Inactive Sweetpacks

C

circusboy01

Posts: 757   +16
Don't know if this is vi. or maL. but I still want it gone. I was able to uninstall it in IE, but I don't use IE, so who cares. It's installed in Google. looks like FF is not effected..I hunted for it in Programs and features, Revo, Geek, program files, and program Files 86. Please someone show me how to uninstall this crap. Thanks..
 
Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.05.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
RAYSOLEMA :: COMPZILLA [administrator]

6/5/2013 6:28:21 PM
mbam-log-2013-06-05 (18-28-21).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 310444
Time elapsed: 25 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 
Internet Explorer: 10.0.9200.16576
Run by RAYSOLEMA at 19:09:16 on 2013-06-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2571 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe
C:\Program Files\Start Menu X\StartMenuX.exe
C:\Program Files\desksware\Desktop iCalendar Lite\Desktop iCalendar Lite.exe
C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe
C:\Program Files (x86)\jmesoft\hotkey.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files (x86)\MyPC Backup\BackupStack.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\wuauclt.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={C8D2EF35-CD72-11E2-9EAB-4437E61E2439}
mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={C8D2EF35-CD72-11E2-9EAB-4437E61E2439}
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Best Buy pc app] C:\Users\RAYSOLEMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [pdiface] C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe -noshow
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
uRun: [StartMenuX] C:\Program Files\Start Menu X\StartMenuX.exe
uRun: [Desktop iCalendar Lite.exe] "C:\Program Files\desksware\Desktop iCalendar Lite\Desktop iCalendar Lite.exe"
uRunOnce: [TopArcadeHits420] cmd.exe /c rmdir "C:\Users\RAYSOLEMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits\" /s /q
uRunOnce: [TopArcadeHits341] cmd.exe /c reg delete HKCU\Software\AppDataLow\Software\toparcadehitsconfig /f
uRunOnce: [TopArcadeHits230] C:\Users\RAYSOLEMA\AppData\Local\Google\Chrome\Application\chrome.exe -uninstall-extension=gpdgdlcjhlbaphcjmagicjhhgfnkiihp
uRunOnce: [TopArcadeHits593] cmd.exe /c rmdir "C:\Users\RAYSOLEMA\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}" /s /q
uRunOnce: [TopArcadeHits95] cmd.exe /c rmdir "C:\Users\RAYSOLEMA\AppData\Roaming\Mozilla\Firefox\Profiles\etft6id9.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}" /s /q
uRunOnce: [SpybotDeletingF9353] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\default.xml"
uRunOnce: [SpybotDeletingF1187] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll"
uRunOnce: [SpybotDeletingF9401] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll"
uRunOnce: [SpybotDeletingF4687] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\about.html"
uRunOnce: [SpybotDeletingF7295] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\affid.dat"
uRunOnce: [SpybotDeletingF4511] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\basis.xml"
uRunOnce: [SpybotDeletingF8051] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\bing.png"
uRunOnce: [SpybotDeletingF1263] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png"
uRunOnce: [SpybotDeletingF5926] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js"
uRunOnce: [SpybotDeletingF5416] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif"
uRunOnce: [SpybotDeletingF7141] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif"
uRunOnce: [SpybotDeletingF8449] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dating.png"
uRunOnce: [SpybotDeletingF1799] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png"
uRunOnce: [SpybotDeletingF7226] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png"
uRunOnce: [SpybotDeletingF4517] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png"
uRunOnce: [SpybotDeletingF2353] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png"
uRunOnce: [SpybotDeletingF5116] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\find.png"
uRunOnce: [SpybotDeletingF6280] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png"
uRunOnce: [SpybotDeletingF8393] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\games.png"
uRunOnce: [SpybotDeletingF2543] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\glitter.png"
uRunOnce: [SpybotDeletingF9135] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\google.png"
uRunOnce: [SpybotDeletingF1218] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\help.png"
uRunOnce: [SpybotDeletingF4092] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\highlight.png"
uRunOnce: [SpybotDeletingF1475] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\locales.xml"
uRunOnce: [SpybotDeletingF4828] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png"
uRunOnce: [SpybotDeletingF1158] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png"
uRunOnce: [SpybotDeletingF8479] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png"
uRunOnce: [SpybotDeletingF779] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png"
uRunOnce: [SpybotDeletingF7236] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png"
uRunOnce: [SpybotDeletingF3028] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\music.png"
uRunOnce: [SpybotDeletingF2557] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\news.png"
uRunOnce: [SpybotDeletingF2445] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\options.html"
uRunOnce: [SpybotDeletingF5010] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\photos.png"
uRunOnce: [SpybotDeletingF3857] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png"
uRunOnce: [SpybotDeletingF6646] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\shopping.png"
uRunOnce: [SpybotDeletingF6992] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png"
uRunOnce: [SpybotDeletingF5068] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png"
uRunOnce: [SpybotDeletingF4102] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png"
uRunOnce: [SpybotDeletingF3786] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml"
uRunOnce: [SpybotDeletingF8452] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\video.png"
uRunOnce: [SpybotDeletingF2920] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-search.png"
uRunOnce: [SpybotDeletingF6136] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png"
uRunOnce: [SpybotDeletingF4941] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Users\RAYSOLEMA\AppData\Local\Wajam\Chrome\wajam.crx"
mRun: [LenovoFSC] C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe
mRun: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [jswtrayutil] "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe"
mRunOnce: [SpybotDeletingE9227] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\default.xml"
mRunOnce: [SpybotDeletingE4131] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll"
mRunOnce: [SpybotDeletingE2002] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll"
mRunOnce: [SpybotDeletingE2130] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\about.html"
mRunOnce: [SpybotDeletingE1016] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\affid.dat"
mRunOnce: [SpybotDeletingE9405] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\basis.xml"
mRunOnce: [SpybotDeletingE6976] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\bing.png"
mRunOnce: [SpybotDeletingE9549] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png"
mRunOnce: [SpybotDeletingE9486] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js"
mRunOnce: [SpybotDeletingE1628] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif"
mRunOnce: [SpybotDeletingE5157] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif"
mRunOnce: [SpybotDeletingE4231] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dating.png"
mRunOnce: [SpybotDeletingE1241] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png"
mRunOnce: [SpybotDeletingE6402] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png"
mRunOnce: [SpybotDeletingE8932] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png"
mRunOnce: [SpybotDeletingE4717] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png"
mRunOnce: [SpybotDeletingE5509] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\find.png"
mRunOnce: [SpybotDeletingE5103] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png"
mRunOnce: [SpybotDeletingE6356] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\games.png"
mRunOnce: [SpybotDeletingE6511] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\glitter.png"
mRunOnce: [SpybotDeletingE6175] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\google.png"
mRunOnce: [SpybotDeletingE7578] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\help.png"
mRunOnce: [SpybotDeletingE434] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\highlight.png"
mRunOnce: [SpybotDeletingE4577] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\locales.xml"
mRunOnce: [SpybotDeletingE622] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png"
mRunOnce: [SpybotDeletingE4618] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png"
mRunOnce: [SpybotDeletingE8373] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png"
mRunOnce: [SpybotDeletingE2712] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png"
mRunOnce: [SpybotDeletingE9360] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png"
mRunOnce: [SpybotDeletingE8173] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\music.png"
mRunOnce: [SpybotDeletingE2684] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\news.png"
mRunOnce: [SpybotDeletingE6538] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\options.html"
mRunOnce: [SpybotDeletingE7140] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\photos.png"
mRunOnce: [SpybotDeletingE9373] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png"
mRunOnce: [SpybotDeletingE4834] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\shopping.png"
mRunOnce: [SpybotDeletingE7667] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png"
mRunOnce: [SpybotDeletingE7339] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png"
mRunOnce: [SpybotDeletingE7246] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png"
mRunOnce: [SpybotDeletingE9810] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml"
mRunOnce: [SpybotDeletingE1076] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\video.png"
mRunOnce: [SpybotDeletingE9856] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-search.png"
mRunOnce: [SpybotDeletingE731] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png"
mRunOnce: [SpybotDeletingE2202] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Users\RAYSOLEMA\AppData\Local\Wajam\Chrome\wajam.crx"
dRunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage
StartupFolder: C:\Users\RAYSOL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MYPCBA~1.LNK - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1 4.2.2.2
TCP: Interfaces\{CD9995EC-69DC-45FB-9921-DB98A59C924B} : DHCPNameServer = 192.168.1.1 4.2.2.2
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [Unattend0000000001{BFA3D12B-66DD-4617-923A-E864BC7D20B5}] C:\Windows\test.bat
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\RAYSOLEMA\AppData\Roaming\Mozilla\Firefox\Profiles\etft6id9.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: keyword.URL - hxxp://start.sweetpacks.com/?src=2&st=12&crg=3.5000006.10045&barid={C8D2EF35-CD72-11E2-9EAB-4437E61E2439}&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
FF - ExtSQL: 2013-05-13 15:22; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-05-13 15:26; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\RAYSOLEMA\AppData\Roaming\Mozilla\Firefox\Profiles\etft6id9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-05-19 16:00; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; C:\Users\RAYSOLEMA\AppData\Roaming\Mozilla\Firefox\Profiles\etft6id9.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - ExtSQL: 2013-06-04 17:00; {EEE6C361-6118-11DC-9C72-001320C79847}; C:\Users\RAYSOLEMA\AppData\Roaming\Mozilla\Firefox\Profiles\etft6id9.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\windows\System32\drivers\aswRvrt.sys [2013-5-13 65336]
R0 aswVmm;aswVmm;C:\windows\System32\drivers\aswVmm.sys [2013-5-13 189936]
R0 SCMNdisP;General NDIS Protocol Driver;C:\windows\System32\drivers\SCMNdisP.sys [2013-5-23 25312]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2013-5-13 1025808]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2013-5-13 378432]
R1 JSWPSLWF;JumpStart Wireless Filter Driver;C:\windows\System32\drivers\jswpslwfx.sys [2013-5-23 26624]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-7 143088]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2013-5-13 33400]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2013-5-13 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-13 46808]
R2 BackupStack;Computer Backup (MyPC Backup);C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2013-5-31 32808]
R2 pdserv;Bitdefender 60-Second Virus Scanner Service;C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe \svc --> C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe \svc [?]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-4-16 39056]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-5-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-5-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-5-13 168384]
R2 WSWNA1100;WSWNA1100;C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [2013-5-23 278528]
R3 athur;Atheros AR9271 Wireless Network Adapter Service;C:\windows\System32\drivers\athurx.sys [2013-5-23 1827328]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2010-12-28 219136]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2010-12-28 215040]
R3 SuperIO;Lenovo ASD HWM Driver;C:\windows\System32\drivers\spio.sys [2009-6-5 11848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup;C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe [2013-5-23 954368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-5-16 19456]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;C:\windows\System32\drivers\Rtnic64.sys [2009-6-10 51712]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-5-16 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2013-5-14 1255736]
S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2013-06-05 08:00:15 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Roaming\2BrightSparks
2013-06-05 00:25:44 -------- d-----w- C:\Users\RAYSOLEMA\SyncFolder
2013-06-05 00:03:13 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2013-06-05 00:01:27 33958 ----a-w- C:\ProgramData\uninstaller.exe
2013-06-04 23:59:37 829264 ----a-w- C:\windows\System32\msvcr100.dll
2013-06-04 23:59:37 608080 ----a-w- C:\windows\System32\msvcp100.dll
2013-06-04 23:59:35 -------- d-----w- C:\windows\SysWow64\WNLT
2013-06-04 20:45:23 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1AA1130F-9224-4DB0-A448-C728FA0FC1D8}\offreg.dll
2013-06-04 20:44:57 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1AA1130F-9224-4DB0-A448-C728FA0FC1D8}\mpengine.dll
2013-06-02 00:42:26 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Local\Amazon
2013-05-28 21:05:32 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Roaming\desksware
2013-05-28 21:05:32 -------- d-----w- C:\Program Files\desksware
2013-05-26 21:35:16 -------- d-----w- C:\Program Files (x86)\Belarc
2013-05-25 02:47:15 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Local\Google
2013-05-24 10:20:07 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Roaming\StartMenuX
2013-05-24 10:20:07 -------- d-----w- C:\ProgramData\StartMenuX
2013-05-24 10:20:07 -------- d-----w- C:\Program Files\Start Menu X
2013-05-23 20:23:54 393728 ----a-w- C:\Program Files (x86)\Windows Media Player\Plugins\wmp_scrobbler.dll
2013-05-23 20:23:54 -------- d-----w- C:\ProgramData\Last.fm
2013-05-23 20:22:16 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Local\Last.fm
2013-05-23 20:22:16 -------- d-----w- C:\Program Files (x86)\Last.fm
2013-05-23 14:06:59 26624 ----a-w- C:\windows\System32\drivers\jswpslwfx.sys
2013-05-23 14:06:59 25312 ----a-w- C:\windows\System32\drivers\SCMNdisP.sys
2013-05-23 14:06:59 1827328 ----a-w- C:\windows\System32\drivers\athurx.sys
2013-05-23 14:06:57 -------- d-----w- C:\Program Files (x86)\NETGEAR
2013-05-22 15:21:06 4325376 ----a-w- C:\ProgramData\ReadOnlyInstaller.msi
2013-05-20 06:01:44 -------- d-----w- C:\Program Files\Unlocker
2013-05-17 09:38:11 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-05-16 10:09:55 9728 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-15 23:17:35 983400 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys
2013-05-15 23:15:57 68608 ----a-w- C:\windows\System32\taskhost.exe
2013-05-15 20:25:08 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Local\Adobe
2013-05-15 11:12:13 -------- d-----w- C:\windows\System32\SPReview
2013-05-15 11:11:52 -------- d-----w- C:\windows\System32\EventProviders
2013-05-15 11:07:59 849920 ----a-w- C:\windows\System32\qmgr.dll
2013-05-15 11:06:59 777728 ----a-w- C:\windows\System32\autochk.exe
2013-05-15 11:05:59 69632 ----a-w- C:\windows\SysWow64\tlscsp.dll
2013-05-15 11:03:59 529408 ----a-w- C:\windows\System32\wbemcomn.dll
2013-05-15 11:03:59 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2013-05-15 11:03:50 244736 ----a-w- C:\windows\System32\sqmapi.dll
2013-05-15 03:38:50 262552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2013-05-15 01:55:24 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Local\Microsoft Games
2013-05-14 21:52:55 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Roaming\Geek Uninstaller
2013-05-14 21:49:09 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2013-05-14 20:35:27 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-05-14 18:59:12 48355 ----a-w- C:\ProgramData\1368557930.bdinstall.bin
2013-05-14 18:59:01 -------- d-----w- C:\Program Files\Bitdefender
2013-05-14 10:19:00 -------- d-----w- C:\windows\SysWow64\Wat
2013-05-14 10:19:00 -------- d-----w- C:\windows\System32\Wat
2013-05-14 07:52:31 2560 ----a-w- C:\windows\System32\drivers\en-US\wdf01000.sys.mui
2013-05-14 07:52:30 9728 ----a-w- C:\windows\System32\Wdfres.dll
2013-05-14 07:52:30 785512 ----a-w- C:\windows\System32\drivers\Wdf01000.sys
2013-05-14 07:52:30 54376 ----a-w- C:\windows\System32\drivers\WdfLdr.sys
2013-05-14 07:37:21 70656 ----a-w- C:\windows\SysWow64\fontsub.dll
2013-05-14 07:37:21 46080 ----a-w- C:\windows\System32\atmlib.dll
2013-05-14 07:37:21 367616 ----a-w- C:\windows\System32\atmfd.dll
2013-05-14 07:37:21 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2013-05-14 07:37:21 295424 ----a-w- C:\windows\SysWow64\atmfd.dll
2013-05-14 07:37:21 100864 ----a-w- C:\windows\System32\fontsub.dll
2013-05-14 07:36:41 87040 ----a-w- C:\windows\System32\drivers\WUDFPf.sys
2013-05-14 07:36:41 198656 ----a-w- C:\windows\System32\drivers\WUDFRd.sys
2013-05-14 07:36:40 84992 ----a-w- C:\windows\System32\WUDFSvc.dll
2013-05-14 07:36:40 194048 ----a-w- C:\windows\System32\WUDFPlatform.dll
2013-05-14 07:36:39 744448 ----a-w- C:\windows\System32\WUDFx.dll
2013-05-14 07:36:39 45056 ----a-w- C:\windows\System32\WUDFCoinstaller.dll
2013-05-14 07:36:39 229888 ----a-w- C:\windows\System32\WUDFHost.exe
2013-05-14 07:34:16 81408 ----a-w- C:\windows\System32\imagehlp.dll
2013-05-14 07:34:16 23408 ----a-w- C:\windows\System32\drivers\fs_rec.sys
2013-05-14 07:34:15 5120 ----a-w- C:\windows\SysWow64\wmi.dll
2013-05-14 07:34:15 5120 ----a-w- C:\windows\System32\wmi.dll
2013-05-14 07:34:15 159232 ----a-w- C:\windows\SysWow64\imagehlp.dll
2013-05-14 07:32:11 95744 ----a-w- C:\windows\System32\synceng.dll
2013-05-14 07:32:11 78336 ----a-w- C:\windows\SysWow64\synceng.dll
2013-05-14 07:32:10 503808 ----a-w- C:\windows\System32\srcore.dll
2013-05-14 07:32:09 43008 ----a-w- C:\windows\SysWow64\srclient.dll
2013-05-14 07:32:09 296960 ----a-w- C:\windows\System32\rstrui.exe
2013-05-14 07:32:08 634880 ----a-w- C:\windows\System32\msvcrt.dll
2013-05-14 07:32:07 690688 ----a-w- C:\windows\SysWow64\msvcrt.dll
2013-05-14 07:30:41 46592 ----a-w- C:\windows\SysWow64\fpb.rs
2013-05-14 07:29:55 509952 ----a-w- C:\windows\System32\ntshrui.dll
2013-05-14 07:28:59 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2013-05-14 07:27:48 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-05-14 07:26:59 1359872 ----a-w- C:\windows\System32\mfc42u.dll
2013-05-14 07:25:26 395776 ----a-w- C:\windows\System32\webio.dll
2013-05-14 07:24:20 183296 ----a-w- C:\windows\System32\dnsrslvr.dll
2013-05-14 07:24:19 30208 ----a-w- C:\windows\System32\dnscacheugc.exe
2013-05-14 07:24:19 28672 ----a-w- C:\windows\SysWow64\dnscacheugc.exe
2013-05-14 07:24:18 1731920 ----a-w- C:\windows\System32\ntdll.dll
2013-05-14 07:24:18 1292080 ----a-w- C:\windows\SysWow64\ntdll.dll
2013-05-14 07:24:17 515584 ----a-w- C:\windows\System32\timedate.cpl
2013-05-14 07:24:17 478720 ----a-w- C:\windows\SysWow64\timedate.cpl
2013-05-14 07:18:51 1464320 ----a-w- C:\windows\System32\crypt32.dll
2013-05-14 07:18:51 1159680 ----a-w- C:\windows\SysWow64\crypt32.dll
2013-05-14 07:18:50 184320 ----a-w- C:\windows\System32\cryptsvc.dll
2013-05-14 07:18:50 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll
2013-05-14 07:18:50 140288 ----a-w- C:\windows\System32\cryptnet.dll
2013-05-14 07:18:49 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
2013-05-14 07:15:35 163504 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin
2013-05-14 07:13:18 77312 ----a-w- C:\windows\System32\packager.dll
2013-05-14 07:13:18 67072 ----a-w- C:\windows\SysWow64\packager.dll
2013-05-14 02:42:46 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Roaming\RealNetworks
2013-05-14 02:42:29 -------- d-----w- C:\Program Files (x86)\RealNetworks
2013-05-14 02:42:28 -------- d-----w- C:\ProgramData\RealNetworks
2013-05-14 02:42:21 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2013-05-14 02:42:09 499712 ----a-w- C:\windows\SysWow64\msvcp71.dll
2013-05-14 02:42:09 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll
2013-05-13 23:26:38 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-05-13 23:26:30 17272 ----a-w- C:\windows\System32\sdnclean64.exe
2013-05-13 23:26:25 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-05-13 23:16:08 -------- d-----w- C:\ProgramData\Licenses
2013-05-13 23:16:05 129872 ----a-w- C:\windows\SysWow64\MSSTDFMT.DLL
2013-05-13 23:16:05 1070352 ----a-w- C:\windows\SysWow64\MSCOMCTL.OCX
2013-05-13 23:16:05 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
2013-05-13 23:05:37 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Roaming\SUPERAntiSpyware.com
2013-05-13 23:05:32 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2013-05-13 22:59:27 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Roaming\Malwarebytes
2013-05-13 22:59:07 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2013-05-13 22:59:07 -------- d-----w- C:\ProgramData\Malwarebytes
2013-05-13 22:59:06 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-13 22:58:37 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Local\Programs
2013-05-13 22:45:14 -------- d-----w- C:\Program Files\CCleaner
2013-05-13 22:32:59 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Local\Macromedia
2013-05-13 22:30:17 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-13 22:30:17 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-05-13 22:22:47 72016 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2013-05-13 22:22:47 1025808 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2013-05-13 22:22:45 189936 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2013-05-13 22:22:44 65336 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2013-05-13 22:22:43 80816 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2013-05-13 22:22:10 41664 ----a-w- C:\windows\avastSS.scr
2013-05-13 22:21:59 -------- d-----w- C:\Program Files\AVAST Software
2013-05-13 22:20:24 -------- d-----w- C:\ProgramData\AVAST Software
2013-05-13 21:51:24 278800 ------w- C:\windows\System32\MpSigStub.exe
2013-05-13 21:43:05 826880 ----a-w- C:\windows\SysWow64\rdpcore.dll
2013-05-13 21:43:05 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys
2013-05-13 21:43:05 1031680 ----a-w- C:\windows\System32\rdpcore.dll
2013-05-13 21:39:48 2622464 ----a-w- C:\windows\System32\wucltux.dll
2013-05-13 21:39:45 99840 ----a-w- C:\windows\System32\wudriver.dll
2013-05-13 21:39:42 36864 ----a-w- C:\windows\System32\wuapp.exe
2013-05-13 21:39:42 186752 ----a-w- C:\windows\System32\wuwebv.dll
2013-05-13 21:34:45 -------- d-----w- C:\temp
2013-05-13 21:33:28 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Local\Best Buy pc app
2013-05-13 21:28:34 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Local\Diagnostics
2013-05-13 21:27:17 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Local\Deployment
2013-05-13 21:27:17 -------- d-----w- C:\Users\RAYSOLEMA\AppData\Local\Apps
.
==================== Find3M ====================
.
2013-05-16 10:09:55 9728 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-15 11:18:45 175616 ----a-w- C:\windows\System32\msclmd.dll
2013-05-15 11:18:45 152576 ----a-w- C:\windows\SysWow64\msclmd.dll
2013-04-13 05:49:23 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54 265064 ----a-w- C:\windows\System32\drivers\dxgmms1.sys
2013-04-10 03:30:50 3153920 ----a-w- C:\windows\System32\win32k.sys
2013-03-19 05:53:58 48640 ----a-w- C:\windows\System32\wwanprotdim.dll
2013-03-19 05:53:58 230400 ----a-w- C:\windows\System32\wwansvc.dll
2013-03-19 05:46:56 43520 ----a-w- C:\windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\windows\System32\smss.exe
.
Here's the 2 logs. I'll wait for further instructions.

Broni; I just realized, if I read it right, that you didn't want me to send these logs. You wanted me to put them in a zip file, and only send them if you asked for them. If I didn't do it that way they wouldn't get read. Broni. I haven't got a clue how to put them in a zip file. If you refuse to read them , as I have sent them to you. Please let me know, and I'll try to figure out another way to get rid of Sweetpacks. Perhaps restore to an earlier time. No hard feelings
 
I don't want you to zip anything.
I need you to paste Attach.txt log into your next reply.
 
Saw a desktop shortcut named Attach. It would copy but it would not paste to here. There was also a dds shortcut. It wouldn't paste either.
I did copy and paste the dds file to you right after it was created.
 
It would copy but it would not paste to here
Click to expand...
You need to open Attach.txt file in Notepad copy all its content and paste it into your next reply.
 
Broni, I typed notebook in the start up window.Then I dragged and dropped the icon to the desk top[ I double clicked it nothing happened I double clicked it again. it opened up twice. One blank, and one over the first one with the attach file in it. I copied it But, just like before, it would not paste.. Broni, I know you have other things to do. so you can't be leading me through each step like a child. I remember, quite a while back, you tried to help me with something, and I just messed that up too.So I'm just going to let you get back to whatever you were doing before I wasted your time. I'm just going to try bringing my PC back to an earlier time. Thanks for trying to help..
 
You were able to paste DDS.txt file.
What do you mean you can't paste.
What happens when you try?
 
The word paste is faded out and wont work. But that's okay. bringing my PC back to an earlier time worked.. Google Chrome wouldn't work because the files were missing. But that was no big deal I just reinstalled it, and now it's clean as a whistle. Thanks again for trying to help.
 
You must log in or register to reply here.

Similar threads

E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
512
eriksnyman1
E
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
Bob O'Donnell
As cloud computing evolves, Amazon's AWS looks for its role in generative AI
Replies
0
Views
81
Bob O'Donnell
Bob O'Donnell

Latest posts

Back