Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.

Internet Explorer cannot display the website issue

5K views 43 replies 5 participants last post by  Cookiegal 
#1 ·
Windows XP Pro-IE8:

Gentlemen and Ladies:

I have an issue I have been trying to solve without success. I have used and opened a sports website for years called bleacherreport.com which also sends me daily sports updates in several catagories through emails to my outlook express 6
mail client.

For some unknown reason recently, none of my 3 browsers (IE8/Firefox/Google Chrome) can open Bleacherreports.com and when I get the emails from Bleacherreport.com (which I still receive daily) and try to open one of the articles in the daily update,I get the following Security warning Window in IE8 which is my default browser:

THE CURRENT WEBPAGE IS TRYING TO OPEN A SITE IN YOUR TRUSTED SITES LIST. DO
YOU WANT TO ALLOW THIS?

CURRENT SITE http://.b.bm.324.com

TRUSTED SITE http://bleacherreport.com

YES - NO

Warning: Allowing this can expose your computer to security risks. If you don't trust the current web page, choose no.

I CHOOSE YES,the window closes and I get the mesage -INTERNET EXPLORER CANNOT DISPLAY THE WEBSITE!

What gives?? I know this is an active site--Why won't my computer allow me to connect. I have removed Comodo Internet Security and have kept the Comodo firewall and replaced the Comodo antivirus element with Panda antivirus which has cured some some other issues I have experienced but that didn't resolve this problem.

Please take a shot as this if you can--would really appreciate the help!

Respectfully,

manofmarin
 
See less See more
#2 ·
I have windows XP with IE8 too and when I tried using it yesterday, I got a warning that IE8 is about to end. I think that IE8 won't be working anymore sometime in the near future with some websites. I would recommend you to upgrade to either Windows Vista, Windows 7 or Windows 8.1 (whichever you like the best) so you can surf on the websites and if you still prefer XP you can use it to do whatever work you may need to do there.
 
#4 ·
Yes I use Firefox or Chrome browsers to view sites that don't project well on IE8, but I don't think I can carry my email client (outlook express 6) over to either firefox or Chrome without changing clients and my address. This affects all the name/passwords I have created on other sites.

Plus it doesn't allow me to forward articles of interest to my email list!

manofmarin
 
#5 ·
OK, I moved your thread as you requested. :)

So, have you tried more up to date browsers with that site? Results?

I don't understand your comment about Outlook Express. What problem are you having with it? You can probably, if necessary, access your mail via web mail, right? Or use a different email client.
 
#8 ·
I cannot open Bleacherreport in either IE 8 (the latest) IE available for XP), nor Firefox nor Google Chrome (the other browsers that still support XP!

I get daily bleacherreports email updates through Outlook Express 6, and I can open the email but the link articles will not open and I get the notification that IE cannot display the website.

I don't want to change email clients because of all the ramifications involved which I won't bore you with!! I can live without this site, but I was just wondering why it worked perfectly in the past but nada now!

Thanks for your comments!

manofmarin
 
#10 ·
Let's take a quick look.

Please download FRST (Farbar Recovery Scan Tool) and save it to your desktop.

Note: You need to run the version that's compatible with your system (32-bit or 64-bit).

  • Double-click FRST to run it. When the tool opens click Yes to the disclaimer.
  • Press the Scan button.
  • It will make a log named (FRST.txt) in the same directory the tool is run (which should be on the desktop). Please copy and paste the contents of the log in your reply.
  • The first time the tool is run it makes a second log named (Addition.txt). Please copy and paste the contents of that log as well.
 
#14 ·
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2014
Ran by Tom (administrator) on INSPIRON-A64846 on 24-11-2014 13:12:03
Running from C:\Documents and Settings\Tom\My Documents
Loaded Profile: Tom (Available profiles: Tom)
Platform: Microsoft Windows XP Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Prosoftnet) C:\Program Files\IDriveWindows\id_service.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Memeo) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Prosoftnet) C:\Program Files\IDriveWindows\id_bglaunch.exe
(Prosoftnet) C:\Program Files\IDriveWindows\id_tray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(AdTrustMedia) C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\CisTray.exe
(South Bay Software) C:\Program Files\AutoSizer\AutoSizer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Cloudmark, Inc.) C:\Program Files\Cloudmark\Desktop\Service\cdswin.exe
(Memeo Inc.) C:\Program Files\Memeo\AutoBackup\MemeoBackup.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Cloudmark, Inc.) C:\Program Files\Cloudmark\Desktop\Clients\cdshookloader.dll
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Outlook Express\msimn.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

Cookiegal:The scan seemed to stop mid-scan, also there was no second log shown in the directory. I will try to run a second scan again to see what happens
 
#15 ·
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-11-2014
Ran by Tom at 2014-11-24 13:40:01
Running from C:\Documents and Settings\Tom\My Documents
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Free Antivirus (Disabled - Up to date) {5AD27692-540A-464E-B625-78275FA38393}
FW: Panda Firewall (Disabled) {1337562C-110A-4AF8-B12B-750C0B30E802}
FW: COMODO Firewall (Disabled) {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.09) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AutoSizer (HKLM\...\AutoSizer) (Version: - )
Belarc Advisor 8.4 (HKLM\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cloudmark DesktopOne (HKLM\...\{FD3D92AB-F2EE-4141-87BA-5998A7825D37}) (Version: 1.8.0.28 - Cloudmark)
COMODO Firewall (HKLM\...\{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6}) (Version: 7.0.55655.4142 - COMODO Security Solutions Inc.)
CryptoPrevent v4.3.0 (HKLM\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)
Glary Utilities 5.12 (HKLM\...\Glary Utilities 5) (Version: 5.12.0.25 - Glarysoft Ltd)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HostsMan 4.3.99 (HKLM\...\{1A3DD1A9-7B7B-4ECA-AD2F-98466F49F62C}_is1) (Version: 4.3.99.0 - abelhadigital.com)
IDrive Version - 6.0 (HKLM\...\IDrive_is1) (Version: 6.0 - Pro Softnet Corp)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4543 - )
Intel(R) PRO Network Connections Drivers (HKLM\...\PROSet) (Version: - )
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Kingsoft Office 2013 (9.1.0.4480) (HKLM\...\Kingsoft Office) (Version: 9.1.0.4480 - Kingsoft Corp.)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Memeo Backup (HKLM\...\{82B2DB92-98CA-4a0e-B1BD-18B6E2D320CB}) (Version: - Memeo Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Download Manager (HKLM\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Panda Devices Agent (HKLM\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM\...\Panda Universal Agent Endpoint) (Version: 15.00.04.0000 - Panda Security)
Panda Free Antivirus (Version: 7.23.00.0000 - Panda Security) Hidden
PrivDog (HKLM\...\PrivDog) (Version: 2.2.0.14 - privdog.com)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secunia PSI (2.0.0.3001) (HKLM\...\Secunia PSI) (Version: - )
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.4600.0 - SigmaTel)
Spell Checker For OE 2.1 (HKLM\...\Spell Checker For OE 2.1) (Version: - )
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1130 - SUPERAntiSpyware.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WD Diagnostics (HKLM\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
WOT for Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

11-09-2014 02:38:12 System Checkpoint
12-09-2014 04:08:58 System Checkpoint
13-09-2014 04:33:08 System Checkpoint
14-09-2014 09:05:39 System Checkpoint
14-09-2014 22:07:28 Installed Java 7 Update 51
14-09-2014 22:10:34 Installed Java 7 Update 67
15-09-2014 17:19:47 Installed Microsoft Fix it 50672
16-09-2014 17:20:01 System Checkpoint
16-09-2014 20:27:44 Revo Uninstaller's restore point - Mozilla Firefox 32.0.1 (x86 en-US)
17-09-2014 19:56:35 Revo Uninstaller's restore point - Glary Utilities 5.7
17-09-2014 20:06:29 Revo Uninstaller's restore point - Glary Utilities 5.8
18-09-2014 23:04:37 System Checkpoint
20-09-2014 10:07:14 System Checkpoint
21-09-2014 21:33:39 System Checkpoint
23-09-2014 09:37:04 System Checkpoint
24-09-2014 14:48:15 System Checkpoint
25-09-2014 19:30:02 System Checkpoint
26-09-2014 20:28:25 System Checkpoint
28-09-2014 00:40:43 System Checkpoint
29-09-2014 00:53:38 System Checkpoint
30-09-2014 01:56:11 System Checkpoint
01-10-2014 15:06:03 System Checkpoint
02-10-2014 18:17:45 System Checkpoint
02-10-2014 19:35:29 Removed Cloudmark DesktopOne.
02-10-2014 19:35:48 Installed Cloudmark DesktopOne.
03-10-2014 21:30:44 System Checkpoint
04-10-2014 21:51:18 System Checkpoint
06-10-2014 00:44:45 System Checkpoint
07-10-2014 08:33:10 System Checkpoint
08-10-2014 15:03:07 System Checkpoint
09-10-2014 15:13:30 System Checkpoint
11-10-2014 19:25:24 Installed Microsoft Fix it 50672
14-10-2014 20:02:07 System Checkpoint
15-10-2014 17:00:19 Software Distribution Service 3.0
18-10-2014 15:51:28 System Checkpoint
21-10-2014 01:52:53 Removed Java 7 Update 51
21-10-2014 01:54:08 Installed Java 7 Update 71
21-10-2014 19:10:49 Installed Microsoft Fix it 50672
22-10-2014 23:40:09 System Checkpoint
24-10-2014 01:14:33 System Checkpoint
25-10-2014 14:21:12 System Checkpoint
26-10-2014 20:19:07 System Checkpoint
27-10-2014 21:12:14 System Checkpoint
29-10-2014 01:37:20 System Checkpoint
30-10-2014 10:11:10 System Checkpoint
02-11-2014 16:27:30 System Checkpoint
06-11-2014 09:53:05 System Checkpoint
07-11-2014 17:39:26 System Checkpoint
10-11-2014 04:36:33 System Checkpoint
12-11-2014 09:54:20 System Checkpoint
12-11-2014 18:00:15 Software Distribution Service 3.0
14-11-2014 02:12:24 System Checkpoint
15-11-2014 08:11:05 System Checkpoint
16-11-2014 17:16:55 System Checkpoint
17-11-2014 18:09:03 System Checkpoint
18-11-2014 18:21:43 Revo Uninstaller's restore point - COMODO Internet Security
18-11-2014 18:23:31 Removed COMODO Internet Security Premium
18-11-2014 19:13:13 Installed Privatefirewall 7.0
18-11-2014 19:39:08 Revo Uninstaller's restore point - Privatefirewall 7.0
18-11-2014 19:39:36 Removed Privatefirewall 7.0
19-11-2014 23:46:50 System Checkpoint
20-11-2014 20:41:17 Revo Uninstaller's restore point - Comodo Dragon
20-11-2014 20:43:26 Revo Uninstaller's restore point - GeekBuddy
20-11-2014 20:43:36 Removed GeekBuddy.
20-11-2014 20:48:05 Revo Uninstaller's restore point - Windows Search 4.0
20-11-2014 20:57:33 Revo Uninstaller's restore point - Windows Search 4.0
21-11-2014 17:35:08 Adobe Shockwave Player Installation
21-11-2014 17:36:52 Revo Uninstaller's restore point - Adobe Flash Player 15 ActiveX
21-11-2014 17:38:02 Revo Uninstaller's restore point - Adobe Flash Player 15 Plugin
21-11-2014 17:43:58 Revo Uninstaller's restore point - Mozilla Firefox 33.1 (x86 en-US)
22-11-2014 18:36:20 System Checkpoint
24-11-2014 18:57:04 System Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-14 04:00 - 2014-11-13 14:06 - 44749349 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 cl21.v4.adaction.se
0.0.0.0 show.adclick.lv
0.0.0.0 222-33544_999.pub.adfirmative.com
0.0.0.0 c.adfirmative.com
0.0.0.0 rc.de.adlink.net #[Tracking.Cookie]
0.0.0.0 tr.de.adlink.net
0.0.0.0 ads.admodus.com #[Tracking.Cookie]
0.0.0.0 tt11.adobe.com #[adobe.tcliveus.com]
0.0.0.0 ad02.adonspot.com
0.0.0.0 www.adoperator.com
0.0.0.0 e.adpower.bg
0.0.0.0 ads.adtube.de
0.0.0.0 www.adultcommercial.net
0.0.0.0 counterimg1.adultrevenueservice.com
0.0.0.0 images.adviews.de
0.0.0.0 www.adviews.de
0.0.0.0 atd.agencytradingdesk.net
0.0.0.0 bokee.allyes.com
0.0.0.0 eastmoney.allyes.com
0.0.0.0 sroomafp.allyes.com
0.0.0.0 tom.allyes.com
0.0.0.0 advloc.alice.it
0.0.0.0 ad.bauerverlag.de
0.0.0.0 imstore.bet365affiliates.com
0.0.0.0 server.bittads.com
0.0.0.0 dc.bizjournals.com
0.0.0.0 ads.blizzard.com
0.0.0.0 adv.bol.bg

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize 5.job => C:\Program Files\Glary Utilities 5\Initialize.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Tom.job => C:\Program Files\Kingsoft\Kingsoft Office\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Tom.job => C:\Program Files\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-12 09:23 - 2013-04-12 09:23 - 00612664 _____ () C:\Program Files\Panda Security\Panda Security Protection\SQLite3.dll
2014-01-30 12:54 - 2014-01-30 12:54 - 00086016 _____ () C:\Program Files\AutoSizer\AutoSizer.dll
2014-11-09 22:35 - 2014-11-09 22:35 - 00080160 _____ () C:\Program Files\Glary Utilities 5\zlib1.dll
2010-07-28 09:13 - 2010-07-28 09:13 - 02887904 _____ () C:\Program Files\Memeo\AutoBackup\Memeo.Client.UI.dll
2010-07-28 09:13 - 2010-07-28 09:13 - 00025824 _____ () C:\Program Files\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
2010-04-05 10:52 - 2010-04-05 10:52 - 00504293 _____ () C:\Program Files\Memeo\AutoBackup\sqlite3.dll
2014-08-08 10:54 - 2014-08-08 10:54 - 00064176 _____ () C:\Program Files\Cloudmark\Desktop\Service\cdswin.XmlSerializers.dll
2014-08-08 10:54 - 2014-08-08 10:54 - 00043696 _____ () C:\Program Files\Cloudmark\Desktop\Service\cdswinmail.XmlSerializers.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-796845957-790525478-1177238915-500 - Administrator - Enabled)
ASPNET (S-1-5-21-796845957-790525478-1177238915-1004 - Limited - Enabled)
Guest (S-1-5-21-796845957-790525478-1177238915-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-796845957-790525478-1177238915-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-796845957-790525478-1177238915-1002 - Limited - Disabled)
Tom (S-1-5-21-796845957-790525478-1177238915-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Tom

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/24/2014 01:32:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application FRST.exe, version 23.11.2014.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/24/2014 01:18:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application FRST.exe, version 23.11.2014.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/24/2014 00:59:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x02fc5e82.
Processing media-specific event for [iexplore.exe!ws!]

Error: (11/24/2014 00:44:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application FRST.exe, version 23.11.2014.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/24/2014 00:43:36 PM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Fault bucket 667677771.

Error: (11/24/2014 00:43:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application FRST.exe, version 23.11.2014.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/24/2014 00:43:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application FRST.exe, version 23.11.2014.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/14/2014 02:37:01 PM) (Source: Application Error) (EventID: 1001) (User: )
Description: Fault bucket 223614417.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (11/14/2014 02:36:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.23588, fault address 0x0017a34f.
Processing media-specific event for [iexplore.exe!ws!]

Error: (10/11/2014 11:32:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

System errors:
=============
Error: (11/24/2014 01:34:40 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/24/2014 01:20:56 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/24/2014 08:36:58 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/24/2014 07:06:24 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/23/2014 07:25:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The IDriveService service terminated unexpectedly. It has done this 1 time(s).

Error: (11/22/2014 07:25:29 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/21/2014 01:58:08 PM) (Source: Print) (EventID: 6161) (User: INSPIRON-A64846)
Description: The document forms_3.pdf owned by Tom failed to print on printer HP DeskJet 810C. Data type: NT EMF 1.008. Size of the spool file in bytes: 458752. Number of bytes printed: 68416. Total number of pages in the document: 8. Number of pages printed: 1. Client machine: \\INSPIRON-A64846. Win32 error code returned by the print processor: forms_3.pdf0. forms_3.pdf1

Error: (11/21/2014 01:55:11 PM) (Source: Print) (EventID: 6161) (User: INSPIRON-A64846)
Description: The document forms_3.pdf owned by Tom failed to print on printer HP DeskJet 810C. Data type: NT EMF 1.008. Size of the spool file in bytes: 900468. Number of bytes printed: 179500. Total number of pages in the document: 16. Number of pages printed: 1. Client machine: \\INSPIRON-A64846. Win32 error code returned by the print processor: forms_3.pdf0. forms_3.pdf1

Error: (11/21/2014 01:02:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The IDriveService service terminated unexpectedly. It has done this 1 time(s).

Error: (11/20/2014 01:00:10 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of memory in use: 27%
Total physical RAM: 2550.07 MB
Available physical RAM: 1860.81 MB
Total Pagefile: 4893.54 MB
Available Pagefile: 4175.35 MB
Total Virtual: 2047.88 MB
Available Virtual: 1931.58 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:71.36 GB) (Free:49.12 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive e: (New Volume) (Fixed) (Total:149.05 GB) (Free:96.3 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 74.5 GB) (Disk ID: D0F4738C)
Partition 1: (Not Active) - (Size=31 MB) - (Type=DE)
Partition 2: (Active) - (Size=71.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=3.1 GB) - (Type=DB)

========================================================
Disk: 1 (Size: 149.1 GB) (Disk ID: 44FDFE06)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================
 
#16 ·
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2014
Ran by Tom (administrator) on INSPIRON-A64846 on 24-11-2014 13:38:27
Running from C:\Documents and Settings\Tom\My Documents
Loaded Profile: Tom (Available profiles: Tom)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Prosoftnet) C:\Program Files\IDriveWindows\id_service.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Memeo) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Prosoftnet) C:\Program Files\IDriveWindows\id_bglaunch.exe
(Prosoftnet) C:\Program Files\IDriveWindows\id_tray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(AdTrustMedia) C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(South Bay Software) C:\Program Files\AutoSizer\AutoSizer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(Memeo Inc.) C:\Program Files\Memeo\AutoBackup\MemeoBackup.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Cloudmark, Inc.) C:\Program Files\Cloudmark\Desktop\Service\cdswin.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Cloudmark, Inc.) C:\Program Files\Cloudmark\Desktop\Clients\cdshookloader.dll
(Secunia) C:\Program Files\Secunia\PSI\sua.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [118784 2006-03-23] (Intel Corporation)
HKLM\...\Run: [IDrive Background process] => C:\Program Files\IDriveWindows\id_bglaunch.exe [64560 2014-02-04] (Prosoftnet)
HKLM\...\Run: [IDrive Tray] => C:\Program Files\IDriveWindows\id_tray.exe [1918512 2014-02-04] (Prosoftnet)
HKLM\...\Run: [Memeo Backup] => C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2010-07-28] (Memeo Inc.)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2006-03-23] (Intel Corporation)
HKLM\...\Run: [PrivDogService] => C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe [662184 2014-06-17] (AdTrustMedia)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1225944 2014-03-25] (COMODO)
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *** <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\rmi\ccleaner-4.07.4369.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\rmi\ccleaner-4.07.4369.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\rmi\ccleaner-4.07.4369.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\rmi\ccleaner-4.07.4369.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\rmi\ccleaner-4.07.4369.exe <====== ATTENTION
HKU\S-1-5-21-796845957-790525478-1177238915-1003\...\Run: [AutoSizer] => C:\Program Files\AutoSizer\AutoSizer.exe [131072 2014-01-30] (South Bay Software)
HKU\S-1-5-21-796845957-790525478-1177238915-1003\...\Run: [C466C17143B7DE3BD7C31B2E8AF4946187F98163._service_run] => C:\Program Files\Google\Chrome\Application\chrome.exe [856904 2014-11-14] (Google Inc.)
HKU\S-1-5-21-796845957-790525478-1177238915-1003\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6692632 2014-10-08] (SUPERAntiSpyware)
HKU\S-1-5-21-796845957-790525478-1177238915-1003\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2014-11-09] (Glarysoft Ltd)
HKU\S-1-5-21-796845957-790525478-1177238915-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-29] (Piriform Ltd)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Cloudmark DesktopOne.lnk
ShortcutTarget: Cloudmark DesktopOne.lnk -> C:\Program Files\Cloudmark\Desktop\Service\cdswin.exe (Cloudmark, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
BootExecute: autocheck autochk *
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-796845957-790525478-1177238915-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ussportspages.com/
HKU\S-1-5-21-796845957-790525478-1177238915-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-796845957-790525478-1177238915-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll (AdTrustMedia)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKU\S-1-5-21-796845957-790525478-1177238915-1003 -> &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-796845957-790525478-1177238915-1003 -> &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-796845957-790525478-1177238915-1003 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} http://rrtruckee.viewnetcam.com:81/kxhcm10.ocx
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1390611441515
DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/downl...584-842756A66467/MicrosoftDownloadManager.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - No File
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/DownloadManager,version=1.1 -> C:\WINDOWS\ ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3306061&SearchSource=48&CUI=UN10278907719805228&UM=2
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3306061&SearchSource=48&CUI=UN10278907719805228&UM=2"
CHR Profile: C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (PrivDog) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja [2014-04-21]
CHR Extension: (IBA Opt-out (by Google)) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2014-02-20]
CHR Extension: (HTTPS Everywhere) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-03-14]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-24]
CHR Extension: (Print Plus) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ojakclmaoajbbagjiklbpcfkbibpfnpp [2014-05-08]
CHR Extension: (Send from Gmail (by Google)) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2014-02-18]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5306504 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1663192 2014-03-25] (COMODO)
R2 IDriveService; C:\Program Files\IDriveWindows\id_service.exe [92720 2014-02-04] (Prosoftnet)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-10-20] (Oracle Corporation)
R2 MemeoBackgroundService; C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [25824 2010-07-28] (Memeo)
R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [993848 2011-01-10] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [399416 2011-01-10] (Secunia)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ADM8511; C:\WINDOWS\System32\DRIVERS\ADM8511.SYS [20160 2001-08-17] (ADMtek Incorporated)
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2013-09-10] () [File not signed]
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [15704 2014-04-16] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [607448 2014-04-16] (COMODO)
R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [29912 2014-04-16] (COMODO)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [17344 2014-10-21] (Glarysoft Ltd)
R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [104920 2014-04-16] (COMODO)
R1 NNSALPC; C:\WINDOWS\System32\DRIVERS\NNSAlpc.sys [88992 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\System32\DRIVERS\NNSHttp.sys [166816 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\System32\DRIVERS\NNSHttps.sys [110624 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\System32\DRIVERS\NNSIds.sys [125216 2014-06-04] (Panda Security, S.L.)
R3 NNSNAHS; C:\WINDOWS\System32\DRIVERS\NNSNAHS.sys [46464 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\System32\DRIVERS\NNSPicc.sys [96160 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHS; C:\WINDOWS\System32\DRIVERS\NNSPihs.sys [52384 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\System32\DRIVERS\NNSPop3.sys [121888 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\System32\DRIVERS\NNSProt.sys [288032 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\System32\DRIVERS\NNSPrv.sys [208800 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\System32\DRIVERS\NNSSmtp.sys [109856 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\System32\DRIVERS\NNSStrm.sys [244000 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\System32\DRIVERS\NNSTlsc.sys [96928 2014-06-04] (Panda Security, S.L.)
R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [140688 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [103312 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\System32\DRIVERS\psinknc.sys [172432 2014-10-02] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [114704 2014-10-02] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [124944 2014-10-02] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\System32\DRIVERS\PSINReg.sys [100496 2014-10-13] (Panda Security, S.L.)
R3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [48736 2014-03-25] (Panda Security, S.L.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
S0 cerc6; No ImagePath
S4 IntelIde; No ImagePath
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 13:12 - 2014-11-24 13:39 - 00030838 _____ () C:\Documents and Settings\Tom\My Documents\FRST.txt
2014-11-24 13:09 - 2014-11-24 13:10 - 01110016 _____ (Farbar) C:\Documents and Settings\Tom\My Documents\FRST.exe
2014-11-24 12:13 - 2014-11-24 13:38 - 00000000 ____D () C:\FRST
2014-11-20 12:48 - 2014-11-20 13:51 - 00020402 _____ () C:\WINDOWS\iis6.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00019154 _____ () C:\WINDOWS\FaxSetup.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00011684 _____ () C:\WINDOWS\ocgen.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00010233 _____ () C:\WINDOWS\tsoc.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00006692 _____ () C:\WINDOWS\comsetup.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00004342 _____ () C:\WINDOWS\ntdtcsetup.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00003758 _____ () C:\WINDOWS\netfxocm.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00001943 _____ () C:\WINDOWS\imsins.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00001569 _____ () C:\WINDOWS\MedCtrOC.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00001109 _____ () C:\WINDOWS\ocmsn.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00001048 _____ () C:\WINDOWS\msgsocm.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00000933 _____ () C:\WINDOWS\tabletoc.log
2014-11-20 12:48 - 2014-11-20 13:50 - 00005762 _____ () C:\WINDOWS\msmqinst.log
2014-11-20 12:48 - 2014-11-20 12:58 - 00075739 _____ () C:\WINDOWS\KB940157Uninst.log
2014-11-20 12:48 - 2014-11-20 12:58 - 00001393 _____ () C:\WINDOWS\imsins.BAK
2014-11-18 18:21 - 2014-11-20 12:59 - 00000000 ____D () C:\WINDOWS\SxsCaPendDel
2014-11-18 18:19 - 2014-11-18 18:19 - 00000000 ____D () C:\MSI547b0.tmp
2014-11-18 12:14 - 2014-11-18 12:14 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Application Data\COMODO
2014-11-18 12:11 - 2014-11-24 13:35 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2014-11-18 12:11 - 2014-11-24 13:35 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2014-11-18 12:06 - 2014-11-18 12:06 - 00001677 _____ () C:\Documents and Settings\All Users\Desktop\COMODO Firewall.lnk
2014-11-18 12:02 - 2014-11-20 12:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Comodo
2014-11-18 11:17 - 2014-11-18 11:17 - 00000000 ____D () C:\Documents and Settings\Tom\Local Settings\Application Data\Privatefirewall
2014-11-18 11:16 - 2014-11-18 11:16 - 00000000 ____D () C:\MSI1849c.tmp
2014-11-18 11:15 - 2014-03-25 05:15 - 00048736 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2014-11-18 11:13 - 2014-11-18 12:05 - 00017692 _____ () C:\WINDOWS\setupapi.log
2014-11-18 11:13 - 2014-11-18 11:39 - 00000028 _____ () C:\WINDOWS\ODBC.INI
2014-11-18 11:13 - 2014-11-18 11:13 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Privacyware
2014-11-18 11:12 - 2014-11-18 11:12 - 00000000 ____D () C:\MSI789d4.tmp
2014-11-18 10:40 - 2014-11-24 13:33 - 00196608 _____ () C:\WINDOWS\system32\config\Nano.evt
2014-11-18 10:40 - 2014-11-18 10:40 - 00000000 ____D () C:\Documents and Settings\Tom\Application Data\Panda Security
2014-11-18 10:40 - 2014-11-18 10:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Panda Free Antivirus
2014-11-18 10:39 - 2014-11-18 10:41 - 00000000 ____D () C:\Program Files\Panda Security
2014-11-18 10:39 - 2014-11-18 10:39 - 00000000 ____D () C:\MSI8b6c7.tmp
2014-11-18 10:38 - 2014-11-18 10:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Panda Security
2014-11-13 13:47 - 2014-11-13 13:47 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\001255DA.sys
2014-11-13 13:08 - 2014-11-13 13:08 - 00000000 ____D () C:\Documents and Settings\All Users\GlarySoft
2014-11-13 12:59 - 2014-11-13 12:59 - 00000060 _____ () C:\WINDOWS\setupact.log
2014-11-13 12:59 - 2014-11-13 12:59 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-11-13 12:37 - 2014-11-13 12:37 - 00000000 ____D () C:\Documents and Settings\Tom\Start Menu\Programs\CCleaner
2014-11-11 17:04 - 2014-11-11 18:04 - 04918960 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 13:39 - 2014-01-24 12:43 - 00000000 ____D () C:\Documents and Settings\Tom\Local Settings\Temp
2014-11-24 13:36 - 2014-09-17 12:13 - 00000000 ____D () C:\Program Files\Glary Utilities 5
2014-11-24 13:36 - 2014-01-29 13:19 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-24 13:35 - 2014-09-17 12:13 - 00000316 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2014-11-24 13:35 - 2014-01-24 12:27 - 01345529 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-24 13:34 - 2014-03-11 13:30 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-11-24 13:34 - 2014-01-24 17:36 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-24 13:34 - 2014-01-24 12:37 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-24 13:34 - 2008-04-14 04:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-11-24 13:33 - 2014-04-13 13:10 - 00065536 _____ () C:\WINDOWS\system32\config\COMODO I.evt
2014-11-24 13:33 - 2014-01-24 12:43 - 00000178 ___SH () C:\Documents and Settings\Tom\ntuser.ini
2014-11-24 13:33 - 2014-01-24 12:37 - 00032656 _____ () C:\WINDOWS\SchedLgU.Txt
2014-11-24 13:23 - 2014-01-24 17:36 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-24 12:54 - 2014-02-04 09:53 - 00000358 _____ () C:\WINDOWS\Tasks\WpsNotifyTask_Tom.job
2014-11-24 12:41 - 2014-02-04 09:53 - 00000358 _____ () C:\WINDOWS\Tasks\WpsUpdateTask_Tom.job
2014-11-24 07:08 - 2014-02-04 10:55 - 00000000 ____D () C:\Program Files\IDriveWindows
2014-11-21 09:52 - 2014-01-24 17:37 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-11-21 09:35 - 2014-01-24 12:25 - 00000000 ____D () C:\WINDOWS\system32\Macromed
2014-11-20 12:59 - 2014-01-29 18:41 - 00000000 ____D () C:\Program Files\Windows Desktop Search
2014-11-20 12:46 - 2014-01-29 13:43 - 00000000 ____D () C:\Program Files\Comodo
2014-11-20 12:41 - 2014-01-29 13:48 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO
2014-11-20 12:37 - 2014-06-10 10:36 - 00000000 ____D () C:\Documents and Settings\Tom\Local Settings\Application Data\Adobe
2014-11-20 11:46 - 2014-01-24 12:37 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
2014-11-20 09:25 - 2014-08-18 15:36 - 00140800 _____ () C:\Documents and Settings\Tom\My Documents\Manpower Pool Schedule 2014.xls
2014-11-18 14:24 - 2014-01-31 12:05 - 00000877 _____ () C:\Documents and Settings\Tom\Desktop\Shortcut to Files named @.tmp,@.chk,~@.@.lnk
2014-11-18 12:03 - 2014-01-29 13:51 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\COMODO
2014-11-18 11:37 - 2014-01-29 14:34 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TEMP
2014-11-18 11:15 - 2014-01-24 04:07 - 00275760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-18 10:41 - 2014-01-24 13:05 - 00068552 _____ () C:\Documents and Settings\Tom\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-11-14 06:48 - 2014-01-24 12:43 - 00000000 ____D () C:\Documents and Settings\Tom
2014-11-13 13:47 - 2014-03-27 08:56 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-13 12:43 - 2014-09-17 12:13 - 00000761 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Glary Utilities 5.lnk
2014-11-13 12:43 - 2014-09-17 12:13 - 00000755 _____ () C:\Documents and Settings\All Users\Desktop\Glary Utilities 5.lnk
2014-11-13 12:40 - 2014-01-29 14:34 - 00000000 ____D () C:\Program Files\SpywareBlaster
2014-11-13 12:36 - 2014-01-29 13:10 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-12 10:00 - 2014-01-24 13:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-11 14:44 - 2014-01-24 04:10 - 00602644 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-08 15:00 - 2014-03-11 13:30 - 00000212 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-11-04 11:18 - 2014-01-24 12:43 - 00000788 _____ () C:\Documents and Settings\Tom\Start Menu\Programs\Windows Media Player.lnk
2014-10-31 23:25 - 2014-01-24 13:29 - 100445232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
 
#18 ·
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2014
Ran by Tom (administrator) on INSPIRON-A64846 on 24-11-2014 13:38:27
Running from C:\Documents and Settings\Tom\My Documents
Loaded Profile: Tom (Available profiles: Tom)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Prosoftnet) C:\Program Files\IDriveWindows\id_service.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Memeo) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Prosoftnet) C:\Program Files\IDriveWindows\id_bglaunch.exe
(Prosoftnet) C:\Program Files\IDriveWindows\id_tray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(AdTrustMedia) C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(South Bay Software) C:\Program Files\AutoSizer\AutoSizer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(Memeo Inc.) C:\Program Files\Memeo\AutoBackup\MemeoBackup.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Cloudmark, Inc.) C:\Program Files\Cloudmark\Desktop\Service\cdswin.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Cloudmark, Inc.) C:\Program Files\Cloudmark\Desktop\Clients\cdshookloader.dll
(Secunia) C:\Program Files\Secunia\PSI\sua.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [118784 2006-03-23] (Intel Corporation)
HKLM\...\Run: [IDrive Background process] => C:\Program Files\IDriveWindows\id_bglaunch.exe [64560 2014-02-04] (Prosoftnet)
HKLM\...\Run: [IDrive Tray] => C:\Program Files\IDriveWindows\id_tray.exe [1918512 2014-02-04] (Prosoftnet)
HKLM\...\Run: [Memeo Backup] => C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2010-07-28] (Memeo Inc.)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2006-03-23] (Intel Corporation)
HKLM\...\Run: [PrivDogService] => C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe [662184 2014-06-17] (AdTrustMedia)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1225944 2014-03-25] (COMODO)
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *** <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\rmi\ccleaner-4.07.4369.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\rmi\ccleaner-4.07.4369.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\rmi\ccleaner-4.07.4369.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\rmi\ccleaner-4.07.4369.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\rmi\ccleaner-4.07.4369.exe <====== ATTENTION
HKU\S-1-5-21-796845957-790525478-1177238915-1003\...\Run: [AutoSizer] => C:\Program Files\AutoSizer\AutoSizer.exe [131072 2014-01-30] (South Bay Software)
HKU\S-1-5-21-796845957-790525478-1177238915-1003\...\Run: [C466C17143B7DE3BD7C31B2E8AF4946187F98163._service_run] => C:\Program Files\Google\Chrome\Application\chrome.exe [856904 2014-11-14] (Google Inc.)
HKU\S-1-5-21-796845957-790525478-1177238915-1003\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6692632 2014-10-08] (SUPERAntiSpyware)
HKU\S-1-5-21-796845957-790525478-1177238915-1003\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2014-11-09] (Glarysoft Ltd)
HKU\S-1-5-21-796845957-790525478-1177238915-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-29] (Piriform Ltd)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Cloudmark DesktopOne.lnk
ShortcutTarget: Cloudmark DesktopOne.lnk -> C:\Program Files\Cloudmark\Desktop\Service\cdswin.exe (Cloudmark, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
BootExecute: autocheck autochk *
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-796845957-790525478-1177238915-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ussportspages.com/
HKU\S-1-5-21-796845957-790525478-1177238915-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-796845957-790525478-1177238915-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll (AdTrustMedia)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKU\S-1-5-21-796845957-790525478-1177238915-1003 -> &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-796845957-790525478-1177238915-1003 -> &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-796845957-790525478-1177238915-1003 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} http://rrtruckee.viewnetcam.com:81/kxhcm10.ocx
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1390611441515
DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/downl...584-842756A66467/MicrosoftDownloadManager.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - No File
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/DownloadManager,version=1.1 -> C:\WINDOWS\ ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3306061&SearchSource=48&CUI=UN10278907719805228&UM=2
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3306061&SearchSource=48&CUI=UN10278907719805228&UM=2"
CHR Profile: C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (PrivDog) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja [2014-04-21]
CHR Extension: (IBA Opt-out (by Google)) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2014-02-20]
CHR Extension: (HTTPS Everywhere) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-03-14]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-24]
CHR Extension: (Print Plus) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ojakclmaoajbbagjiklbpcfkbibpfnpp [2014-05-08]
CHR Extension: (Send from Gmail (by Google)) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2014-02-18]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5306504 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1663192 2014-03-25] (COMODO)
R2 IDriveService; C:\Program Files\IDriveWindows\id_service.exe [92720 2014-02-04] (Prosoftnet)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-10-20] (Oracle Corporation)
R2 MemeoBackgroundService; C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [25824 2010-07-28] (Memeo)
R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [993848 2011-01-10] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [399416 2011-01-10] (Secunia)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ADM8511; C:\WINDOWS\System32\DRIVERS\ADM8511.SYS [20160 2001-08-17] (ADMtek Incorporated)
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2013-09-10] () [File not signed]
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [15704 2014-04-16] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [607448 2014-04-16] (COMODO)
R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [29912 2014-04-16] (COMODO)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [17344 2014-10-21] (Glarysoft Ltd)
R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [104920 2014-04-16] (COMODO)
R1 NNSALPC; C:\WINDOWS\System32\DRIVERS\NNSAlpc.sys [88992 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\System32\DRIVERS\NNSHttp.sys [166816 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\System32\DRIVERS\NNSHttps.sys [110624 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\System32\DRIVERS\NNSIds.sys [125216 2014-06-04] (Panda Security, S.L.)
R3 NNSNAHS; C:\WINDOWS\System32\DRIVERS\NNSNAHS.sys [46464 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\System32\DRIVERS\NNSPicc.sys [96160 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHS; C:\WINDOWS\System32\DRIVERS\NNSPihs.sys [52384 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\System32\DRIVERS\NNSPop3.sys [121888 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\System32\DRIVERS\NNSProt.sys [288032 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\System32\DRIVERS\NNSPrv.sys [208800 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\System32\DRIVERS\NNSSmtp.sys [109856 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\System32\DRIVERS\NNSStrm.sys [244000 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\System32\DRIVERS\NNSTlsc.sys [96928 2014-06-04] (Panda Security, S.L.)
R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [140688 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [103312 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\System32\DRIVERS\psinknc.sys [172432 2014-10-02] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [114704 2014-10-02] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [124944 2014-10-02] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\System32\DRIVERS\PSINReg.sys [100496 2014-10-13] (Panda Security, S.L.)
R3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [48736 2014-03-25] (Panda Security, S.L.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
S0 cerc6; No ImagePath
S4 IntelIde; No ImagePath
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 13:12 - 2014-11-24 13:39 - 00030838 _____ () C:\Documents and Settings\Tom\My Documents\FRST.txt
2014-11-24 13:09 - 2014-11-24 13:10 - 01110016 _____ (Farbar) C:\Documents and Settings\Tom\My Documents\FRST.exe
2014-11-24 12:13 - 2014-11-24 13:38 - 00000000 ____D () C:\FRST
2014-11-20 12:48 - 2014-11-20 13:51 - 00020402 _____ () C:\WINDOWS\iis6.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00019154 _____ () C:\WINDOWS\FaxSetup.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00011684 _____ () C:\WINDOWS\ocgen.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00010233 _____ () C:\WINDOWS\tsoc.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00006692 _____ () C:\WINDOWS\comsetup.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00004342 _____ () C:\WINDOWS\ntdtcsetup.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00003758 _____ () C:\WINDOWS\netfxocm.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00001943 _____ () C:\WINDOWS\imsins.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00001569 _____ () C:\WINDOWS\MedCtrOC.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00001109 _____ () C:\WINDOWS\ocmsn.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00001048 _____ () C:\WINDOWS\msgsocm.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00000933 _____ () C:\WINDOWS\tabletoc.log
2014-11-20 12:48 - 2014-11-20 13:50 - 00005762 _____ () C:\WINDOWS\msmqinst.log
2014-11-20 12:48 - 2014-11-20 12:58 - 00075739 _____ () C:\WINDOWS\KB940157Uninst.log
2014-11-20 12:48 - 2014-11-20 12:58 - 00001393 _____ () C:\WINDOWS\imsins.BAK
2014-11-18 18:21 - 2014-11-20 12:59 - 00000000 ____D () C:\WINDOWS\SxsCaPendDel
2014-11-18 18:19 - 2014-11-18 18:19 - 00000000 ____D () C:\MSI547b0.tmp
2014-11-18 12:14 - 2014-11-18 12:14 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Application Data\COMODO
2014-11-18 12:11 - 2014-11-24 13:35 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2014-11-18 12:11 - 2014-11-24 13:35 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2014-11-18 12:06 - 2014-11-18 12:06 - 00001677 _____ () C:\Documents and Settings\All Users\Desktop\COMODO Firewall.lnk
2014-11-18 12:02 - 2014-11-20 12:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Comodo
2014-11-18 11:17 - 2014-11-18 11:17 - 00000000 ____D () C:\Documents and Settings\Tom\Local Settings\Application Data\Privatefirewall
2014-11-18 11:16 - 2014-11-18 11:16 - 00000000 ____D () C:\MSI1849c.tmp
2014-11-18 11:15 - 2014-03-25 05:15 - 00048736 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2014-11-18 11:13 - 2014-11-18 12:05 - 00017692 _____ () C:\WINDOWS\setupapi.log
2014-11-18 11:13 - 2014-11-18 11:39 - 00000028 _____ () C:\WINDOWS\ODBC.INI
2014-11-18 11:13 - 2014-11-18 11:13 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Privacyware
2014-11-18 11:12 - 2014-11-18 11:12 - 00000000 ____D () C:\MSI789d4.tmp
2014-11-18 10:40 - 2014-11-24 13:33 - 00196608 _____ () C:\WINDOWS\system32\config\Nano.evt
2014-11-18 10:40 - 2014-11-18 10:40 - 00000000 ____D () C:\Documents and Settings\Tom\Application Data\Panda Security
2014-11-18 10:40 - 2014-11-18 10:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Panda Free Antivirus
2014-11-18 10:39 - 2014-11-18 10:41 - 00000000 ____D () C:\Program Files\Panda Security
2014-11-18 10:39 - 2014-11-18 10:39 - 00000000 ____D () C:\MSI8b6c7.tmp
2014-11-18 10:38 - 2014-11-18 10:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Panda Security
2014-11-13 13:47 - 2014-11-13 13:47 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\001255DA.sys
2014-11-13 13:08 - 2014-11-13 13:08 - 00000000 ____D () C:\Documents and Settings\All Users\GlarySoft
2014-11-13 12:59 - 2014-11-13 12:59 - 00000060 _____ () C:\WINDOWS\setupact.log
2014-11-13 12:59 - 2014-11-13 12:59 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-11-13 12:37 - 2014-11-13 12:37 - 00000000 ____D () C:\Documents and Settings\Tom\Start Menu\Programs\CCleaner
2014-11-11 17:04 - 2014-11-11 18:04 - 04918960 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 13:39 - 2014-01-24 12:43 - 00000000 ____D () C:\Documents and Settings\Tom\Local Settings\Temp
2014-11-24 13:36 - 2014-09-17 12:13 - 00000000 ____D () C:\Program Files\Glary Utilities 5
2014-11-24 13:36 - 2014-01-29 13:19 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-24 13:35 - 2014-09-17 12:13 - 00000316 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2014-11-24 13:35 - 2014-01-24 12:27 - 01345529 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-24 13:34 - 2014-03-11 13:30 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-11-24 13:34 - 2014-01-24 17:36 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-24 13:34 - 2014-01-24 12:37 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-24 13:34 - 2008-04-14 04:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-11-24 13:33 - 2014-04-13 13:10 - 00065536 _____ () C:\WINDOWS\system32\config\COMODO I.evt
2014-11-24 13:33 - 2014-01-24 12:43 - 00000178 ___SH () C:\Documents and Settings\Tom\ntuser.ini
2014-11-24 13:33 - 2014-01-24 12:37 - 00032656 _____ () C:\WINDOWS\SchedLgU.Txt
2014-11-24 13:23 - 2014-01-24 17:36 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-24 12:54 - 2014-02-04 09:53 - 00000358 _____ () C:\WINDOWS\Tasks\WpsNotifyTask_Tom.job
2014-11-24 12:41 - 2014-02-04 09:53 - 00000358 _____ () C:\WINDOWS\Tasks\WpsUpdateTask_Tom.job
2014-11-24 07:08 - 2014-02-04 10:55 - 00000000 ____D () C:\Program Files\IDriveWindows
2014-11-21 09:52 - 2014-01-24 17:37 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-11-21 09:35 - 2014-01-24 12:25 - 00000000 ____D () C:\WINDOWS\system32\Macromed
2014-11-20 12:59 - 2014-01-29 18:41 - 00000000 ____D () C:\Program Files\Windows Desktop Search
2014-11-20 12:46 - 2014-01-29 13:43 - 00000000 ____D () C:\Program Files\Comodo
2014-11-20 12:41 - 2014-01-29 13:48 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO
2014-11-20 12:37 - 2014-06-10 10:36 - 00000000 ____D () C:\Documents and Settings\Tom\Local Settings\Application Data\Adobe
2014-11-20 11:46 - 2014-01-24 12:37 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
2014-11-20 09:25 - 2014-08-18 15:36 - 00140800 _____ () C:\Documents and Settings\Tom\My Documents\Manpower Pool Schedule 2014.xls
2014-11-18 14:24 - 2014-01-31 12:05 - 00000877 _____ () C:\Documents and Settings\Tom\Desktop\Shortcut to Files named @.tmp,@.chk,~@.@.lnk
2014-11-18 12:03 - 2014-01-29 13:51 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\COMODO
2014-11-18 11:37 - 2014-01-29 14:34 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TEMP
2014-11-18 11:15 - 2014-01-24 04:07 - 00275760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-18 10:41 - 2014-01-24 13:05 - 00068552 _____ () C:\Documents and Settings\Tom\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-11-14 06:48 - 2014-01-24 12:43 - 00000000 ____D () C:\Documents and Settings\Tom
2014-11-13 13:47 - 2014-03-27 08:56 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-13 12:43 - 2014-09-17 12:13 - 00000761 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Glary Utilities 5.lnk
2014-11-13 12:43 - 2014-09-17 12:13 - 00000755 _____ () C:\Documents and Settings\All Users\Desktop\Glary Utilities 5.lnk
2014-11-13 12:40 - 2014-01-29 14:34 - 00000000 ____D () C:\Program Files\SpywareBlaster
2014-11-13 12:36 - 2014-01-29 13:10 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-12 10:00 - 2014-01-24 13:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-11 14:44 - 2014-01-24 04:10 - 00602644 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-08 15:00 - 2014-03-11 13:30 - 00000212 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-11-04 11:18 - 2014-01-24 12:43 - 00000788 _____ () C:\Documents and Settings\Tom\Start Menu\Programs\Windows Media Player.lnk
2014-10-31 23:25 - 2014-01-24 13:29 - 100445232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
 
#20 ·
cookiegal:

No this is my personal home desktop and I am the only one who ever uses it. My original XP home program failed about a year ago, and I had a Computer professional install a new program XP Professional from a disk? that he had. I believe it was a clean copy as he also installed Microsoft Office 2007 which I removed and replaced with Kingsoft Writer which was compatible with Outlook Express 6!

Up until about about 3 months ago I had no issues of any kind! I bought the Dell 5150 new so this was not a replacement machine. I am 74 years old and loved XP and was not interested in going to 7 or 8 when support stopped for XP in April. I am a carefull user, am fairly tech savy, and have not experienced any major virus or malware problems in the past year..

manofmarin
 
#21 ·
OK, thanks for that.

Please download ADWCleaner. Click on the Download Now button and save it to your desktop.

Close your browser and double-click on the AdwCleaner icon on your desktop to run the program.

Click on the Scan button. It may take several minutes to complete. When it is done click on the Report button and copy and paste the log here please.
 
#22 ·
# AdwCleaner v4.102 - Report created 24/11/2014 at 16:56:43
# Updated 23/11/2014 by Xplode
# Database : 2014-11-23.7 [Local]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Tom - INSPIRON-A64846
# Running from : C:\Documents and Settings\Tom\My Documents\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\END
Folder Found : C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Google\Chrome\Extensions\cmaiofennmphjldldcpphcechfnnohja
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v39.0.2171.65

[C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [1205 octets] - [24/11/2014 16:54:55]
AdwCleaner[R1].txt - [1817 octets] - [24/11/2014 16:56:43]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1877 octets] ##########
 
#24 ·
Cookiegal:

After running the clean option per your request, the window informed me that the report log would be shown after an automatic reboot.

After the reboot, there is no log in "my documents" where the download icon isand I have no idea where to find it? and after running the program again , I am not able to open the report button?

manofmarin.
 
#26 ·
# AdwCleaner v4.102 - Report created 25/11/2014 at 11:40:58
# Updated 23/11/2014 by Xplode
# Database : 2014-11-23.7 [Local]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Tom - INSPIRON-A64846
# Running from : C:\Documents and Settings\Tom\My Documents\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Found : C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v33.1.1 (x86 en-US)

-\\ Google Chrome v39.0.2171.65

[C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

-\\ Opera v0.0.0.0

*************************

AdwCleaner[R0].txt - [1720 octets] - [25/11/2014 11:40:58]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1780 octets] ##########
Cookiegal:Sorry, I've been out this morning. Have to disable Comodo to run program and forget! Is there a firewall you recommend? This is a fresh scan and report!

manofmarin
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top