0

Hello folks....it's been awhile but I'm back with a potential nasties issue - my desktop is operating VERY slowly....here's a hijackthis log......can someone take a look and suggest some next steps? Thanks in advance! JD

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:38:47 PM, on 7/21/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Norma

"Running processes:
C:Program Files (x86)Norton Business SuiteEngine4.4.0.12ccSvcHst.exe
C:Program Files (x86)MotorolaMotoConnectServiceMotoConnect.exe
C:WindowsSysWOW64jmdpstij.exe
C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe
C:UsersHomeAppDataLocalAudiogalaxyAudiogalaxy.exe
C:Program FilesVerizon V CAST Media ManagerV CAST Backup Scheduler.exe
C:UsersHomeAppDataRoamingSmileboxSmileboxTray.exe
C:UsersHomeAppDataRoamingSpotifyDataSpotifyWebHelper.exe
C:Program Files (x86)SymantecNorton Online BackupActivationNobuActivation.exe
C:Program Files (x86)HPDigital Imagingbinhpqtra08.exe
C:Program Files (x86)HPHP Software UpdatehpwuSchd2.exe
C:Program Files (x86)Common FilesNikonMonitorNkMonitor.exe
C:Program Files (x86)GoogleGoogle Desktop SearchGoogleDesktop.exe
C:Program Files (x86)NETGEARWG111v3WG111v3.exe
C:UsersHomeAppDataRoamingDropboxbinDropbox.exe
C:Program Files (x86)iTunesiTunesHelper.exe
C:Program Files (x86)AdobeReader 9.0Readerreader_sl.exe
C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe
C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
C:Program Files (x86)HPDigital ImagingbinhpqSTE08.exe
C:Program Files (x86)HPDigital Imagingbinhpqbam08.exe
C:Program Files (x86)HPDigital Imagingbinhpqgpc01.exe
G:HijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=sx2800&r=173611094504p2329u955458617326
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={78A3960A-CC84-11E2-8EAE-001F16F31591} 

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:Program Files (x86)iWinprxtbiWi0.dll
R3 - URLSearchHook: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:Program Files (x86)FreeOnlineRadioPlayerRecorderprxtbFre0.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_printenhancer.dll
O2 - BHO: CrossriderApp0021802 - {11111111-1111-1111-1111-110211181102} - C:Program Files (x86)Shopping Sidekick PluginShopping Sidekick Plugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program Files (x86)Norton Business SuiteEngine4.4.0.12coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:Program Files (x86)Norton Business SuiteEngine4.4.0.12IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre6binssv.dll
O2 - BHO: Updater By SweetPacks Helper - {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:Program FilesUpdater By SweetPacksExtension32.dll
O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:Program Files (x86)iWin GamesiWinGamesHookIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program Files (x86)GoogleGoogleToolbarNotifier5.7.8313.1002swg.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:Program Files (x86)Free Download Manageriefdm2.dll
O2 - BHO: iWin - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:Program Files (x86)iWinprxtbiWi0.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:Program Files (x86)MicrosoftBingBar7.1.391.0BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6binjp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:Program Files (x86)SweetIMToolbarsInternet ExplorermgToolbarIE.dll
O2 - BHO: FreeOnlineRadioPlayerRecorder - {f999a48b-1950-4d81-9971-79018f807b4b} - C:Program Files (x86)FreeOnlineRadioPlayerRecorderprxtbFre0.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program Files (x86)Norton Business SuiteEngine4.4.0.12coIEPlg.dll
O3 - Toolbar: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:Program Files (x86)iWinprxtbiWi0.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:Program Files (x86)MicrosoftBingBar7.1.391.0BingExt.dll" (file missing)
O3 - Toolbar: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:Program Files (x86)FreeOnlineRadioPlayerRecorderprxtbFre0.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:Program Files (x86)SweetIMToolbarsInternet ExplorermgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O4 - HKLM..Run: [NortonOnlineBackupReminder] "C:Program Files (x86)SymantecNorton Online BackupActivationNobuActivation.exe" UNATTENDED
O4 - HKLM..Run: [iYogiToolbar] C:Program Files (x86)iYogi SupportDockiYogiSupportDock.exe
O4 - HKLM..Run: [hpqSRMon] C:Program Files (x86)HPDigital ImagingbinhpqSRMon.exe
O4 - HKLM..Run: [HP Software Update] C:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
O4 - HKLM..Run: [Nikon Transfer Monitor] C:Program Files (x86)Common FilesNikonMonitorNkMonitor.exe
O4 - HKLM..Run: [Google Desktop Search] "C:Program Files (x86)GoogleGoogle Desktop SearchGoogleDesktop.exe" /startup
O4 - HKLM..Run: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] "C:Program Files (x86)iTunesiTunesHelper.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe"
O4 - HKLM..Run: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"
O4 - HKCU..Run: [Startup Manager] "C:Program Files (x86)iYogi SupportDockOptimizestartupmanager.exe"
O4 - HKCU..Run: [swg] "C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe"
O4 - HKCU..Run: [Audiogalaxy] "C:UsersHomeAppDataLocalAudiogalaxyAudiogalaxy.exe" /startup
O4 - HKCU..Run: [HLBackupScheduler] C:Program FilesVerizon V CAST Media ManagerV CAST Backup Scheduler.exe
O4 - HKCU..Run: [SmileboxTray] "C:UsersHomeAppDataRoamingSmileboxSmileboxTray.exe"
O4 - HKCU..Run: [GoogleChromeAutoLaunch_F8F9C1389199C5D42EF0F1FE1D081D59] "C:Program Files (x86)GoogleChromeApplicationchrome.exe" --no-startup-window
O4 - HKCU..Run: [Spotify Web Helper] "C:UsersHomeAppDataRoamingSpotifyDataSpotifyWebHelper.exe"
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-19..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUSS-1-5-20..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:UsersHomeAppDataRoamingDropboxbinDropbox.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program Files (x86)HPDigital Imagingbinhpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program Files (x86)Microsoft OfficeOffice10OSA.EXE
O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:Program Files (x86)NETGEARWG111v3WG111v3.exe
O4 - Global Startup: WD Quick View.lnk = C:Program FilesWestern DigitalWD SmartWareWDDMStatus.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:Windowssystem32GPhotos.scr/200
O8 - Extra context menu item: Download all with Free Download Manager - file://C:Program Files (x86)Free Download Managerdlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:Program Files (x86)Free Download Managerdlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:Program Files (x86)Free Download Managerdlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:Program Files (x86)Free Download Managerdllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~2MICROS~1Office12EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:UsersHomeAppDataRoamingDVDVideoSoftIEHelpersfreeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:UsersHomeAppDataRoamingDVDVideoSoftIEHelpersfreeyoutubetomp3converter.htm
O9 - Extra button: @C:Program Files (x86)Windows LiveWriterWindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:Program Files (x86)Windows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~1Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~1Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~2MICROS~1Office12REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:program files (x86)common filesmicrosoft sharedwindows livewlidnsp.dll
O10 - Unknown file in Winsock LSP: c:program files (x86)common filesmicrosoft sharedwindows livewlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:PROGRA~2GoogleGOOGLE~4GO36F4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:Program FilesLSI SoftModemagr64svc.exe
O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:Program Files (x86)BonjourmDNSResponder.exe
O23 - Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) - Unknown owner - C:WindowsSystem32lsass.exe (file missing)
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:Program Files (x86)Common FilesMAGIX ServicesDatabasebinFABS.exe
O23 - Service: @%systemroot%system32fxsresm.dll,-118 (Fax) - Unknown owner - C:Windowssystem32fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:Program Files (x86)Common FilesMAGIX ServicesDatabasebinfbserver.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:Program Files (x86)WildTangent GamesAppGamesAppService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:Program Files (x86)GoogleGoogle Desktop SearchGoogleDesktop.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:Program Files (x86)GatewayRegistrationGregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe
O23 - Service: IBUpdaterService - Unknown owner - C:Windowssystem32dmwu.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:Program Files (x86)CanonIJPLMIJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe
O23 - Service: iWinTrusted - iWin Inc. - C:Program Files (x86)iWin GamesiWinTrusted.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: MotoConnect Service - Unknown owner - C:Program Files (x86)MotorolaMotoConnectServiceMotoConnectService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)
O23 - Service: Norton Business Suite (N360) - Symantec Corporation - C:Program Files (x86)Norton Business SuiteEngine4.4.0.12ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:Program Files (x86)Common FilesNeroNero BackItUp 4NBService.exe
O23 - Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:Program Files (x86)NewTech InfosystemsGateway MyBackupIScheduleSvc.exe
O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)
O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing)
O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%system32sppsvc.exe,-101 (sppsvc) - Unknown owner - C:Windowssystem32sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)
O23 - Service: Updater By SweetPacks - Unknown owner - C:Program FilesUpdater By SweetPacksExtensionUpdaterService.exe
O23 - Service: Updater Service - Acer - C:Program FilesGatewayGateway UpdaterUpdaterService.exe
O23 - Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)
O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)
O23 - Service: @%SystemRoot%system32WatWatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:Windowssystem32WatWatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%system32wbengine.exe,-104 (wbengine) - Unknown owner - C:Windowssystem32wbengine.exe (file missing)
O23 - Service: WDDMService - WDC - C:Program FilesWestern DigitalWD SmartWareWDDMService.exe
O23 - Service: WDFMEService - Western Digital - C:Program FilesWestern DigitalWD SmartWareWDFME.exe
O23 - Service: WDRulesService - Western Digital - C:Program FilesWestern DigitalWD SmartWareWDRulesEngine.exe
O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)"

--
End of file - 18253 bytes

Edited by jd51edwin

5
Contributors
8
Replies
45
Views
4 Years
Discussion Span
Last Post by pcexpert
0

Quite a few dodgy looking processes running there. Do a full Mbam scan and get it to remove what it finds, google will easily find it. Post the Mbam log and a fresh HJT log once done.

0

Thanks....here are the files!

Mbam

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.23.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Home :: HOME-PC [administrator]

7/22/2013 10:29:12 PM
MBAM-log-2013-07-23 (13-25-51).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 561930
Time elapsed: 8 hour(s), 45 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 10
"HKCR\CLSID{11111111-1111-1111-1111-110211181102} (PUP.215Apps) -> No action taken.
HKCR\TypeLib{44444444-4444-4444-4444-440244184402} (PUP.215Apps) -> No action taken.
HKCR\Interface{55555555-5555-5555-5555-550255185502} (PUP.215Apps) -> No action taken.
HKCR\CrossriderApp0021802.BHO.1 (PUP.215Apps) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{11111111-1111-1111-1111-110211181102} (PUP.215Apps) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings{11111111-1111-1111-1111-110211181102} (PUP.215Apps) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{11111111-1111-1111-1111-110211181102} (PUP.215Apps) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{11111111-1111-1111-1111-110211181102} (PUP.215Apps) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shopping Sidekick Plugin (PUP.215Apps) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.

Folders Detected: 0
(No malicious items detected)

Files Detected: 8
C:\Program Files (x86)\Shopping Sidekick Plugin\Shopping Sidekick Plugin.dll (PUP.215Apps) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-504415395-2054630939-660048953-1000\$R7KACS0.exe (PUP.Adware.Installcore) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-504415395-2054630939-660048953-1000\$RUL0Y3Z.exe (PUP.IBryte) -> No action taken.
C:\Program Files (x86)\Shopping Sidekick Plugin\Shopping Sidekick Plugin-bg.exe (PUP.215Apps) -> No action taken.
C:\Program Files (x86)\Shopping Sidekick Plugin\Shopping Sidekick Plugin.exe (PUP.215Apps) -> No action taken.
C:\Program Files (x86)\Shopping Sidekick Plugin\Shopping Sidekick PluginGui.exe (PUP.215Apps) -> No action taken.
C:\Program Files (x86)\Shopping Sidekick Plugin\Uninstall.exe (PUP.215Apps) -> No action taken.
C:\Users\Home\AppData\Local\Temp\is357113909\SuperLyrics_1060-2024_v116.exe (PUP.LyricsAd) -> No action taken."

(end)

HJT

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:22:48 AM, on 7/24/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
"
C:\Program Files (x86)\Norton Business Suite\Engine\4.4.0.12\ccSvcHst.exe
C:\Windows\MHotKey.exe
C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Users\Home\AppData\Local\Audiogalaxy\Audiogalaxy.exe
C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
C:\Users\Home\AppData\Roaming\Smilebox\SmileboxTray.exe
C:\Users\Home\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Users\Home\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
G:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=sx2800&r=173611094504p2329u955458617326
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={78A3960A-CC84-11E2-8EAE-001F16F31591} 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files (x86)\iWin\prxtbiWi0.dll
R3 - URLSearchHook: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Business Suite\Engine\4.4.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Business Suite\Engine\4.4.0.12\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Updater By SweetPacks Helper - {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension32.dll
O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: iWin - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files (x86)\iWin\prxtbiWi0.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: FreeOnlineRadioPlayerRecorder - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Business Suite\Engine\4.4.0.12\coIEPlg.dll
O3 - Toolbar: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files (x86)\iWin\prxtbiWi0.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O3 - Toolbar: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM..\Run: [iYogiToolbar] C:\Program Files (x86)\iYogi SupportDock\iYogiSupportDock.exe
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
O4 - HKLM..\Run: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU..\Run: [Startup Manager] "C:\Program Files (x86)\iYogi SupportDock\Optimize\startupmanager.exe"
O4 - HKCU..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU..\Run: [Audiogalaxy] "C:\Users\Home\AppData\Local\Audiogalaxy\Audiogalaxy.exe" /startup
O4 - HKCU..\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
O4 - HKCU..\Run: [SmileboxTray] "C:\Users\Home\AppData\Roaming\Smilebox\SmileboxTray.exe"
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_F8F9C1389199C5D42EF0F1FE1D081D59] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU..\Run: [Spotify Web Helper] "C:\Users\Home\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe
O4 - Global Startup: WD Quick View.lnk = C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\Google\GOOGLE~4\GO36F4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files (x86)\iWin Games\iWinTrusted.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MotoConnect Service - Unknown owner - C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton Business Suite (N360) - Symantec Corporation - C:\Program Files (x86)\Norton Business Suite\Engine\4.4.0.12\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater By SweetPacks - Unknown owner - C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
O23 - Service: Updater Service - Acer - C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
O23 - Service: WDFMEService - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
O23 - Service: WDRulesService - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)"

--
End of file - 17940 bytes

0

Also, it says "no action taken" next to the Mbam entries. You need Mbam to remove what it finds.

0

Hello - here are the new log runs....also, I believe MBam did remove what if found - here's another log (I reran the scan - it took 20 hours). Thanks for the help and please advise on next steps.

AdwCleaner v2.306 - Logfile created 07/29/2013 at 21:05:27

Updated 19/07/2013 by Xplode

Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

User : Home - HOME-PC

Boot Mode : Normal

Running from : G:\AdwCleaner.exe

Option [Delete]

***** [Services] *****

Stopped & Deleted : Updater By SweetPacks

***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3hc9qi2n.default\extensions{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3hc9qi2n.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3hc9qi2n.default\searchplugins\SweetIm.xml
File Deleted : C:\Windows\Tasks\DSite.job
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder
Folder Deleted : C:\Program Files (x86)\FunWebProducts
Folder Deleted : C:\Program Files (x86)\iWin
Folder Deleted : C:\Program Files (x86)\Shopping Sidekick Plugin
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\Uncompressor
Folder Deleted : C:\Program Files\Updater By SweetPacks
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Home\AppData\Local\Conduit
Folder Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Deleted : C:\Users\Home\AppData\Local\Shopping Sidekick Plugin
Folder Deleted : C:\Users\Home\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Home\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Home\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Home\AppData\LocalLow\FreeOnlineRadioPlayerRecorder
Folder Deleted : C:\Users\Home\AppData\LocalLow\iWin
Folder Deleted : C:\Users\Home\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Home\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Home\AppData\Roaming\DSite
Folder Deleted : C:\Users\Home\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uncompressor
Folder Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3hc9qi2n.default\CT2737658
Folder Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3hc9qi2n.default\extensions\"{f999a48b-1950-4d81-9971-79018f807b4b}"
Folder Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3hc9qi2n.default\Smartbar
Folder Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3hc9qi2n.default\StumbleUpon
Folder Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3hc9qi2n.default\SweetPacksToolbarData
Folder Deleted : C:\Users\Home\AppData\Roaming\registry mechanic
Folder Deleted : C:\Windows\SysWOW64\ARFC
Folder Deleted : C:\Windows\SysWOW64\jmdp
Folder Deleted : C:\Windows\SysWOW64\WNLT

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\FreeOnlineRadioPlayerRecorder
Key Deleted : HKCU\Software\AppDataLow\Software\iWin
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Shopping Sidekick Plugin
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\CE0C2586-DA36-452B-ACDB-320D9BCB19BF

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}








Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}


Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F999A48B-1950-4D81-9971-79018F807B4B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CE0C2586-DA36-452B-ACDB-3Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D}20D9BCB19BF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F999A48B-1950-4D81-9971-79018F807B4B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Uncompressor
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021802.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021802.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021802.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : HKLM\Software\Classes\Installer\Features\FB6D58DD787439A4995AF3C00FEA8843
Key Deleted : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : HKLM\Software\Classes\Installer\Products\FB6D58DD787439A4995AF3C00FEA8843
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1678857
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\FreeOnlineRadioPlayerRecorder
Key Deleted : HKLM\Software\iWin
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2DDB081-10D0-4804-AB95-73C70CBA3805}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C0BE611C-47BA-4F81-9FFD-B32EF0FFBAF6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B2DDB081-10D0-4804-AB95-73C70CBA3805}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C0BE611C-47BA-4F81-9FFD-B32EF0FFBAF6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CE0C2586-DA36-452B-ACDB-320D9BCB19BF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F999A48B-1950-4D81-9971-79018F807B4B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2945B313-60F4-4289-ADD9-011AF3FC282B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7740438A-F8D2-4B1B-AA34-AEFCC3073E23}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3262EA8-EA64-4915-8DCF-E60C8CD2FBC2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2C58721-3D9C-47C1-B17C-2F9C5B94B687}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE0C2586-DA36-452B-ACDB-320D9BCB19BF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F999A48B-1950-4D81-9971-79018F807B4B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FreeOnlineRadioPlayerRecorder Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iWin Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D4F1959-3F72-49D5-8E59-F02F8AA6815D}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CE0C2586-DA36-452B-ACDB-320D9BCB19BF}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{F999A48B-1950-4D81-9971-79018F807B4B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CE0C2586-DA36-452B-ACDB-320D9BCB19BF}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F999A48B-1950-4D81-9971-79018F807B4B}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CE0C2586-DA36-452B-ACDB-320D9BCB19BF}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F999A48B-1950-4D81-9971-79018F807B4B}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{acaa314b-eeba-48e4-ad47-84e31c44796c}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{CE0C2586-DA36-452B-ACDB-320D9BCB19BF}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F999A48B-1950-4D81-9971-79018F807B4B}]"

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16635

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={78A3960A-CC84-11E2-8EAE-001F16F31591} --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3hc9qi2n.default\prefs.js

Deleted : user_pref("CT2737658.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT2737658.1000082.state", "{\"state\":\"stopped\",\"text\":\"Classic R...\",\"description[...]
Deleted : user_pref("CT2737658.2737658a129531115111807042000000paramsGK0.enc", "eyJ1cGRhdGVSZXFUaW1lIjoxMzU5Nj[...]
Deleted : user_pref("CT2737658.CBOpenMAMSettings.enc", "MA==");
Deleted : user_pref("CT2737658.CT2737658ads1.enc", "JTdCJTIyYWRzJTIyJTNBJTVCJTdCJTIyYWlkJTIyJTNBJTIyNzkyNDUlMj[...]
Deleted : user_pref("CT2737658.CT2737658current_term.enc", "");
Deleted : user_pref("CT2737658.CT2737658sdate.enc", "MzE=");
Deleted : user_pref("CT2737658.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2737658.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT2737658.FirstTime", "true");
Deleted : user_pref("CT2737658.FirstTimeFF3", "true");
Deleted : user_pref("CT2737658.LoginRevertSettingsEnabled", true);
Deleted : user_pref("CT2737658.PG_ENABLE", "dHJ1ZQ==");
Deleted : user_pref("CT2737658.RSS_Pub_Config.enc", "eyJzZXR0aW5ncyI6eyJpY29uIjoiaHR0cDovL3N0b3JhZ2UuY29uZHVpd[...]
Deleted : user_pref("CT2737658.RSSapp2737658a129531115111807042000000ReadItemsArr.enc", "JTdCJTIyaHR0cCUzQSUyR[...]
Deleted : user_pref("CT2737658.RSSapp2737658a129531115111807042000000cat0.enc", "JTVCJTdCJTIydHlwZSUyMiUzQSUyM[...]
Deleted : user_pref("CT2737658.RSSapp2737658a129531115111807042000000cat1.enc", "JTVCJTdCJTIydHlwZSUyMiUzQSUyM[...]
Deleted : user_pref("CT2737658.RSSapp2737658a129531115111807042000000cat2.enc", "JTVCJTdCJTIydHlwZSUyMiUzQSUyM[...]
Deleted : user_pref("CT2737658.RSSapp2737658a129531115111807042000000cat3.enc", "JTVCJTdCJTIydHlwZSUyMiUzQSUyM[...]
Deleted : user_pref("CT2737658.RSSapp2737658a129531115111807042000000embeddedVersion.enc", "Mi41LjA=");
Deleted : user_pref("CT2737658.RSSapp2737658a129531115111807042000000feedsObj.enc", "JTdCJTIyY2hhbm5lbHMlMjIlM[...]
Deleted : user_pref("CT2737658.RSSapp2737658a129531115111807042000000lastReportTime.enc", "MTM1OTY2Nzk2Mzg4NiA[...]
Deleted : user_pref("CT2737658.RSSapp2737658a129531115111807042000000newFeeds.enc", "bmV3RmVlZHM=");
Deleted : user_pref("CT2737658.RevertSettingsEnabled", true);
Deleted : user_pref("CT2737658.SearchAppState.enc", "Mg==");
Deleted : user_pref("CT2737658.SearchAppTracking.enc", "MQ==");
Deleted : user_pref("CT2737658.UserID", "UN36797281712084415");
Deleted : user_pref("CT2737658.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT2737658.addressUrlXPETakeover", "true");
Deleted : user_pref("CT2737658.autoDisableScopes", -1);
Deleted : user_pref("CT2737658.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT2737658.cbcountry_001.enc", "VVM=");
Deleted : user_pref("CT2737658.cbfirsttime.enc", "VGh1IEphbiAzMSAyMDEzIDE2OjMxOjU1IEdNVC0wNTAwIChFYXN0ZXJuIFN0[...]
Deleted : user_pref("CT2737658.countryCode", "US");
Deleted : user_pref("CT2737658.defaultSearch", "false");
Deleted : user_pref("CT2737658.enableAlerts", "false");
Deleted : user_pref("CT2737658.enableFix404ByUser", "FALSE");
Deleted : user_pref("CT2737658.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT2737658.firstTimeDialogOpened", "true");
Deleted : user_pref("CT2737658.fixPageNotFoundError", "true");
Deleted : user_pref("CT2737658.fixPageNotFoundErrorByUser", "true");
Deleted : user_pref("CT2737658.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT2737658.fixUrls", true);
Deleted : user_pref("CT2737658.fullUserID", "UN36797281712084415.UP.20130630120841");
Deleted : user_pref("CT2737658.installDate", "31/1/2013 16:29:45");
Deleted : user_pref("CT2737658.installId", "conduitnsisintegration");
Deleted : user_pref("CT2737658.installType", "conduitnsisintegration");
Deleted : user_pref("CT2737658.isCheckedStartAsHidden", true);
Deleted : user_pref("CT2737658.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2737658.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT2737658.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT2737658.keyword", "true");
Deleted : user_pref("CT2737658.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.condui[...]
Deleted : user_pref("CT2737658.lastVersion", "10.16.4.519");
Deleted : user_pref("CT2737658.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Deleted : user_pref("CT2737658.migrateAppsAndComponents", true);
Deleted : user_pref("CT2737658.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Deleted : user_pref("CT2737658.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT2737658.openThankYouPage", "false");
Deleted : user_pref("CT2737658.openUninstallPage", "true");
Deleted : user_pref("CT2737658.revertSettingsEnabled", "false");
Deleted : user_pref("CT2737658.search.searchAppId", "129258407936791975");
Deleted : user_pref("CT2737658.search.searchCount", "0");
Deleted : user_pref("CT2737658.searchInNewTabEnabledByUser", "false");
Deleted : user_pref("CT2737658.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT2737658.searchSuggestEnabledByUser", "false");
Deleted : user_pref("CT2737658.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2737658.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT2737658.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT2737658.serviceLayer_services_Configuration_lastUpdate", "1374546197115");
Deleted : user_pref("CT2737658.serviceLayer_services_app.twitter.user-cnet_lastUpdate", "1359667912095");
Deleted : user_pref("CT2737658.serviceLayer_services_app.twitter.user-cnnbrk_lastUpdate", "1359667912197");
Deleted : user_pref("CT2737658.serviceLayer_services_app.twitter.user-computeractive_lastUpdate", "13596679121[...]
Deleted : user_pref("CT2737658.serviceLayer_services_app.twitter.user-dailymirror_lastUpdate", "1359667912160"[...]
Deleted : user_pref("CT2737658.serviceLayer_services_app.twitter.user-google_lastUpdate", "1359667912020");
Deleted : user_pref("CT2737658.serviceLayer_services_app.twitter.user-techcrunch_lastUpdate", "1359667912053")[...]
Deleted : user_pref("CT2737658.serviceLayer_services_app.twitter.user-time_lastUpdate", "1359667912288");
Deleted : user_pref("CT2737658.serviceLayer_services_app.twitter.user-wired_lastUpdate", "1359667912245");
Deleted : user_pref("CT2737658.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1359667908447");
Deleted : user_pref("CT2737658.serviceLayer_services_appsMetadata_lastUpdate", "1359667908429");
Deleted : user_pref("CT2737658.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1359667908254");
Deleted : user_pref("CT2737658.serviceLayer_services_location_lastUpdate", "1372517205969");
Deleted : user_pref("CT2737658.serviceLayer_services_login_10.14.42.7_lastUpdate", "1360813256143");
Deleted : user_pref("CT2737658.serviceLayer_services_login_10.14.65.43_lastUpdate", "1364260356857");
Deleted : user_pref("CT2737658.serviceLayer_services_login_10.15.0.562_lastUpdate", "1366856398081");
Deleted : user_pref("CT2737658.serviceLayer_services_login_10.15.2.523_lastUpdate", "1368571869690");
Deleted : user_pref("CT2737658.serviceLayer_services_login_10.16.2.509_lastUpdate", "1372546007410");
Deleted : user_pref("CT2737658.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374546197367");
Deleted : user_pref("CT2737658.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1359667908389");
Deleted : user_pref("CT2737658.serviceLayer_services_searchAPI_lastUpdate", "1374546197081");
Deleted : user_pref("CT2737658.serviceLayer_services_serviceMap_lastUpdate", "1374546197002");
Deleted : user_pref("CT2737658.serviceLayer_services_toolbarContextMenu_lastUpdate", "1359667908200");
Deleted : user_pref("CT2737658.serviceLayer_services_toolbarSettings_lastUpdate", "1374546197578");
Deleted : user_pref("CT2737658.serviceLayer_services_translation_lastUpdate", "1372517206317");
Deleted : user_pref("CT2737658.settingsINI", true);
Deleted : user_pref("CT2737658.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT2737658.showToolbarPermission", "false");
Deleted : user_pref("CT2737658.smartbar.CTID", "CT2737658");
Deleted : user_pref("CT2737658.smartbar.Uninstall", "0");
Deleted : user_pref("CT2737658.smartbar.homepage", true);
Deleted : user_pref("CT2737658.smartbar.isHidden", true);
Deleted : user_pref("CT2737658.smartbar.toolbarName", "FreeOnlineRadioPlayerRecorder ");
Deleted : user_pref("CT2737658.startPage", "false");
Deleted : user_pref("CT2737658.toolbarBornServerTime", "1-2-2013");
Deleted : user_pref("CT2737658.toolbarCurrentServerTime", "23-7-2013");
Deleted : user_pref("CT2737658.toolbarLoginClientTime", "Tue Mar 26 2013 15:32:41 GMT-0400 (Eastern Daylight T[...]
Deleted : user_pref("CT2737658.url_history0001.enc", "aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo6OmNsaWNraGFuZGxlcjo6OjEz[...]
Deleted : user_pref("CT2737658_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("browser.newtab.url", "hxxp://start.sweetpacks.com/?barid={78A3960A-CC84-11E2-8EAE-001F16F[...]
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("ct2737658.UserID", "UN36797281712084415");
Deleted : user_pref("keyword.URL", "hxxp://start.sweetpacks.com?src=6&barid={78A3960A-CC84-11E2-8EAE-001F16F31[...]
Deleted : user_pref("smartbar.machineId", "ZIXAMWRPTOVDPKZX8Q9QVC/AIAFO6BEK7PRZW9NF57A0CVKDUGO8SOVULENB43TNAWW[...]
Deleted : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Deleted : user_pref("sweetim.toolbar.SearchBoxLogo", "bing.png");
Deleted : user_pref("sweetim.toolbar.SearchBoxText", "Search with Bing");
Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true");
Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Deleted : user_pref("sweetim.toolbar.cargo", "3.5000006.10042");
Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "false");
Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "false");
Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "false");
Deleted : user_pref("sweetim.toolbar.defaultProvider", "bng");
Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]
Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...]
Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]
Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]
Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]
Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]
Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Deleted : user_pref("sweetim.toolbar.newtab.created", "false");
Deleted : user_pref("sweetim.toolbar.newtab.enable", "false");
Deleted : user_pref("sweetim.toolbar.newtab.url", "hxxp://start.sweetpacks.com/?src=97&barid=$toolbar_id;&crg=[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.newtab.url", "hxxp://start.sweetpacks.com/?barid={78A396[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Bing ");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://www.bing.com/search?FORM=IEF[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Google");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.google.com/");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_V[...]
Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Deleted : user_pref("sweetim.toolbar.scripts.2.callback", "");
Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]
Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]
Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");
Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Deleted : user_pref("sweetim.toolbar.simapp_id", "{78A3960A-CC84-11E2-8EAE-001F16F31591}");
Deleted : user_pref("sweetim.toolbar.urls.afteruninstall", "hxxp://toolbar.sweetpacks.com/uninstallbar.asp?bar[...]
Deleted : user_pref("sweetim.toolbar.urls.contactus", "hxxp://www.perion.com/contact-us");
Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.[...]
Deleted : user_pref("sweetim.toolbar.urls.privacy", "hxxp://www.perion.com/privacy-policy");
Deleted : user_pref("sweetim.toolbar.urls.searchpage", "hxxp://start.sweetpacks.com/?barid=$toolbar_id;");
Deleted : user_pref("sweetim.toolbar.urls.uninstall", "hxxp://toolbar.sweetpacks.com/uninstall");
Deleted : user_pref("sweetim.toolbar.version", "1.13.0.1");
Deleted : user_pref("{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=too[...]
Deleted : user_pref("{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]
Deleted : user_pref("{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}.ScriptData_product_name", "Updater By SweetPacks")[...]

-\\ Google Chrome v28.0.1500.72

File : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.2276] : homepage = "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={78A3960A-CC84-1[...]

*************************

AdwCleaner[R1].txt - [33214 octets] - [29/07/2013 21:03:49]
AdwCleaner[S1].txt - [33242 octets] - [29/07/2013 21:05:27]

########## EOF - C:\AdwCleaner[S1].txt - [33303 octets] ##########


-----------------------------------------------------------------------------------------------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.8 (07.29.2013:2)
OS: Windows 7 Home Premium x64
Ran by Home on Mon 07/29/2013 at 21:14:37.69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110211181102}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220222182202}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660266186602}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110211181102}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220222182202}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660266186602}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186602}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660266186602}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BC2AF186-AB2B-43D9-9217-52C128A4FA9C}



~~~ Files

Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll"
Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll
Successfully deleted: [File] "C:\Windows\couponprinter.ocx"



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{04D7F062-72C4-4674-A9EC-B54D1064E0A5}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{067C2324-01B5-4EE4-A753-0FF88F175245}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{084F4D7B-56BE-4709-A28E-034DBEE06F80}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{0AD6E6DC-300E-4B2A-8A51-F30E7E809219}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{115EB7CA-B7A6-4D78-AC46-E6D1FBBC2A79}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{169AA2F4-7964-44D7-84DD-3D6C46A038B3}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{1E1245ED-7A08-446B-BAD8-67FFC38C249D}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{1E859A95-E37C-4DFF-904E-D307D2BA37A0}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{277BFE02-F37B-4CF7-8FA3-ECDB49C4936A}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{29A5E8FD-7F57-4445-8D56-A3CD7ED39F99}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{2CA385CE-932C-40D8-A057-9C7E8DF056E0}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{30E4F51B-D58B-4EA3-A214-634903FFF408}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{34108CC5-70DA-4781-933E-DDA1C977FF9B}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{3E5A9425-AA47-43E4-B46F-3E545234B138}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{43F90765-1AB7-4CEE-8813-B04E76CA9AD5}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{525A632D-7686-4811-9039-128E434BD8E4}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{5CB57B22-80F1-4EC5-904E-8F1AFE143807}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{67BB62C9-3EF3-438B-9432-B4868372977D}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{6F51BEDE-32A7-482A-ACAC-1880F3BE7A5F}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{70236269-62E5-4C24-9673-883596DD8DC1}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{7071FFBA-BA7C-430C-8A9F-003C9E96BAF3}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{7618F65C-FC4E-4B5B-9F27-45DF940011EE}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{77766CC4-5028-497C-9242-284B367D26CD}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{77C52692-F1D1-4757-8C28-17330EED96BD}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{7A77F4A8-9BA6-43B5-BDBA-6DCFFCF67EB7}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{82DAACD6-4F1B-4086-A78E-3066E80559B7}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{882BF7E6-EE3E-4428-81A2-E19CE065699B}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{8C110B0F-E6C1-4608-8CC0-1C2990443B6A}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{8EA6D7D1-2FB2-4021-A1E9-7D2BBB512CF1}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{8EBA2D91-4367-4092-A770-CF7071A9F096}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{8FC3E1BE-8C9A-4917-85D1-786AFC73CE85}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{8FD43F62-28A5-4137-9A67-8FD3276258E1}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{8FD87CA5-0B65-4968-A894-A2BAA25729C0}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{A125DFB8-E066-4FBB-A9FD-C416F1798576}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{A33E2BFB-42B9-4499-A4EC-7C3E272A6A61}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{A35A28F8-E72D-43EC-9BE7-74AD0DFFEE71}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{A719F358-BDAA-4B08-A42F-132EAB322DD6}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{A777CA90-1C50-4F8A-9213-054D5E871EA2}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{A8A93DE2-578F-46ED-9587-3456CF0A58FD}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{AF1EE759-1C9C-4DA3-9B84-4B913D9E0891}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{B1E51958-478C-44AB-B1BC-D031D61EA65A}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{B65DA26C-F756-4F6C-AD6A-95C47143CC1C}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{B9A3096A-9423-41D1-B456-8395506E8F26}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{BA180925-DEE1-4263-BC72-5CEC86CF3C2C}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{BFAB5F98-4B47-4725-BD4A-E437580BE7BA}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{C848DE55-30A4-4A7B-AEF1-6929FAB45E0A}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{CD0AFB87-4534-498E-9477-BFF1CADBEB97}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{CE1C8F55-480D-4BBB-8B33-71BEFAC21513}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{CEC1EF54-1F64-4654-BF37-D43311B9FB26}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{D2310CAF-C1E1-4E2B-B486-1F39253DCDA6}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{D2958D0F-BA89-4D45-A065-D3E9C63FFA88}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{D46169E9-3708-4A94-9C3D-FEB4C653FA50}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{D79A8BFD-C208-4349-B3F2-0FA602F557AA}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{D8F1FC8F-3A90-4F7F-9A6E-CFC6BEE670E8}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{DD678C35-568E-4BC1-9726-552E50E7EFEE}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{DEDD9C6E-998A-4497-BDE5-5A6D76A22B29}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{E56DEC29-7D5A-4189-9108-B3881F538A44}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{EDB73843-0422-4CA9-BB9E-A5E20C06AE82}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{F0707D24-10CE-4C33-A300-94EEEC117364}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{F283582B-3FEE-4545-BFB8-9E19004B7AE2}
Successfully deleted: [Empty Folder] C:\Users\Home\appdata\local\{FE5A4A8F-95DF-4838-B64C-C9BAB39AAB83}



~~~ FireFox

Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\safesearch.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\safesearch.xml"
Successfully deleted: [File] C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\3hc9qi2n.default\invalidprefs.js
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{7d4f1959-3f72-49d5-8e59-f02f8aa6815d}
Successfully deleted the following from C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\3hc9qi2n.default\prefs.js

user_pref("extensions.crossrider.bic", "13c7c214609c53bad01615880db57d9f");
Emptied folder: C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\3hc9qi2n.default\minidumps [54 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 07/29/2013 at 21:25:08.44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.23.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Home :: HOME-PC [administrator]

7/29/2013 9:28:47 PM
mbam-log-2013-07-29 (21-28-47).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 560562
Time elapsed: 20 hour(s), 25 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
0
I thing when you scanning your system, it;s will not solving  your problem. I thing the problem is come from your HDD and your own RAM. Please replace your HDD with a new one and lets see the effect.
0

I have used CCLeaner in the past it works ok but I recently found a software that cleans and checks out your whole computer. The software that I use is PC Health Boost. You can get it here http://pccleanhealth.com/

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.