Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trust Defender and Oshi


  • This topic is locked This topic is locked
9 replies to this topic

#1 ngefanboy

ngefanboy

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:az sun lakes 85248
  • Local time:11:36 AM

Posted 25 February 2014 - 03:45 PM

hi i need help on removeing both of them i tryed updaiting mbam and then fuil scaning it but it did not find any of them anyway i need some help on geting rid of both them heres the dds log btw i am on a windows 8 pc

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16798  BrowserJavaVersion: 10.51.2
Run by John at 13:20:45 on 2014-02-25
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.3682.1916 [GMT -7:00]
.
AV: ESET NOD32 Antivirus 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton AntiVirus Online *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus Online *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: ESET NOD32 Antivirus 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dashost.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\OSHI\Defender\oshidfui.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\OSHI\Defender\oshidfui.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com
uURLSearchHooks: {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ips\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: CenturyLink: {A317CB83-299C-4FC8-9ED7-2D64117D98EE} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [emsisoft anti-malware] "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: NameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{8194B653-A68F-4AA7-A943-1ED40B13B7F4} : DHCPNameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{8194B653-A68F-4AA7-A943-1ED40B13B7F4}\34963736F62473532323 : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{8194B653-A68F-4AA7-A943-1ED40B13B7F4}\74F627D6C65697 : DHCPNameServer = 192.168.1.1
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-mStart Page = hxxp://www.google.com
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [MapsGalaxy Home Page Guard 64 bit] "C:\PROGRA~2\MAPSGA~2\bar\1.bin\AppIntegrator64.exe"
x64-Run: [OSHI Defender] "C:\Program Files\OSHI\Defender\oshidfui.exe" /autorun
x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
x64-Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\8ika9rtr.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\Drivers\amd_sata.sys [2012-7-23 79528]
R0 amd_xata;amd_xata;C:\Windows\System32\Drivers\amd_xata.sys [2012-7-23 26280]
R0 edevmon;edevmon;C:\Windows\System32\Drivers\edevmon.sys [2013-9-17 239296]
R0 SymDS;Symantec Data Store;C:\Windows\System32\Drivers\NAVx64\1404000.028\symds64.sys [2013-6-28 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\Drivers\NAVx64\1404000.028\symefa64.sys [2013-6-28 1139800]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2014-2-21 26176]
R1 a2injectiondriver;a2injectiondriver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [2014-2-21 45208]
R1 a2util;a-squared Malware-IDS utility driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [2014-2-21 17384]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [2014-2-18 1526488]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;C:\Windows\System32\Drivers\NAVx64\1404000.028\ccsetx64.sys [2013-6-28 169048]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2013-3-23 92536]
R1 eamonm;eamonm;C:\Windows\System32\Drivers\eamonm.sys [2013-9-17 239320]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20140224.001\IDSviA64.sys [2014-2-24 521944]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\Drivers\NAVx64\1404000.028\ironx64.sys [2013-6-28 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\Drivers\NAVx64\1404000.028\symnets.sys [2013-6-28 433752]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-7 143088]
R2 a2AntiMalware;Emsisoft Anti-Malware 8.0 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2014-2-21 4163584]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2013-3-23 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-2 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-8-6 361984]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2013-9-12 1337752]
R2 epfwwfpr;epfwwfpr;C:\Windows\System32\Drivers\epfwwfpr.sys [2013-9-17 157432]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-8-10 85504]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-7-9 35232]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-19 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-19 701512]
R2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccsvchst.exe [2013-6-28 144368]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-7-17 98472]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-12-3 137648]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2014-2-19 25928]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2013-3-23 266896]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2013-3-23 683664]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\Drivers\usbfilter.sys [2013-3-23 57000]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-3 20288]
R3 WSDScan;WSD Scan Support;C:\Windows\System32\Drivers\WSDScan.sys [2013-5-2 23552]
S0 SymELAM;Symantec ELAM Driver;C:\Windows\System32\Drivers\NAVx64\1404000.028\symelam.sys [2013-6-28 23448]
S3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2014-2-21 70960]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;C:\Windows\System32\Drivers\Apowersoft_AudioDevice.sys [2014-1-23 31920]
S3 cleanhlp;cleanhlp;C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [2014-2-21 57024]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-31 645952]
S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2013-3-23 41272]
S3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2013-3-23 43832]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\MagicWorkstation.exe="C:\Program Files (x86)\Magic Workstation\MagicWorkstation.exe" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2014-02-23 19:00:51 -------- d-----w- C:\Users\John\AppData\Local\ESET
2014-02-23 08:32:11 -------- d-----w- C:\Users\John\AppData\Roaming\DriverCure
2014-02-22 17:07:37 -------- d-----w- C:\Program Files\ESET
2014-02-22 16:52:27 -------- d-----w- C:\Program Files\Reason
2014-02-22 15:56:28 -------- d-----w- C:\Users\John\AppData\Roaming\Oxy
2014-02-22 15:27:50 -------- d-----w- C:\Program Files (x86)\Max Uninstaller
2014-02-22 15:07:07 81920 ----a-w- C:\Windows\eSellerateControl350.dll
2014-02-22 15:07:07 356352 ----a-w- C:\Windows\eSellerateEngine.dll
2014-02-22 15:07:07 274432 ----a-w- C:\Windows\SysWow64\ssleay32.dll
2014-02-22 15:07:07 1122304 ----a-w- C:\Windows\SysWow64\libeay32.dll
2014-02-22 15:07:05 -------- d-----w- C:\Program Files (x86)\OSHIDefender Removal Tool
2014-02-22 05:06:15 -------- d-----w- C:\Program Files (x86)\Emsisoft Anti-Malware
2014-02-22 03:23:56 -------- d-----w- C:\ProgramData\OSHI
2014-02-22 03:23:38 -------- d-----w- C:\Program Files\OSHI
2014-02-22 03:10:48 -------- d-----w- C:\Users\John\AppData\Roaming\ParetoLogic
2014-02-21 23:03:56 -------- d-----w- C:\AdwCleaner
2014-02-21 21:25:32 -------- d-----w- C:\Windows\en
2014-02-21 19:39:19 -------- d-----w- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-02-19 16:45:24 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-02-19 16:45:24 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-19 08:47:50 255664 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10234.bin
2014-02-19 01:04:44 2232664 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-02-19 01:04:26 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2014-02-19 01:04:00 600064 ----a-w- C:\Windows\System32\vbscript.dll
2014-02-19 01:04:00 523776 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-02-19 01:02:59 148992 ----a-w- C:\Program Files\Internet Explorer\jsdebuggeride.dll
2014-02-19 01:02:11 3960320 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-19 01:02:10 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-19 01:01:49 108032 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
2014-02-19 00:22:20 1845248 ----a-w- C:\Windows\System32\msxml3.dll
2014-02-19 00:22:20 1419264 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-02-19 00:20:42 3842560 ----a-w- C:\Windows\System32\d2d1.dll
2014-02-19 00:20:42 2238976 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-02-19 00:20:41 3288576 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-02-19 00:20:40 2032640 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-01-30 04:35:09 -------- d-----w- C:\Program Files (x86)\ESET
.
==================== Find3M  ====================
.
2014-02-17 22:03:37 78304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-17 22:03:37 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-01 09:19:49 2241536 ----a-w- C:\Windows\System32\wininet.dll
2014-02-01 09:19:36 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-02-01 09:19:36 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-02-01 09:18:21 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-01 09:18:21 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-01 07:58:31 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-01 07:58:24 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-02-01 07:57:16 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-01 07:57:16 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-02-01 07:40:43 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-01 07:34:53 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-01 05:08:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2014-01-10 20:40:12 58560 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2014-01-10 20:31:32 322240 ----a-w- C:\Windows\WLXPGSS.SCR
2013-12-19 04:09:39 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-18 06:11:52 354656 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
2013-12-07 06:37:24 688640 ----a-w- C:\Windows\System32\WSShared.dll
2013-12-07 06:37:24 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-07 05:15:46 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll
2013-12-07 05:15:46 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-04 23:43:43 583680 ----a-w- C:\Windows\System32\msdrm.dll
2013-12-04 23:37:08 451072 ----a-w- C:\Windows\SysWow64\msdrm.dll
.
============= FINISH: 13:21:59.47 ===============
again any and all help is need bye.

Attached Files



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,973 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:36 AM

Posted 25 February 2014 - 05:50 PM

Greetings ngefanboy and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run this program for me.

===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Scan
  • Upon completion click Report
  • Review the entries and uncheck any items you would like to keep on your computer (leaving an item checked will cause its deletion)
  • Click Clean to remove the items still checked
  • Click OK twice to reboot your computer
  • Copy and paste the contents of the text file on your desktop upon reboot in your reply
  • You can also find the logfile at C:\AdwCleaner.txt
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • AdwCleaner log
  • Junkware log
  • FRST results
  • Addition log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 ngefanboy

ngefanboy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:az sun lakes 85248
  • Local time:11:36 AM

Posted 27 February 2014 - 01:01 AM

thought this got posted again not shere why its not up here

 

# AdwCleaner v3.019 - Report created 26/02/2014 at 19:52:32
# Updated 17/02/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : John - COYLEPC
# Running from : C:\Users\John\Desktop\adwcleaner (1).exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found C:\Users\John\AppData\Roaming\Oxy
Folder Found C:\Users\John\AppData\Roaming\ParetoLogic
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Escolade
Key Found : HKCU\Software\ParetoLogic
Key Found : [x64] HKCU\Software\Escolade
Key Found : [x64] HKCU\Software\ParetoLogic
Key Found : HKLM\Software\ParetoLogic
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16798
 
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\8ika9rtr.default\prefs.js ]
 
 
-\\ Google Chrome v33.0.1750.117
 
[ File : C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found : homepage
Found : homepage
 
*************************
 
AdwCleaner[R0].txt - [1188 octets] - [21/02/2014 16:04:00]
AdwCleaner[R1].txt - [1125 octets] - [26/02/2014 19:52:32]
AdwCleaner[S0].txt - [1239 octets] - [21/02/2014 16:05:57]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1245 octets] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8 x64
Ran by John on Wed 02/26/2014 at 18:45:25.56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\John\AppData\Roaming\drivercure"
Failed to delete: [Folder] "C:\Program Files (x86)\max uninstaller"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 02/26/2014 at 19:28:32.30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-02-2014
Ran by John (administrator) on COYLEPC on 25-02-2014 16:58:31
Running from C:\Users\John\Desktop
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Aveas Limited) C:\Program Files\OSHI\Defender\oshidfui.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [MapsGalaxy Home Page Guard 64 bit] - "C:\PROGRA~2\MAPSGA~2\bar\1.bin\AppIntegrator64.exe"
HKLM\...\Run: [OSHI Defender] - C:\Program Files\OSHI\Defender\oshidfui.exe [5077488 2014-02-18] (Aveas Limited)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-14] ()
HKLM-x32\...\Run: [emsisoft anti-malware] - c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4330432 2014-02-21] (Emsisoft GmbH)
HKU\S-1-5-21-1553280980-3462257564-1864665443-1002\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-14] (SUPERAntiSpyware)
HKU\S-1-5-21-1553280980-3462257564-1864665443-1002\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272832 2014-01-10] (Microsoft Corporation)
HKU\S-1-5-21-1553280980-3462257564-1864665443-1002\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-05-14] (Google Inc.)
AppInit_DLLs: C:\Windows\Jaksta\AC\x64\jaudcap.dll => C:\Windows\Jaksta\AC\x64\jaudcap.dll [311584 2013-12-20] (Jaksta Technologies Pty Ltd)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
URLSearchHook: HKCU - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPNTDFJS
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
SearchScopes: HKCU - {FCE6E967-F6AC-4971-AA00-CAF6796EB9D8} URL = 
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - CenturyLink - {A317CB83-299C-4FC8-9ED7-2D64117D98EE} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Winsock: Catalog5 08 C:\Windows\SysWOW64\wlidNSP.dll [46592] (Microsoft Corporation)
Winsock: Catalog5 09 C:\Windows\SysWOW64\wlidNSP.dll [46592] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [71168] (Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Windows\system32\wlidnsp.dll [71168] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
 
FireFox:
========
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\8ika9rtr.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: CenturyLink - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\8ika9rtr.default\Extensions\{A317CB83-299C-4FC8-9ED7-2D64117D98EE} [2013-06-27]
FF Extension: DownloadHelper - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\8ika9rtr.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-27]
FF Extension: Adblock Plus - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\8ika9rtr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-12]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-02-22]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\IPSFF [2013-10-09]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-02-22]
 
Chrome: 
=======
CHR HomePage: hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^UX^xdm011^YY^us&ptb=C9ED0779-F953-43B0-87D7-F4A2A32A7D5F&si=maps4pc
CHR RestoreOnStartup: "spellcheck": {
      "confirm_dialog_shown": true,
      "use_spelling_service"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Extension: (Google Docs) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-28]
CHR Extension: (Google Drive) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-28]
CHR Extension: (YouTube) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-28]
CHR Extension: (ClipCopy for Tampermonkey) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehieljejfgbjhogonapjjndllliopfg [2014-01-18]
CHR Extension: (Adblock Plus) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-13]
CHR Extension: (Spotify - Music for every moment) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2014-01-18]
CHR Extension: (Google Search) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-28]
CHR Extension: (Tampermonkey) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-01-18]
CHR Extension: (AdBlock) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-14]
CHR Extension: (Super Collapse! Puzzle Gallery) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcmgkbfnhkglbjhkffiaccpnjnnboom [2014-02-14]
CHR Extension: (Google Wallet) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (video2mp3.net) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgehlfiodkonepliockofnonigghjkge [2014-01-16]
CHR Extension: (Gmail) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-28]
CHR HKLM-x32\...\Chrome\Extension: [gpicboiclhmnllnjdcfcffifpoaebgkm] - C:\Program Files (x86)\Freecorder extension\Freecorder.crx [2013-05-28]
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143088 2013-05-07] (SUPERAntiSpyware.com)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4163584 2014-02-21] (Emsisoft GmbH)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH)
S3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-17] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-20] (Symantec Corporation)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-20] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20140224.001\IDSvia64.sys [521944 2014-01-20] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20140225.002\ENG64.SYS [126040 2014-02-17] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20140225.002\EX64.SYS [2099288 2014-02-17] (Symantec Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-25 16:58 - 2014-02-25 16:58 - 00024894 _____ () C:\Users\John\Desktop\FRST.txt
2014-02-25 16:56 - 2014-02-25 16:58 - 00000000 ____D () C:\FRST
2014-02-25 16:55 - 2014-02-25 16:55 - 02155520 _____ (Farbar) C:\Users\John\Desktop\FRST64.exe
2014-02-25 12:12 - 2014-02-25 12:12 - 00280472 _____ () C:\Windows\Minidump\022514-53243-01.dmp
2014-02-23 13:57 - 2014-02-24 14:19 - 00001807 _____ () C:\Users\John\Documents\to post to bellepingcompture later on.txt
2014-02-23 12:09 - 2014-02-23 12:09 - 00000941 _____ () C:\Users\John\Documents\things you might need to get rid of maniuley.txt
2014-02-23 12:00 - 2014-02-23 12:00 - 00000000 ____D () C:\Users\John\AppData\Local\ESET
2014-02-23 09:31 - 2014-02-25 12:12 - 739280537 _____ () C:\Windows\MEMORY.DMP
2014-02-23 09:31 - 2014-02-23 09:31 - 00280472 _____ () C:\Windows\Minidump\022314-44132-01.dmp
2014-02-23 01:32 - 2014-02-23 01:32 - 00000000 ____D () C:\Users\John\AppData\Roaming\DriverCure
2014-02-22 10:07 - 2014-02-22 10:07 - 00000000 ____D () C:\ProgramData\ESET
2014-02-22 10:07 - 2014-02-22 10:07 - 00000000 ____D () C:\Program Files\ESET
2014-02-22 09:52 - 2014-02-22 09:52 - 00000000 ____D () C:\Program Files\Reason
2014-02-22 08:57 - 2014-02-22 08:57 - 00003626 _____ () C:\Windows\System32\Tasks\PileFile reminder
2014-02-22 08:57 - 2014-02-22 08:57 - 00003212 _____ () C:\Windows\System32\Tasks\PileFile logon
2014-02-22 08:56 - 2014-02-22 08:56 - 00000000 ____D () C:\Users\John\AppData\Roaming\Oxy
2014-02-22 08:07 - 2014-02-22 08:14 - 00000000 ____D () C:\Program Files (x86)\OSHIDefender Removal Tool
2014-02-22 08:07 - 2013-11-05 14:38 - 01122304 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-02-22 08:07 - 2013-11-05 14:38 - 00274432 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-02-22 08:07 - 2012-12-10 11:04 - 00356352 _____ (eSellerate Inc.) C:\Windows\eSellerateEngine.dll
2014-02-22 08:07 - 2012-12-10 11:04 - 00081920 _____ (eSellerate Inc.) C:\Windows\eSellerateControl350.dll
2014-02-21 22:06 - 2014-02-23 09:32 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-02-21 22:06 - 2014-02-21 22:06 - 00000000 ____D () C:\Users\John\Documents\Anti-Malware
2014-02-21 20:23 - 2014-02-21 20:23 - 00000000 ____D () C:\Windows\System32\Tasks\OSHI
2014-02-21 20:23 - 2014-02-21 20:23 - 00000000 ____D () C:\ProgramData\OSHI
2014-02-21 20:23 - 2014-02-21 20:23 - 00000000 ____D () C:\Program Files\OSHI
2014-02-21 20:10 - 2014-02-21 20:10 - 00000000 ____D () C:\Users\John\AppData\Roaming\ParetoLogic
2014-02-21 16:03 - 2014-02-21 16:06 - 00000000 ____D () C:\AdwCleaner
2014-02-21 14:25 - 2014-02-21 14:25 - 00000000 ____D () C:\Windows\en
2014-02-21 14:23 - 2014-02-21 14:23 - 00000359 _____ () C:\Windows\DirectX.log
2014-02-21 13:01 - 2014-02-21 13:01 - 01241834 _____ () C:\Users\John\Desktop\adwcleaner (1).exe
2014-02-21 12:39 - 2014-02-21 15:21 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-02-21 11:55 - 2014-02-21 11:55 - 00000000 ____D () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-02-21 11:55 - 2014-02-21 11:55 - 00000000 ____D () C:\Program Files\WinRAR
2014-02-19 09:45 - 2014-02-19 09:45 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-19 09:45 - 2014-02-19 09:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-19 09:45 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-18 18:04 - 2013-12-08 17:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-18 18:04 - 2013-12-08 16:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-18 18:04 - 2013-11-26 17:19 - 00385614 _____ () C:\Windows\system32\ApnDatabase.xml
2014-02-18 18:04 - 2013-11-25 16:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-02-18 18:04 - 2013-10-31 22:53 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-18 18:03 - 2014-02-01 02:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-18 18:03 - 2014-02-01 02:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-18 18:03 - 2014-02-01 02:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-18 18:03 - 2014-02-01 02:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-18 18:03 - 2014-02-01 02:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-18 18:03 - 2014-02-01 02:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-18 18:03 - 2014-02-01 02:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-18 18:03 - 2014-02-01 02:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-18 18:03 - 2014-02-01 02:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-18 18:03 - 2014-02-01 02:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-18 18:03 - 2014-02-01 02:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-18 18:03 - 2014-02-01 02:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-18 18:03 - 2014-02-01 02:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-18 18:03 - 2014-02-01 00:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-18 18:03 - 2014-02-01 00:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-18 18:03 - 2014-02-01 00:58 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-18 18:03 - 2014-02-01 00:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-18 18:03 - 2014-02-01 00:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-18 18:03 - 2014-02-01 00:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-18 18:03 - 2014-02-01 00:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-18 18:03 - 2014-02-01 00:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-18 18:03 - 2014-02-01 00:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-18 18:03 - 2014-02-01 00:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-18 18:03 - 2014-02-01 00:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-18 18:03 - 2014-02-01 00:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-18 18:03 - 2014-01-31 22:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-02-18 18:03 - 2013-12-04 16:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-18 18:03 - 2013-12-04 16:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-18 18:02 - 2014-02-01 02:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-18 18:02 - 2014-02-01 02:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-18 18:02 - 2014-02-01 02:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-18 18:02 - 2014-02-01 00:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-18 18:02 - 2014-02-01 00:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-18 18:02 - 2014-02-01 00:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-18 18:01 - 2014-02-01 00:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-18 17:22 - 2013-12-04 16:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-18 17:22 - 2013-12-04 16:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-18 17:20 - 2014-01-12 16:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-18 17:20 - 2014-01-12 16:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-18 17:20 - 2013-11-19 17:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-18 17:20 - 2013-11-19 16:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-18 12:46 - 2014-02-25 16:09 - 00709335 _____ () C:\Windows\WindowsUpdate.log
2014-02-17 09:27 - 2014-02-25 12:13 - 00002582 _____ () C:\Windows\PFRO.log
2014-02-17 09:27 - 2014-02-17 09:28 - 00344544 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-15 23:15 - 2014-02-15 23:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 07:57 - 2014-02-25 12:47 - 00000000 ____D () C:\Users\John\AppData\Roaming\vlc
2014-02-05 02:52 - 2014-02-06 16:31 - 00001397 _____ () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2014-02-05 02:51 - 2014-02-06 16:31 - 00002203 _____ () C:\Users\John\Desktop\Torch.lnk
2014-02-01 14:35 - 2014-02-25 14:36 - 00000000 ____D () C:\Users\John\Desktop\bryans content
2014-01-29 21:35 - 2014-01-29 21:35 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-01-27 09:29 - 2014-01-27 09:29 - 00003328 _____ () C:\{1B884527-11B8-4587-9258-BC1C28A8B361}
2014-01-27 08:53 - 2014-01-27 08:53 - 00002320 _____ () C:\{58E671F3-ABBF-41C1-9EB5-A0EE98E1C05D}
2014-01-27 08:52 - 2014-01-27 08:52 - 00002216 _____ () C:\{E81CB520-34A5-4BC5-9185-0D99AF43A7B9}
2014-01-27 08:48 - 2014-01-27 08:48 - 00002288 _____ () C:\{5F6F4D7B-A830-41FF-BF8B-67B137B1A052}
2014-01-27 08:47 - 2014-01-27 08:47 - 00002288 _____ () C:\{34A26A66-EBD1-4354-99BA-E32FAA5345EC}
2014-01-27 07:46 - 2014-01-27 07:46 - 00002624 _____ () C:\{7A964C16-B4F0-4D04-B34B-0D6492E03730}
2014-01-27 07:21 - 2014-01-27 07:21 - 00002704 _____ () C:\{01DF778B-F6E1-430F-A10E-982EAE5CCF2F}
2014-01-26 03:13 - 2014-01-26 03:13 - 00000000 ____D () C:\Users\John\AppData\Roaming\Freecorder 8 Converter
 
==================== One Month Modified Files and Folders =======
 
2014-02-25 16:58 - 2014-02-25 16:58 - 00024894 _____ () C:\Users\John\Desktop\FRST.txt
2014-02-25 16:58 - 2014-02-25 16:56 - 00000000 ____D () C:\FRST
2014-02-25 16:55 - 2014-02-25 16:55 - 02155520 _____ (Farbar) C:\Users\John\Desktop\FRST64.exe
2014-02-25 16:49 - 2013-05-09 14:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-25 16:09 - 2014-02-18 12:46 - 00709335 _____ () C:\Windows\WindowsUpdate.log
2014-02-25 16:07 - 2013-05-14 17:31 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-25 16:00 - 2012-07-26 01:12 - 00000000 ____D () C:\Windows\system32\sru
2014-02-25 14:36 - 2014-02-01 14:35 - 00000000 ____D () C:\Users\John\Desktop\bryans content
2014-02-25 13:58 - 2013-07-05 00:40 - 00000000 ____D () C:\Users\John\AppData\Local\CrashDumps
2014-02-25 13:38 - 2013-04-15 21:56 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C342BB42-7C15-4A8C-87B0-86301DD23CB5}
2014-02-25 12:47 - 2014-02-14 07:57 - 00000000 ____D () C:\Users\John\AppData\Roaming\vlc
2014-02-25 12:18 - 2012-07-26 01:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-02-25 12:16 - 2013-05-14 17:31 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-25 12:16 - 2013-05-11 02:30 - 00000000 ____D () C:\Users\John\Tracing
2014-02-25 12:14 - 2012-07-26 00:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-25 12:13 - 2014-02-17 09:27 - 00002582 _____ () C:\Windows\PFRO.log
2014-02-25 12:12 - 2014-02-25 12:12 - 00280472 _____ () C:\Windows\Minidump\022514-53243-01.dmp
2014-02-25 12:12 - 2014-02-23 09:31 - 739280537 _____ () C:\Windows\MEMORY.DMP
2014-02-24 17:39 - 2013-12-21 20:05 - 00024576 ___SH () C:\Users\John\Desktop\Thumbs.db
2014-02-24 14:19 - 2014-02-23 13:57 - 00001807 _____ () C:\Users\John\Documents\to post to bellepingcompture later on.txt
2014-02-23 12:09 - 2014-02-23 12:09 - 00000941 _____ () C:\Users\John\Documents\things you might need to get rid of maniuley.txt
2014-02-23 12:00 - 2014-02-23 12:00 - 00000000 ____D () C:\Users\John\AppData\Local\ESET
2014-02-23 09:32 - 2014-02-21 22:06 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-02-23 09:31 - 2014-02-23 09:31 - 00280472 _____ () C:\Windows\Minidump\022314-44132-01.dmp
2014-02-23 09:31 - 2013-08-25 00:40 - 00000000 ____D () C:\Windows\Minidump
2014-02-23 01:32 - 2014-02-23 01:32 - 00000000 ____D () C:\Users\John\AppData\Roaming\DriverCure
2014-02-22 14:46 - 2013-04-15 21:50 - 00000000 ____D () C:\Users\John
2014-02-22 10:07 - 2014-02-22 10:07 - 00000000 ____D () C:\ProgramData\ESET
2014-02-22 10:07 - 2014-02-22 10:07 - 00000000 ____D () C:\Program Files\ESET
2014-02-22 09:52 - 2014-02-22 09:52 - 00000000 ____D () C:\Program Files\Reason
2014-02-22 09:44 - 2013-12-11 22:48 - 00000000 ____D () C:\Program Files\JDownloader
2014-02-22 09:18 - 2014-01-15 05:11 - 00001449 _____ () C:\Users\John\Desktop\settings.ini
2014-02-22 09:13 - 2014-01-16 17:15 - 00004150 _____ () C:\Users\John\Desktop\button.bmp
2014-02-22 08:57 - 2014-02-22 08:57 - 00003626 _____ () C:\Windows\System32\Tasks\PileFile reminder
2014-02-22 08:57 - 2014-02-22 08:57 - 00003212 _____ () C:\Windows\System32\Tasks\PileFile logon
2014-02-22 08:56 - 2014-02-22 08:56 - 00000000 ____D () C:\Users\John\AppData\Roaming\Oxy
2014-02-22 08:14 - 2014-02-22 08:07 - 00000000 ____D () C:\Program Files (x86)\OSHIDefender Removal Tool
2014-02-21 22:06 - 2014-02-21 22:06 - 00000000 ____D () C:\Users\John\Documents\Anti-Malware
2014-02-21 20:23 - 2014-02-21 20:23 - 00000000 ____D () C:\Windows\System32\Tasks\OSHI
2014-02-21 20:23 - 2014-02-21 20:23 - 00000000 ____D () C:\ProgramData\OSHI
2014-02-21 20:23 - 2014-02-21 20:23 - 00000000 ____D () C:\Program Files\OSHI
2014-02-21 20:10 - 2014-02-21 20:10 - 00000000 ____D () C:\Users\John\AppData\Roaming\ParetoLogic
2014-02-21 16:48 - 2012-07-25 22:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-02-21 16:27 - 2013-05-28 17:32 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-21 16:06 - 2014-02-21 16:03 - 00000000 ____D () C:\AdwCleaner
2014-02-21 15:21 - 2014-02-21 12:39 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-02-21 14:25 - 2014-02-21 14:25 - 00000000 ____D () C:\Windows\en
2014-02-21 14:23 - 2014-02-21 14:23 - 00000359 _____ () C:\Windows\DirectX.log
2014-02-21 14:23 - 2012-08-17 11:11 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-02-21 14:13 - 2013-05-11 02:19 - 00000000 ____D () C:\Users\John\AppData\Local\Windows Live
2014-02-21 13:01 - 2014-02-21 13:01 - 01241834 _____ () C:\Users\John\Desktop\adwcleaner (1).exe
2014-02-21 11:58 - 2013-12-16 00:08 - 00000000 ____D () C:\Users\John\AppData\Roaming\WinRAR
2014-02-21 11:55 - 2014-02-21 11:55 - 00000000 ____D () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-02-21 11:55 - 2014-02-21 11:55 - 00000000 ____D () C:\Program Files\WinRAR
2014-02-20 21:46 - 2012-07-26 01:12 - 00000000 ____D () C:\Windows\rescache
2014-02-20 17:04 - 2012-07-25 22:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-02-20 11:49 - 2013-05-09 14:18 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-19 09:45 - 2014-02-19 09:45 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-19 09:45 - 2014-02-19 09:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-19 02:33 - 2013-08-21 10:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-19 02:28 - 2013-04-22 23:36 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-17 15:03 - 2013-09-16 22:14 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 15:03 - 2013-09-16 22:14 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 09:28 - 2014-02-17 09:27 - 00344544 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-17 09:27 - 2013-05-08 10:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 23:15 - 2014-02-15 23:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 07:29 - 2013-05-10 17:53 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-14 07:29 - 2013-05-10 17:53 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-14 07:24 - 2013-12-31 12:45 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-02-14 05:13 - 2013-05-10 17:13 - 00000000 ____D () C:\Users\John\Documents\Magic Decks
2014-02-11 08:02 - 2013-05-14 17:31 - 00003882 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-11 08:02 - 2013-05-14 17:31 - 00003646 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-06 16:31 - 2014-02-05 02:52 - 00001397 _____ () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2014-02-06 16:31 - 2014-02-05 02:51 - 00002203 _____ () C:\Users\John\Desktop\Torch.lnk
2014-02-05 09:29 - 2013-06-06 11:59 - 00000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-02-04 10:11 - 2013-06-06 11:59 - 00000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-02-01 02:20 - 2014-02-18 18:03 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-01 02:19 - 2014-02-18 18:03 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-01 02:19 - 2014-02-18 18:03 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-01 02:19 - 2014-02-18 18:03 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-01 02:19 - 2014-02-18 18:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-01 02:18 - 2014-02-18 18:03 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-01 02:18 - 2014-02-18 18:03 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-01 02:18 - 2014-02-18 18:03 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-01 02:18 - 2014-02-18 18:03 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-01 02:18 - 2014-02-18 18:03 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-01 02:18 - 2014-02-18 18:03 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-01 02:18 - 2014-02-18 18:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-01 02:18 - 2014-02-18 18:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-01 02:18 - 2014-02-18 18:02 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-01 02:18 - 2014-02-18 18:02 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-01 02:18 - 2014-02-18 18:02 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-01 00:58 - 2014-02-18 18:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-01 00:58 - 2014-02-18 18:03 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-01 00:58 - 2014-02-18 18:03 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-01 00:57 - 2014-02-18 18:03 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-01 00:57 - 2014-02-18 18:03 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-01 00:57 - 2014-02-18 18:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-01 00:57 - 2014-02-18 18:03 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-01 00:57 - 2014-02-18 18:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-01 00:57 - 2014-02-18 18:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-01 00:57 - 2014-02-18 18:03 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-01 00:57 - 2014-02-18 18:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-01 00:57 - 2014-02-18 18:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-01 00:57 - 2014-02-18 18:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-01 00:57 - 2014-02-18 18:01 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-01 00:40 - 2014-02-18 18:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-01 00:34 - 2014-02-18 18:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-31 22:08 - 2014-02-18 18:03 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-01-30 03:55 - 2013-06-27 18:41 - 00000000 ____D () C:\Program Files (x86)\qwesttoolbar
2014-01-29 21:35 - 2014-01-29 21:35 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-01-29 07:24 - 2014-01-25 01:11 - 00000000 ____D () C:\Users\John\AppData\Local\Freecorder 8 Torrent
2014-01-28 20:21 - 2013-04-15 22:04 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1553280980-3462257564-1864665443-1002
2014-01-27 09:29 - 2014-01-27 09:29 - 00003328 _____ () C:\{1B884527-11B8-4587-9258-BC1C28A8B361}
2014-01-27 08:53 - 2014-01-27 08:53 - 00002320 _____ () C:\{58E671F3-ABBF-41C1-9EB5-A0EE98E1C05D}
2014-01-27 08:52 - 2014-01-27 08:52 - 00002216 _____ () C:\{E81CB520-34A5-4BC5-9185-0D99AF43A7B9}
2014-01-27 08:48 - 2014-01-27 08:48 - 00002288 _____ () C:\{5F6F4D7B-A830-41FF-BF8B-67B137B1A052}
2014-01-27 08:47 - 2014-01-27 08:47 - 00002288 _____ () C:\{34A26A66-EBD1-4354-99BA-E32FAA5345EC}
2014-01-27 07:46 - 2014-01-27 07:46 - 00002624 _____ () C:\{7A964C16-B4F0-4D04-B34B-0D6492E03730}
2014-01-27 07:42 - 2013-06-11 14:35 - 00003584 _____ () C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-27 07:21 - 2014-01-27 07:21 - 00002704 _____ () C:\{01DF778B-F6E1-430F-A10E-982EAE5CCF2F}
2014-01-26 03:13 - 2014-01-26 03:13 - 00000000 ____D () C:\Users\John\AppData\Roaming\Freecorder 8 Converter
2014-01-26 03:13 - 2014-01-25 01:09 - 00000000 ____D () C:\Users\John\Documents\Freecorder
2014-01-26 03:13 - 2014-01-25 01:09 - 00000000 ____D () C:\Users\John\AppData\Local\Jaksta_Technologies_Pty_L
 
Files to move or delete:
====================
C:\Users\John\AppData\Roaming\CamLayout.ini
C:\Users\John\AppData\Roaming\CamShapes.ini
C:\Users\John\AppData\Roaming\CamStudio.Producer.Data.ini
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
 
 
Some content of TEMP:
====================
C:\Users\John\AppData\Local\Temp\htmlayout.dll
C:\Users\John\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe
C:\Users\John\AppData\Local\Temp\InstHelper.exe
C:\Users\John\AppData\Local\Temp\Quarantine.exe
C:\Users\John\AppData\Local\Temp\Update.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-25 16:02
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-02-2014
Ran by John at 2014-02-25 17:00:52
Running from C:\Users\John\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton AntiVirus Online (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus Online (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
 
==================== Installed Programs ======================
 
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1860 - Adobe Systems Incorporated) Hidden
Adobe Connect 9 Add-in (HKCU\...\Adobe Connect 9 Add-in) (Version: 11,2,385,0 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Fuel (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Panorama Maker 5 (HKLM-x32\...\{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}) (Version: 5.0.1.25 - ArcSoft)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CenturyLink Installer (HKLM-x32\...\{C96FF998-45BD-411E-9253-B7F2660FE280}) (Version: 1.0 - CenturyLink, Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cockatrice (HKLM-x32\...\Cockatrice) (Version:  - )
Computer Requirements 1.0 (HKLM-x32\...\{BA3582A0-2DE0-4DB8-8B74-CD34AC193F9B}_is1) (Version:  - Furst Person)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5407 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1926 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.1 - Emsisoft GmbH)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.10.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WorkForce 320 Series Printer Uninstall (HKLM\...\EPSON WorkForce 320 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4i - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.2 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.2a - SEIKO EPSON CORPORATION)
ESET NOD32 Antivirus (HKLM\...\{89B0ECE0-A41F-4A45-98D9-D54C74338117}) (Version: 7.0.302.26 - ESET, spol s r. o.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
FormatFactory 3.2.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.2.1.0 - Free Time)
Free Internet Window Washer (HKLM-x32\...\Free Internet Window Washer) (Version:  - )
Freecorder 8 Applications (8.0.1.26) (HKLM-x32\...\Freecorder 8 Applications) (Version: 8.0.1.26 - Applian Technologies)
Freecorder extension for Chrome (HKLM-x32\...\Freecorder extension for Chrome) (Version: 7.0.0.13 - Applian Technologies, Inc.)
Freecorder extension for Firefox (HKLM-x32\...\Freecorder extension for Firefox) (Version: 7.0.0.13 - Applian Technologies, Inc.)
Freecorder extension x64 (HKLM-x32\...\Freecorder extension x64) (Version: 7.0.0.13 - Applian Technologies Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{AE986BF5-B6E3-4F8D-B412-A3DD90DF5146}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
iWisoft Free Video Converter 1.2 (HKLM-x32\...\iWisoft Free Video Converter_is1) (Version: 1.2 - www.easy-video-converter.com)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Workstation 0.94f (HKLM-x32\...\Magic Workstation_is1) (Version:  - Magic Technology)
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Max Uninstaller version 2.1 (HKLM-x32\...\{C7022C9B-4DE0-4A57-B395-ED3BFDB78D73}_is1) (Version: 2.1 - http://www.maxuninstaller.com/)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Word 2002 (HKLM-x32\...\{911B0409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.01 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Microsoft Works 2004 Setup Launcher (HKLM-x32\...\Works2004Setup) (Version:  - )
Microsoft Works Suite Add-in for Microsoft Word (HKLM-x32\...\{33BEE6F3-9987-4F98-A069-97A64EC8321A}) (Version: 7.0.0.0000 - Microsoft Corporation)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MTG GamePack for Magic Workstation (HKLM-x32\...\MTG GamePack for Magic Workstation_is1) (Version:  - Magic Technology)
MyCenturyLink Toolbar (HKLM-x32\...\qwesttoolbar) (Version:  - CenturyLink)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 20.4.0.40 - Symantec Corporation)
OSHI Defender (HKLM\...\{7ED09C97-2FE3-4D2A-B5B4-57FF789AABB3}) (Version: 1.2.131 - Aveas Limited)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
PileFile reminder (HKCU\...\{56837588-F559-40CF-91D9-D439D405FB28}) (Version:  - LADY'S WOOD 2013 LIMITED)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1018 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.2 - Nikon)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
06-02-2014 23:41:35 Revo Uninstaller's restore point - WinPcap 4.1.3
14-02-2014 03:06:01 Scheduled Checkpoint
19-02-2014 09:26:51 Windows Update
21-02-2014 21:21:05 Windows Live Essentials
21-02-2014 21:22:29 Installed DirectX
 
==================== Hosts content: ==========================
 
2012-07-25 22:26 - 2014-02-21 15:29 - 00157984 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 2010-fr.com # hosts anti-adware / pups
127.0.0.1 2012-new.biz # hosts anti-adware / pups
127.0.0.1 212link.com # hosts anti-adware / pups
127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
127.0.0.1 24h00business.com # hosts anti-adware / pups
127.0.0.1 a.adorika.net # hosts anti-adware / pups
127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
127.0.0.1 ad.adn360.com # hosts anti-adware / pups
127.0.0.1 adeartss.eu # hosts anti-adware / pups
127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
127.0.0.1 adm.soft365.com # hosts anti-adware / pups
127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
127.0.0.1 ads.aff.co # hosts anti-adware / pups
127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups
127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups
127.0.0.1 ads.egdating.net # hosts anti-adware / pups
127.0.0.1 ads.eorezo.com # hosts anti-adware / pups
127.0.0.1 ads.hooqy.com # hosts anti-adware / pups
127.0.0.1 ads.pornerbros.com # hosts anti-adware / pups
127.0.0.1 ads.realken.com # hosts anti-adware / pups
127.0.0.1 ads.regiedepub.com # hosts anti-adware / pups
127.0.0.1 ads.sucomspot.com # hosts anti-adware / pups
 
There are 1000 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0201774A-205E-4715-9E08-5936CE4C6EFB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-14] (Google Inc.)
Task: {03E39674-6EBF-4813-9AA9-287F4CF01883} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {094D9B22-35F8-4C35-9FCD-009474EEDA21} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-14] (Google Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {31204FDF-A063-4ADC-A055-2B8F2F8BE069} - System32\Tasks\PileFile reminder => C:\Users\John\AppData\Local\Temp\Max Uninstaller Inc license keyDownload_90BC\Max_Uninstaller_Inc_license_key_Downloader.exe <==== ATTENTION
Task: {31862A64-565A-438D-8BF3-DC56C6B38A6C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\WSCStub.exe [2013-06-03] (Symantec Corporation)
Task: {4127FC8B-6DB4-401F-9BC7-724A1AA08030} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-15] (Microsoft Corporation)
Task: {424E0800-B3AA-47EE-92DF-B7B173F12674} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\Windows\system32\NotificationUI.exe [2013-08-15] (Microsoft Corporation)
Task: {43BE3642-CD93-4491-AC70-C766F3D3E720} - System32\Tasks\OSHI\Launch Defender => C:\Program Files\OSHI\Defender\oshidfui.exe [2014-02-18] (Aveas Limited)
Task: {6FEFCD8A-7C2B-470F-9C6C-C6278BE0F0AA} - System32\Tasks\PileFile logon => C:\Users\John\AppData\Local\Temp\Max Uninstaller Inc license keyDownload_90BC\Max_Uninstaller_Inc_license_key_Downloader.exe <==== ATTENTION
Task: {70DAEE32-C4AF-4A5B-93A9-7414AFD1DD01} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
Task: {74AD1A8E-6B62-49AE-A896-1B6B938A2A39} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {7F888C26-028A-435A-9DEE-26F097C7FF62} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {97B0FC83-E1C1-49DD-A8B1-EE422228EB87} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C2E0679F-9884-4A18-96CA-685AAA118C6B} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {C2E27000-BFF0-488F-9318-B6768AC9E47C} - System32\Tasks\OSHI\Defender\Daily Full Scan => C:\Program Files\OSHI\Defender\oshidfui.exe [2014-02-18] (Aveas Limited)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D3AF40AF-2083-4AB2-A70A-FF9387DBCDF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {D408DAB0-87F3-4379-9311-F6C8B24093EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {D8383807-3962-4A6A-A3B3-70B625D046E3} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-16] (Synaptics Incorporated)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {EEDD78DA-243F-4531-BA5F-C36DEEE55CF4} - \BrowserProtect No Task File
Task: {F6D2BCD9-BC53-4B28-AE00-58876A28C85A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FF382625-9E6E-4D3D-B58D-8007C0788947} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-08-06 12:09 - 2012-08-06 12:09 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-07-26 00:55 - 2012-07-26 00:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-11-14 17:48 - 2013-11-14 17:48 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-23 06:38 - 2012-06-07 20:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-11-14 17:49 - 2013-11-14 17:49 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-02-20 23:20 - 2014-02-19 18:02 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2014-02-20 23:20 - 2014-02-19 18:02 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
2014-02-20 23:20 - 2014-02-19 18:02 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll
2014-02-20 23:20 - 2014-02-19 18:03 - 04060488 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-20 23:20 - 2014-02-19 18:03 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-20 23:20 - 2014-02-19 18:02 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
2014-02-20 23:20 - 2014-02-19 18:03 - 13632840 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00113171 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 02396179 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00268307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00027667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00031251 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00066579 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 02021395 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00100371 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00240659 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00076307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00045587 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00060947 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00531475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00708627 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00114195 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00040467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00133139 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 01512467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00296979 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 01248787 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00054291 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00038419 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 11148307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00116755 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_http_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00189971 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00091667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00067603 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00077331 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00025619 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00074259 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00016403 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libtta_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00023059 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00021523 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libwav_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00929299 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsid_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00118803 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00144403 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libogg_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 01194003 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdirac_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00675347 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblive555_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00018451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libpva_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00014355 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libxa_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00017427 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libaiff_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00018451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libvoc_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00015891 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libau_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00417811 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libgme_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\librawvid_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00023059 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libimage_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnsv_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00524819 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmod_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00127507 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libts_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00037907 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libps_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00034835 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libty_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00014355 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmpgv_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmjpeg_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00016403 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\librawdv_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00050195 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnsc_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00014355 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 10396179 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00291859 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00017939 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 01280019 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00018451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00336403 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00344595 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00198675 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00027155 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00015891 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 01371667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00146451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00022035 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00733203 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00026131 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00171027 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00019475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00724499 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00013843 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 01496083 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00026643 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00555027 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00113683 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00027667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00053779 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00016915 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00032275 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00020499 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00017427 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2014-02-04 18:32 - 2014-02-04 18:32 - 00013843 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00067091 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00130579 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00168979 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00058899 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00019475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00013331 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00014355 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00014355 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2014-02-04 18:31 - 2014-02-04 18:31 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\17667443.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\77500037.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\17667443.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\77500037.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/25/2014 04:04:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error: (02/25/2014 02:35:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error: (02/25/2014 01:58:29 PM) (Source: Application Error) (User: )
Description: Faulting application name: oshidfui.exe, version: 1.2.131.0, time stamp: 0x5303a29e
Faulting module name: oshidfui.exe, version: 1.2.131.0, time stamp: 0x5303a29e
Exception code: 0xc0000409
Fault offset: 0x00000000001de6f0
Faulting process id: 0x1458
Faulting application start time: 0xoshidfui.exe0
Faulting application path: oshidfui.exe1
Faulting module path: oshidfui.exe2
Report Id: oshidfui.exe3
Faulting package full name: oshidfui.exe4
Faulting package-relative application ID: oshidfui.exe5
 
Error: (02/24/2014 04:00:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16798, time stamp: 0x52ec7da1
Faulting module name: atidxx32.dll, version: 8.17.10.451, time stamp: 0x501a0a26
Exception code: 0xc0000005
Fault offset: 0x000624f2
Faulting process id: 0x1860
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
 
Error: (02/24/2014 03:10:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error: (02/24/2014 03:06:00 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error: (02/23/2014 04:09:58 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8768
 
Error: (02/23/2014 04:09:58 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8768
 
Error: (02/23/2014 04:09:58 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/23/2014 04:09:57 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7317
 
 
System errors:
=============
Error: (02/25/2014 00:14:28 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:35:05 PM on ‎2/‎24/‎2014 was unexpected.
 
Error: (02/23/2014 09:32:30 AM) (Source: BugCheck) (User: )
Description: 0x000000d1 (0x0000000000010010, 0x0000000000000002, 0x0000000000000000, 0xfffff88000a32aed)C:\Windows\MEMORY.DMP022314-44132-01
 
Error: (02/23/2014 09:32:30 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:28:49 AM on ‎2/‎23/‎2014 was unexpected.
 
Error: (02/22/2014 02:45:21 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 2:40:58 PM on ‎2/‎22/‎2014 was unexpected.
 
Error: (02/22/2014 10:07:57 AM) (Source: Service Control Manager) (User: )
Description: The ESET Service service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (02/21/2014 10:19:52 PM) (Source: Service Control Manager) (User: )
Description: The Emsisoft Anti-Malware 8.0 - Service service failed to start due to the following error: 
%%1053
 
Error: (02/21/2014 10:19:52 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Emsisoft Anti-Malware 8.0 - Service service to connect.
 
Error: (02/21/2014 10:19:50 PM) (Source: Service Control Manager) (User: )
Description: The Emsisoft Anti-Malware 8.0 - Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (02/21/2014 04:47:54 PM) (Source: DCOM) (User: COYLEPC)
Description: {FBA44040-BD27-4A09-ACC8-C08B7C723DCD}
 
Error: (02/21/2014 03:21:32 PM) (Source: Service Control Manager) (User: )
Description: The HOSTS Anti-PUPs service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
 
Microsoft Office Sessions:
=========================
Error: (02/25/2014 04:04:00 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (02/25/2014 02:35:52 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\John\Desktop\bryans content\esetsmartinstaller_enu.exe
 
Error: (02/25/2014 01:58:29 PM) (Source: Application Error)(User: )
Description: oshidfui.exe1.2.131.05303a29eoshidfui.exe1.2.131.05303a29ec000040900000000001de6f0145801cf325eedfe1636C:\Program Files\OSHI\Defender\oshidfui.exeC:\Program Files\OSHI\Defender\oshidfui.exe93c421c1-9e5f-11e3-bf57-2c59e59e3111
 
Error: (02/24/2014 04:00:00 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1679852ec7da1atidxx32.dll8.17.10.451501a0a26c0000005000624f2186001cf31b07b8c9115C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\atidxx32.dll62981839-9da7-11e3-bf56-2c59e59e3111
 
Error: (02/24/2014 03:10:32 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (02/24/2014 03:06:00 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (02/23/2014 04:09:58 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8768
 
Error: (02/23/2014 04:09:58 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8768
 
Error: (02/23/2014 04:09:58 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/23/2014 04:09:57 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7317
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-02-25 16:05:06.980
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.
 
  Date: 2014-02-25 16:05:05.529
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.
 
  Date: 2014-02-25 16:05:04.001
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.
 
  Date: 2014-02-25 16:05:02.612
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.
 
  Date: 2014-02-25 16:04:59.383
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.
 
  Date: 2014-02-25 16:04:57.729
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.
 
  Date: 2014-02-25 16:04:56.528
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.
 
  Date: 2014-02-25 16:04:55.608
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.
 
  Date: 2014-02-25 16:04:54.687
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.
 
  Date: 2014-02-25 16:04:53.548
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 58%
Total physical RAM: 3682.26 MB
Available physical RAM: 1513.41 MB
Total Pagefile: 7394.26 MB
Available Pagefile: 4584.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:441.6 GB) (Free:342.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:23.39 GB) (Free:2.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 1E1F4777)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
again any and all help is need
 


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,973 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:36 AM

Posted 27 February 2014 - 12:03 PM

Thanks for following up and posting the information. I am not seeing any evidence of Trust Defender. Are you experiencing any issues directly related to that program?

Please complete these steps.

===================================================

Multiple Antivirus Programs

-------------------

I do not recommend that you have more than one anti virus product installed on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
  • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  • System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please remove all but one of the Antivirus programs currently on your computer, even if only one is running. You can do this via Add/Remove Programs, or Programs and Features in the Control Panel.
 

AV: ESET NOD32 Antivirus 7.0
AV: Norton AntiVirus Online


===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
URLSearchHook: HKCU - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - No File
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
SearchScopes: HKCU - {FCE6E967-F6AC-4971-AA00-CAF6796EB9D8} URL = 
Toolbar: HKLM-x32 - CenturyLink - {A317CB83-299C-4FC8-9ED7-2D64117D98EE} -  No File
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
C:\Users\John\AppData\Roaming\CamLayout.ini
C:\Users\John\AppData\Roaming\CamShapes.ini
C:\Users\John\AppData\Roaming\CamStudio.Producer.Data.ini
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
C:\Users\John\AppData\Local\Temp\htmlayout.dll
C:\Users\John\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe
C:\Users\John\AppData\Local\Temp\InstHelper.exe
C:\Users\John\AppData\Local\Temp\Quarantine.exe
C:\Users\John\AppData\Local\Temp\Update.exe
Task: {31204FDF-A063-4ADC-A055-2B8F2F8BE069} - System32\Tasks\PileFile reminder => C:\Users\John\AppData\Local\Temp\Max Uninstaller Inc license keyDownload_90BC\Max_Uninstaller_Inc_license_key_Downloader.exe <==== ATTENTION
C:\Users\John\AppData\Local\Temp\Max Uninstaller Inc license keyDownload_90BC\Max_Uninstaller_Inc_license_key_Downloader.exe
Task: {6FEFCD8A-7C2B-470F-9C6C-C6278BE0F0AA} - System32\Tasks\PileFile logon => C:\Users\John\AppData\Local\Temp\Max Uninstaller Inc license keyDownload_90BC\Max_Uninstaller_Inc_license_key_Downloader.exe <==== ATTENTION
Task: {EEDD78DA-243F-4531-BA5F-C36DEEE55CF4} - \BrowserProtect No Task File
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Uninstalling Programs Using Revo Uninstaller Free

--------------------

Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows. Since it is a more powerful tool, please be sure to follow the instructions carefully.

Please note there is a chance when you look for this program to uninstall through Revo it might not be listed because of a previous uninstall. If that is the case simply stop and let me know.
  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on the listed program(s), or anything similar, to remove it (if it exists)
MyCenturyLink Toolbar
OSHI Defender
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next.
  • Check the items in bold only on the list then click Delete. You may have to expand some folders by clicking the "+" mark.
  • When prompted click on Yes and then on Next.
  • Click on Select all then click Delete
  • When prompted select Yes then Next
  • Once done click Finish.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Did the programs uninstall properly?
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 ngefanboy

ngefanboy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:az sun lakes 85248
  • Local time:11:36 AM

Posted 27 February 2014 - 05:39 PM

did not find them under revouninstaler here is the log of fix form the frost progame

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-02-2014 02
Ran by John at 2014-02-27 15:35:39 Run:1
Running from C:\Users\John\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
URLSearchHook: HKCU - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - No File
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
SearchScopes: HKCU - {FCE6E967-F6AC-4971-AA00-CAF6796EB9D8} URL = 
Toolbar: HKLM-x32 - CenturyLink - {A317CB83-299C-4FC8-9ED7-2D64117D98EE} -  No File
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
C:\Users\John\AppData\Roaming\CamLayout.ini
C:\Users\John\AppData\Roaming\CamShapes.ini
C:\Users\John\AppData\Roaming\CamStudio.Producer.Data.ini
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
C:\Users\John\AppData\Local\Temp\htmlayout.dll
C:\Users\John\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe
C:\Users\John\AppData\Local\Temp\InstHelper.exe
C:\Users\John\AppData\Local\Temp\Quarantine.exe
C:\Users\John\AppData\Local\Temp\Update.exe
Task: {31204FDF-A063-4ADC-A055-2B8F2F8BE069} - System32\Tasks\PileFile reminder => C:\Users\John\AppData\Local\Temp\Max Uninstaller Inc license keyDownload_90BC\Max_Uninstaller_Inc_license_key_Downloader.exe <==== ATTENTION
C:\Users\John\AppData\Local\Temp\Max Uninstaller Inc license keyDownload_90BC\Max_Uninstaller_Inc_license_key_Downloader.exe
Task: {6FEFCD8A-7C2B-470F-9C6C-C6278BE0F0AA} - System32\Tasks\PileFile logon => C:\Users\John\AppData\Local\Temp\Max Uninstaller Inc license keyDownload_90BC\Max_Uninstaller_Inc_license_key_Downloader.exe <==== ATTENTION
Task: {EEDD78DA-243F-4531-BA5F-C36DEEE55CF4} - \BrowserProtect No Task File
*****************
 
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} => Key deleted successfully.
HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FCE6E967-F6AC-4971-AA00-CAF6796EB9D8} => Key deleted successfully.
HKCR\CLSID\{FCE6E967-F6AC-4971-AA00-CAF6796EB9D8} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{A317CB83-299C-4FC8-9ED7-2D64117D98EE} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{A317CB83-299C-4FC8-9ED7-2D64117D98EE} => Key deleted successfully.
HKCR\PROTOCOLS\Handler\cdo => Key deleted successfully.
HKCR\CLSID\{CD00020A-8B95-11D1-82DB-00C04FB1625D} => Key not found.
C:\Users\John\AppData\Roaming\CamLayout.ini => Moved successfully.
C:\Users\John\AppData\Roaming\CamShapes.ini => Moved successfully.
C:\Users\John\AppData\Roaming\CamStudio.Producer.Data.ini => Moved successfully.
C:\ProgramData\PKP_DLes.DAT => Moved successfully.
C:\ProgramData\PKP_DLet.DAT => Moved successfully.
C:\ProgramData\PKP_DLev.DAT => Moved successfully.
C:\Users\John\AppData\Local\Temp\htmlayout.dll => Moved successfully.
C:\Users\John\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe => Moved successfully.
C:\Users\John\AppData\Local\Temp\InstHelper.exe => Moved successfully.
"C:\Users\John\AppData\Local\Temp\Quarantine.exe" => File/Directory not found.
C:\Users\John\AppData\Local\Temp\Update.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31204FDF-A063-4ADC-A055-2B8F2F8BE069} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31204FDF-A063-4ADC-A055-2B8F2F8BE069} => Key deleted successfully.
C:\Windows\System32\Tasks\PileFile reminder => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PileFile reminder => Key deleted successfully.
"C:\Users\John\AppData\Local\Temp\Max Uninstaller Inc license keyDownload_90BC\Max_Uninstaller_Inc_license_key_Downloader.exe" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6FEFCD8A-7C2B-470F-9C6C-C6278BE0F0AA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FEFCD8A-7C2B-470F-9C6C-C6278BE0F0AA} => Key deleted successfully.
C:\Windows\System32\Tasks\PileFile logon => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PileFile logon => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EEDD78DA-243F-4531-BA5F-C36DEEE55CF4} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEDD78DA-243F-4531-BA5F-C36DEEE55CF4} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserProtect => Key deleted successfully.
 
==== End of Fixlog ====
again revo did not find it what are some soulltions to geting rid of them.bye


#6 ngefanboy

ngefanboy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:az sun lakes 85248
  • Local time:11:36 AM

Posted 27 February 2014 - 09:35 PM

hi i got rid of the toolbar and oshi but good old stuppied trust deffnder is still on here how do i get rid of it.bye



#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,973 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:36 AM

Posted 27 February 2014 - 09:59 PM

I am not seeing any evidence of Trust Defender on your computer. Can you tell me what you are seeing?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,973 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:36 AM

Posted 01 March 2014 - 11:29 AM

Greetings,

A couple of things. First, can you tell me what evidence you are seeing that Trust Defender is on your computer?

Secondly, because you have requested assistance in removing Oshi Defender from your computer I want to clarify that this program is not malware but is a legitimate program.   You have not referred to it as malware, and correctly so, but others may incorrectly conclude  that the reference to, and removal of this program from your computer means it is malware.  It is only being removed because it is your preference to do so, not because there is any concern Oshi Defender.
 
Please let me know where you are detecting Trust Defender so that we may deal with it.

Edited by Oh My, 01 March 2014 - 11:40 AM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,973 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:36 AM

Posted 05 March 2014 - 09:33 AM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.

  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,973 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:36 AM

Posted 07 March 2014 - 08:42 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users