Jump to content

removal of sweet pc fix


goa55
 Share

Recommended Posts

did a silly thing last night tried to get a new logo.and managed to download this sweet pc fix thing, i have tried to remove from control panel /uninstall a programme,but when i do the sweet pc fix wants me to download an up date.not keen on this.

any tips on removal ?

Thanks

Link to post
Share on other sites

Hello goa55! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

Link to post
Share on other sites

sorry for the delay here are the results of the quick scan

OTL logfile created on: 09/11/2012 06:50:45 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Adam\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.74 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 37.08% Memory free

5.48 Gb Paging File | 3.05 Gb Available in Paging File | 55.70% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 283.99 Gb Total Space | 208.60 Gb Free Space | 73.45% Space Free | Partition Type: NTFS

Computer Name: ADAM-PC | User Name: Adam | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/09 00:24:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Adam\Downloads\OTL.exe

PRC - [2012/10/04 16:34:36 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

PRC - [2012/08/15 19:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe

PRC - [2012/07/25 02:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe

PRC - [2012/06/11 15:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE

PRC - [2011/11/14 11:02:04 | 000,435,672 | ---- | M] (TomTom) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe

PRC - [2011/09/01 16:47:26 | 000,090,448 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

PRC - [2011/01/17 18:08:58 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

PRC - [2011/01/17 18:08:58 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

PRC - [2010/07/05 20:34:15 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe

PRC - [2010/06/07 10:15:42 | 000,618,496 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe

PRC - [2010/04/17 05:57:08 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe

PRC - [2010/04/08 04:18:39 | 000,298,064 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe

PRC - [2010/04/08 04:18:38 | 000,908,368 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe

PRC - [2010/04/08 04:18:38 | 000,312,400 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe

PRC - [2010/03/18 04:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2010/03/18 04:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2010/03/11 05:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

PRC - [2010/03/11 05:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

PRC - [2010/03/08 23:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

PRC - [2010/03/08 23:56:38 | 000,260,608 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

PRC - [2010/01/28 23:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe

PRC - [2010/01/08 13:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

PRC - [2009/12/24 00:39:04 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2009/12/24 00:39:02 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

========== Modules (No Company Name) ==========

MOD - [2012/10/31 22:15:05 | 000,460,312 | ---- | M] () -- C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\ppgooglenaclpluginchrome.dll

MOD - [2012/10/31 22:15:04 | 012,455,448 | ---- | M] () -- C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll

MOD - [2012/10/31 22:15:02 | 004,007,448 | ---- | M] () -- C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\pdf.dll

MOD - [2012/10/31 22:13:47 | 000,587,288 | ---- | M] () -- C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\libglesv2.dll

MOD - [2012/10/31 22:13:46 | 000,123,928 | ---- | M] () -- C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\libegl.dll

MOD - [2012/10/31 22:13:35 | 000,156,712 | ---- | M] () -- C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\avutil-51.dll

MOD - [2012/10/31 22:13:34 | 000,274,984 | ---- | M] () -- C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\avformat-54.dll

MOD - [2012/10/31 22:13:32 | 002,168,360 | ---- | M] () -- C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll

MOD - [2012/06/14 08:52:38 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll

MOD - [2012/06/14 08:52:27 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll

MOD - [2012/05/10 06:36:48 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll

MOD - [2012/05/10 06:35:32 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll

MOD - [2012/05/10 06:35:21 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll

MOD - [2012/05/10 06:35:15 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll

MOD - [2012/05/10 06:35:12 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll

MOD - [2012/05/10 06:34:26 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll

MOD - [2011/11/14 11:02:08 | 000,202,712 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll

MOD - [2011/11/14 11:02:06 | 000,063,960 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll

MOD - [2011/11/14 11:01:52 | 007,964,160 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtGui4.dll

MOD - [2011/11/14 11:01:52 | 002,648,064 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtXmlPatterns4.dll

MOD - [2011/11/14 11:01:52 | 002,302,464 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtCore4.dll

MOD - [2011/11/14 11:01:52 | 000,980,480 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtNetwork4.dll

MOD - [2011/11/14 11:01:52 | 000,357,888 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtXml4.dll

MOD - [2011/04/18 15:35:57 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll

MOD - [2011/04/18 15:35:57 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll

MOD - [2010/07/05 20:34:15 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe

MOD - [2010/06/07 10:15:42 | 000,618,496 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe

MOD - [2010/03/09 00:18:10 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll

MOD - [2009/05/20 06:02:02 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll

========== Services (SafeList) ==========

SRV:64bit: - [2012/09/12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)

SRV:64bit: - [2012/09/12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2010/03/17 09:56:12 | 000,866,336 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)

SRV:64bit: - [2010/01/28 23:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)

SRV:64bit: - [2009/07/14 01:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2012/06/11 15:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)

SRV - [2012/06/11 15:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)

SRV - [2011/08/14 19:42:57 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\599\g2aservice.exe -- (GoToAssist)

SRV - [2010/04/17 05:56:48 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)

SRV - [2010/04/08 04:18:38 | 000,312,400 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/18 04:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2010/03/18 04:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2010/03/08 23:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)

SRV - [2010/01/08 13:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)

SRV - [2009/12/24 00:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)

SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)

DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2012/03/01 06:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/07/25 16:44:46 | 000,074,752 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)

DRV:64bit: - [2011/07/20 13:58:22 | 000,044,032 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)

DRV:64bit: - [2011/03/11 06:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 06:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/04/01 08:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2010/03/21 09:59:08 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)

DRV:64bit: - [2010/03/01 07:20:56 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2010/02/20 00:24:34 | 010,300,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2010/02/10 07:01:58 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2010/02/02 21:38:30 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)

DRV:64bit: - [2009/12/17 17:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009/12/10 11:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2009/12/02 07:01:24 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)

DRV:64bit: - [2009/09/17 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)

DRV:64bit: - [2009/07/21 13:05:14 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)

DRV:64bit: - [2009/07/21 13:05:14 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)

DRV:64bit: - [2009/07/21 13:05:14 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)

DRV:64bit: - [2009/07/21 08:17:16 | 000,135,168 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnet.sys -- (ZTEusbnet)

DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 01:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/14 00:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)

DRV:64bit: - [2009/07/14 00:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)

DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/06/03 02:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)

DRV:64bit: - [2009/06/03 02:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)

DRV:64bit: - [2009/06/03 02:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)

DRV:64bit: - [2009/05/05 08:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)

DRV:64bit: - [2009/05/05 08:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)

DRV:64bit: - [2009/04/27 13:15:16 | 000,011,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)

DRV - [2009/09/10 07:50:16 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\SSPORT.SYS -- (SSPORT)

DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5741z&r=27360411l505l0454z145t4662q292

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5741z&r=27360411l505l0454z145t4662q292

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5741z&r=27360411l505l0454z145t4662q292

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5741z&r=27360411l505l0454z145t4662q292

IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW'>http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2517162095-573492459-740728455-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5741z&r=27360411l505l0454z145t4662q292

IE - HKU\S-1-5-21-2517162095-573492459-740728455-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_5741z&r=27360411l505l0454z145t4662q292

IE - HKU\S-1-5-21-2517162095-573492459-740728455-1001\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}

IE - HKU\S-1-5-21-2517162095-573492459-740728455-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-2517162095-573492459-740728455-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW'>http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_enGB428

IE - HKU\S-1-5-21-2517162095-573492459-740728455-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\S-1-5-21-2517162095-573492459-740728455-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )

FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Adam\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Adam\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

[2011/04/18 15:48:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adam\AppData\Roaming\Mozilla\Extensions

[2011/04/18 15:48:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adam\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

========== Chrome ==========

CHR - homepage: http://www.google.com/

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}

CHR - homepage: http://www.google.com/

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll

CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - Extension: YouTube = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

CHR - Extension: Google Search = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

CHR - Extension: SweetIM for Facebook = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\

CHR - Extension: Gmail = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

CHR - Extension: YouTube = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

CHR - Extension: Google Search = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

CHR - Extension: SweetIM for Facebook = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\

CHR - Extension: Gmail = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll (Google Inc.)

O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)

O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)

O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3:64bit: - HKU\S-1-5-21-2517162095-573492459-740728455-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [backupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)

O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)

O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)

O4 - HKLM..\Run: [samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe ()

O4 - HKLM..\Run: [suiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)

O4 - HKLM..\Run: [sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2517162095-573492459-740728455-1001..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O4 - Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DD1DAFB-D437-4CDB-B57A-58D7C526D5DA}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CF1C6892-61D2-470E-BAFD-587A3F1E0AB0}: DhcpNameServer = 192.168.1.254

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\599\G2AWinLogon_x64.dll) - C:\Program Files (x86)\Citrix\GoToAssist\599\g2awinlogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{a938232c-c320-11e0-b199-88ae1d601122}\Shell - "" = AutoRun

O33 - MountPoints2\{a938232c-c320-11e0-b199-88ae1d601122}\Shell\AutoRun\command - "" = E:\setup.exe AUTORUN=1

O33 - MountPoints2\{e6135bbf-95e0-11e0-a535-00a0c6000000}\Shell - "" = AutoRun

O33 - MountPoints2\{e6135bbf-95e0-11e0-a535-00a0c6000000}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\E\Shell - "" = AutoRun

O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/08 19:56:43 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{E02A0693-77C4-462B-897C-0FDBCF2EAE9B}

[2012/11/08 07:53:27 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{085A3398-166A-47AB-8C18-C8EFC9CD2A0C}

[2012/11/07 20:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM

[2012/11/07 20:19:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM

[2012/11/07 19:52:51 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{A3C65661-A735-400F-9CD0-8E4C5C72F900}

[2012/11/07 19:28:38 | 000,000,000 | ---D | C] -- C:\Users\Adam\Desktop\taptaptap website

[2012/11/07 07:52:32 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{97A94B6B-FF3C-4173-AEE6-83F24311519B}

[2012/11/06 19:36:52 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{9C69CA62-7E03-43C3-8E7B-945FCA3518AE}

[2012/11/06 07:36:30 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{3CEEA7AB-FE19-45A3-91C3-4D6E05878C3C}

[2012/11/05 19:36:07 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{13F7437C-8556-41EF-9EE3-0E463EB6420A}

[2012/11/05 07:35:45 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{31390213-4687-427A-BBAA-BBFC675C7AF7}

[2012/11/04 19:35:22 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{CF008260-67F1-4C24-971C-7D0197FF7E79}

[2012/11/04 07:35:03 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{8B12A9EC-D076-4C0E-9DB2-D6BBB01B16BC}

[2012/11/03 12:45:48 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{6C064E86-1872-425D-9D2E-9CDD1771ED74}

[2012/11/02 23:58:42 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{3F30D39B-6CA9-4C4D-85E6-FE33A5CE2906}

[2012/11/02 11:47:02 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{50C3CC65-7894-4D56-9CB2-2694043A0EF6}

[2012/11/01 21:15:54 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{D2475F90-5FB8-46E3-8461-D15AD84B588A}

[2012/11/01 09:15:31 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{1678CFDE-16B7-4247-A983-21A6E3A4DB59}

[2012/10/31 21:15:18 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{80F16B14-F87F-48AF-BF1A-DA12C6ADCAA4}

[2012/10/31 07:17:03 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{6E4FF5E8-DF0E-48FA-840C-950C87E817C0}

[2012/10/30 14:55:45 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{5354B4A1-A574-44A7-811A-4971A5733102}

[2012/10/29 23:03:47 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{B9653312-713D-4D6C-8C5C-904613A97F94}

[2012/10/29 10:00:00 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{138AF195-9B2F-422E-AAB6-328CCF91A3F4}

[2012/10/28 21:29:13 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{F5C09271-1DD5-4C96-8A95-603342C70F10}

[2012/10/28 09:06:10 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{6E4A268A-23A8-4DD7-B29A-28B45AD35A15}

[2012/10/27 21:05:56 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{A739C445-0FAC-48EE-890B-41B401AE25B7}

[2012/10/27 08:17:30 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{B2EFBDBB-AD76-4A67-8A20-29953CA5AEF9}

[2012/10/26 19:39:42 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{0CDBB05F-1A3B-412B-94FC-3AF4DE05F578}

[2012/10/26 05:23:56 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{C7CA1267-1191-40F9-9A0D-D558ECC9BD62}

[2012/10/25 15:10:41 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{5DD2D0BB-FDE3-44E7-8426-02EC22E77571}

[2012/10/24 21:55:05 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{95CFAF88-6F30-4663-8166-94EA88E63356}

[2012/10/24 07:34:30 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{8CB8A030-D89E-4006-9807-22C2492B79BF}

[2012/10/23 19:12:23 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{D121DE37-D6C4-4E4D-8BA6-415777CFFBC2}

[2012/10/23 07:11:59 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{645CE3BF-6C5D-412C-A8A7-704E16606F51}

[2012/10/22 18:45:48 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{3E7E36C5-E7EE-44C9-B711-3A02FB7E42C2}

[2012/10/22 06:45:36 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{0D76920E-C12D-4007-BAC1-A8E2AAE21AEE}

[2012/10/21 14:26:06 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{2BBF4CF8-AB8E-44F7-B1DC-2B2B3E2643C0}

[2012/10/20 23:12:47 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{64D41C99-105D-4DD9-9B44-19B9CC533757}

[2012/10/20 08:18:37 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{6CAA15E7-6DA9-4FD6-9E41-CCD01CFB5F37}

[2012/10/19 20:18:25 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{E5138969-49CC-47D0-8AC7-C0A35A7DFBBC}

[2012/10/18 22:26:44 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{B219B65A-ED0D-4D18-BEA9-84350862AAED}

[2012/10/18 10:26:53 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{DCED3576-B0B6-4E84-A67F-F4CE16A35A16}

[2012/10/17 21:32:31 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{635FD6C6-BDE3-4B4D-9B5E-D5725B4C2C8B}

[2012/10/17 08:14:38 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{551DA2B5-CC73-46D2-A28C-8904EF78D725}

[2012/10/16 20:14:16 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{DEAC8B37-ECD2-4F64-BF6E-3941AA9163DE}

[2012/10/16 08:13:54 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{6F520831-3D77-4A4A-B31A-52FA25A31F65}

[2012/10/15 20:13:44 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{3774D9DE-06AC-4DFE-AEF7-39ED472E0A5E}

[2012/10/15 16:13:27 | 000,000,000 | ---D | C] -- C:\Users\Adam\Desktop\old suppliers

[2012/10/15 07:11:35 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{89BD2D3F-1E63-444A-B5A4-03C9F91DEAD0}

[2012/10/14 19:11:14 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{C0DB49BB-E3BC-4DCC-8EA6-7A25EAE9D194}

[2012/10/14 07:11:02 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{15F41205-CBB8-4421-AACC-07A8B204C0F2}

[2012/10/13 18:49:07 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{050E80B6-EA9F-411E-8122-3F2BE08D9570}

[2012/10/12 22:42:02 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{BE24EADB-474E-4867-AE6B-0180010FD0F2}

[2012/10/12 06:56:16 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{707B469D-64C5-45EC-9637-70C5515DFB6D}

[2012/10/11 18:55:00 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{CF29AFC2-5DE1-4879-AA76-6EA00A85F81A}

[2012/10/11 06:54:35 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{59B077D7-F8CD-40DE-8BDA-79C6F501AC2E}

[2012/10/10 15:38:51 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\{D97F64D4-D073-4C84-958E-AE1DA26141C2}

========== Files - Modified Within 30 Days ==========

[2012/11/09 06:28:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012/11/09 06:09:29 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2517162095-573492459-740728455-1001UA.job

[2012/11/09 06:09:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/11/09 00:27:16 | 000,034,319 | ---- | M] () -- C:\Users\Adam\Desktop\clayton returns policy.odt

[2012/11/08 23:28:01 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012/11/08 21:59:19 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2517162095-573492459-740728455-1001Core.job

[2012/11/08 06:39:16 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/11/08 06:39:16 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/11/08 06:37:41 | 000,767,754 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012/11/08 06:37:41 | 000,181,446 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012/11/08 06:37:41 | 000,005,168 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012/11/08 06:31:36 | 2207,289,344 | -HS- | M] () -- C:\hiberfil.sys

[2012/11/08 05:59:04 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/11/07 20:19:34 | 000,000,219 | ---- | M] () -- C:\Users\Adam\Desktop\Search the Web.url

[2012/11/07 20:19:34 | 000,000,213 | ---- | M] () -- C:\Users\Adam\Desktop\SweetPcFix.url

[2012/11/07 19:27:50 | 000,002,481 | ---- | M] () -- C:\Users\Adam\Desktop\Google Chrome.lnk

[2012/10/23 09:37:03 | 000,014,251 | ---- | M] () -- C:\Users\Adam\Desktop\goodody quote.ods

[2012/10/23 09:36:54 | 000,014,555 | ---- | M] () -- C:\Users\Adam\Desktop\dk tools aug 2012.ods

========== Files Created - No Company Name ==========

[2012/11/07 20:19:34 | 000,000,219 | ---- | C] () -- C:\Users\Adam\Desktop\Search the Web.url

[2012/11/07 20:19:34 | 000,000,213 | ---- | C] () -- C:\Users\Adam\Desktop\SweetPcFix.url

[2012/11/04 13:33:22 | 000,800,203 | ---- | C] () -- C:\Users\Adam\Desktop\DSCN3159.JPG

[2012/11/04 13:33:09 | 000,664,286 | ---- | C] () -- C:\Users\Adam\Desktop\DSCN3189.JPG

[2012/10/23 09:37:03 | 000,014,251 | ---- | C] () -- C:\Users\Adam\Desktop\goodody quote.ods

[2012/10/16 19:09:56 | 000,786,057 | ---- | C] () -- C:\Users\Adam\Desktop\DSCN3171.JPG

[2012/05/07 16:47:55 | 000,003,584 | ---- | C] () -- C:\Users\Adam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/10/06 23:53:34 | 000,000,164 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\wklnhst.dat

[2011/09/17 12:12:29 | 000,000,439 | ---- | C] () -- C:\Windows\wininit.ini

[2011/08/14 19:42:47 | 000,103,784 | ---- | C] () -- C:\Users\Adam\GoToAssistDownloadHelper.exe

[2011/06/04 18:50:10 | 000,484,656 | ---- | C] () -- C:\Windows\ssndii.exe

[2011/04/18 15:48:27 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2011/04/18 14:57:42 | 000,735,714 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011/04/18 14:53:14 | 000,000,880 | ---- | C] () -- C:\Users\Adam\Downloads.lnk

[2010/04/21 10:41:04 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== ZeroAccess Check ==========

[2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 05:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 04:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 01:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/05/07 18:31:04 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Blackberry Desktop

[2011/09/17 18:44:49 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\casualArts

[2012/11/08 06:32:36 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Dropbox

[2011/05/04 21:06:02 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\GetRightToGo

[2011/09/17 12:12:45 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\HitPoint Studios

[2011/10/05 20:11:12 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Namco

[2011/06/25 20:32:11 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Oberon Media

[2011/04/18 15:36:28 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\OpenOffice.org

[2011/06/14 13:45:46 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\PlayFirst

[2012/03/29 07:41:38 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Research In Motion

[2011/09/18 06:44:10 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\SpinTop

[2011/06/13 17:39:17 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Tatara Systems

[2011/10/06 23:53:49 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Template

[2011/04/18 15:48:24 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Thunderbird

[2011/09/18 06:46:45 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\TitanicMystery

[2011/05/03 15:36:45 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:5A99DEB7

@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:4D066AD2

@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:9195103F

@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA

@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:93EB7685

@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:93DE1838

@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:E36F5B57

@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:ABE89FFE

@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:5D7E5A8F

@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:798A3728

@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:0B9176C0

@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:4B7317F4

@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:6C5EC3CD

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:8075370B

< End of report >

OTL Extras logfile created on: 09/11/2012 06:50:45 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Adam\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.74 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 37.08% Memory free

5.48 Gb Paging File | 3.05 Gb Available in Paging File | 55.70% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 283.99 Gb Total Space | 208.60 Gb Free Space | 73.45% Space Free | Partition Type: NTFS

Computer Name: ADAM-PC | User Name: Adam | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0D5D5745-F778-4B35-957D-7E0A24881F8C}" = rport=138 | protocol=17 | dir=out | app=system |

"{217DBF1A-F01A-47FF-B0B6-8CF002C80D43}" = rport=137 | protocol=17 | dir=out | app=system |

"{2958D6DB-70B0-45EF-B300-0E609FFE1C41}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{31907136-BA62-459F-B4C0-EF45BDDC974F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{47AB4B23-0191-4761-893A-6D2501965144}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |

"{4E12CBD0-4FC3-4D06-85A9-B2E3E66B210B}" = lport=10243 | protocol=6 | dir=in | app=system |

"{524021FE-D5E5-4C43-8216-12D8DFD252DC}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |

"{5297B8BB-2741-4C7A-939A-D5856F45B022}" = lport=445 | protocol=6 | dir=in | app=system |

"{56ADB7E2-C777-4419-955E-66C4F63CD10A}" = rport=445 | protocol=6 | dir=out | app=system |

"{60E3BF3E-F3C8-45D1-BFD4-96E209E12C31}" = lport=2869 | protocol=6 | dir=in | app=system |

"{6319F524-9319-45B6-AE3D-4786FB44FA19}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{772D7CEB-C707-4358-93B8-12EC5ADE42A1}" = lport=139 | protocol=6 | dir=in | app=system |

"{79F754BA-51B2-4817-A4E7-16F4DD9E7712}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |

"{817545F6-EF66-4761-A7CB-4A642D117095}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |

"{9A7EF8D1-7FDF-4BED-8950-A53441ED01A7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{A166735E-3A32-4B0C-9A9E-303E90362218}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{A6AFC312-4724-4345-A5D9-3982CF6A0DCE}" = rport=139 | protocol=6 | dir=out | app=system |

"{ABF77663-3303-4FE2-97D9-018AD1F4377A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{AEF0A32C-A51A-4D72-8261-E0C146BF96A7}" = lport=138 | protocol=17 | dir=in | app=system |

"{B70266D5-4790-4974-8A25-35F63058BEA4}" = lport=137 | protocol=17 | dir=in | app=system |

"{B718D947-2881-4980-B4E3-CB4CDBF81925}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{B83B9E1C-DBE7-4F3F-8D0D-18D3A96AA15A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{C0C5CDBE-8FE3-4F43-A672-ED69E39222D9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{C107338B-7D38-4783-9AB0-EE6594883984}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{D9F3A413-B84E-4FBE-A3C3-BDBFA17CCADA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{DB859530-4FBB-40CA-9408-DCC35C93E21C}" = lport=2869 | protocol=6 | dir=in | app=system |

"{E6B4FED1-FAC8-4933-8E9F-4CD1D4D3BECA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{E704C7DD-D90B-4D74-99C0-D66683F0D4BC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{E772D6B9-07A2-4980-9621-32520C2A4564}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{E9D3F03C-276C-4552-9992-1AB670660E49}" = rport=10243 | protocol=6 | dir=out | app=system |

"{F7729528-8FEF-4CD0-9F73-CD5F8775F417}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{04290A55-042D-439F-AC44-BB36A5546167}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |

"{05B44D7B-3874-46D9-8C94-A643B730F0A6}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |

"{15F4A687-B4C0-41C9-B371-A8EE33F1C3B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{198E2252-C7FB-471C-8319-643683A49D8F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{1A85485B-6568-4BE6-BDEC-5A62168F381C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{1E1E9938-711A-4FC8-97F2-5568F8EF73BB}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |

"{1EB388D1-2150-467A-8AFA-61FD15522962}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |

"{2003DB60-A327-4EFA-ABFB-2EB9769C70A6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{2414C12B-A0B5-444F-9290-E8F35DB58AEE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{2A5A7BBA-ED5B-4550-A719-D0C8F9F9C939}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |

"{37163062-D0F9-4597-8912-20F2E06C1E30}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{3BA9231C-CC02-4C02-BC84-AA3F06E91A47}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{4758AC94-0D71-4A99-97CA-FEFB5DB53782}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{4CDA1C00-9868-430B-86A2-30F425D1D2AB}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |

"{5206A446-ACC5-471A-8712-94909D341CB3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{67A51617-FF8C-47A1-9CD2-5B0D05D56469}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |

"{6B3540D6-2753-4147-875F-D2B68B6F34A5}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |

"{722A644E-2186-4B95-AC98-0F21816154A4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{7640F387-99F5-4423-BDC0-405C28BEFA41}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{79937C10-F8D3-422D-A2A5-1659D23EC099}" = protocol=6 | dir=in | app=c:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe |

"{7C3AE4A0-7A36-41EF-8077-3C18CBDBD818}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{862433E4-C809-4A42-897C-4F32F4117086}" = protocol=17 | dir=in | app=c:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe |

"{8E3EF2E1-188A-44C0-92C9-A9AA46775FAD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{8E9B7000-60C8-4D80-ACF1-7C19A42CA175}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{9BA36836-D4DE-48DF-898B-894292FE24C0}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |

"{A1A79366-F7DC-49BC-82D9-9FF000E3F327}" = protocol=6 | dir=out | app=system |

"{AF644746-B3EF-4A15-BBFF-5A5A9602003F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{B579852C-8467-40B3-BA98-BCB30CBB3AD4}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |

"{B6F4E6A5-4B9E-4A19-9401-DFB2DE1B71F1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{B904F141-D85D-418C-9A2D-20CAC3B4DFFC}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |

"{CBAA7695-EEC7-4043-A9A5-B109AC295D0B}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |

"{D310CC1E-4A63-4F23-86E8-A413E8F3A332}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{E154C657-2894-4B18-9C89-0484C801A0C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{E51D6E50-87DE-4DF0-9315-74ACBA15497A}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |

"{E7B3FD48-AA30-405C-AE01-B8F71B458174}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{EA473D7F-10B4-4959-B896-8D3C6BDA3642}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"{F51349A6-21DA-4D37-96AF-6F29AC961725}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{FE397EEA-75F8-4731-98C1-255617719DDC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"TCP Query User{1AE8F2A2-6BD7-470D-97BC-6B611CC5FE33}C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe |

"TCP Query User{369109BD-2F1F-4846-B439-F93550A66131}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |

"TCP Query User{A4543753-5A83-453F-AC8B-C895E7D07A95}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |

"UDP Query User{4A570CA0-BE3E-4313-8C58-E235333196FC}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |

"UDP Query User{A66FCEAF-4997-4BA6-8989-3E7BD0F4D4DE}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |

"UDP Query User{F8BBB24B-D90E-447A-8E52-B27935B07A6C}C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector

"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety

"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller

"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"CCleaner" = CCleaner

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft Security Client" = Microsoft Security Essentials

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"ZTE USB Driver" = ZTE USB Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker

"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard

"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 26

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic

"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management

"{82AF3E91-57E1-4754-84D0-40A46E2479AB}" = OpenOffice.org 3.3

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)

"{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}" = SweetPacks bundle uninstaller

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1" = Acer GameZone Console

"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.0 MUI

"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder

"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks

"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.167.331

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1

"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{F909BB1B-3FC1-4EDA-AF1F-8F1A89163591}" = BlackBerry Desktop Software 6.1

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"1912 Titanic Mystery" = 1912 Titanic Mystery

"Acer Registration" = Acer Registration

"Acer Screensaver" = Acer ScreenSaver

"Acer Welcome Center" = Welcome Center

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"BFGC" = Big Fish Games: Game Manager

"BlackBerry_Desktop" = BlackBerry Desktop Software 6.1

"GoToAssist" = GoToAssist Corporate

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"Identity Card" = Identity Card

"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5

"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager

"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite

"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9

"LManager" = Launch Manager

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000

"MyTomTom" = MyTomTom 3.1.0.530

"Samsung CLP-320 Series" = Maintenance Samsung CLP-320 SeriesVersion\Uninstall\MyTomTom

"WinLiveSuite" = Windows Live Essentials

"YTdetect" = Yahoo! Detect

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2517162095-573492459-740728455-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 03/10/2012 08:13:03 | Computer Name = Adam-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".

Dependent

Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 03/10/2012 09:34:42 | Computer Name = Adam-PC | Source = Customer Experience Improvement Program | ID = 1008

Description =

Error - 04/10/2012 04:24:18 | Computer Name = Adam-PC | Source = Customer Experience Improvement Program | ID = 1008

Description =

Error - 05/10/2012 03:28:14 | Computer Name = Adam-PC | Source = Customer Experience Improvement Program | ID = 1008

Description =

Error - 06/10/2012 06:09:16 | Computer Name = Adam-PC | Source = SideBySide | ID = 16842815

Description = Activation context generation failed for "c:\Program Files (x86)\Common

Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program

Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value

"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute

"version" in element "assemblyIdentity" is invalid.

Error - 06/10/2012 06:13:15 | Computer Name = Adam-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe".

Dependent

Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 06/10/2012 06:13:15 | Computer Name = Adam-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".

Dependent

Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 06/10/2012 06:13:15 | Computer Name = Adam-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".

Dependent

Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 06/10/2012 06:13:15 | Computer Name = Adam-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".

Dependent

Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 06/10/2012 14:23:47 | Computer Name = Adam-PC | Source = Customer Experience Improvement Program | ID = 1008

Description =

Error - 07/10/2012 15:48:57 | Computer Name = Adam-PC | Source = Customer Experience Improvement Program | ID = 1008

Description =

[ System Events ]

Error - 23/01/2012 03:23:48 | Computer Name = Adam-PC | Source = NetBT | ID = 4321

Description = The name "ADAM-PC :20" could not be registered on the interface

with IP address 192.168.1.67. The computer with the IP address 192.168.1.69 did

not allow the name to be claimed by this computer.

Error - 23/01/2012 07:45:23 | Computer Name = Adam-PC | Source = Server | ID = 2505

Description = The server could not bind to the transport \Device\NetBT_Tcpip_{3DD1DAFB-D437-4CDB-B57A-58D7C526D5DA}

because another computer on the network has the same name. The server could not

start.

Error - 23/01/2012 07:45:23 | Computer Name = Adam-PC | Source = NetBT | ID = 4321

Description = The name "ADAM-PC :20" could not be registered on the interface

with IP address 192.168.1.67. The computer with the IP address 192.168.1.69 did

not allow the name to be claimed by this computer.

Error - 23/01/2012 07:45:24 | Computer Name = Adam-PC | Source = NetBT | ID = 4321

Description = The name "ADAM-PC :0" could not be registered on the interface

with IP address 192.168.1.67. The computer with the IP address 192.168.1.69 did

not allow the name to be claimed by this computer.

Error - 23/01/2012 07:56:20 | Computer Name = Adam-PC | Source = Server | ID = 2505

Description = The server could not bind to the transport \Device\NetBT_Tcpip_{3DD1DAFB-D437-4CDB-B57A-58D7C526D5DA}

because another computer on the network has the same name. The server could not

start.

Error - 23/01/2012 07:56:20 | Computer Name = Adam-PC | Source = NetBT | ID = 4321

Description = The name "ADAM-PC :0" could not be registered on the interface

with IP address 192.168.1.67. The computer with the IP address 192.168.1.69 did

not allow the name to be claimed by this computer.

Error - 23/01/2012 07:56:20 | Computer Name = Adam-PC | Source = NetBT | ID = 4321

Description = The name "ADAM-PC :20" could not be registered on the interface

with IP address 192.168.1.67. The computer with the IP address 192.168.1.69 did

not allow the name to be claimed by this computer.

Error - 24/01/2012 03:56:02 | Computer Name = Adam-PC | Source = Server | ID = 2505

Description = The server could not bind to the transport \Device\NetBT_Tcpip_{3DD1DAFB-D437-4CDB-B57A-58D7C526D5DA}

because another computer on the network has the same name. The server could not

start.

Error - 24/01/2012 03:56:02 | Computer Name = Adam-PC | Source = NetBT | ID = 4321

Description = The name "ADAM-PC :0" could not be registered on the interface

with IP address 192.168.1.67. The computer with the IP address 192.168.1.69 did

not allow the name to be claimed by this computer.

Error - 24/01/2012 03:56:02 | Computer Name = Adam-PC | Source = NetBT | ID = 4321

Description = The name "ADAM-PC :20" could not be registered on the interface

with IP address 192.168.1.67. The computer with the IP address 192.168.1.69 did

not allow the name to be claimed by this computer.

< End of report >

Link to post
Share on other sites

Step 1

Please uninstall the following applications:

SweetPacks bundle uninstaller

SweetIM for Messenger 3.7

Internet Explorer Toolbar 4.6 by SweetPacks

Update Manager for SweetPacks 1.1

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTL
    CHR - Extension: SweetIM for Facebook = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\
    CHR - Extension: SweetIM for Facebook = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\
    O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O4 - HKLM..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
    O4 - HKLM..\Run: [sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
    [2012/11/07 20:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM
    [2012/11/07 20:19:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
    [2012/11/07 20:19:34 | 000,000,219 | ---- | M] () -- C:\Users\Adam\Desktop\Search the Web.url
    [2012/11/07 20:19:34 | 000,000,213 | ---- | M] () -- C:\Users\Adam\Desktop\SweetPcFix.url
    :files
    ipconfig /flushdns /c
    :Commands
    [emptytemp]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Please post the OTL fix log in your next reply.

Note: A copy of an OTL fix log is saved in a text file at C:\_OTL\MovedFiles

In your next reply, post the following log files:

  • JRT log
  • OTL Fix log

Link to post
Share on other sites

  • 3 weeks later...

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.