[JohnnyBoyxxx]

Hi, After reading all the posts relating to the removal of Stormfall and a clean PC you guys seem to be the guys that I need. I'm about to do a format and re-install to my PC but I'm hoping you might be able to save me that headache.

 

I've downloaded 'OTL by Old timer' and have attached the 'Extra.txt'  Extras.Txt   85.92KB   184 downloadsand 'OTL.txt'  OTL.Txt   126.31KB   135 downloads logs.

 

I would really appreciate any help in sorting this out as my pc has become virtually unusable.

 

Regards

John

[Advertisements]

Hi there JonnyBoyxxx, Welcome back to the forums!
. My name is Biscuithd and I will be assisting you with your Computer issues.

I know how upsetting it can be when one's computer is experiencing problems. I will try to help get things squared away. For a start please make sure that you...

• Carefully read every post completely before doing anything.
• If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
• Do not run any other scans or other software on your computer unless asked as it may make this repair more difficult.

Hold off a little while on the reinstall and let's see what we can do.

 

I see you've "attached" your scans as files. Could you please post them instead (i.e. cut and past them into a reply). Attachments have the potential of being problematic. Thank you!

[Biscuithd]

Hi there JonnyBoyxxx, Welcome back to the forums!
. My name is Biscuithd and I will be assisting you with your Computer issues.

I know how upsetting it can be when one's computer is experiencing problems. I will try to help get things squared away. For a start please make sure that you...

• Carefully read every post completely before doing anything.
• If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
• Do not run any other scans or other software on your computer unless asked as it may make this repair more difficult.

Hold off a little while on the reinstall and let's see what we can do.

 

I see you've "attached" your scans as files. Could you please post them instead (i.e. cut and past them into a reply). Attachments have the potential of being problematic. Thank you!

[JohnnyBoyxxx]

Hi Biscuithd,

 

Thanks for the speedy response

 

here is the extras.txt file

 

OTL Extras logfile created on: 09/06/2014 14:28:23 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = E:\_Software
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
13.87 Gb Total Physical Memory | 10.57 Gb Available Physical Memory | 76.26% Memory free
17.77 Gb Paging File | 14.32 Gb Available in Paging File | 80.60% Paging File free
Paging file location(s): c:\pagefile.sys 4000 4800 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 386.63 Gb Total Space | 262.07 Gb Free Space | 67.78% Space Free | Partition Type: NTFS
Drive D: | 146.49 Gb Total Space | 74.75 Gb Free Space | 51.03% Space Free | Partition Type: NTFS
Drive E: | 842.61 Gb Total Space | 99.44 Gb Free Space | 11.80% Space Free | Partition Type: NTFS
Drive F: | 21.43 Gb Total Space | 2.66 Gb Free Space | 12.39% Space Free | Partition Type: NTFS
Drive H: | 298.09 Gb Total Space | 98.49 Gb Free Space | 33.04% Space Free | Partition Type: NTFS
 
Computer Name: JOHNNYS-PC | User Name: Johnnys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03779A6A-906F-416F-A14A-70ACA5A4A82B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0E360E8B-78BC-4704-988F-03C2B79201AC}" = lport=445 | protocol=6 | dir=in | app=system |
"{0EFE18C3-E81A-4131-A348-AA65E6020190}" = rport=137 | protocol=17 | dir=out | app=system |
"{1647D70B-6C1D-461C-81FF-3BA5E48927EA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2F79D53C-B19D-4C19-9F89-379B3C0A8C8C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3DFCA9F9-A25C-487A-ACDE-14A397319708}" = rport=139 | protocol=6 | dir=out | app=system |
"{4B01DC05-20D8-4681-A29F-5439D69EE7EE}" = lport=139 | protocol=6 | dir=in | app=system |
"{4F7293E9-FE4A-48CC-A781-ACDF7CC4B094}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{501258D4-A12B-4328-8A3B-E4D481B8D680}" = lport=12120 | protocol=17 | dir=in | name=bitcomet 12120 udp |
"{5B44E267-FBBD-456F-A00C-E1797840151F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6715B9BB-C4D0-4FF9-BB3C-33E754C68CD3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6812DF5A-D156-4582-830F-A09BCE288F20}" = lport=10243 | protocol=6 | dir=in | app=system |
"{722CFB96-F10D-4B9D-AABC-69ECB6990254}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{83B32A27-0F87-421C-9E7C-58C77FFD0F0E}" = lport=12120 | protocol=6 | dir=in | name=bitcomet 12120 tcp |
"{8B9F0960-1D27-471C-9BB8-C5CDB3CDEF40}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{90647520-5FEF-4AC1-B646-8CCDC017E9D7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{997F35EC-994E-43FE-9141-7CA719AABFC1}" = lport=12120 | protocol=17 | dir=in | name=bitcomet 12120 udp |
"{9C59CB33-443F-45B5-AE0C-92841F2A5533}" = lport=12120 | protocol=6 | dir=in | name=bitcomet 12120 tcp |
"{AB89B4EE-C150-4E7F-A5EF-E9B328C33F2E}" = rport=138 | protocol=17 | dir=out | app=system |
"{B326F3DD-3DD1-45AC-9AC9-99C761237809}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B8FBE36B-CC8F-4B1A-8FCE-ED7BFCB46BB0}" = lport=138 | protocol=17 | dir=in | app=system |
"{BB839967-3D17-4A55-B11A-18DC665D11D1}" = lport=137 | protocol=17 | dir=in | app=system |
"{CCF16AA3-DCEB-4534-BEF2-6445AEF0E939}" = rport=445 | protocol=6 | dir=out | app=system |
"{EC4401BB-11F3-4448-8EF3-959C565E5FE9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ED9C8309-DD93-4CF6-AF9A-A8153A23621F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FD8009AB-D36E-492A-9D87-F5537D52F46E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{030A4C94-66D6-4985-9DC2-74E5CBDE9630}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{04EA04BA-8D88-42CC-8CA7-C227B82F2ABC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{14414535-6186-4E00-AD3C-5AD0097F975D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{15817A83-26A8-4945-8D08-476DC915F9B1}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{19BFF290-A0FF-443B-B63B-58C9CB265A9D}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{1DD2DA82-FC2D-4235-B147-EE44A20EA143}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{1DFFEE89-635F-4A04-B0F9-DF3594149089}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2069D5D0-E33E-48D1-A573-0BD60C2921C7}" = protocol=6 | dir=out | app=system |
"{37F2DC45-91C0-4FDE-8209-CB5571C383E8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{40C7F6B8-A9E6-427A-A3CE-6DA31F1F50FE}" = protocol=1 | dir=in | [email protected],-28543 |
"{5128E02A-6C66-420F-8D8A-8CF9924E9F3E}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64.exe |
"{5201ADCF-3886-4997-9AB4-5A30B6B7BA0B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{5226682F-650B-4C42-B5AE-67BD72B8EADA}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{53C73FB9-452F-4E2F-B95E-30BD93A7F3A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5400B77C-2853-4D8D-8B18-BBBE5CC78BD2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{57D4BDF6-F457-4C6D-BF15-714A949B40A2}" = protocol=17 | dir=in | app=c:\users\johnnys\appdata\roaming\dropbox\bin\dropbox.exe |
"{5B1517D5-EECE-4BF2-92E1-33A432F4363C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{5F608440-EA45-4719-904D-DE9658C94220}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{630515CB-DB51-4ED2-AED1-F47C76769C33}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64server.exe |
"{6DDFFD24-4155-40A4-8F90-A4AD4ED69AF4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{86AD0127-3A74-4977-8790-BCEF4D4AD079}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{93F07BCF-019F-40E6-BD0A-9E38612E2280}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{95729E90-D978-4ACC-AE39-EBE93AAD44FC}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{9823371E-B043-4E81-8406-ECB721CFDB77}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9C7EBF80-F1ED-454D-8918-E586225E417E}" = protocol=58 | dir=out | [email protected],-28546 |
"{9C8BD4DA-E941-44DC-8D46-002AC616E2F7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{9F21A73A-7A30-4952-AF7E-B0DFBA0C93D4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{A8872D4D-D0CF-436D-A93C-D92035108D0A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{B4A58E7E-44F3-4C21-AE36-E716407C0DFC}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe |
"{B735B436-0C04-4E3B-9E44-E8B39B84A25D}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64.exe |
"{BB4C3E3D-836E-43D7-B90C-220EFFA2EDE2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C125129C-864F-47A6-BD47-D0E78B8060B1}" = protocol=6 | dir=in | app=c:\users\johnnys\appdata\roaming\dropbox\bin\dropbox.exe |
"{C2F6C95A-38BD-4F42-9D45-62DE29C76FF7}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{C4E80E89-29ED-4F9A-9C1C-04694A6973DF}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{CC90100D-0A5C-4A5E-A68E-EFEF411E6CAA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D26EDAA9-F298-451A-906A-EE435C174D9A}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64server.exe |
"{D40E5A14-A888-4E52-AB24-07E5DCAE7E5A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D5453538-B3E7-4969-BCA6-233CA579C3A7}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{D6D31AF7-AF3C-4055-8698-E7E8CAC39BFE}" = protocol=1 | dir=out | [email protected],-28544 |
"{E009E6B1-CB48-4A24-BB78-97497660DCEF}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{E3EF5970-E752-4568-90D0-7F106236B2F4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EA9C5A00-9E8A-47F6-B118-4DC18586F04E}" = protocol=58 | dir=in | [email protected],-28545 |
"{EE08FF3A-284E-41C4-B9E1-CDD44C0A1CBC}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\devicesetup.exe |
"{F9FA7EDD-7BFB-4394-A1AD-8A23AAA7FE85}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FEC61DA2-6D6D-40EC-A179-0AE537B73671}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"TCP Query User{0A0EFAE8-24C4-47CF-BA91-6B4689200AE7}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{479CAEE1-75EC-497F-9525-4756BC404FA3}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{DEB778E0-5CA0-4286-8CE7-801B9806F98B}C:\program files\winautomation\winautomation.console.exe" = protocol=6 | dir=in | app=c:\program files\winautomation\winautomation.console.exe |
"UDP Query User{67966DD3-E432-4F88-A8A0-D0E3A6C68695}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{82BB6673-80B9-49D7-A143-56B4FF5A4EDA}C:\program files\winautomation\winautomation.console.exe" = protocol=17 | dir=in | app=c:\program files\winautomation\winautomation.console.exe |
"UDP Query User{9E0D8F52-5392-43CE-9B79-0ABCA207E452}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}" = Corel Graphics - Windows Shell Extension
"_{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 (64-Bit)
"{0A138DBB-9E24-472D-B6EE-46594F17662A}" = Chief Architect Premier X6 (64 bit)
"{0CEA94E0-E6F4-4F2D-AA98-D0EFD6833754}" = Corel Graphics - Windows Shell Extension 32 Bit
"{10762393-1B90-4AC2-AF1A-4C0C04AE303F}" = CorelDRAW Graphics Suite X6 - VBA (x64)
"{1967EF95-E00B-4669-8B1C-A589BE8BF24F}" = CorelDRAW Graphics Suite X6 - Capture (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E3A578C-0A7D-4820-990F-B7545C0B2303}" = CorelDRAW Graphics Suite X6 - VSTA (x64)
"{27AE72A4-B217-4CDC-B82B-3311E9D7460E}" = CorelDRAW Graphics Suite X6 - Draw (x64)
"{2C72B5E4-AA34-4F1A-8C7E-468530F9F6A3}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64)
"{3008095C-B516-4A5E-8B99-F0E113C21C72}" = Share64
"{35869A6C-BA31-4F23-B52D-BC1B1E41EC1B}" = CorelDRAW Graphics Suite X6 - Common (x64)
"{3933C06C-8239-432B-87FC-F2BDC5B49A10}" = CorelDRAW Graphics Suite X6 - FontNav (x64)
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Bluetooth by hp
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{6099F026-0A98-4D40-9B3D-ED2123A8CBD0}" = CorelDRAW Graphics Suite X6 - Redist (x64)
"{67F5E390-8E09-4AE4-B7F2-705AFD23D86D}" = WinAutomation
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7386B5FA-8715-481D-821F-7785110506DF}" = CorelDRAW Graphics Suite X6 - Custom Data (x64)
"{73AC89D8-5AFD-72F4-5266-03327E392C85}" = ATI Catalyst Install Manager
"{7B79AE44-9B76-4815-84E5-ACAC3F0F0278}" = CorelDRAW Graphics Suite X6 - VideoBrowser (x64)
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{890F3E26-DE75-5B98-A5C8-1E9FFEB019C0}" = ccc-utility64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{901163FA-4EB5-400B-B8A0-C7CD9CBBDF0A}" = Corel PDF Fusion - Creator
"{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{96AAAB95-AEBE-437A-B7CA-37C7BE13FFE9}" = CorelDRAW Graphics Suite X6 - Connect (x64)
"{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}" = Corel Graphics - Windows Shell Extension
"{B6DF7031-2843-44FD-9CAB-DECAB4257456}" = CorelDRAW Graphics Suite X6 - IPM
"{BB65D262-3EBC-4F10-89D9-67A320E94EAA}" = CorelDRAW Graphics Suite X6 - EN (x64)
"{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 - Setup Files (x64)
"{C51B24BD-9CF9-4170-8DB2-457002F68A65}" = HP Officejet Pro 8600 Basic Device Software
"{CCE7423E-1D84-4CD3-9E32-220EC9358D97}" = CorelDRAW Graphics Suite X6 (x64)
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D7C2687D-924E-4485-B367-C7D95CBF8DDD}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64)
"{DDE82E3D-20C4-48E1-AE1D-B1F10E42CA44}" = CorelDRAW Graphics Suite X6 - Writing Tools (x64)
"{E699230D-4B5E-411E-9F45-FF50789B18DD}" = CorelDRAW Graphics Suite X6 - Filters (x64)
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"Pen Tablet Driver" = Wacom
"Revo Uninstaller Pro Retail zoo_is1" = Revo Uninstaller Pro 2.5.0
"VLC media player" = VLC media player 2.0.4
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit
"WinRAR archiver" = WinRAR 5.00 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{5D62567F-38BA-4713-B87E-CF06C465E33B}" = Corel PDF Fusion
"_{6688A246-F6E8-48AD-9806-8D5832E9F15D}" = Corel VideoStudio Pro X6
"{00E094E1-A852-11E2-803D-ACEA632352B4}" = Adobe Dreamweaver CC
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0A3925EA-5B0E-401B-A189-7419149747B2}" = Adobe AIR
"{0c8ebb00-4909-459c-8347-b2068b7f0319}" = CyberLink DVD Menu Template Pack
"{0ECDBD19-77D1-384F-CD6E-7672F95D361C}" = CCC Help Hungarian
"{0FDDF728-4AF1-CBD7-D224-3A2302CF67D9}" = CCC Help Thai
"{18838AA2-630C-D60C-69D3-439675182D88}" = CCC Help Danish
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1904DC6B-5328-4F40-905A-F891282DDB1A}" = AbleBits.com Quick Tools for Microsoft Excel
"{1AF6DE5C-A099-F4E7-E4A8-30F0BCBDEB9F}" = CCC Help Korean
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{210C2176-1592-116A-59E1-E5374153AC65}" = Catalyst Control Center Localization All
"{2643302E-A5F8-43AB-7B2A-BE914E33DB30}" = CCC Help Swedish
"{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 55
"{28E208E7-7F57-A234-EBF4-E00073A8671A}" = Catalyst Control Center Graphics Previews Vista
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"{32DCD88C-B588-6AB3-1A71-1C04260A045D}" = CCC Help Chinese Traditional
"{3AFEB1DB-B863-D276-DA0B-986DCC8434CE}" = CCC Help Dutch
"{3D4C2961-3353-4C56-B0B8-82AC1923695F}" = Catalyst Control Center - Branding
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{41FAC99E-6B14-FED6-9C9E-CBAA1B0B5617}" = CCC Help German
"{4402A2EC-B3FB-A60F-EB77-A2586DA9A750}" = Catalyst Control Center InstallProxy
"{496C10BC-57C1-CEBD-FB57-5E9A386EC7A4}" = Catalyst Control Center Graphics Previews Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5226E0B0-0758-20D8-8921-E7282E399E3E}" = CCC Help Finnish
"{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1" = Adobe Update Management Tool
"{5937E9CB-144B-F3A6-9C8D-BDCE9DC13E2F}" = CCC Help Turkish
"{5C056D49-6860-2AFE-F7C7-AB5E86F9A4E2}" = CCC Help Polish
"{5D62567F-38BA-4713-B87E-CF06C465E33B}" = Corel PDF Fusion - ICA
"{63CA2CAD-6DAC-8996-9B83-DEFABFC6C779}" = CCC Help Portuguese
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6688A246-F6E8-48AD-9806-8D5832E9F15D}" = ICA
"{6C6EEA9F-3998-4E0D-B91F-43CB218C715C}" = Setup
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{83132F72-95D7-D5D1-DCB3-F0EAF18587BF}" = CCC Help Italian
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8568E269-4A3E-5293-FF38-964B00EA06F5}" = CCC Help Chinese Standard
"{89D3F485-DD44-4E1E-873E-38A2D349F218}" = Corel PDF Fusion - Program
"{8AD836B4-9D8B-1088-1F78-F48A637A0812}" = HydraVision
"{8DEB3719-625F-4BA2-CF9D-2FAEF59E91F3}" = ccc-core-static
"{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}" = CyberLink MediaShow 6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F9C5C18-9665-41EC-A660-5A3BA213CA1D}" = Licensing Service (03000201)
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4BBE5C6-3B8F-4B28-B12C-034759F7EB50}" = AbleBits.com Merge Tables Wizard for Microsoft Excel
"{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}" = SketchUp 2014
"{A969E6A5-5288-15F5-82AA-BB80929D8C6E}" = CCC Help Czech
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{ACE22377-0458-DC41-EC25-4D63024D06E8}" = Market Samurai
"{AD7DA145-3118-4D69-BE89-D3ED1510BD15}" = Share
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"{AE0B3F2A-EB65-4D01-A3E1-6D879C6AAF2A}_is1" = Winrar Activator version 1.2
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B882B2FC-D21E-4BCA-A173-4855757DE84A}" = Autodesk SketchBook Pro 6.2.4
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{BEBD8B5B-2EC8-6489-1585-47B78EA6832A}" = Bamboo Dock
"{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" = Google Talk Plugin
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6AD2D97-4BBE-48B2-8355-2D706CB9E8DF}" = Corel PDF Fusion - Setup
"{C9B8D279-4FC8-D989-3B58-B6922714C6FC}" = CCC Help English
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCC10E8E-7FD1-4D55-87C2-D0A5ABC0A62B}" = IPM_VS_Pro
"{CCE2DCFE-4A89-4BC0-B3EF-6A3F8E30A2D6}" = CyberLink OEM Share Pack 2
"{CE68AD19-0F42-26A1-DFD9-0C826D3CD73C}" = CCC Help Greek
"{D0096E50-D99E-4178-A988-E5192B6F6B91}" = VSClassic
"{D2437C5C-2D8C-40D2-8059-689AD7239FA3}" = Intel® C++ Redistributables for Windows* on Intel® 64
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D88D7ECD-F173-4A97-96F9-2B05C5DC90DC}" = VSPro
"{D9DD0D4F-6E5A-484D-AD8C-FD3BAF5D4450}" = VSHelp
"{DD3A9BA2-D11E-49A7-EA1B-217A884A02E6}" = CCC Help Norwegian
"{DE98B3FC-AC6C-079E-3475-554D5BC4772C}" = CCC Help Japanese
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E3073830-0B22-29D1-E508-415BDDC3939F}" = CCC Help French
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{EB2E3A3C-FEB2-0C09-AF98-6BC0E64FB2AE}" = CCC Help Russian
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE0B1766-153A-4251-A192-F8FD3D941711}" = Contents
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}" = XML Notepad 2007
"{FE861253-5E61-B021-4864-51D2602EBC06}" = CCC Help Spanish
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Advanced Batch Converter" = Advanced Batch Converter
"AI RoboForm" = RoboForm 7-8-8-5 (All Users)
"aigneswebsitewatcher_is1" = WebSite-Watcher 2013 (13.1)
"Avast" = avast! Internet Security
"AVerMedia MiniCard Hybrid TV Tuner" = AVerMedia MiniCard Hybrid TV Tuner 1.1.64.56
"Bamboo Dock" = Bamboo Dock
"BitComet_x64" = BitComet 1.37 64-bit
"CCleaner" = CCleaner (remove only)
"DAEMON Tools Pro" = DAEMON Tools Pro
"ESET Online Scanner" = ESET Online Scanner v3
"FLV to AVI MPEG WMV 3GP MP4 iPod Converter" = FLV to AVI MPEG WMV 3GP MP4 iPod Converter
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"Internet Download Manager" = Internet Download Manager
"Kristanix Right Click Image Converter" = Right Click Image Converter
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1" = Market Samurai
"Notepad++" = Notepad++
"PokerStars" = PokerStars
"SkypeMate" = SkypeMate
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"WinAutomation" = WinAutomation
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"winscp3_is1" = WinSCP 5.5.3
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-239446909-1222475982-65556035-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"FileZilla Client" = FileZilla Client 3.8.1
"MyFreeCodec" = MyFreeCodec
"StormFall" = StormFall
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 08/06/2014 10:16:50 | Computer Name = Johnnys-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Adobe
 Dreamweaver CC\Dreamweaver.exe".Error in manifest or policy file "" on line .  A
component version required by the application conflicts with another component version
 already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 08/06/2014 10:21:46 | Computer Name = Johnnys-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Adobe
 Dreamweaver CC\Dreamweaver.exe".Error in manifest or policy file "" on line .  A
component version required by the application conflicts with another component version
 already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 08/06/2014 10:21:46 | Computer Name = Johnnys-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Adobe
 Dreamweaver CC\Dreamweaver.exe".Error in manifest or policy file "" on line .  A
component version required by the application conflicts with another component version
 already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 08/06/2014 10:30:18 | Computer Name = Johnnys-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Adobe
 Dreamweaver CC\Dreamweaver.exe".Error in manifest or policy file "" on line .  A
component version required by the application conflicts with another component version
 already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 08/06/2014 10:30:18 | Computer Name = Johnnys-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Adobe
 Dreamweaver CC\Dreamweaver.exe".Error in manifest or policy file "" on line .  A
component version required by the application conflicts with another component version
 already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 08/06/2014 19:30:02 | Computer Name = Johnnys-PC | Source = SideBySide | ID = 16842761
Description = Activation context generation failed for "C:\Users\Johnnys\AppData\Roaming\Add-in
 Express\Merge Tables Wizard for Microsoft Excel\adxloader.dll.Manifest".Error in
 manifest or policy file "C:\Users\Johnnys\AppData\Roaming\Add-in Express\Merge
Tables Wizard for Microsoft Excel\adxloader.dll.Manifest" on line 2.  The manifest
 file root element must be assembly.
 
Error - 08/06/2014 19:30:02 | Computer Name = Johnnys-PC | Source = SideBySide | ID = 16842761
Description = Activation context generation failed for "C:\Users\Johnnys\AppData\Roaming\Add-in
 Express\Quick Tools for Microsoft Excel\adxloader.dll.Manifest".Error in manifest
 or policy file "C:\Users\Johnnys\AppData\Roaming\Add-in Express\Quick Tools for
 Microsoft Excel\adxloader.dll.Manifest" on line 2.  The manifest file root element
 must be assembly.
 
Error - 09/06/2014 09:22:08 | Computer Name = Johnnys-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Adobe
 Dreamweaver CC\Dreamweaver.exe".Error in manifest or policy file "" on line .  A
component version required by the application conflicts with another component version
 already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 09/06/2014 09:22:08 | Computer Name = Johnnys-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Adobe
 Dreamweaver CC\Dreamweaver.exe".Error in manifest or policy file "" on line .  A
component version required by the application conflicts with another component version
 already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 09/06/2014 09:22:08 | Computer Name = Johnnys-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Adobe
 Dreamweaver CC\Dreamweaver.exe".Error in manifest or policy file "" on line .  A
component version required by the application conflicts with another component version
 already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 09/06/2014 09:22:09 | Computer Name = Johnnys-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Adobe
 Dreamweaver CC\Dreamweaver.exe".Error in manifest or policy file "" on line .  A
component version required by the application conflicts with another component version
 already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
[ System Events ]
Error - 08/06/2014 20:54:47 | Computer Name = Johnnys-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
 Protocol service which failed to start because of the following error:   %%-2140993535
 
Error - 08/06/2014 20:54:47 | Computer Name = Johnnys-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
 error:   %%-2140993535
 
Error - 08/06/2014 20:54:48 | Computer Name = Johnnys-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
 error:   %%-2140993535
 
Error - 08/06/2014 20:54:48 | Computer Name = Johnnys-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
 Protocol service which failed to start because of the following error:   %%-2140993535
 
Error - 08/06/2014 20:54:53 | Computer Name = Johnnys-PC | Source = PNRPSvc | ID = 102
Description =
 
Error - 08/06/2014 20:54:53 | Computer Name = Johnnys-PC | Source = PNRPSvc | ID = 102
Description =
 
Error - 08/06/2014 20:54:53 | Computer Name = Johnnys-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
 Protocol service which failed to start because of the following error:   %%-2140993535
 
Error - 08/06/2014 20:54:53 | Computer Name = Johnnys-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
 error:   %%-2140993535
 
Error - 08/06/2014 20:54:53 | Computer Name = Johnnys-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
 Protocol service which failed to start because of the following error:   %%-2140993535
 
Error - 08/06/2014 20:54:53 | Computer Name = Johnnys-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
 error:   %%-2140993535
 
 
< End of report >

 

and the OTL.txt is

 

OTL logfile created on: 09/06/2014 14:28:23 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = E:\_Software
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
13.87 Gb Total Physical Memory | 10.57 Gb Available Physical Memory | 76.26% Memory free
17.77 Gb Paging File | 14.32 Gb Available in Paging File | 80.60% Paging File free
Paging file location(s): c:\pagefile.sys 4000 4800 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 386.63 Gb Total Space | 262.07 Gb Free Space | 67.78% Space Free | Partition Type: NTFS
Drive D: | 146.49 Gb Total Space | 74.75 Gb Free Space | 51.03% Space Free | Partition Type: NTFS
Drive E: | 842.61 Gb Total Space | 99.44 Gb Free Space | 11.80% Space Free | Partition Type: NTFS
Drive F: | 21.43 Gb Total Space | 2.66 Gb Free Space | 12.39% Space Free | Partition Type: NTFS
Drive H: | 298.09 Gb Total Space | 98.49 Gb Free Space | 33.04% Space Free | Partition Type: NTFS
 
Computer Name: JOHNNYS-PC | User Name: Johnnys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/06/09 14:27:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\_Software\OTL.exe
PRC - [2014/06/06 17:17:55 | 003,890,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/04/28 17:17:47 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/04/28 17:17:40 | 000,109,048 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2014/03/28 22:44:52 | 003,519,936 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2014/03/25 11:41:23 | 000,109,784 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2013/04/04 15:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 15:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/01/07 17:42:26 | 043,565,056 | -H-- | M] (Softmotive Ltd) -- C:\Users\Johnnys\AppData\Roaming\Skype Inc\skypeupdater.exe
PRC - [2012/10/23 09:25:06 | 002,744,960 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2011/09/19 03:15:00 | 000,670,720 | ---- | M] (Yealink) -- C:\Program Files (x86)\SkypeMate\SkypeMate.exe
PRC - [2010/12/03 17:45:00 | 000,965,728 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2010/05/25 13:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/03/24 23:01:13 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/03/17 12:41:49 | 000,107,520 | ---- | M] () -- C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll
MOD - [2013/03/19 22:27:26 | 008,864,912 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
MOD - [2012/12/20 10:12:00 | 000,582,144 | ---- | M] () -- C:\Program Files (x86)\SkypeMate\SkypeMate.dll
MOD - [2010/12/03 17:45:00 | 000,150,624 | ---- | M] () -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\WPDDM.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/04/28 17:17:47 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/04/28 17:17:40 | 000,109,048 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2014/04/21 13:15:14 | 000,252,016 | ---- | M] (Softomotive) [Auto | Running] -- C:\Program Files\WinAutomation\WinAutomation.ServiceAgent.exe -- (WinAutomation Service)
SRV:64bit: - [2014/03/06 09:29:14 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/01/13 08:24:12 | 000,627,992 | ---- | M] (Wacom Technology, Corp.) [Disabled | Stopped] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2013/11/29 08:23:38 | 001,296,728 | ---- | M] (www.BitComet.com) [Disabled | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/04/24 21:38:30 | 000,318,464 | ---- | M] (IDT, Inc.) [Disabled | Stopped] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/11/24 05:23:54 | 000,204,288 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/11/30 14:27:58 | 000,336,824 | ---- | M] (arvato digital services llc) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:64bit: - [2010/07/21 14:46:28 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/03/02 19:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Disabled | Stopped] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2014/05/15 21:50:49 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/03/25 23:14:46 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/04/04 15:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 15:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/03/22 03:12:55 | 000,296,824 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2012/03/22 03:12:51 | 000,075,640 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2012/03/22 03:12:49 | 000,087,928 | ---- | M] (CyberLink Corp.) [Disabled | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2010/11/09 11:07:44 | 000,246,256 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerProducer\BDSDK\NavFilter\kmsvc.exe -- (CLKMSVC10_90970B6B)
SRV - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/05/15 10:42:00 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014/05/15 10:42:00 | 000,447,888 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswndisflt.sys -- (aswNdisFlt)
DRV:64bit: - [2014/05/15 10:42:00 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/05/15 10:42:00 | 000,085,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/04/28 17:17:51 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/04/28 17:17:51 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/04/28 17:17:51 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/04/28 17:17:51 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/04/28 17:17:51 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/04/28 17:17:42 | 000,028,184 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2014/04/11 09:39:22 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/04/11 09:39:22 | 000,110,336 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2014/03/24 19:18:26 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014/03/24 17:49:22 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2013/11/11 16:16:02 | 000,090,424 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2013/11/11 16:16:02 | 000,015,160 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2013/11/11 16:16:02 | 000,014,136 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2013/04/04 15:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/02 01:23:14 | 000,158,944 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2012/04/24 21:38:30 | 000,536,576 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/26 22:37:42 | 000,090,608 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2011/11/24 08:45:52 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/11/24 04:44:58 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/04/21 19:17:04 | 000,471,144 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/11 05:01:20 | 001,212,416 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVerAVF2.sys -- (AVerAVF2)
DRV:64bit: - [2010/11/06 08:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/07/19 23:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/07/19 23:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/07/19 23:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/07/13 16:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/07/13 10:57:08 | 000,069,736 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:64bit: - [2010/03/02 00:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/01/22 12:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/01/22 12:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/12/30 12:21:24 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/09/17 20:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/02/16 21:46:34 | 000,146,928 | ---- | M] (CyberLink Corp.) [2014/03/24 20:59:58] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312})
DRV - [2011/10/27 07:18:45 | 000,082,928 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)
DRV - [2010/11/17 21:29:20 | 000,146,928 | ---- | M] (CyberLink Corp.) [2014/05/07 17:23:19] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://uk.yahoo.com...t&type=avastbcl
IE - HKLM\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = http://uk.yhs4.searc...&p={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-239446909-1222475982-65556035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://uk.yahoo.com...t&type=avastbcl
IE - HKU\S-1-5-21-239446909-1222475982-65556035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://uk.yhs4.searc...&p={searchTerms}
IE - HKU\S-1-5-21-239446909-1222475982-65556035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://uk.yahoo.com...t&type=avastbcl
IE - HKU\S-1-5-21-239446909-1222475982-65556035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-239446909-1222475982-65556035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 25 5A 15 C8 82 47 CF 01  [binary data]
IE - HKU\S-1-5-21-239446909-1222475982-65556035-1000\..\SearchScopes,DefaultScope = {A2745447-3262-452B-8679-C04C79D5FF7B}
IE - HKU\S-1-5-21-239446909-1222475982-65556035-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKU\S-1-5-21-239446909-1222475982-65556035-1000\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = http://uk.yhs4.searc...&p={searchTerms}
IE - HKU\S-1-5-21-239446909-1222475982-65556035-1000\..\SearchScopes\{A2745447-3262-452B-8679-C04C79D5FF7B}: "URL" = https://www.google.c...?q={searchTerms}
IE - HKU\S-1-5-21-239446909-1222475982-65556035-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Johnnys\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Johnnys\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Johnnys\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Johnnys\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
 
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Johnnys\AppData\Roaming\IDM\idmmzcc5 [2014/03/28 22:45:44 | 000,000,000 | ---D | M]
 
[2013/02/13 22:08:22 | 000,033,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.ie/
CHR - plugin: Error reading preferences file
CHR - Extension: SEOquake = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc\1.0.21_0\
CHR - Extension: Google Docs = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Google Drive = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: ColorZilla = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp\0.5.5_0\
CHR - Extension: Tab Resize - split screen layouts = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkpenclhmiealbebdopglffmfdiilejc\1.1.0_0\
CHR - Extension: YouTube = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Firebug Lite for Google Chromeâ„¢ = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\
CHR - Extension: Google Search = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.37_0\
CHR - Extension: Yesware Email Tracking = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjnkapjmjfpipfcccnjbjcbgdnahpjp\2.0.183_0\
CHR - Extension: avast! Online Security = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
CHR - Extension: Rapportive = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin\1.4.1_0\
CHR - Extension: Tab Split = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\imjbfeponcaggdpmoiadjbafihlojbco\1.0.0.0_0\
CHR - Extension: WhatFont = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm\2.0.2_0\
CHR - Extension: Color Picker = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcmgligingjhdnhdhgepemlckgcgmgaj\2.3_0\
CHR - Extension: Page Ruler = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn\2.0.7_0\
CHR - Extension: Window Resizer = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh\1.9.0.5_0\
CHR - Extension: Google Wallet = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: SEO for Chrome = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\oangcciaeihlfmhppegpdceadpfaoclj\0.9.5_0\
CHR - Extension: Adblock Pro = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\3.0_0\
CHR - Extension: Image Size Info = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\oihdhfbfoagfkpcncinlbhfdgpegcigf\1.7.7_0\
CHR - Extension: SEO Global For Google Searchâ„¢ = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojgmigafbpedhdilmemphfklkbghlphi\5.1_0\
CHR - Extension: One Window = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\papnlnnbddhckngcblfljaelgceffobn\3.0.0_0\
CHR - Extension: Gmail = C:\Users\Johnnys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014/05/26 01:42:21 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (no name) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - No CLSID value found.
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-239446909-1222475982-65556035-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKU\S-1-5-21-239446909-1222475982-65556035-1000\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-239446909-1222475982-65556035-1000\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [WinAutomation Agent] C:\Program Files\WinAutomation\WinAutomation.DIAgent.exe (Softomotive)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-239446909-1222475982-65556035-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-239446909-1222475982-65556035-1000..\Run: [Skype Inc] C:\Users\Johnnys\AppData\Roaming\Skype Inc\skypeupdater.exe (Softmotive Ltd)
O4 - Startup: C:\Users\Johnnys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SkypeMate.lnk = C:\Program Files (x86)\SkypeMate\SkypeMate.exe (Yealink)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-239446909-1222475982-65556035-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-239446909-1222475982-65556035-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-239446909-1222475982-65556035-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Add to WebSite-Watcher - C:\Users\Johnnys\AppData\Roaming\aignes\WebSite-Watcher\config\settings\wswie.htm ()
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Add to WebSite-Watcher - C:\Users\Johnnys\AppData\Roaming\aignes\WebSite-Watcher\config\settings\wswie.htm ()
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-239446909-1222475982-65556035-1000\..Trusted Domains: blank ([]about in Trusted sites)
O15 - HKU\S-1-5-21-239446909-1222475982-65556035-1000\..Trusted Domains: security_WinAutomation.Console.exe ([]about in Trusted sites)
O15 - HKU\S-1-5-21-239446909-1222475982-65556035-1000\..Trusted Domains: security_WinAutomation.MacroRecorder.exe ([]about in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CD33857-D8B8-48C2-9C82-76ECB2A89A34}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E19AF378-7E22-48A0-88BE-9F4C14B1FF0B}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/03/24 23:39:01 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009/02/23 02:47:28 | 000,000,000 | ---- | M] () - H:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/08 11:47:17 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\Documents\Optimizer Pro
[2014/06/08 11:46:45 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\AppData\Local\StormFall
[2014/06/08 11:46:09 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\Documents\PC Cleaner
[2014/06/08 11:46:07 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\AppData\Roaming\PC Cleaner
[2014/06/08 11:41:56 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\AppData\Roaming\Plarium
[2014/06/08 11:41:56 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plarium
[2014/06/08 11:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner
[2014/06/07 07:10:14 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\AppData\Roaming\Mozilla
[2014/06/04 09:06:18 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Right Click Image Converter
[2014/06/04 09:06:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Click Image Converter
[2014/06/04 09:06:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kristanix
[2014/06/04 08:58:28 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\AppData\Roaming\Softplicity
[2014/06/02 14:23:24 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\Desktop\Tor Browser
[2014/05/30 12:07:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAutomation
[2014/05/30 12:07:00 | 000,000,000 | ---D | C] -- C:\Program Files\WinAutomation
[2014/05/30 12:06:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A1CEB9CD-D46A-4295-BF5C-F5898D5A1B47}
[2014/05/30 08:51:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/05/29 17:08:08 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014/05/29 17:08:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014/05/29 17:08:06 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\AppData\Roaming\Notepad++
[2014/05/29 17:08:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2014/05/29 16:36:15 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\AppData\Roaming\.oit
[2014/05/29 12:16:57 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/05/28 13:49:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinSCP
[2014/05/26 01:45:19 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/05/25 21:02:27 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\Documents\Virtual Machines
[2014/05/25 19:30:37 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\AppData\Local\VMware
[2014/05/25 19:30:36 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\AppData\Roaming\VMware
[2014/05/25 19:16:32 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2014/05/23 14:12:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/05/21 20:52:55 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\AppData\Local\ElevatedDiagnostics
[2014/05/17 14:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Softomotive
[2014/05/17 14:42:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\~2
[2014/05/17 10:53:32 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/05/17 10:53:32 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/05/17 10:53:32 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/05/17 10:53:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/05/17 10:53:11 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/05/16 09:07:53 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/16 09:07:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/05/16 09:05:06 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/05/16 09:05:06 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/05/16 09:05:06 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/05/16 09:05:05 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/05/16 09:05:05 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/05/16 09:05:05 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/05/16 09:05:04 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/05/16 09:05:04 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/05/16 09:05:04 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/05/16 09:05:04 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/05/16 09:05:04 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/05/16 09:05:03 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/05/16 09:05:02 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/05/16 09:05:02 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/05/16 09:05:02 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/05/16 09:05:02 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/05/16 09:05:02 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/05/16 09:05:02 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/05/16 09:05:02 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/05/16 09:05:02 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/05/16 09:05:02 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/05/16 09:05:02 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/05/16 09:05:02 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/05/15 20:45:44 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\Documents\Corel VideoStudio Pro
[2014/05/15 20:44:51 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\AppData\Roaming\Ulead Systems
[2014/05/15 20:43:36 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate
[2014/05/15 20:42:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartSound Software
[2014/05/15 20:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc
[2014/05/15 20:42:03 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages
[2014/05/15 20:42:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
[2014/05/15 20:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\InterVideo
[2014/05/15 20:38:23 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio Pro X6
[2014/05/15 20:36:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Components
[2014/05/12 15:33:36 | 000,000,000 | ---D | C] -- C:\Users\Johnnys\AppData\Roaming\SketchUp
[2014/05/12 15:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2014
[2014/05/12 15:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SketchUp
[2014/05/12 15:13:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SketchUp
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Johnnys\Documents\*.tmp files -> C:\Users\Johnnys\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/09 14:14:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/09 14:08:15 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-239446909-1222475982-65556035-1000UA.job
[2014/06/09 05:08:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-239446909-1222475982-65556035-1000Core.job
[2014/06/08 15:02:59 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/08 15:02:59 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/08 14:54:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/04 23:18:45 | 001,637,312 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/04 23:18:45 | 000,704,450 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014/06/04 23:18:45 | 000,673,830 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/04 23:18:45 | 000,154,166 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014/06/04 23:18:45 | 000,131,254 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/04 09:06:18 | 000,002,178 | ---- | M] () -- C:\Users\Johnnys\Desktop\Right Click Image Converter.lnk
[2014/06/03 11:16:16 | 000,074,052 | ---- | M] () -- C:\Users\Johnnys\Documents\cc_20140603_111559.reg
[2014/05/29 17:08:08 | 000,001,053 | ---- | M] () -- C:\Users\Johnnys\Desktop\Notepad++.lnk
[2014/05/28 13:52:46 | 000,000,600 | ---- | M] () -- C:\Users\Johnnys\AppData\Roaming\winscp.rnd
[2014/05/28 13:49:01 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\WinSCP.lnk
[2014/05/26 01:42:21 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/05/25 19:49:50 | 000,001,024 | ---- | M] () -- C:\Windows\SysWow64\%TMP%
[2014/05/25 19:49:46 | 001,654,734 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/05/20 09:50:34 | 000,007,610 | ---- | M] () -- C:\Users\Johnnys\AppData\Local\Resmon.ResmonCfg
[2014/05/19 23:00:57 | 000,001,097 | ---- | M] () -- C:\Users\Johnnys\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2014/05/17 14:46:47 | 000,407,552 | ---- | M] () -- C:\Users\Johnnys\Documents\Driveway.msam
[2014/05/16 14:44:59 | 000,156,672 | ---- | M] () -- C:\Users\Johnnys\Documents\gravel grader.msam
[2014/05/16 14:36:01 | 000,295,592 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2014/05/16 08:47:36 | 000,586,984 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/05/15 21:50:49 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/05/15 21:50:49 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/15 20:38:23 | 000,001,045 | ---- | M] () -- C:\Users\Public\Desktop\Corel ScreenCap X6.lnk
[2014/05/15 20:38:23 | 000,001,038 | ---- | M] () -- C:\Users\Public\Desktop\Corel VideoStudio Pro X6.lnk
[2014/05/15 10:42:00 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2014/05/15 10:42:00 | 000,447,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswndisflt.sys
[2014/05/15 10:42:00 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/05/15 10:42:00 | 000,085,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/05/12 15:14:32 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\ALLFSAF14a.ocx
[2014/05/12 15:14:30 | 000,002,188 | ---- | M] () -- C:\Users\Public\Desktop\Style Builder 2014.lnk
[2014/05/12 15:14:29 | 000,002,102 | ---- | M] () -- C:\Users\Public\Desktop\LayOut 2014.lnk
[2014/05/12 15:14:27 | 000,002,017 | ---- | M] () -- C:\Users\Public\Desktop\SketchUp 2014.lnk
[2014/05/11 11:52:37 | 000,398,728 | ---- | M] () -- C:\Users\Johnnys\Documents\cc_20140511_115222.reg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Johnnys\Documents\*.tmp files -> C:\Users\Johnnys\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/06/04 09:06:18 | 000,002,178 | ---- | C] () -- C:\Users\Johnnys\Desktop\Right Click Image Converter.lnk
[2014/06/03 11:16:03 | 000,074,052 | ---- | C] () -- C:\Users\Johnnys\Documents\cc_20140603_111559.reg
[2014/05/29 17:08:08 | 000,001,053 | ---- | C] () -- C:\Users\Johnnys\Desktop\Notepad++.lnk
[2014/05/28 13:52:46 | 000,000,600 | ---- | C] () -- C:\Users\Johnnys\AppData\Roaming\winscp.rnd
[2014/05/28 13:49:01 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
[2014/05/28 13:49:01 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\WinSCP.lnk
[2014/05/25 19:49:50 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\%TMP%
[2014/05/20 09:50:34 | 000,007,610 | ---- | C] () -- C:\Users\Johnnys\AppData\Local\Resmon.ResmonCfg
[2014/05/19 23:00:57 | 000,001,097 | ---- | C] () -- C:\Users\Johnnys\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2014/05/17 10:53:32 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/05/17 10:53:32 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/05/17 10:53:32 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/05/17 10:53:32 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/05/17 10:53:32 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/05/16 14:45:21 | 000,407,552 | ---- | C] () -- C:\Users\Johnnys\Documents\Driveway.msam
[2014/05/15 21:50:50 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/15 20:38:23 | 000,001,045 | ---- | C] () -- C:\Users\Public\Desktop\Corel ScreenCap X6.lnk
[2014/05/15 20:38:23 | 000,001,038 | ---- | C] () -- C:\Users\Public\Desktop\Corel VideoStudio Pro X6.lnk
[2014/05/12 15:14:32 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\ALLFSAF14a.ocx
[2014/05/12 15:14:29 | 000,002,188 | ---- | C] () -- C:\Users\Public\Desktop\Style Builder 2014.lnk
[2014/05/12 15:14:29 | 000,002,102 | ---- | C] () -- C:\Users\Public\Desktop\LayOut 2014.lnk
[2014/05/12 15:14:27 | 000,002,017 | ---- | C] () -- C:\Users\Public\Desktop\SketchUp 2014.lnk
[2014/05/11 11:52:27 | 000,398,728 | ---- | C] () -- C:\Users\Johnnys\Documents\cc_20140511_115222.reg
[2014/05/10 17:18:04 | 000,156,672 | ---- | C] () -- C:\Users\Johnnys\Documents\gravel grader.msam
[2014/04/15 17:34:47 | 000,003,584 | ---- | C] () -- C:\Users\Johnnys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/03/31 15:07:07 | 000,295,592 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2014/03/27 10:47:51 | 000,000,203 | ---- | C] () -- C:\Windows\ABC_mru.ini
[2014/03/24 20:18:32 | 001,654,734 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/03/24 20:01:34 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2014/03/24 17:44:09 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014/01/23 18:31:12 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2014/01/23 18:31:08 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2014/01/23 18:31:08 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2014/01/23 18:31:08 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2014/01/23 18:31:08 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 03:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 03:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/06/02 21:55:13 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\.minecraft
[2014/05/30 09:11:44 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\.oit
[2014/03/24 21:03:20 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\Add-in Express
[2014/04/18 16:51:31 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\aignes
[2014/03/25 23:07:13 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\Autodesk
[2014/03/24 23:11:25 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\AVAST Software
[2014/06/08 15:29:05 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\BitComet
[2014/05/06 13:44:33 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\Chief Architect Inc
[2014/03/24 19:18:58 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\DAEMON Tools Pro
[2014/06/08 14:53:41 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\DMCache
[2014/03/24 23:14:04 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\Dropbox
[2014/03/24 23:14:03 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\DropboxMaster
[2014/03/27 10:40:35 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\EurekaLog
[2014/06/09 14:20:45 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\FileZilla
[2014/04/01 11:47:32 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\IDM
[2014/03/31 15:05:02 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\MarketSamurai
[2014/03/31 15:05:02 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2014/05/29 17:08:26 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\Notepad++
[2014/06/08 11:46:07 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\PC Cleaner
[2014/06/08 11:41:56 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\Plarium
[2014/04/14 21:20:27 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\Samsung
[2014/05/12 15:33:36 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\SketchUp
[2014/06/04 08:58:28 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\Softplicity
[2014/05/15 20:46:19 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\Ulead Systems
[2014/04/08 10:37:59 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\Wacom
[2014/04/08 10:37:26 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\wacomid-desktop-launcher
[2014/04/08 10:37:29 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2014/03/24 17:39:43 | 000,000,000 | ---D | M] -- C:\Users\Johnnys\AppData\Roaming\WinBatch
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720

< End of report >

 

[JohnnyBoyxxx]

Hi, after the initial superfast response I'm surprised to received no feedback since. I think it will be quicker for me to do a format and reinstall.

 

I don't wish to sound un grateful but my pc's in limbo waiting for your feedback. it's annoying because I know you could probably help me but frustration is getting the better of me I think.

 

Regards

John

[Biscuithd]

Hello John,

 

The type of help we offer here is not instantaneous. You were fortunate in that I had a break and could fit you in soon after you posted. Generally an individual needing help waits 2-3 days before initial contact. After that initial contact and assessment, there is quite a bit of back and forth as malware removal is a multi-step process.  To that end, we try to respond every 24 hours, but keep in mind that are all volunteers with families, careers, etc.

 

Just to give you some awareness of the Malware removal effort, the assessment of your OTL log is not an automated process. I go through the log line by line working up a fix. Quite labor intensive! And, that will be the same with each tool and log that we need to use.

 

If you wish to re-install, certainly that is your choice. For comparrison sake, your machine has some significant issues. Malware that I frequently see on machines used for Peer to Peer and TOR networking as your is. I envision multiple scans and the use of several tools. In other words, multiple interactions and multiple days of work, before your machine is cleaned. And, that's assuming that nothing unforseen pops up.

 

Let me know if you want to proceed with cleaning or if you decide to reinstall.

[Dakeyras]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.