways-youre-wasting-your-life/|http://sandiego.craigslist.org/nsd/cto/4187475664.html|https://medium.com/better-humans/5ae6fb285d1|https://twitter.com/Tweetldeee|https://novoed.com/users/sign_in|http://www.studio360.org/story/soldier-stories-and-nico-muhly/|https://news.google.com/news/section?pz=1&cf=all&ned=us&topic=b&siidp=d71f1132119a4b5695c0fcfc3e0f3537fe92&ict=ln&ar=1384910226|http://online.barrons.com/article/SB50001424053111904227604579195861696541996.html?mod=BOL_GoogleNews&google_editors_picks=true" removed from browser.startup.homepage
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\ScorpionSaver\lib folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\ScorpionSaver\data folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\ScorpionSaver folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\window folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\traits folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\system folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\private-browsing folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\events folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\event folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\dom folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\addon folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\api-utils folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources\addon-kit folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\resources folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\defaults\preferences folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack\defaults folder moved successfully.
C:\Documents and Settings\Scott Booth\Application Data\Mozilla\Firefox\Profiles\oo64cyzp.default\extensions\ScorpionSaver@jetpack folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\zh-TW(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\zh-TW(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\zh-CN(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\zh-CN(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\sv-SE(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\sv-SE(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\ko-KR(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\ko-KR(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\ja-JP(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\ja-JP(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\it-IT(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\it-IT(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\fr-FR(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\fr-FR(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\es-ES(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\es-ES(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\en-US(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\en-US(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\de-DE(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\de-DE(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\locale(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\content(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2)\content(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2)\chrome(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\zh-TW(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\zh-TW(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\zh-CN(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\zh-CN(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\sv-SE(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\sv-SE(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\ko-KR(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\ko-KR(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\ja-JP(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\ja-JP(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\it-IT(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\it-IT(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\fr-FR(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\fr-FR(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\es-ES(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\es-ES(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\en-US(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\en-US(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\de-DE(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2)\de-DE(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\locale(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\content(2)\ffjcext(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2)\content(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2)\chrome(2) folder moved successfully.
C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}(2) folder moved successfully.
C:\DOCUMENTS AND SETTINGS\SCOTT BOOTH\APPLICATION DATA\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\skin folder moved successfully.
C:\DOCUMENTS AND SETTINGS\SCOTT BOOTH\APPLICATION DATA\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome\content folder moved successfully.
C:\DOCUMENTS AND SETTINGS\SCOTT BOOTH\APPLICATION DATA\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome folder moved successfully.
C:\DOCUMENTS AND SETTINGS\SCOTT BOOTH\APPLICATION DATA\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3} folder moved successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET35A.tmp deleted successfully.
C:\WINDOWS\System32\SET35F.tmp deleted successfully.
C:\WINDOWS\System32\SET366.tmp deleted successfully.
C:\WINDOWS\System32\SET373.tmp deleted successfully.
C:\WINDOWS\System32\SET3A3.tmp deleted successfully.
C:\WINDOWS\002713_.tmp deleted successfully.
C:\Documents and Settings\All Users\Application Data\SweetIM\Toolbars\Internet Explorer\cache folder moved successfully.
C:\Documents and Settings\All Users\Application Data\SweetIM\Toolbars\Internet Explorer folder moved successfully.
C:\Documents and Settings\All Users\Application Data\SweetIM\Toolbars folder moved successfully.
C:\Documents and Settings\All Users\Application Data\SweetIM folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Scott Booth\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Scott Booth\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 41620 bytes

User: LocalService
->Temp folder emptied: 65716 bytes
->Temporary Internet Files folder emptied: 1036202 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Scott Booth
->Temp folder emptied: 3224190086 bytes
->Temporary Internet Files folder emptied: 199589493 bytes
->Java cache emptied: 1079868 bytes
->FireFox cache emptied: 1006964264 bytes
->Flash cache emptied: 173545 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 40694487 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 451528435 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1734587598 bytes

Total Files Cleaned = 6,352.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 01092014_183707

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERf6b9.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERf6b9.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERf6b9.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERf6b9.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERf23d.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERf23d.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERf23d.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERf23d.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERe1ee.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERe1ee.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERe1ee.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERe1ee.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERda0e.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERda0e.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERda0e.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERda0e.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERd2b3.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERd2b3.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERd2b3.dir00\spoolsv.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERd2b3.dir00\spoolsv.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERcf90.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERcf90.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERcf90.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERcf90.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERcf6e.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERcf6e.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERcf6e.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERcf6e.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERb91c.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERb91c.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERb91c.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERb91c.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERb89b.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERb89b.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERb89b.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERb89b.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERaab5.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERaab5.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERaab5.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERaab5.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERa793.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERa793.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERa793.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERa793.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERa043.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERa043.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERa043.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WERa043.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER844a.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER844a.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER844a.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER844a.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER766f.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER766f.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER766f.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER766f.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER7248.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER7248.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER7248.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER7248.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER6b7e.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER6b7e.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER6b7e.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER6b7e.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER62c4.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER62c4.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER62c4.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER62c4.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER6185.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER6185.dir00\logonui.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER6185.dir00\logonui.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER6185.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER5f4e.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER5f4e.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER5f4e.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER5f4e.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER5dee.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER5dee.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER5dee.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER5dee.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER5998.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER5998.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER5998.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER5998.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER4e02.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER4e02.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER4e02.dir00\spoolsv.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER4e02.dir00\spoolsv.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER4c29.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER4c29.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER4c29.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER4c29.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER323c.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER323c.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER323c.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER323c.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER2b36.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER2b36.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER2b36.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER2b36.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER206e.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER206e.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER206e.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER206e.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER1e1d.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER1e1d.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER1e1d.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER1e1d.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER1827.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER1827.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER1827.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER1827.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER109a.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER109a.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER109a.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER109a.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER0de7.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER0de7.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER0de7.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER0de7.dir00\manifest.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER03b9.dir00\appcompat.txt not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER03b9.dir00\FlashPlayerUpdateService.exe.hdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER03b9.dir00\FlashPlayerUpdateService.exe.mdmp not found!
File\Folder C:\Documents and Settings\Scott Booth\Local Settings\Temp\WER03b9.dir00\manifest.txt not found!
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log not found!
File\Folder C:\WINDOWS\temp\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-wrapper.log not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
SBdaKiller
Regular Member
 
Posts: 22
Joined: August 26th, 2008, 8:30 pm

Re: Bookmarks missing & Firefox disabled

Unread postby Gary R » January 10th, 2014, 5:22 am

OK, well it looks like we've been able to successfully deal with the minor issues I spotted in your DDS logs, so provided you don't have any other issues, then I think we're just about finished.

To safely remove OTL and the files and folders it created ...
  • Double click OTL.exe to launch the programme.
  • Click on the CleanUp! button.
  • OTL will download a list from the Internet, if your firewall or other defensive programmes alerts you, allow it access.
  • You will be prompted to allow the clean up procedure, click Yes
  • When finished exit out of OTL
  • Now delete OTL.exe (if still present).

One last thing before you go ...

As you're probably aware, Microsoft ceases its support for Windows XP in April this year, and that will have an immediate impact on the security of your computer. Once a computer is no longer being "patched", any exploits found by the Malware writers will not be secured against, and it will be impossible for you to secure your computer against infection.

One of our Teachers askey127 has written a short article on this subject, and I strongly recommend that you read it ... viewtopic.php?p=630064#p630064
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Bookmarks missing & Firefox disabled

Unread postby SBdaKiller » January 10th, 2014, 11:59 am

Hhmm . . . I was never prompted to allow the cleanup procedure, but was asked to reboot, which I did and OTL.exe is gone.
Browser is running fast now. I will read up about XP. Thanks for all your help !

Scott
SBdaKiller
Regular Member
 
Posts: 22
Joined: August 26th, 2008, 8:30 pm

Re: Bookmarks missing & Firefox disabled

Unread postby Gary R » January 10th, 2014, 2:12 pm

You're welcome, glad we could help.

Keep safe.

Gary

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21864
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 51 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware