Please help in:
1. Getting rid of SpyHunter and all of their associated software.
2. Getting rid of Bing and any associated software (Updater by SweetPacks and perhaps Gimp) - I had and want Google as my search engine.
3. Finding out what is causing the high disc usage. The disc runs all the time, like perhaps someone else is also using my computer.
Your help is appreciated. My log is below
Thanks
Eric
OTL logfile created on: 25/03/2013 7:59:34 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eric Shrode\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy
3.99 Gb Total Physical Memory | 1.09 Gb Available Physical Memory | 27.27% Memory free
8.15 Gb Paging File | 4.86 Gb Available in Paging File | 59.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 296.62 Gb Total Space | 83.53 Gb Free Space | 28.16% Space Free | Partition Type: NTFS
Computer Name: ERICSHRODE-PC | User Name: Eric Shrode | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/03/25 07:44:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eric Shrode\Downloads\OTL(1).exe
PRC - [2013/03/13 15:02:09 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013/03/07 17:40:50 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/02/28 13:37:14 | 000,188,760 | ---- | M] () -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
PRC - [2013/01/20 12:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\Eric Shrode\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/12/05 13:22:40 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012/12/05 13:22:38 | 000,247,768 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/06/15 19:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.4.1.14\ccsvchst.exe
PRC - [2010/10/27 11:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 02:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/27 00:40:58 | 000,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2008/09/12 06:01:28 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/09/12 06:01:24 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/02/14 12:08:30 | 000,184,320 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe
PRC - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2008/01/21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/01/09 15:02:08 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
PRC - [2007/12/25 14:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2007/12/25 14:06:52 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2007/12/13 20:52:00 | 000,143,360 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe
PRC - [2007/10/23 17:27:16 | 000,066,928 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
PRC - [2007/06/15 03:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\Windows\SysWOW64\bgsvcgen.exe
PRC - [2007/01/25 19:47:50 | 000,136,816 | ---- | M] () -- C:\Toshiba\IVP\ISM\pinger.exe
PRC - [2006/08/23 17:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (No Company Name) ==========
MOD - [2013/03/13 15:02:08 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013/03/07 17:40:49 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/01/10 03:48:11 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll
MOD - [2013/01/10 03:48:08 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\8d9e9637288c38ba02a244a8c12064da\System.Xml.ni.dll
MOD - [2013/01/10 03:46:22 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/10 03:46:13 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2012/10/11 21:56:46 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/10/11 21:56:22 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/10/05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2010/09/27 04:12:30 | 002,236,416 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll
MOD - [2010/09/27 04:12:30 | 001,396,736 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll
MOD - [2010/09/27 04:12:30 | 000,868,352 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll
MOD - [2010/09/27 04:12:30 | 000,847,872 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll
MOD - [2010/09/27 04:12:30 | 000,782,336 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll
MOD - [2010/09/27 04:12:30 | 000,688,128 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2010/09/27 04:12:30 | 000,528,384 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll
MOD - [2010/09/27 04:12:30 | 000,462,848 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll
MOD - [2010/09/27 04:12:30 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2010/09/27 04:12:30 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll
MOD - [2010/09/27 04:12:30 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2010/09/27 04:12:29 | 000,471,040 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\ESCom.dll
MOD - [2010/09/27 04:12:29 | 000,406,016 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\KFx.dll
MOD - [2010/09/27 04:12:29 | 000,129,536 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2010/09/27 04:12:29 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2010/09/27 04:12:29 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2010/09/27 04:12:29 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2010/09/27 04:12:29 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2010/09/27 04:12:29 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2010/09/27 04:12:28 | 011,503,616 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2010/09/27 04:12:28 | 001,564,672 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\areaifdll.dll
MOD - [2010/09/27 04:12:28 | 000,761,856 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx
MOD - [2010/09/27 04:12:28 | 000,684,032 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2010/09/27 04:12:28 | 000,356,352 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2010/09/27 04:12:28 | 000,339,968 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2010/09/27 04:12:28 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2010/09/27 04:12:28 | 000,264,192 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2010/09/27 04:12:28 | 000,233,984 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2010/09/27 04:12:28 | 000,171,520 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2010/09/27 04:12:28 | 000,152,576 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2010/09/27 04:12:28 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2010/09/27 04:12:28 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2010/09/27 04:12:28 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2010/09/27 04:12:27 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2010/09/27 04:08:03 | 000,430,080 | ---- | M] () -- C:\Windows\assembly\GAC_32\WicFileFormat-PlatOpt\1.0.5227.4054__b0cfd8589c27b05f\WicFileFormat-PlatOpt.dll
MOD - [2010/09/27 04:08:03 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\VirtualCollectionBase-Defs-PlatReq\1.0.5227.4054__b0cfd8589c27b05f\VirtualCollectionBase-Defs-PlatReq.dll
MOD - [2008/01/02 21:27:40 | 000,761,856 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008/01/02 21:27:38 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvcPS.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013/02/28 13:37:14 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe -- (Updater By SweetPacks)
SRV:64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008/01/17 16:29:48 | 000,434,016 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2007/12/11 11:11:30 | 000,015,872 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2007/12/03 17:04:48 | 000,175,104 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV:64bit: - [2007/11/21 17:53:16 | 000,135,168 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2013/03/13 15:02:10 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/07 17:40:50 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/05 13:22:40 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/15 19:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.4.1.14\ccSvcHst.exe -- (N360)
SRV - [2010/03/18 04:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 02:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/29 15:40:16 | 001,043,584 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/03/29 21:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/12 06:01:28 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008/01/21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007/12/25 14:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007/10/23 17:27:16 | 000,066,928 | ---- | M] () [Auto | Running] -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2007/09/28 17:06:42 | 000,168,296 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/09/24 18:38:00 | 000,181,784 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/09/12 18:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/06/15 03:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen)
SRV - [2007/01/25 19:47:50 | 000,136,816 | ---- | M] () [Auto | Running] -- C:\Toshiba\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/08/23 17:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/09/28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/05 19:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604010.00E\SRTSPX64.SYS -- (SRTSPX)
DRV:64bit: - [2012/07/05 19:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\0604010.00E\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2012/06/11 17:23:53 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/06/06 21:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604010.00E\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/05/21 18:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604010.00E\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2012/03/28 23:28:38 | 000,445,560 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0604010.00E\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2012/03/28 23:28:25 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604010.00E\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2012/03/28 23:06:25 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604010.00E\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2012/02/29 06:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/02 17:17:20 | 000,013,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2009/09/30 17:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/04/10 22:03:32 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/02/12 07:11:26 | 000,026,024 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dddskx64.sys -- (ElRawDisk)
DRV:64bit: - [2008/09/12 05:48:26 | 000,406,040 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/03/14 17:42:48 | 000,030,208 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\AegisP.sys -- (AegisP)
DRV:64bit: - [2008/02/29 14:59:32 | 001,252,352 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/02/21 10:24:20 | 000,062,976 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2008/02/14 15:56:14 | 000,160,768 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/01/21 15:42:26 | 000,531,968 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2008/01/20 19:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2007/12/20 16:10:50 | 000,028,200 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2007/12/06 19:12:56 | 000,320,048 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2007/11/09 14:00:30 | 000,026,968 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2007/09/26 06:19:08 | 003,196,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw4v64.sys -- (NETw4v64)
DRV:64bit: - [2007/09/13 14:27:10 | 007,041,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2007/07/27 19:45:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2007/07/26 20:33:54 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2007/03/16 00:04:10 | 000,055,808 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\mr7910.sys -- (mr7910)
DRV:64bit: - [2006/11/19 23:11:06 | 000,008,704 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2006/11/08 23:34:00 | 000,237,568 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\kr10n64.sys -- (KR10N64)
DRV:64bit: - [2006/11/08 23:33:00 | 000,248,320 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\kr10i64.sys -- (KR10I64)
DRV:64bit: - [2006/10/23 17:33:08 | 000,018,944 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2006/10/19 13:10:40 | 000,027,456 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tdcmdpst.sys -- (tdcmdpst)
DRV - [2013/01/19 08:50:17 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20130324.007\ex64.sys -- (NAVEX15)
DRV - [2013/01/19 08:50:17 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/01/19 08:50:17 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20130324.007\eng64.sys -- (NAVENG)
DRV - [2013/01/15 19:51:11 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20130301.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/09/06 04:54:30 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20130322.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/09 07:03:38 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {2C0F3558-E9DA-47A3-93E5-8C5CE56AD563}
IE:64bit: - HKLM\..\SearchScopes\{2C0F3558-E9DA-47A3-93E5-8C5CE56AD563}: "URL" = http://www.google.co...ge={startPage};
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...A-001E333B0C38}
IE - HKLM\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{7CC94BCA-8E5E-4FAD-ACE5-798C208642BC}: "URL" = http://www.google.co...age={startPage}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...A-001E333B0C38}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {2C0F3558-E9DA-47A3-93E5-8C5CE56AD563}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...search&AF=14542
IE - HKCU\..\SearchScopes\{2C0F3558-E9DA-47A3-93E5-8C5CE56AD563}: "URL" = http://www.google.co...ie7&rlz=1I7SKPB
IE - HKCU\..\SearchScopes\{7CC94BCA-8E5E-4FAD-ACE5-798C208642BC}: "URL" = http://www.google.co...age={startPage}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...A-001E333B0C38}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://start.sweetpa...-001E333B0C38}"
FF - prefs.js..extensions.enabledAddons: 41ed8dee-33ed-4769-bdf4-2707c4199b97%4045a3c648-db86-4b41-92e2-a77bbbf91f1d.com:0.91.6
FF - prefs.js..extensions.enabledAddons: %7BEEE6C361-6118-11DC-9C72-001320C79847%7D:1.12.0.0
FF - prefs.js..extensions.enabledAddons: tidynetwork%40tidynetwork:4.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..keyword.URL: "http://start.sweetpa...1E333B0C38}&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Eric Shrode\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX [2013/03/23 12:46:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/29 05:08:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\IPSFFPlgn\ [2012/06/11 17:31:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\coFFPlgn\ [2013/03/20 03:18:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/07 17:40:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/07 17:40:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/29 05:08:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/07 17:40:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/07 17:40:44 | 000,000,000 | ---D | M]
[2008/12/17 00:16:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\Extensions
[2008/12/17 00:16:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\Extensions\{6334D996-EA3E-4a0e-AA8D-15BA56B37241}
[2008/06/14 11:48:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\Extensions\[email protected]
[2013/03/23 12:46:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\Firefox\Profiles\wxk3tk2l.default\extensions
[2010/10/25 23:47:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\Firefox\Profiles\wxk3tk2l.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/02/28 13:55:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\Firefox\Profiles\wxk3tk2l.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/10/27 10:02:52 | 000,000,000 | ---D | M] (WebSlingPlayer) -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\Firefox\Profiles\wxk3tk2l.default\extensions\{9EB34849-81D3-4841-939D-666D522B889A}
[2013/03/04 08:03:09 | 000,000,000 | ---D | M] (BBB003 Community Toolbar) -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\Firefox\Profiles\wxk3tk2l.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}
[2013/03/23 12:45:20 | 000,000,000 | ---D | M] ("Discount Buddy") -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\Firefox\Profiles\wxk3tk2l.default\extensions\41ed8dee-33ed-4769-bdf4-2707c4199b97@45a3c648-db86-4b41-92e2-a77bbbf91f1d.com
[2013/03/23 12:44:44 | 000,000,000 | ---D | M] (DownloadTerms) -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\Firefox\Profiles\wxk3tk2l.default\extensions\[email protected]
[2011/03/30 03:27:37 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\Firefox\Profiles\wxk3tk2l.default\extensions\[email protected]
[2011/08/31 13:47:40 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\Firefox\Profiles\wxk3tk2l.default\extensions\[email protected]
[2012/02/09 13:30:26 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\Firefox\Profiles\wxk3tk2l.default\extensions\[email protected]
[2013/03/23 12:45:05 | 000,000,000 | ---D | M] (Tidy Network) -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\Firefox\Profiles\wxk3tk2l.default\extensions\tidynetwork@tidynetwork
[2013/03/23 12:45:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\Firefox\Profiles\wxk3tk2l.default\extensions\41ed8dee-33ed-4769-bdf4-2707c4199b97@45a3c648-db86-4b41-92e2-a77bbbf91f1d.com\chrome\content\extensionCode
[2013/03/23 12:46:17 | 000,195,574 | ---- | M] () (No name found) -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\firefox\profiles\wxk3tk2l.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012/02/15 10:25:24 | 000,002,469 | ---- | M] () -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\firefox\profiles\wxk3tk2l.default\searchplugins\safesearch.xml
[2013/03/23 12:48:11 | 000,001,720 | ---- | M] () -- C:\Users\Eric Shrode\AppData\Roaming\mozilla\firefox\profiles\wxk3tk2l.default\searchplugins\sweetim.xml
[2013/03/23 12:44:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/23 12:44:44 | 000,000,000 | ---D | M] (DownloadTerms) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/03/07 17:40:50 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/05/03 19:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/12/17 01:33:40 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/09/08 18:57:10 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/02/20 08:30:50 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://start.sweetpa...A-001E333B0C38}
CHR - Extension: No name found = C:\Users\Eric Shrode\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: No name found = C:\Users\Eric Shrode\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\Eric Shrode\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\
CHR - Extension: Updater By SweetPacks = C:\Users\Eric Shrode\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.566_0\
CHR - Extension: No name found = C:\Users\Eric Shrode\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.6_0\crossrider
CHR - Extension: No name found = C:\Users\Eric Shrode\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.6_0\
CHR - Extension: No name found = C:\Users\Eric Shrode\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh\1_0\
CHR - Extension: No name found = C:\Users\Eric Shrode\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
CHR - Extension: No name found = C:\Users\Eric Shrode\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: No name found = C:\Users\Eric Shrode\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\Eric Shrode\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\
CHR - Extension: Updater By SweetPacks = C:\Users\Eric Shrode\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.566_0\
CHR - Extension: No name found = C:\Users\Eric Shrode\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.6_0\crossrider
CHR - Extension: No name found = C:\Users\Eric Shrode\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.6_0\
CHR - Extension: No name found = C:\Users\Eric Shrode\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh\1_0\
CHR - Extension: No name found = C:\Users\Eric Shrode\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2011/12/29 13:25:37 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension64.dll ()
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Discount Buddy) - {11111111-1111-1111-1111-110211671166} - C:\Program Files (x86)\Discount Buddy\Discount Buddy.dll (215 Apps)
O2 - BHO: (DownloadTerms) - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\Eric Shrode\AppData\Local\DownloadTerms\temp.dat ()
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.4.1.14\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.4.1.14\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (no name) - {7736C7FA-512D-11E2-B871-DEC36088709B} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O2 - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.4.1.14\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (myBabylon English Toolbar) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [PCMAgent] C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Users\Eric Shrode\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Eric Shrode\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: berlitzonline.com ([tmm] http in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([accounts] https in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7AA98DF9-3F80-402C-B9F4-A8C73C9F0033}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Eric Shrode\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/03/24 15:01:29 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/03/24 15:00:30 | 000,000,000 | ---D | C] -- C:\Users\Eric Shrode\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2013/03/24 15:00:28 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013/03/24 15:00:28 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/03/23 14:54:26 | 000,000,000 | ---D | C] -- C:\Users\Eric Shrode\Documents\Eric's Emporiium
[2013/03/23 13:00:54 | 000,000,000 | ---D | C] -- C:\Users\Eric Shrode\AppData\Roaming\gtk-2.0
[2013/03/23 13:00:36 | 000,000,000 | ---D | C] -- C:\Users\Eric Shrode\.thumbnails
[2013/03/23 12:52:19 | 000,000,000 | ---D | C] -- C:\Users\Eric Shrode\Documents\gegl-0.0
[2013/03/23 12:52:19 | 000,000,000 | ---D | C] -- C:\Users\Eric Shrode\.gimp-2.6
[2013/03/23 12:47:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2013/03/23 12:47:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0
[2013/03/23 12:47:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
[2013/03/23 12:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\Updater By SweetPacks
[2013/03/23 12:45:32 | 000,000,000 | ---D | C] -- C:\Users\Eric Shrode\AppData\Local\Discount Buddy
[2013/03/23 12:45:25 | 000,000,000 | ---D | C] -- C:\Users\Eric Shrode\AppData\Local\Updater26766
[2013/03/23 12:45:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Discount Buddy
[2013/03/23 12:45:00 | 000,000,000 | ---D | C] -- C:\Users\Eric Shrode\AppData\Local\TidyNetwork.com
[2013/03/23 12:44:42 | 000,000,000 | ---D | C] -- C:\Users\Eric Shrode\AppData\Local\DownloadTerms
[2013/03/13 12:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ETTB
[2013/03/07 17:40:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/02/26 22:40:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
[2013/02/25 12:40:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2012
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/03/25 08:01:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/25 07:35:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/25 05:51:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/24 23:27:59 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/24 23:27:59 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/24 16:35:46 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/24 15:01:29 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013/03/24 15:00:31 | 000,002,112 | ---- | M] () -- C:\Users\Eric Shrode\Desktop\SpyHunter.lnk
[2013/03/24 09:46:19 | 000,000,629 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/03/23 14:52:02 | 000,117,220 | ---- | M] () -- C:\Users\Eric Shrode\Documents\Erics emporium.jpg
[2013/03/23 14:20:28 | 000,707,584 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/23 14:20:28 | 000,607,656 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/23 14:20:28 | 000,105,264 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/23 13:29:40 | 000,001,556 | ---- | M] () -- C:\Users\Eric Shrode\.recently-used.xbel
[2013/03/23 12:47:53 | 000,000,941 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2013/03/16 06:51:21 | 000,006,540 | ---- | M] () -- C:\Users\Eric Shrode\AppData\Local\d3d9caps.dat
[2013/03/14 11:39:03 | 000,002,036 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/13 12:41:01 | 000,000,492 | ---- | M] () -- C:\DefragData.xml
[2013/03/11 16:06:48 | 000,000,227 | ---- | M] () -- C:\Users\Eric Shrode\Desktop\Sound - Shortcut.lnk
[2013/02/28 15:18:38 | 005,309,931 | ---- | M] () -- C:\Users\Eric Shrode\Documents\P1080170.JPG
[2013/02/26 11:05:22 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/26 10:14:07 | 003,030,104 | ---- | M] () -- C:\Users\Eric Shrode\Documents\2011 Tax Returns for our files.eml
[2013/02/25 12:40:11 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\TurboTax 2012.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/03/24 15:01:29 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013/03/24 15:00:31 | 000,002,112 | ---- | C] () -- C:\Users\Eric Shrode\Desktop\SpyHunter.lnk
[2013/03/23 14:52:55 | 000,117,220 | ---- | C] () -- C:\Users\Eric Shrode\Documents\Erics emporium.jpg
[2013/03/23 13:29:40 | 000,001,556 | ---- | C] () -- C:\Users\Eric Shrode\.recently-used.xbel
[2013/03/23 12:47:52 | 000,000,941 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2013/03/13 12:41:01 | 000,000,492 | ---- | C] () -- C:\DefragData.xml
[2013/03/11 16:06:48 | 000,000,227 | ---- | C] () -- C:\Users\Eric Shrode\Desktop\Sound - Shortcut.lnk
[2013/02/28 16:04:28 | 005,309,931 | ---- | C] () -- C:\Users\Eric Shrode\Documents\P1080170.JPG
[2013/02/26 10:14:06 | 003,030,104 | ---- | C] () -- C:\Users\Eric Shrode\Documents\2011 Tax Returns for our files.eml
[2013/02/25 12:40:11 | 000,001,894 | ---- | C] () -- C:\Users\Public\Desktop\TurboTax 2012.lnk
[2012/04/15 13:20:29 | 000,000,629 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/03/29 12:15:23 | 000,001,159 | ---- | C] () -- C:\Windows\hpomdl42.dat.temp
[2012/01/05 17:32:07 | 000,000,067 | ---- | C] () -- C:\Windows\swupdate.INI
[2011/12/28 15:53:27 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/12/28 15:53:27 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/12/28 15:53:27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/12/28 15:53:27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/12/28 15:53:27 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/10/31 11:47:40 | 000,178,718 | ---- | C] () -- C:\Windows\hpwins20.dat
[2011/02/26 00:34:27 | 000,000,732 | ---- | C] () -- C:\Users\Eric Shrode\AppData\Local\d3d9caps64.dat
[2010/08/30 08:20:30 | 000,006,540 | ---- | C] () -- C:\Users\Eric Shrode\AppData\Local\d3d9caps.dat
[2010/02/11 02:53:53 | 000,031,049 | ---- | C] () -- C:\Users\Eric Shrode\AppData\Roaming\UserTile.png
[2009/01/29 05:38:50 | 000,884,802 | ---- | C] () -- C:\Users\Eric Shrode\keychain pictures.itc
[2008/05/26 16:09:31 | 000,002,975 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2008/05/07 18:29:43 | 000,019,456 | ---- | C] () -- C:\Users\Eric Shrode\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006/11/02 08:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 10:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 00:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 19:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2010/03/29 05:29:07 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\Amazon
[2009/01/07 10:18:40 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/03/24 09:27:44 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\Dropbox
[2010/06/01 04:11:25 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\ESET
[2010/03/05 01:44:11 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\Facebook
[2011/01/13 03:52:07 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\GetRightToGo
[2013/03/23 13:54:19 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\gtk-2.0
[2008/05/26 16:21:02 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\Image Zone Express
[2008/12/17 00:16:55 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\Participatory Culture Foundation
[2010/02/03 05:22:44 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\PCF-VLC
[2008/05/26 16:21:02 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\Printer Info Cache
[2008/06/07 08:55:38 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\Skinux
[2011/10/27 10:08:19 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\Sling Media
[2012/12/05 13:43:57 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\SmartDraw
[2008/06/14 11:48:35 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\TomTom
[2009/03/08 04:17:24 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\TOSHIBA
[2008/09/21 08:27:33 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\Ulead Systems
[2012/01/16 06:49:05 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\WildTangent
[2008/05/06 13:24:41 | 000,000,000 | ---D | M] -- C:\Users\Eric Shrode\AppData\Roaming\WinBatch
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 933 bytes -> C:\Users\Eric Shrode\Documents\Ihre Konzertkartenbestellung vom 27_10_2010.eml:OECustomProperty
@Alternate Data Stream - 856 bytes -> C:\Users\Eric Shrode\Documents\Beware shipping Christmas gifts via UPS.eml:OECustomProperty
@Alternate Data Stream - 809 bytes -> C:\Users\Eric Shrode\Documents\2011 Tax Returns for our files.eml:OECustomProperty
@Alternate Data Stream - 789 bytes -> C:\Users\Eric Shrode\Documents\Pop can heat.eml:OECustomProperty
@Alternate Data Stream - 749 bytes -> C:\Users\Eric Shrode\Documents\Re_ F25 Message Received.eml:OECustomProperty
@Alternate Data Stream - 715 bytes -> C:\Users\Eric Shrode\Documents\Campaign Finance Fillable Forms.eml:OECustomProperty
@Alternate Data Stream - 700 bytes -> C:\Users\Eric Shrode\Documents\Financial Help.eml:OECustomProperty
@Alternate Data Stream - 154 bytes -> C:\Users\Eric Shrode\Documents\wordmark, winefest.pdf:com.dropbox.attributes
@Alternate Data Stream - 154 bytes -> C:\Users\Eric Shrode\Documents\final logo grapes.pdf:com.dropbox.attributes
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:7631EA83
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:33FF2C1A
< End of report >