Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2014
Ran by Tom (administrator) on INSPIRON-A64846 on 24-11-2014 13:38:27
Running from C:\Documents and Settings\Tom\My Documents
Loaded Profile: Tom (Available profiles: Tom)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Prosoftnet) C:\Program Files\IDriveWindows\id_service.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Memeo) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Prosoftnet) C:\Program Files\IDriveWindows\id_bglaunch.exe
(Prosoftnet) C:\Program Files\IDriveWindows\id_tray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(AdTrustMedia) C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(South Bay Software) C:\Program Files\AutoSizer\AutoSizer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(Memeo Inc.) C:\Program Files\Memeo\AutoBackup\MemeoBackup.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Cloudmark, Inc.) C:\Program Files\Cloudmark\Desktop\Service\cdswin.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Cloudmark, Inc.) C:\Program Files\Cloudmark\Desktop\Clients\cdshookloader.dll
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [118784 2006-03-23] (Intel Corporation)
HKLM\...\Run: [IDrive Background process] => C:\Program Files\IDriveWindows\id_bglaunch.exe [64560 2014-02-04] (Prosoftnet)
HKLM\...\Run: [IDrive Tray] => C:\Program Files\IDriveWindows\id_tray.exe [1918512 2014-02-04] (Prosoftnet)
HKLM\...\Run: [Memeo Backup] => C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2010-07-28] (Memeo Inc.)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2006-03-23] (Intel Corporation)
HKLM\...\Run: [PrivDogService] => C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe [662184 2014-06-17] (AdTrustMedia)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1225944 2014-03-25] (COMODO)
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *** <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\rmi\ccleaner-4.07.4369.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\rmi\ccleaner-4.07.4369.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\rmi\ccleaner-4.07.4369.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\rmi\ccleaner-4.07.4369.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\rmi\ccleaner-4.07.4369.exe <====== ATTENTION
HKU\S-1-5-21-796845957-790525478-1177238915-1003\...\Run: [AutoSizer] => C:\Program Files\AutoSizer\AutoSizer.exe [131072 2014-01-30] (South Bay Software)
HKU\S-1-5-21-796845957-790525478-1177238915-1003\...\Run: [C466C17143B7DE3BD7C31B2E8AF4946187F98163._service_run] => C:\Program Files\Google\Chrome\Application\chrome.exe [856904 2014-11-14] (Google Inc.)
HKU\S-1-5-21-796845957-790525478-1177238915-1003\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6692632 2014-10-08] (SUPERAntiSpyware)
HKU\S-1-5-21-796845957-790525478-1177238915-1003\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2014-11-09] (Glarysoft Ltd)
HKU\S-1-5-21-796845957-790525478-1177238915-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-29] (Piriform Ltd)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Cloudmark DesktopOne.lnk
ShortcutTarget: Cloudmark DesktopOne.lnk -> C:\Program Files\Cloudmark\Desktop\Service\cdswin.exe (Cloudmark, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
BootExecute: autocheck autochk *
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-796845957-790525478-1177238915-1003\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.ussportspages.com/
HKU\S-1-5-21-796845957-790525478-1177238915-1003\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-796845957-790525478-1177238915-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll (AdTrustMedia)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKU\S-1-5-21-796845957-790525478-1177238915-1003 -> &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-796845957-790525478-1177238915-1003 -> &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-796845957-790525478-1177238915-1003 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D}
http://rrtruckee.viewnetcam.com:81/kxhcm10.ocx
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1390611441515
DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE}
http://download.microsoft.com/downl...584-842756A66467/MicrosoftDownloadManager.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - No File
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/DownloadManager,version=1.1 -> C:\WINDOWS\ ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3306061&SearchSource=48&CUI=UN10278907719805228&UM=2
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3306061&SearchSource=48&CUI=UN10278907719805228&UM=2"
CHR Profile: C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (PrivDog) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja [2014-04-21]
CHR Extension: (IBA Opt-out (by Google)) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2014-02-20]
CHR Extension: (HTTPS Everywhere) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-03-14]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-24]
CHR Extension: (Print Plus) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ojakclmaoajbbagjiklbpcfkbibpfnpp [2014-05-08]
CHR Extension: (Send from Gmail (by Google)) - C:\Documents and Settings\Tom\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2014-02-18]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5306504 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1663192 2014-03-25] (COMODO)
R2 IDriveService; C:\Program Files\IDriveWindows\id_service.exe [92720 2014-02-04] (Prosoftnet)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-10-20] (Oracle Corporation)
R2 MemeoBackgroundService; C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [25824 2010-07-28] (Memeo)
R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [993848 2011-01-10] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [399416 2011-01-10] (Secunia)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ADM8511; C:\WINDOWS\System32\DRIVERS\ADM8511.SYS [20160 2001-08-17] (ADMtek Incorporated)
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2013-09-10] () [File not signed]
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [15704 2014-04-16] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [607448 2014-04-16] (COMODO)
R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [29912 2014-04-16] (COMODO)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [17344 2014-10-21] (Glarysoft Ltd)
R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [104920 2014-04-16] (COMODO)
R1 NNSALPC; C:\WINDOWS\System32\DRIVERS\NNSAlpc.sys [88992 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\System32\DRIVERS\NNSHttp.sys [166816 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\System32\DRIVERS\NNSHttps.sys [110624 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\System32\DRIVERS\NNSIds.sys [125216 2014-06-04] (Panda Security, S.L.)
R3 NNSNAHS; C:\WINDOWS\System32\DRIVERS\NNSNAHS.sys [46464 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\System32\DRIVERS\NNSPicc.sys [96160 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHS; C:\WINDOWS\System32\DRIVERS\NNSPihs.sys [52384 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\System32\DRIVERS\NNSPop3.sys [121888 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\System32\DRIVERS\NNSProt.sys [288032 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\System32\DRIVERS\NNSPrv.sys [208800 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\System32\DRIVERS\NNSSmtp.sys [109856 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\System32\DRIVERS\NNSStrm.sys [244000 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\System32\DRIVERS\NNSTlsc.sys [96928 2014-06-04] (Panda Security, S.L.)
R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [140688 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [103312 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\System32\DRIVERS\psinknc.sys [172432 2014-10-02] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [114704 2014-10-02] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [124944 2014-10-02] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\System32\DRIVERS\PSINReg.sys [100496 2014-10-13] (Panda Security, S.L.)
R3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [48736 2014-03-25] (Panda Security, S.L.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
S0 cerc6; No ImagePath
S4 IntelIde; No ImagePath
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-24 13:12 - 2014-11-24 13:39 - 00030838 _____ () C:\Documents and Settings\Tom\My Documents\FRST.txt
2014-11-24 13:09 - 2014-11-24 13:10 - 01110016 _____ (Farbar) C:\Documents and Settings\Tom\My Documents\FRST.exe
2014-11-24 12:13 - 2014-11-24 13:38 - 00000000 ____D () C:\FRST
2014-11-20 12:48 - 2014-11-20 13:51 - 00020402 _____ () C:\WINDOWS\iis6.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00019154 _____ () C:\WINDOWS\FaxSetup.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00011684 _____ () C:\WINDOWS\ocgen.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00010233 _____ () C:\WINDOWS\tsoc.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00006692 _____ () C:\WINDOWS\comsetup.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00004342 _____ () C:\WINDOWS\ntdtcsetup.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00003758 _____ () C:\WINDOWS\netfxocm.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00001943 _____ () C:\WINDOWS\imsins.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00001569 _____ () C:\WINDOWS\MedCtrOC.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00001109 _____ () C:\WINDOWS\ocmsn.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00001048 _____ () C:\WINDOWS\msgsocm.log
2014-11-20 12:48 - 2014-11-20 13:51 - 00000933 _____ () C:\WINDOWS\tabletoc.log
2014-11-20 12:48 - 2014-11-20 13:50 - 00005762 _____ () C:\WINDOWS\msmqinst.log
2014-11-20 12:48 - 2014-11-20 12:58 - 00075739 _____ () C:\WINDOWS\KB940157Uninst.log
2014-11-20 12:48 - 2014-11-20 12:58 - 00001393 _____ () C:\WINDOWS\imsins.BAK
2014-11-18 18:21 - 2014-11-20 12:59 - 00000000 ____D () C:\WINDOWS\SxsCaPendDel
2014-11-18 18:19 - 2014-11-18 18:19 - 00000000 ____D () C:\MSI547b0.tmp
2014-11-18 12:14 - 2014-11-18 12:14 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Application Data\COMODO
2014-11-18 12:11 - 2014-11-24 13:35 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2014-11-18 12:11 - 2014-11-24 13:35 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2014-11-18 12:06 - 2014-11-18 12:06 - 00001677 _____ () C:\Documents and Settings\All Users\Desktop\COMODO Firewall.lnk
2014-11-18 12:02 - 2014-11-20 12:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Comodo
2014-11-18 11:17 - 2014-11-18 11:17 - 00000000 ____D () C:\Documents and Settings\Tom\Local Settings\Application Data\Privatefirewall
2014-11-18 11:16 - 2014-11-18 11:16 - 00000000 ____D () C:\MSI1849c.tmp
2014-11-18 11:15 - 2014-03-25 05:15 - 00048736 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2014-11-18 11:13 - 2014-11-18 12:05 - 00017692 _____ () C:\WINDOWS\setupapi.log
2014-11-18 11:13 - 2014-11-18 11:39 - 00000028 _____ () C:\WINDOWS\ODBC.INI
2014-11-18 11:13 - 2014-11-18 11:13 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Privacyware
2014-11-18 11:12 - 2014-11-18 11:12 - 00000000 ____D () C:\MSI789d4.tmp
2014-11-18 10:40 - 2014-11-24 13:33 - 00196608 _____ () C:\WINDOWS\system32\config\Nano.evt
2014-11-18 10:40 - 2014-11-18 10:40 - 00000000 ____D () C:\Documents and Settings\Tom\Application Data\Panda Security
2014-11-18 10:40 - 2014-11-18 10:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Panda Free Antivirus
2014-11-18 10:39 - 2014-11-18 10:41 - 00000000 ____D () C:\Program Files\Panda Security
2014-11-18 10:39 - 2014-11-18 10:39 - 00000000 ____D () C:\MSI8b6c7.tmp
2014-11-18 10:38 - 2014-11-18 10:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Panda Security
2014-11-13 13:47 - 2014-11-13 13:47 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\001255DA.sys
2014-11-13 13:08 - 2014-11-13 13:08 - 00000000 ____D () C:\Documents and Settings\All Users\GlarySoft
2014-11-13 12:59 - 2014-11-13 12:59 - 00000060 _____ () C:\WINDOWS\setupact.log
2014-11-13 12:59 - 2014-11-13 12:59 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-11-13 12:37 - 2014-11-13 12:37 - 00000000 ____D () C:\Documents and Settings\Tom\Start Menu\Programs\CCleaner
2014-11-11 17:04 - 2014-11-11 18:04 - 04918960 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-24 13:39 - 2014-01-24 12:43 - 00000000 ____D () C:\Documents and Settings\Tom\Local Settings\Temp
2014-11-24 13:36 - 2014-09-17 12:13 - 00000000 ____D () C:\Program Files\Glary Utilities 5
2014-11-24 13:36 - 2014-01-29 13:19 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-24 13:35 - 2014-09-17 12:13 - 00000316 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2014-11-24 13:35 - 2014-01-24 12:27 - 01345529 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-24 13:34 - 2014-03-11 13:30 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-11-24 13:34 - 2014-01-24 17:36 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-24 13:34 - 2014-01-24 12:37 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-24 13:34 - 2008-04-14 04:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-11-24 13:33 - 2014-04-13 13:10 - 00065536 _____ () C:\WINDOWS\system32\config\COMODO I.evt
2014-11-24 13:33 - 2014-01-24 12:43 - 00000178 ___SH () C:\Documents and Settings\Tom\ntuser.ini
2014-11-24 13:33 - 2014-01-24 12:37 - 00032656 _____ () C:\WINDOWS\SchedLgU.Txt
2014-11-24 13:23 - 2014-01-24 17:36 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-24 12:54 - 2014-02-04 09:53 - 00000358 _____ () C:\WINDOWS\Tasks\WpsNotifyTask_Tom.job
2014-11-24 12:41 - 2014-02-04 09:53 - 00000358 _____ () C:\WINDOWS\Tasks\WpsUpdateTask_Tom.job
2014-11-24 07:08 - 2014-02-04 10:55 - 00000000 ____D () C:\Program Files\IDriveWindows
2014-11-21 09:52 - 2014-01-24 17:37 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-11-21 09:35 - 2014-01-24 12:25 - 00000000 ____D () C:\WINDOWS\system32\Macromed
2014-11-20 12:59 - 2014-01-29 18:41 - 00000000 ____D () C:\Program Files\Windows Desktop Search
2014-11-20 12:46 - 2014-01-29 13:43 - 00000000 ____D () C:\Program Files\Comodo
2014-11-20 12:41 - 2014-01-29 13:48 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO
2014-11-20 12:37 - 2014-06-10 10:36 - 00000000 ____D () C:\Documents and Settings\Tom\Local Settings\Application Data\Adobe
2014-11-20 11:46 - 2014-01-24 12:37 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
2014-11-20 09:25 - 2014-08-18 15:36 - 00140800 _____ () C:\Documents and Settings\Tom\My Documents\Manpower Pool Schedule 2014.xls
2014-11-18 14:24 - 2014-01-31 12:05 - 00000877 _____ () C:\Documents and Settings\Tom\Desktop\Shortcut to Files named @.tmp,@.chk,~@.@.lnk
2014-11-18 12:03 - 2014-01-29 13:51 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\COMODO
2014-11-18 11:37 - 2014-01-29 14:34 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TEMP
2014-11-18 11:15 - 2014-01-24 04:07 - 00275760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-18 10:41 - 2014-01-24 13:05 - 00068552 _____ () C:\Documents and Settings\Tom\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-11-14 06:48 - 2014-01-24 12:43 - 00000000 ____D () C:\Documents and Settings\Tom
2014-11-13 13:47 - 2014-03-27 08:56 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-13 12:43 - 2014-09-17 12:13 - 00000761 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Glary Utilities 5.lnk
2014-11-13 12:43 - 2014-09-17 12:13 - 00000755 _____ () C:\Documents and Settings\All Users\Desktop\Glary Utilities 5.lnk
2014-11-13 12:40 - 2014-01-29 14:34 - 00000000 ____D () C:\Program Files\SpywareBlaster
2014-11-13 12:36 - 2014-01-29 13:10 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-12 10:00 - 2014-01-24 13:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-11 14:44 - 2014-01-24 04:10 - 00602644 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-08 15:00 - 2014-03-11 13:30 - 00000212 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-11-04 11:18 - 2014-01-24 12:43 - 00000788 _____ () C:\Documents and Settings\Tom\Start Menu\Programs\Windows Media Player.lnk
2014-10-31 23:25 - 2014-01-24 13:29 - 100445232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================