Hi 20Chuck02,
After preliminary preparation (uninstall and msconfig) we shall tell FRST to target the bad staff. TFC is there to preform some temp & cache cleaning as it should be done and after that I will need the fresh FRST log for for re-test/check.
First from Control Panel > Programs and Features you shall need to uninstall the following PUP:
Torchlight 2
From posted log I can see you have been use msconfig utility to disable few startup items. I’ll need you to enable this item as I shall script that for FRST as removal target.
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)[b]Pando Networks\Media Booster[/b]\PMB.exe
MSCONFIG\startupreg: SearchSettings => “C:\Program Files (x86)\Common Files[b]Spigot\Search Settings[/b]\SearchSettings.exe”
FRST’s FixList
1. Open notepad and copy/paste the text present inside the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
Start
File: C:\Users\Chuck\Downloads\DL OLD\my_network_speed\my_network_speed\My_Network_Speed.exe
Folder: C:\Windows\SysWOW64\AI_RecycleBin
C:\Users\Chuck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe
C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\f9g2vo6c.default\searchplugins\sweetim.xml
C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\f9g2vo6c.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
C:\Users\Chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
C:\Program Files (x86)\Common Files\Spigot
C:\Users\Chuck\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}
C:\Users\Chuck\AppData\Local\Temp\*.exe
C:\Program Files (x86)\Pando Networks
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10043&barid={14FBFE79-9B28-11E2-98EC-BC5FF45BBD7E}
SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10043&barid={14FBFE79-9B28-11E2-98EC-BC5FF45BBD7E}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10043&barid={14FBFE79-9B28-11E2-98EC-BC5FF45BBD7E}
SearchScopes: HKCU - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10043&barid={14FBFE79-9B28-11E2-98EC-BC5FF45BBD7E}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10043&barid={14FBFE79-9B28-11E2-98EC-BC5FF45BBD7E}
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-x32: Define - {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Users\Chuck\AppData\Local\DefineExt\temp.dat No File
FF Homepage: hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10043&barid={14FBFE79-9B28-11E2-98EC-BC5FF45BBD7E}
FF Homepage: hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10043&barid={14FBFE79-9B28-11E2-98EC-BC5FF45BBD7E}
FF Keyword.URL: hxxp://start.sweetpacks.com/?src=2&st=12&barid={14FBFE79-9B28-11E2-98EC-BC5FF45BBD7E}&q=
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\f9g2vo6c.default\searchplugins\sweetim.xml
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\f9g2vo6c.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2013-04-01]
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\Chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2013-04-01]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Chuck\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2013-04-01]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
HKU\S-1-5-21-3399705442-796983185-888733733-1000\...\MountPoints2: {5e98699c-01e5-11e3-bb41-bc5ff45bbd7e} - H:\TL-Bootstrap.exe
HKU\S-1-5-21-3399705442-796983185-888733733-1000\...\MountPoints2: {9f1241f4-7c7e-11e3-ab06-bc5ff45bbd7e} - H:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-3399705442-796983185-888733733-1000\...\MountPoints2: {cb9ea324-6dcb-11e2-96b5-bc5ff45bbd7e} - H:\ToolLauncher-Bootstrap.exe
HKU\S-1-5-21-3399705442-796983185-888733733-1000\...\MountPoints2: {e0d45140-6e5c-11e3-bfa7-bc5ff45bbd7e} - H:\VZW_Software_upgrade_assistant.exe
AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\Chuck:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\Users\Chuck\Application Data:gs5sys
AlternateDataStreams: C:\Users\Chuck\Cookies:gs5sys
AlternateDataStreams: C:\Users\Chuck\Local Settings:gs5sys
AlternateDataStreams: C:\Users\Chuck\Templates:gs5sys
AlternateDataStreams: C:\Users\Chuck\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\Chuck\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\Chuck\AppData\Local\Application Data:gs5sys
AlternateDataStreams: C:\Users\Chuck\AppData\Local\History:gs5sys
AlternateDataStreams: C:\Users\Chuck\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
REBOOT:
End
2. Save notepad as fixlist.txt to your Desktop.
NOTE: => It’s important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
3. Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply.
Note: If the tool warned you about the outdated version please download and run the updated version.
TempFileCleaner
Please download TFC by OldTimer to your desktop
[*]Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
[*]It will close all programs when run, so make sure you have saved all your work before you begin.
[*]Click the Start button to begin the process. Depending on how often you clean temp
files, execution time should be anywhere from a few seconds to a minute
or two. Let it run uninterrupted to completion.
[*]Once it’s finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.
Re-check / FRST Scan
Re-run FRST64 . . .
[*]Double-click to run it and press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.