[RESOLVED] Infected with Bochrome virus! - Page 3
Page 3 of 3 FirstFirst 123
Results 31 to 44 of 44

Thread: [RESOLVED] Infected with Bochrome virus!

  1. December 12th, 2015, 06:53 PM #31
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Take ownership of that folder: http://www.howtogeek.com/howto/windo...menu-in-vista/
    My Home Page
    Reply With Quote Reply With Quote
  2. December 13th, 2015, 09:33 AM #32
    DASHBOY
    DASHBOY is offline Virtual Med Student
    Join Date
    Jun 2003
    Location
    Scotland
    Posts
    91
    Hi downloaded and tried take ownership, but to no avail still not removing the folder, just the same result.
    Reply With Quote Reply With Quote
  3. December 13th, 2015, 06:29 PM #33
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Download, and install Unlocker: http://www.emptyloop.com/unlocker/
    Restart computer.
    It'll install under right click menu.

    Open Windows Explorer.
    Navigate to offending folder/file.

    Right click on a folder/file. Click Unlocker
    Select Delete from drop-down menu:



    Click OK.
    A folder/file will refuse to be deleted, but Unlocker will give you an option to delete on reboot:



    Click Yes.
    Restart computer.
    My Home Page
    Reply With Quote Reply With Quote
  4. December 15th, 2015, 10:06 AM #34
    DASHBOY
    DASHBOY is offline Virtual Med Student
    Join Date
    Jun 2003
    Location
    Scotland
    Posts
    91
    Hi, sorry did above rebooted computer and the folder is still there.
    Reply With Quote Reply With Quote
  5. December 15th, 2015, 08:38 PM #35
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    OK...

    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.


    • Double click to run it.
    • Make sure you checkmark Addition.txt box.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
    My Home Page
    Reply With Quote Reply With Quote
  6. December 17th, 2015, 02:36 PM #36
    DASHBOY
    DASHBOY is offline Virtual Med Student
    Join Date
    Jun 2003
    Location
    Scotland
    Posts
    91
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015
    Ran by Graeme (administrator) on GRAEME-PC (17-12-2015 17:43:32)
    Running from C:\Users\Graeme\Desktop
    Loaded Profiles: Graeme (Available Profiles: Graeme)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
    (Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
    (Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
    () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
    (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
    (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
    (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    (FNet Co., Ltd.) C:\Program Files (x86)\XFastUsb\XFastUsb.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
    (CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe
    (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
    (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
    HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-07-04] (cFos Software GmbH)
    HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
    HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
    HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
    HKLM\...\Run: [Cm108Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
    HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
    HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-05] (COMODO)
    HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-11-27] (Apple Inc.)
    HKLM-x32\...\Run: [XFastUsb] => C:\Program Files (x86)\XFastUsb\XFastUsb.exe [4942336 2012-12-11] (FNet Co., Ltd.)
    HKLM-x32\...\Run: [THX TruStudio NB Settings] => C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd)
    HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-11-27] (Apple Inc.)
    HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-27] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-4177724317-3960994671-2067847833-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2010-07-23] (Acresso Corporation)
    HKU\S-1-5-21-4177724317-3960994671-2067847833-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-11-22] (Piriform Ltd)
    HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
    HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
    HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-11-27]
    ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
    Startup: C:\Users\Graeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2015-11-21]
    ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
    Tcpip\..\Interfaces\{017A0DDE-A8C3-4376-B42B-5DDDD88AFC4A}: [DhcpNameServer] 194.168.4.100 194.168.8.100
    Tcpip\..\Interfaces\{701A80CF-1E6B-4529-BE11-E412315A4B2B}: [DhcpNameServer] 192.168.9.1 192.168.9.1

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-4177724317-3960994671-2067847833-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKU\S-1-5-21-4177724317-3960994671-2067847833-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
    SearchScopes: HKU\S-1-5-21-4177724317-3960994671-2067847833-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
    SearchScopes: HKU\S-1-5-21-4177724317-3960994671-2067847833-1000 -> {57C3C521-79F9-4717-8851-4E24769FF60F} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A4107735745&ie=UTF-8&q=&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4107735745&q={searchTerms}
    BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-19] (AVAST Software)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-27] (Oracle Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-19] (AVAST Software)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-27] (Oracle Corporation)
    BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-27] (Oracle Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-27] (Oracle Corporation)
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-19] (AVAST Software)
    Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-19] (AVAST Software)
    Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)

    FireFox:
    ========
    FF ProfilePath: C:\Users\Graeme\AppData\Roaming\Mozilla\Firefox\Profiles\9jr28qyr.default
    FF NewTab: www.google.com
    FF DefaultSearchEngine: Yahoo!
    FF SearchEngineOrder.1: Google
    FF SelectedSearchEngine: Yahoo!
    FF Homepage: hxxps://www.malwarebytes.org/restorebrowser/yhp-ff
    www.google.com
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
    FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-27] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-27] (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-12-13] (Microsoft Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
    FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.)
    FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-27] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-27] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-12-13] (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
    FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] ()
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-09] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-09] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-4177724317-3960994671-2067847833-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Graeme\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-11-14] (Citrix Online)

    Chrome:
    =======
    CHR HomePage: Default -> hxxps://www.google.com/
    CHR StartupUrls: Default -> "hxxp://www.google.com/"
    CHR Profile: C:\Users\Graeme\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Docs) - C:\Users\Graeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
    CHR Extension: (Google Drive) - C:\Users\Graeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
    CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Graeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-11-20]
    CHR Extension: (YouTube) - C:\Users\Graeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
    CHR Extension: (Google Search) - C:\Users\Graeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
    CHR Extension: (Google Docs Offline) - C:\Users\Graeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Graeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
    CHR Extension: (Gmail) - C:\Users\Graeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-11-27] (Apple Inc.)
    R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
    R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-07-04] (cFos Software GmbH)
    R2 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [1984696 2015-11-23] (Comodo)
    R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-03] (COMODO)
    S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-05] (COMODO)
    R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
    S3 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [36352 2012-11-19] () [File not signed]
    R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2015-11-27] (Secunia)
    R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2015-11-27] (Secunia)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 bsdriver; C:\Windows\system32\drivers\bsdriver.sys [34720 2015-11-21] ()
    R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21184 2015-11-18] (COMODO)
    R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [806032 2015-11-18] (COMODO)
    R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45856 2015-08-05] (COMODO)
    S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
    S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2013-01-14] (FNet Co., Ltd.)
    R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2012-12-11] (FNet Co., Ltd.)
    R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105096 2015-08-05] (COMODO)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
    R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2015-11-27] (Secunia)
    R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
    U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-12-15 13:53 - 2015-12-15 13:53 - 00000000 ____D C:\Users\Graeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
    2015-12-15 13:53 - 2015-12-15 13:53 - 00000000 ____D C:\Program Files\Unlocker
    2015-12-15 13:51 - 2015-12-15 13:51 - 00402911 _____ C:\Users\Graeme\Desktop\Unlocker1.9.2.exe
    2015-12-12 16:56 - 2015-12-12 16:57 - 00000000 ____D C:\AdwCleaner
    2015-12-12 16:56 - 2015-12-12 16:56 - 01738240 _____ C:\Users\Graeme\Desktop\adwcleaner_5.024.exe
    2015-12-12 16:27 - 2015-12-12 16:27 - 00000000 ____D C:\Users\Graeme\Desktop\New folder (5)
    2015-12-11 18:04 - 2015-12-11 18:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2015-12-11 18:04 - 2015-12-11 18:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-12-11 18:03 - 2015-12-11 18:03 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-12-11 18:03 - 2015-12-11 18:03 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-12-11 18:03 - 2015-12-11 18:03 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-12-11 18:03 - 2015-12-11 18:03 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-12-11 18:03 - 2015-12-11 18:03 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
    2015-12-11 18:03 - 2015-12-11 18:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-12-11 18:03 - 2015-12-11 18:03 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2015-12-11 18:03 - 2015-12-11 18:03 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-12-11 18:03 - 2015-12-11 18:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-12-11 18:03 - 2015-12-11 18:03 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2015-12-11 18:03 - 2015-12-11 18:03 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2015-12-11 18:03 - 2015-12-11 18:03 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2015-12-11 18:03 - 2015-12-11 18:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-12-11 18:03 - 2015-11-10 00:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-12-11 18:03 - 2015-11-10 00:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2015-12-11 18:03 - 2015-11-08 22:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-12-11 18:03 - 2015-11-08 22:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-12-09 17:39 - 2015-12-09 17:39 - 00002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
    2015-12-09 17:39 - 2015-12-09 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
    2015-12-09 17:39 - 2015-12-09 17:39 - 00000000 ____D C:\Program Files (x86)\Sophos
    2015-12-09 17:36 - 2015-12-09 17:37 - 140843480 _____ (Sophos Limited) C:\Users\Graeme\Desktop\Sophos Virus Removal Tool.exe
    2015-12-09 17:21 - 2015-12-09 17:21 - 00002599 _____ C:\Users\Graeme\Desktop\FSS.txt
    2015-12-09 16:39 - 2015-12-09 16:40 - 00448512 _____ (OldTimer Tools) C:\Users\Graeme\Desktop\TFC.exe
    2015-12-09 16:39 - 2015-12-09 16:39 - 00852720 _____ C:\Users\Graeme\Desktop\SecurityCheck (2).exe
    2015-12-09 16:39 - 2015-12-09 16:39 - 00415744 _____ (Farbar) C:\Users\Graeme\Desktop\FSS.exe
    2015-12-07 17:08 - 2015-12-07 17:08 - 00018206 _____ C:\Users\Graeme\Desktop\Fixlog.txt
    2015-12-07 17:04 - 2015-12-17 17:43 - 00000000 ____D C:\Users\Graeme\Desktop\FRST-OlderVersion
    2015-12-01 16:54 - 2015-12-01 18:07 - 00038642 _____ C:\Users\Graeme\Desktop\Addition.txt
    2015-12-01 16:53 - 2015-12-17 17:44 - 00020181 _____ C:\Users\Graeme\Desktop\FRST.txt
    2015-12-01 16:53 - 2015-12-17 17:43 - 00000000 ____D C:\FRST
    2015-12-01 16:49 - 2015-12-17 17:43 - 02370048 _____ (Farbar) C:\Users\Graeme\Desktop\FRST64.exe
    2015-11-28 14:07 - 2015-11-28 14:07 - 00000000 ____D C:\Users\Graeme\AppData\Local\CEF
    2015-11-27 23:36 - 2015-11-27 23:36 - 00000000 ____D C:\Users\Default\AppData\Roaming\Apple Computer
    2015-11-27 23:36 - 2015-11-27 23:36 - 00000000 ____D C:\Users\Default\AppData\Local\Apple Computer
    2015-11-27 23:36 - 2015-11-27 23:36 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Apple Computer
    2015-11-27 23:36 - 2015-11-27 23:36 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple Computer
    2015-11-27 23:35 - 2015-11-27 23:35 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
    2015-11-27 23:35 - 2015-11-27 23:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2015-11-27 23:35 - 2015-11-27 23:35 - 00000000 ____D C:\Program Files\iTunes
    2015-11-27 23:35 - 2015-11-27 23:35 - 00000000 ____D C:\Program Files\iPod
    2015-11-27 23:35 - 2015-11-27 23:35 - 00000000 ____D C:\Program Files (x86)\iTunes
    2015-11-27 23:31 - 2015-11-27 23:31 - 00000000 ____D C:\Windows\System32\Tasks\Apple
    2015-11-27 23:31 - 2015-11-27 23:31 - 00000000 ____D C:\Users\Default\AppData\Local\Apple
    2015-11-27 23:31 - 2015-11-27 23:31 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple
    2015-11-27 23:31 - 2015-11-27 23:31 - 00000000 ____D C:\Program Files\Bonjour
    2015-11-27 23:31 - 2015-11-27 23:31 - 00000000 ____D C:\Program Files (x86)\Bonjour
    2015-11-27 23:31 - 2015-11-27 23:31 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
    2015-11-27 23:21 - 2015-11-27 23:21 - 00001033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
    2015-11-27 23:20 - 2015-11-27 23:20 - 05490752 _____ (Secunia) C:\Users\Graeme\Downloads\PSISetup.exe
    2015-11-27 23:04 - 2015-11-27 23:03 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2015-11-27 23:02 - 2015-11-27 17:36 - 00110176 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
    2015-11-27 23:00 - 2015-11-27 23:00 - 05028296 _____ (Adobe Systems Inc.) C:\Users\Graeme\Downloads\Shockwave_Installer_Slim(1).exe
    2015-11-27 22:56 - 2015-12-01 16:34 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2015-11-27 22:56 - 2015-11-27 22:56 - 00002007 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
    2015-11-27 22:52 - 2015-11-27 22:52 - 28849904 _____ C:\Users\Graeme\Downloads\vlc-2.2.1-win32.exe
    2015-11-27 22:45 - 2015-11-27 22:48 - 00002055 _____ C:\DelFix.txt
    2015-11-27 17:36 - 2015-11-27 17:36 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
    2015-11-27 17:36 - 2015-11-27 17:36 - 00000000 ____D C:\Program Files\Java
    2015-11-27 17:34 - 2015-11-27 17:35 - 57017440 _____ (Oracle Corporation) C:\Users\Graeme\Downloads\jre-8u66-windows-x64 (3).exe
    2015-11-27 16:56 - 2015-11-27 16:57 - 57017440 _____ (Oracle Corporation) C:\Users\Graeme\Downloads\jre-8u66-windows-x64 (2).exe
    2015-11-27 16:55 - 2015-11-27 16:55 - 57017440 _____ (Oracle Corporation) C:\Users\Graeme\Downloads\jre-8u66-windows-x64 (1).exe
    2015-11-27 16:54 - 2015-11-27 16:54 - 57017440 _____ (Oracle Corporation) C:\Users\Graeme\Downloads\jre-8u66-windows-x64.exe
    2015-11-27 16:32 - 2015-11-27 16:56 - 00000000 ____D C:\Users\Graeme\.oracle_jre_usage
    2015-11-27 16:32 - 2015-11-27 16:32 - 00000000 ____D C:\Users\Graeme\AppData\Roaming\Sun
    2015-11-27 16:31 - 2015-11-27 16:31 - 00000000 ____D C:\Users\Graeme\AppData\LocalLow\Oracle
    2015-11-27 16:30 - 2015-11-27 16:30 - 00584288 _____ (Oracle Corporation) C:\Users\Graeme\Downloads\jre-8u66-windows-i586-iftw.exe
    2015-11-27 16:28 - 2015-11-27 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-11-27 16:20 - 2015-11-30 23:49 - 00068852 _____ C:\Windows\system32\Drivers\fvstore.dat
    2015-11-27 16:20 - 2015-11-27 16:20 - 00000000 ___HD C:\VTRoot
    2015-11-25 21:50 - 2015-11-25 21:50 - 00019209 _____ C:\Users\Graeme\Desktop\SophosVirusRemovalTool (AFTER CLEANUP).txt
    2015-11-24 22:25 - 2015-12-09 17:41 - 00000000 ____D C:\ProgramData\Sophos
    2015-11-24 17:01 - 2015-11-24 17:01 - 00000962 _____ C:\Users\Graeme\Desktop\checkup.txt
    2015-11-23 18:10 - 2015-11-23 18:10 - 00000000 ____D C:\Program Files (x86)\Comodo
    2015-11-23 17:34 - 2010-11-20 12:18 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
    2015-11-22 21:24 - 2015-11-22 21:24 - 00000000 ____D C:\Users\Graeme\Desktop\New folder (4)
    2015-11-22 21:09 - 2015-11-22 21:09 - 00002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
    2015-11-22 21:09 - 2015-11-22 21:09 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2015-11-22 21:09 - 2015-11-22 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2015-11-22 21:09 - 2015-11-22 21:09 - 00000000 ____D C:\Program Files\CCleaner
    2015-11-22 21:07 - 2015-11-22 21:09 - 06762072 _____ (Piriform Ltd) C:\Users\Graeme\Desktop\ccsetup511.exe
    2015-11-21 18:47 - 2015-12-15 18:34 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
    2015-11-21 18:47 - 2015-11-21 18:49 - 00000000 ____D C:\Windows\System32\Tasks\COMODO
    2015-11-21 18:47 - 2015-11-21 18:47 - 00001872 _____ C:\Users\Public\Desktop\COMODO Antivirus.lnk
    2015-11-21 18:44 - 2015-11-21 18:44 - 00000000 ____D C:\ProgramData\Shared Space
    2015-11-21 18:42 - 2015-11-27 23:40 - 00000000 ____D C:\Program Files\COMODO
    2015-11-21 18:41 - 2015-11-27 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
    2015-11-21 18:41 - 2015-11-21 18:41 - 00001086 _____ C:\Users\Public\Desktop\Internet (Chromodo).lnk
    2015-11-21 18:41 - 2015-11-21 18:41 - 00000000 ____D C:\Users\Graeme\AppData\Local\Comodo
    2015-11-21 18:39 - 2015-11-21 18:47 - 00000000 ____D C:\ProgramData\Comodo
    2015-11-21 18:36 - 2015-11-21 18:38 - 217812536 _____ (COMODO) C:\Users\Graeme\Downloads\cav_installer_3264_29.exe
    2015-11-21 18:01 - 2015-11-21 18:01 - 00001049 _____ C:\Users\Graeme\Desktop\mwb.txt
    2015-11-21 17:42 - 2015-11-21 17:42 - 00004672 _____ C:\Windows\SysWOW64\Jeiiidsu.ini
    2015-11-21 17:42 - 2015-11-21 17:42 - 00002384 _____ C:\Windows\SysWOW64\JeiiidsuOff.ini
    2015-11-21 17:42 - 2015-11-21 17:42 - 00002384 _____ C:\Windows\system32\JeiiidsuOff.ini
    2015-11-21 17:41 - 2015-11-21 18:22 - 00000000 ____D C:\Users\Graeme\AppData\LocalLow\Company
    2015-11-21 17:41 - 2015-11-21 18:22 - 00000000 ____D C:\Program Files\shopperz201120152254
    2015-11-21 17:41 - 2015-11-21 17:42 - 00000000 ____D C:\Users\Graeme\AppData\Local\Tempfolder
    2015-11-21 17:41 - 2015-11-21 17:41 - 00034720 _____ () C:\Windows\system32\Drivers\bsdriver.sys
    2015-11-21 17:41 - 2015-11-21 17:41 - 00003342 _____ C:\Windows\System32\Tasks\Kunriij
    2015-11-21 17:41 - 2015-11-21 17:41 - 00000000 ____D C:\Windows\system32\rafr
    2015-11-21 17:41 - 2015-11-21 17:41 - 00000000 ____D C:\uninst
    2015-11-21 17:39 - 2015-11-21 18:03 - 00001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-11-21 17:39 - 2015-11-21 17:40 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-11-21 17:39 - 2015-11-21 17:39 - 22908888 _____ (Malwarebytes ) C:\Users\Graeme\Downloads\mbam-setup-2.2.0.1024.exe
    2015-11-21 17:39 - 2015-11-21 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-11-21 17:39 - 2015-11-21 17:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-11-21 17:39 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-11-21 17:39 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2015-11-21 17:39 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2015-11-21 17:35 - 2015-11-21 18:03 - 00002156 _____ C:\Users\Graeme\Desktop\chrome.lnk
    2015-11-21 17:30 - 2014-01-18 16:17 - 00000027 _____ C:\Windows\system32\Drivers\etc\hp.bak
    2015-11-21 17:29 - 2015-11-27 23:30 - 00000000 ____D C:\ProgramData\BOINC
    2015-11-21 17:29 - 2015-11-21 17:29 - 00000000 ____D C:\Windows\Downloaded Installations
    2015-11-21 17:27 - 2015-12-09 18:53 - 00000000 ____D C:\Users\Graeme\Desktop\New folder (3)
    2015-11-20 23:10 - 2015-05-22 08:41 - 00000279 _____ C:\Users\Graeme\Desktop\NEW-VERSION-v1.1.txt
    2015-11-20 23:09 - 2015-11-20 23:09 - 02538281 _____ C:\Users\Graeme\Downloads\YIFY-Codec-Pack-v1.0.zip
    2015-11-20 22:49 - 2015-11-20 22:49 - 00008718 _____ C:\Users\Graeme\Downloads\[kat.cr]dope.2015.720p.brrip.x264.yify.torrent
    2015-11-20 22:41 - 2015-11-20 22:42 - 00000000 ____D C:\Users\Graeme\Desktop\New folder (2)
    2015-11-20 22:19 - 2015-11-20 22:19 - 00033634 _____ C:\Users\Graeme\Downloads\Suffragette (2015) 720p BluRay x264 YIFY.torrent
    2015-11-20 20:57 - 2015-11-21 17:41 - 00061344 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
    2015-11-20 18:24 - 2015-11-20 18:24 - 00000058 _____ C:\Users\Graeme\Documents\lottol.txt
    2015-11-18 17:14 - 2015-11-18 17:14 - 00806032 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
    2015-11-18 17:14 - 2015-11-18 17:14 - 00021184 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-12-17 17:42 - 2014-06-11 18:28 - 00000034 _____ C:\Windows\AvastEmUpdate.ini
    2015-12-17 17:42 - 2009-07-14 04:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-12-17 17:42 - 2009-07-14 04:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-12-17 17:41 - 2012-12-11 21:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-12-17 17:38 - 2013-01-14 22:11 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-12-17 17:36 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-12-15 18:30 - 2015-07-08 22:48 - 00000664 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4177724317-3960994671-2067847833-1000.job
    2015-12-15 17:52 - 2013-01-14 22:11 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-12-15 17:10 - 2012-12-12 21:26 - 00000000 ____D C:\Users\Graeme\AppData\Local\Adobe
    2015-12-15 13:46 - 2014-02-03 19:59 - 00000568 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4177724317-3960994671-2067847833-1000.job
    2015-12-12 16:39 - 2015-07-08 22:48 - 00003694 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-4177724317-3960994671-2067847833-1000
    2015-12-12 16:39 - 2014-02-03 19:59 - 00003598 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4177724317-3960994671-2067847833-1000
    2015-12-12 15:35 - 2009-07-14 04:45 - 05060456 _____ C:\Windows\system32\FNTCACHE.DAT
    2015-12-12 15:32 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\inf
    2015-12-11 18:23 - 2013-01-15 17:43 - 00000000 ____D C:\ProgramData\Microsoft Help
    2015-12-11 18:22 - 2013-02-23 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-12-11 18:21 - 2013-02-23 00:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2015-12-11 18:21 - 2013-02-23 00:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2015-12-11 18:20 - 2013-08-17 01:07 - 00000000 ____D C:\Windows\system32\MRT
    2015-12-11 18:15 - 2012-12-11 21:51 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-12-09 17:41 - 2012-12-11 21:22 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-12-09 17:41 - 2012-12-11 21:22 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-12-09 17:41 - 2012-12-11 21:22 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-12-09 16:47 - 2013-01-14 22:11 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-12-09 16:47 - 2013-01-14 22:11 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-12-02 17:06 - 2013-03-23 22:52 - 00000000 ____D C:\Users\Graeme\AppData\Local\CrashDumps
    2015-12-01 18:07 - 2013-02-04 22:18 - 00000000 ____D C:\ProgramData\CanonIJPLM
    2015-12-01 16:55 - 2009-07-14 03:20 - 00000000 ____D C:\Windows
    2015-11-28 13:37 - 2012-12-11 19:26 - 00117344 _____ C:\Users\Graeme\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-11-27 23:35 - 2014-06-16 12:09 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2015-11-27 23:35 - 2013-09-30 20:56 - 00000000 ____D C:\Program Files\Common Files\Apple
    2015-11-27 23:31 - 2015-08-12 16:03 - 00096528 _____ (Apple Inc.) C:\Windows\system32\dns-sd.exe
    2015-11-27 23:31 - 2015-08-12 16:03 - 00084240 _____ (Apple Inc.) C:\Windows\SysWOW64\dns-sd.exe
    2015-11-27 23:31 - 2013-09-30 20:57 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2015-11-27 23:21 - 2014-11-28 12:02 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
    2015-11-27 23:04 - 2014-02-01 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2015-11-27 22:57 - 2014-12-27 14:43 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
    2015-11-27 22:56 - 2012-12-11 19:27 - 00000000 ____D C:\Program Files (x86)\Adobe
    2015-11-27 22:55 - 2012-12-11 19:27 - 00000000 ____D C:\ProgramData\Adobe
    2015-11-27 22:53 - 2012-12-15 20:00 - 00001030 _____ C:\Users\Public\Desktop\VLC media player.lnk
    2015-11-27 22:45 - 2014-01-18 21:32 - 00000000 ____D C:\Windows\ERUNT
    2015-11-27 22:22 - 2012-12-11 21:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2015-11-27 16:32 - 2014-01-03 23:33 - 00000000 ____D C:\ProgramData\Oracle
    2015-11-27 16:32 - 2012-12-10 17:23 - 00000000 ____D C:\Users\Graeme
    2015-11-27 16:31 - 2013-08-31 22:44 - 00000000 ____D C:\Program Files (x86)\Java
    2015-11-24 21:48 - 2014-03-17 19:11 - 00000027 _____ C:\Users\Graeme\Documents\QUIDCO.txt
    2015-11-22 21:00 - 2015-07-18 19:34 - 00002351 _____ C:\Users\Graeme\Desktop\Minecraft.lnk
    2015-11-22 20:50 - 2014-06-11 18:28 - 00000000 ____D C:\Program Files\Bitdefender
    2015-11-22 20:49 - 2014-06-11 18:10 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
    2015-11-22 20:48 - 2014-06-11 21:41 - 00621961 _____ C:\bdlog.txt
    2015-11-22 20:48 - 2009-07-14 05:13 - 00009084 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-11-22 20:44 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\system32\NDF
    2015-11-21 18:26 - 2009-07-14 05:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
    2015-11-21 18:24 - 2012-12-10 17:23 - 00001417 _____ C:\Users\Graeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2015-11-21 18:04 - 2014-02-20 21:04 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
    2015-11-21 18:04 - 2014-02-20 21:03 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
    2015-11-21 18:04 - 2014-02-20 21:02 - 00001193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
    2015-11-21 18:04 - 2014-02-20 21:02 - 00001101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
    2015-11-21 18:04 - 2014-02-20 21:00 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
    2015-11-21 18:04 - 2014-02-20 21:00 - 00001377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
    2015-11-21 18:04 - 2014-01-11 17:57 - 00000995 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat_com.lnk
    Last edited by DASHBOY; December 17th, 2015 at 02:41 PM.
    Reply With Quote Reply With Quote
  7. December 17th, 2015, 02:41 PM #37
    DASHBOY
    DASHBOY is offline Virtual Med Student
    Join Date
    Jun 2003
    Location
    Scotland
    Posts
    91
    2015-11-21 18:04 - 2012-12-12 21:05 - 00001786 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
    2015-11-21 18:04 - 2012-12-11 21:20 - 00001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2015-11-21 18:04 - 2012-12-10 16:46 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
    2015-11-21 18:04 - 2012-12-10 16:46 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
    2015-11-21 18:04 - 2009-07-14 04:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2015-11-21 18:04 - 2009-07-14 04:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
    2015-11-21 18:04 - 2009-07-14 04:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
    2015-11-21 18:04 - 2009-07-14 04:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
    2015-11-21 18:03 - 2015-02-15 10:57 - 00001119 _____ C:\Users\Graeme\Desktop\Five Nights at Freddy's 2 v1.0.lnk
    2015-11-21 18:03 - 2015-01-07 18:21 - 00002483 _____ C:\Users\Public\Desktop\inSSIDer Home.lnk
    2015-11-21 18:03 - 2014-09-03 19:19 - 00001045 _____ C:\Users\Public\Desktop\tuxguitar.lnk
    2015-11-21 18:03 - 2014-03-29 15:30 - 00002691 _____ C:\Users\Public\Desktop\Skype.lnk
    2015-11-21 18:03 - 2014-02-02 17:12 - 00002225 _____ C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk
    2015-11-21 18:03 - 2014-01-11 18:25 - 00001086 _____ C:\Users\Graeme\Desktop\Microsoft Expression Web 4.lnk
    2015-11-21 18:03 - 2014-01-11 17:57 - 00000989 _____ C:\Users\Public\Desktop\Acrobat_com.lnk
    2015-11-21 18:03 - 2014-01-11 17:47 - 00001059 _____ C:\Users\Graeme\Desktop\Notepad++.lnk
    2015-11-21 18:03 - 2013-10-29 11:04 - 00002805 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Dragon NaturallySpeaking 11.0.lnk
    2015-11-21 18:03 - 2013-10-29 11:04 - 00002793 _____ C:\Users\Public\Desktop\Dragon NaturallySpeaking 11.0.lnk
    2015-11-21 18:03 - 2013-10-29 11:04 - 00001866 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
    2015-11-21 18:03 - 2013-10-28 19:12 - 00001170 _____ C:\Users\Public\Desktop\Snagit 11 Editor.lnk
    2015-11-21 18:03 - 2013-10-28 19:12 - 00001126 _____ C:\Users\Public\Desktop\Snagit 11.lnk
    2015-11-21 18:03 - 2013-10-26 22:57 - 00001162 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
    2015-11-21 18:03 - 2013-03-23 22:44 - 00000000 ____D C:\Users\Graeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
    2015-11-21 18:03 - 2013-03-23 14:30 - 00001149 _____ C:\Users\Public\Desktop\HMA! Pro VPN.lnk
    2015-11-21 18:03 - 2013-02-24 23:06 - 00001193 _____ C:\Users\Graeme\Desktop\FileZilla.lnk
    2015-11-21 18:03 - 2013-02-23 00:05 - 00001222 _____ C:\Users\Graeme\AppData\Roaming\Microsoft\Windows\Start Menu\Audio Converter Uninstall Audio Converter.lnk
    2015-11-21 18:03 - 2013-02-23 00:05 - 00001109 _____ C:\Users\Graeme\AppData\Roaming\Microsoft\Windows\Start Menu\Audio Converter Audio Converter.lnk
    2015-11-21 18:03 - 2013-02-13 14:19 - 00002091 _____ C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk
    2015-11-21 18:03 - 2013-02-13 14:18 - 00002093 _____ C:\Users\Public\Desktop\Canon MP Navigator EX 3.1.lnk
    2015-11-21 18:03 - 2013-02-04 22:17 - 00002007 _____ C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
    2015-11-21 18:03 - 2013-02-04 20:24 - 00002052 _____ C:\Users\Public\Desktop\Canon MX340 series User Registration.LNK
    2015-11-21 18:03 - 2013-02-04 18:20 - 00002037 _____ C:\Users\Public\Desktop\Canon Solution Menu.lnk
    2015-11-21 18:03 - 2013-02-04 18:18 - 00002180 _____ C:\Users\Public\Desktop\Canon MX340 series On-screen Manual.lnk
    2015-11-21 18:03 - 2013-02-04 18:18 - 00001834 _____ C:\Users\Public\Desktop\Canon My Printer.lnk
    2015-11-21 18:03 - 2013-02-03 20:39 - 00001232 _____ C:\Users\Graeme\Desktop\ConvertXtoDVD 4.lnk
    2015-11-21 18:03 - 2013-02-03 20:25 - 00002909 _____ C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
    2015-11-21 18:03 - 2013-01-29 12:58 - 00001162 _____ C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
    2015-11-21 18:03 - 2012-12-25 21:24 - 00000936 _____ C:\Users\Graeme\Desktop\Guitar Pro 5.lnk
    2015-11-21 18:03 - 2012-12-24 15:58 - 00000430 _____ C:\Users\Graeme\Desktop\CD Drive - Shortcut.lnk
    2015-11-21 18:03 - 2012-12-12 21:05 - 00001780 _____ C:\Users\Public\Desktop\Vuze.lnk
    2015-11-21 18:03 - 2012-12-11 21:20 - 00001145 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2015-11-21 18:03 - 2012-12-11 19:24 - 00001883 _____ C:\Users\Public\Desktop\XFast USB.LNK
    2015-11-21 18:03 - 2012-12-11 19:24 - 00001130 _____ C:\Users\Public\Desktop\ASRock eXtreme Tuner.lnk
    2015-11-21 18:03 - 2012-12-11 19:24 - 00001114 _____ C:\Users\Public\Desktop\ASRock InstantBoot.lnk
    2015-11-21 18:03 - 2009-07-14 05:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
    2015-11-21 18:03 - 2009-07-14 04:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
    2015-11-20 23:21 - 2012-12-12 21:05 - 00000000 ____D C:\Users\Graeme\AppData\Roaming\Azureus
    2015-11-20 23:16 - 2012-12-15 22:21 - 00000000 ____D C:\Users\Graeme\AppData\Roaming\vlc
    2015-11-20 22:49 - 2015-10-02 23:38 - 00000000 ____D C:\Users\Graeme\Documents\Vuze Downloads

    Some files in TEMP:
    ====================
    C:\Users\Graeme\AppData\Local\Temp\bitool.dll
    C:\Users\Graeme\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-11-30 17:47

    ==================== End of FRST.txt ============================
    Reply With Quote Reply With Quote
  8. December 17th, 2015, 02:42 PM #38
    DASHBOY
    DASHBOY is offline Virtual Med Student
    Join Date
    Jun 2003
    Location
    Scotland
    Posts
    91
    Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-12-2015
    Ran by Graeme (2015-12-17 17:45:17)
    Running from C:\Users\Graeme\Desktop
    Windows 7 Ultimate Service Pack 1 (X64) (2012-12-10 16:53:22)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-4177724317-3960994671-2067847833-500 - Administrator - Disabled)
    Graeme (S-1-5-21-4177724317-3960994671-2067847833-1000 - Administrator - Enabled) => C:\Users\Graeme
    Guest (S-1-5-21-4177724317-3960994671-2067847833-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-4177724317-3960994671-2067847833-1251 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: COMODO Antivirus (Enabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5}
    AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
    Acrobat.com (x32 Version: 2.0.0 - Adobe Systems Incorporated) Hidden
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated)
    Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
    Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
    AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
    ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
    ASRock eXtreme Tuner v0.1.98 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - )
    ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - )
    BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
    BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.3 - Broadcom Corporation)
    Camtasia Studio 8 (HKLM-x32\...\{BFA04EE0-8240-4667-8D53-45496A901C33}) (Version: 8.1.2.1327 - TechSmith Corporation)
    Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
    Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
    Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
    Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
    Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
    Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version: - )
    Canon MX340 series User Registration (HKLM-x32\...\Canon MX340 series User Registration) (Version: - )
    Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: - )
    Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
    Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
    Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
    CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
    Chromodo (HKLM-x32\...\Chromodo) (Version: 45.7.11.387 - Comodo)
    Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
    COMODO Antivirus (HKLM\...\{04833277-EE61-4251-9273-0CF86C0FE710}) (Version: 8.2.0.4792 - COMODO Security Solutions Inc.)
    ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
    CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1611_37043 - CyberLink Corp.)
    Dragon NaturallySpeaking 11 (HKLM-x32\...\{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}) (Version: 11.50.100 - Nuance Communications Inc.)
    Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
    Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
    FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
    Five Nights at Freddy's 2 v1.0 (HKLM-x32\...\Five Nights at Freddy's 2 v1.0_is1) (Version: - )
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
    GoToMeeting 7.7.0.4062 (HKU\S-1-5-21-4177724317-3960994671-2067847833-1000\...\GoToMeeting) (Version: 7.7.0.4062 - CitrixOnline)
    Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
    HMA! Pro VPN 2.7.1.7 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.7.1.7 - )
    inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2372 - Intel Corporation)
    iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
    Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
    Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1003 - Marvell)
    McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
    Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version: - )
    Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.2.11000.12.100 - Nero AG)
    Nero Burning ROM 10 (HKLM-x32\...\{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}) (Version: 10.5.10300 - Nero AG)
    Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10300.0.102 - Nero AG)
    Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
    OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
    PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
    Rome - Total War (HKLM-x32\...\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}) (Version: 1.5 - The Creative Assembly)
    Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
    Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
    Snagit 11 (HKLM-x32\...\{7CA5C4DF-8327-4035-AE2B-CA76336A04FD}) (Version: 11.0.0 - TechSmith Corporation)
    Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    THX TruStudio (HKLM-x32\...\{AFB907F5-C0E6-4753-8284-DE955EF86AC2}) (Version: 1.00.01 - Creative Technology Limited)
    TuxGuitar 1.2 (HKLM-x32\...\TuxGuitar_0) (Version: - )
    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    USB PnP Sound Device (HKLM\...\C-Media CM108 Like Sound Driver) (Version: - )
    USB PnP Sound Device (HKLM-x32\...\Generic USB 108 Sound) (Version: - )
    Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}) (Version: 11.0.0 - Nuance Communications Inc.)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.2.0 - Azureus Software, Inc.)
    WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
    XAMPP (HKLM-x32\...\xampp) (Version: 1.8.2-3 - BitNami)
    XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn)
    XFastUsb (HKLM-x32\...\XFastUsb) (Version: - )

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-4177724317-3960994671-2067847833-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Graeme\AppData\Local\Citrix\GoToMeeting\3019\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

    ==================== Restore Points =========================

    27-11-2015 22:47:10 End of disinfection
    27-11-2015 23:37:21 Removed GeekBuddy.
    27-11-2015 23:43:50 Removed Charity Engine.
    07-12-2015 17:12:05 Removed Strongvault Online Backup
    09-12-2015 17:32:58 Removed Sophos Virus Removal Tool.
    09-12-2015 17:39:28 Installed Sophos Virus Removal Tool.
    11-12-2015 18:12:11 Windows Update

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-03-12 19:50 - 2014-01-18 16:17 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

    127.0.0.1 localhost

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {073FE9E0-5485-4F97-A285-E11A2542587E} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
    Task: {17A7D2A7-58D0-4EA6-850C-9059468FAA43} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender\bdproductdata.exe
    Task: {23A48680-8E49-4054-BB70-228E977BA56F} - System32\Tasks\Kunriij => C:\PROGRA~1\SHOPPE~1\Igatgub.bat
    Task: {4251987B-06B8-4B0D-8CF1-B5A7E1FEBC91} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
    Task: {4F81E59A-5D49-4692-AA2A-4A3484CE6F51} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-11-27] (Apple Inc.)
    Task: {76EB7027-EAE1-4002-BC5A-2A330F5F0E18} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {83053D08-4B94-40A3-B5D5-A5A8E2B77C83} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-19] (AVAST Software)
    Task: {91EFDC31-DFE8-4B4A-9E91-964DD3FD9A28} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
    Task: {A62C6C4C-2A8C-4A66-91F3-157686B0098E} - System32\Tasks\AdobeAAMUpdater-1.0-Graeme-PC-Graeme => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
    Task: {B0F06A56-EE25-4246-A5E3-6CC0E58D3AB7} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
    Task: {BE085556-7288-4CC2-85F1-0D61A47F802A} - System32\Tasks\G2MUpdateTask-S-1-5-21-4177724317-3960994671-2067847833-1000 => C:\Users\Graeme\AppData\Local\Citrix\GoToMeeting\4062\g2mupdate.exe [2015-12-12] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {C15992EF-A96C-4E07-B54F-4BCCA71F2F09} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
    Task: {D5D8E520-F775-4335-B6EC-C63A903CBBBA} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-05] (COMODO)
    Task: {D5FE29C3-985A-4880-8C0D-35868C11EC22} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-04-11] (CyberLink)
    Task: {EDA7CA03-59A0-4B67-A6D8-0055D78E6D90} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-22] (Piriform Ltd)
    Task: {F1BFFB8D-B269-4B79-8D82-01BC44CC2EA5} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
    Task: {F47ED277-801C-4A17-950B-B5C49887A2E9} - System32\Tasks\G2MUploadTask-S-1-5-21-4177724317-3960994671-2067847833-1000 => C:\Users\Graeme\AppData\Local\Citrix\GoToMeeting\4062\g2mupload.exe [2015-12-12] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {FFCA4688-2189-4A5E-A69F-D1FB1FB3C0BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4177724317-3960994671-2067847833-1000.job => C:\Users\Graeme\AppData\Local\Citrix\GoToMeeting\4062\g2mupdate.exe
    Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4177724317-3960994671-2067847833-1000.job => C:\Users\Graeme\AppData\Local\Citrix\GoToMeeting\4062\g2mupload.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    Shortcut: C:\Users\Graeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\Graeme\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

    ==================== Loaded Modules (Whitelisted) ==============

    2015-10-13 05:45 - 2015-10-13 05:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2013-02-04 22:18 - 2009-09-08 12:12 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    2015-01-08 22:02 - 2015-01-08 22:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
    2010-01-02 14:42 - 2010-01-02 14:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
    2012-12-11 19:16 - 2011-04-15 02:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2012-12-11 19:29 - 2011-05-19 09:58 - 00246784 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
    2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\comsvcs.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\dns-sd.exe:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\els.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\occache.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\usp10.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\webcheck.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\catsrvut.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\comsvcs.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\dns-sd.exe:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\occache.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\usp10.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\webcheck.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\Drivers\psi_mf_amd64.sys:$CmdTcID
    AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID
    AlternateDataStreams: C:\Users\Graeme\Desktop\adwcleaner_5.024.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Graeme\Desktop\ccsetup511.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Graeme\Desktop\Sophos Virus Removal Tool.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Graeme\Desktop\Sophos Virus Removal Tool.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Graeme\Desktop\Unlocker1.9.2.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Graeme\Desktop\Unlocker1.9.2.exe:$CmdZnID
    AlternateDataStreams: C:\Users\Graeme\Downloads\jre-8u66-windows-i586-iftw.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Graeme\Downloads\jre-8u66-windows-x64 (1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Graeme\Downloads\jre-8u66-windows-x64 (2).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Graeme\Downloads\jre-8u66-windows-x64 (3).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Graeme\Downloads\jre-8u66-windows-x64.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Graeme\Downloads\PSISetup.exe:$CmdTcID
    AlternateDataStreams: C:\Users\Graeme\Downloads\Shockwave_Installer_Slim(1).exe:$CmdTcID
    AlternateDataStreams: C:\Users\Graeme\Downloads\vlc-2.2.1-win32.exe:$CmdTcID

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Jeiiidsu => ""="service"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-4177724317-3960994671-2067847833-1000\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 194.168.4.100 - 194.168.8.100
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [TCP Query User{06880039-5E4D-41A4-8122-4522D6754BEC}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
    FirewallRules: [UDP Query User{DF50B473-28E6-4279-ADC5-74DA7813664B}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
    FirewallRules: [{1991753C-BE1E-4913-8483-DF35C75F4D83}] => (Allow) LPort=51001
    FirewallRules: [TCP Query User{DA511C7E-546E-499A-86C5-AEF5F4EF4F92}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
    FirewallRules: [UDP Query User{49167371-5CC0-4CF0-9763-5F182887443E}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
    FirewallRules: [TCP Query User{C6BC61C4-EA0D-4444-B9D6-F6B1C142FAB3}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
    FirewallRules: [UDP Query User{81BC555E-A75E-46FA-84AE-A9E96650CA0F}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
    FirewallRules: [{E7B31604-3C97-4C67-AA2A-0EA1C8D14A77}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{F4F47625-C8B3-4B35-A4BC-04C252B352FD}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
    FirewallRules: [{5DA40B2F-0662-4D10-B960-30A82552B8F9}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
    FirewallRules: [{73C72D25-D22F-4DF3-9A4B-7F7C74C1F185}] => (Allow) LPort=4481
    FirewallRules: [{90A343FB-6EAE-489C-B1DA-73452307FCA9}] => (Allow) LPort=4481
    FirewallRules: [{EC508540-72A7-41E6-9BDF-997F1F211897}] => (Allow) LPort=4482
    FirewallRules: [{99AD59D3-3A54-49A5-9D8B-F4ECAB637067}] => (Allow) LPort=4482
    FirewallRules: [{2AD6E3B7-5315-4E49-9DE7-DD598844BF96}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{E01BE7D5-4156-40ED-8551-C3F829BE16F8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{697F50B7-494D-43AF-A0B1-8130E78E80BD}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [UDP Query User{543599D9-F794-4FA6-8336-68394F660539}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [{95D2FFBB-C5EB-4263-A072-6550EDAD47A8}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{3FC87A66-A4DD-4CBE-B122-FEA19D7366D3}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{C3CC4D02-B24F-45F3-850F-8C2C4C1CC5B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{F35A96B0-3A00-43BC-BF42-28A31026C959}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{DDB4FCF5-F86B-48F6-91EC-0AEEB6EE00B8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{C90146E1-BF46-48A6-907D-25AC969D90A5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{CBD19939-C388-40A8-8720-4F1F049EB38D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{7E0355A9-9552-4E50-B888-2714A2CF16A1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{40F9803A-2745-47AF-AFEB-7D5A16C45362}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{68BF3D4E-6028-4472-AED4-68E7F5788A5C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Faulty Device Manager Devices =============

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: TAP-Win32 Adapter V9
    Description: TAP-Win32 Adapter V9
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: TAP-Win32 Provider V9
    Service: tap0901
    Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
    Resolution: A registry problem was detected.
    This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
    Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/09/2015 05:29:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: Graeme-PC)
    Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

    Error: (12/09/2015 05:29:54 PM) (Source: MsiInstaller) (EventID: 11606) (User: Graeme-PC)
    Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

    Error: (12/09/2015 05:28:42 PM) (Source: MsiInstaller) (EventID: 11606) (User: Graeme-PC)
    Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

    Error: (12/09/2015 05:28:39 PM) (Source: MsiInstaller) (EventID: 11606) (User: Graeme-PC)
    Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

    Error: (12/09/2015 05:28:12 PM) (Source: MsiInstaller) (EventID: 11606) (User: Graeme-PC)
    Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

    Error: (12/07/2015 05:13:27 PM) (Source: MsiInstaller) (EventID: 11905) (User: Graeme-PC)
    Description: Product: Strongvault Online Backup -- Error 1905.Module C:\Users\Graeme\AppData\Local\Strongvault Online Backup\vsscopy.exe failed to unregister. HRESULT -2147220472. Contact your support personnel.

    Error: (12/02/2015 05:06:29 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: GWXUX.exe, version: 6.3.9600.18064, time stamp: 0x56042d8f
    Faulting module name: ntdll.dll, version: 6.1.7601.19045, time stamp: 0x56259295
    Exception code: 0xc0000005
    Fault offset: 0x000000000004ac04
    Faulting process id: 0x1330
    Faulting application start time: 0xGWXUX.exe0
    Faulting application path: GWXUX.exe1
    Faulting module path: GWXUX.exe2
    Report Id: GWXUX.exe3

    Error: (12/01/2015 04:34:11 PM) (Source: MsiInstaller) (EventID: 1023) (User: Graeme-PC)
    Description: Product: Adobe Acrobat Reader DC - Update '{AC76BA86-7AD7-0000-2550-AC0F094E6F00}' could not be installed. Error code 1625. Additional information is available in the log file C:\Users\Graeme\AppData\Local\Temp\MSIeb06a.LOG.

    Error: (11/27/2015 11:30:30 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: AppleMobileDeviceService.exe, version: 17.327.4.24, time stamp: 0x52fa24ee
    Faulting module name: AppleMobileDeviceService_main.dll, version: 17.327.4.24, time stamp: 0x52fc13d4
    Exception code: 0xc0000005
    Fault offset: 0x00009ae0
    Faulting process id: 0x1014
    Faulting application start time: 0xAppleMobileDeviceService.exe0
    Faulting application path: AppleMobileDeviceService.exe1
    Faulting module path: AppleMobileDeviceService.exe2
    Report Id: AppleMobileDeviceService.exe3

    Error: (11/27/2015 11:29:55 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x726f7461
    Faulting process id: 0x195c
    Faulting application start time: 0xPSIA.exe0
    Faulting application path: PSIA.exe1
    Faulting module path: PSIA.exe2
    Report Id: PSIA.exe3


    System errors:
    =============
    Error: (12/17/2015 05:42:06 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Intel(R) Management and Security Application User Notification Service service hung on starting.

    Error: (12/15/2015 01:50:11 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR1.

    Error: (12/15/2015 01:50:10 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR1.

    Error: (12/15/2015 01:50:08 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR1.

    Error: (12/15/2015 01:50:07 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR1.

    Error: (12/15/2015 01:50:07 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR1.

    Error: (12/13/2015 01:34:42 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR1.

    Error: (12/13/2015 01:34:41 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR1.

    Error: (12/13/2015 01:34:40 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR1.

    Error: (12/13/2015 01:34:39 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR1.


    CodeIntegrity:
    ===================================
    Date: 2015-11-21 17:46:27.000
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-11-21 17:46:26.900
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-11-21 17:45:13.384
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-11-21 17:45:13.321
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-11-21 17:44:32.227
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-11-21 17:44:32.165
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-11-21 17:44:32.085
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-11-21 17:44:32.022
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-11-21 17:44:31.942
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-11-21 17:44:31.880
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
    Percentage of memory in use: 34%
    Total physical RAM: 8104.58 MB
    Available physical RAM: 5309.35 MB
    Total Virtual: 16207.37 MB
    Available Virtual: 12854.49 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:1862.92 GB) (Free:1622.74 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: A4A1717F)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
    Reply With Quote Reply With Quote
  9. December 17th, 2015, 07:59 PM #39
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
    Attached Files Attached Files
    My Home Page
    Reply With Quote Reply With Quote
  10. December 18th, 2015, 03:42 PM #40
    DASHBOY
    DASHBOY is offline Virtual Med Student
    Join Date
    Jun 2003
    Location
    Scotland
    Posts
    91
    Fix result of Farbar Recovery Scan Tool (x64) Version:17-12-2015
    Ran by Graeme (2015-12-18 19:41:16) Run:2
    Running from C:\Users\Graeme\Desktop
    Loaded Profiles: Graeme (Available Profiles: Graeme)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    2015-11-21 17:41 - 2015-11-21 18:22 - 00000000 ____D C:\Program Files\shopperz201120152254

    *****************

    C:\Program Files\shopperz201120152254 => moved successfully

    ==== End of Fixlog 19:41:17 ====
    Reply With Quote Reply With Quote
  11. December 18th, 2015, 04:14 PM #41
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    You're good to go
    My Home Page
    Reply With Quote Reply With Quote
  12. December 21st, 2015, 01:24 PM #42
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    The issue seems to be resolved.
    My Home Page
    Reply With Quote Reply With Quote
  13. December 22nd, 2015, 11:52 AM #43
    DASHBOY
    DASHBOY is offline Virtual Med Student
    Join Date
    Jun 2003
    Location
    Scotland
    Posts
    91
    Yes everything seems fine now. Thank you so much for all your help!
    Reply With Quote Reply With Quote
  14. December 22nd, 2015, 12:58 PM #44
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    My Home Page
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules