Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-09-2015
Ran by m (administrator) on 5F5A4C13557347C (24-09-2015 16:53:18)
Running from C:\Documents and Settings\m\Desktop
Loaded Profiles: m (Available Profiles: m & K & UpdatusUser & Administrator)
Platform: Microsoft Windows XP Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Comodo Security Solutions Inc.) C:\Program Files\Common Files\Comodo\launcher_service.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Comodo) C:\Program Files\Comodo\Chromodo\chromodo_updater.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(Oki Data Corporation) C:\WINDOWS\system32\spool\drivers\w32x86\3\OPHALDCS.EXE
(Comodo) C:\Program Files\Comodo\Dragon\dragon_updater.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Intel Corporation) C:\WINDOWS\system32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(WhiteCanyon Inc.) C:\Program Files\WhiteCanyon\SecureClean 4\SCWatch4.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient.exe
(GlavSoft LLC.) C:\Program Files\Common Files\Comodo\tvnserver.exe
(Microsoft Corporation) C:\WINDOWS\system32\MsPMSPSv.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Creative Technology Ltd) C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTHELPER.EXE
(Microsoft Corporation) C:\WINDOWS\vVX3000.exe
(GlavSoft LLC.) C:\Program Files\Common Files\Comodo\tvnserver.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Creative Technology Ltd) C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
() C:\Program Files\Serviio\bin\ServiioConsole.exe
(Yahoo! Inc.) C:\PROGRA~1\Yahoo!\MESSEN~1\Ymsgr_tray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_45\bin\jp2launcher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [CTSysVol] => C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe [49152 2002-10-29] (Creative Technology Ltd)
HKLM\...\Run: [AsioReg] => REGSVR32.EXE /S CTASIO.DLL
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [CTHelper] => C:\WINDOWS\system32\CTHELPER.EXE [28672 2003-02-20] (Creative Technology Ltd)
HKLM\...\Run: [VX3000] => C:\WINDOWS\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [tvncontrol] => C:\Program Files\Common Files\Comodo\tvnserver.exe [828944 2012-01-27] (GlavSoft LLC.)
HKLM\...\Run: [ScanSoft OmniPage SE 4.0-reminder] => C:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe [1410600 2006-09-26] (Nuance Communications, Inc.)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient.exe [3941096 2015-08-10] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [NeroCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [IJNetworkScanUtility] => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [132704 2006-10-26] (CANON INC.)
HKLM\...\Run: [ehTray] => C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-04-18] (Oracle Corporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
HKLM\...\Policies\Explorer: [NoSharedDocuments] 0
HKU\S-1-5-21-329068152-1035525444-725345543-1003\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-329068152-1035525444-725345543-1003\...\Run: [Creative MediaSource Go] => C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe [126976 2002-11-25] (Creative Technology Ltd)
HKU\S-1-5-21-329068152-1035525444-725345543-1003\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [519584 2010-12-21] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [RunNarrator] => C:\WINDOWS\system32\Narrator.exe [53760 2008-04-14] (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2014-03-22]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk [2014-03-09]
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
Startup: C:\Documents and Settings\m\Start Menu\Programs\StartUp\Serviio.lnk [2015-07-29]
ShortcutTarget: Serviio.lnk -> C:\Program Files\Serviio\bin\ServiioConsole.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{70C2F4ED-25C2-496E-B381-4222D511273F}: [DhcpNameServer] 10.211.254.254 8.8.8.8
Tcpip\..\Interfaces\{BE8BAB0A-A427-4D7A-99F9-C5BA65B9CB7E}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-329068152-1035525444-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll [2010-04-13] (TechSmith Corporation)
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO: EWPBrowseObject Class -> {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} -> C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09] ()
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18] (Oracle Corporation)
BHO: No Name -> {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -> No File
BHO: No Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> No File
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18] (Oracle Corporation)
BHO: No Name -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> No File
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll [2010-04-13] (TechSmith Corporation)
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_60-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0060-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_60-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_60-windows-i586.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll [2012-11-08] (Belarc, Inc.)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\m\Application Data\Mozilla\Firefox\Profiles\k9aa9uzg.default-1386241888593
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-28] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-18] (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2010-06-01] (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-329068152-1035525444-725345543-1003: @citrixonline.com/appdetectorplugin -> C:\Documents and Settings\m\Local Settings\Application Data\Citrix\Plugins\94\npappdetector.dll [2013-02-21] (Citrix Online)
FF Plugin HKU\S-1-5-21-329068152-1035525444-725345543-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\m\Local Settings\Application Data\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-329068152-1035525444-725345543-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\m\Local Settings\Application Data\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Extension: RAMBack - C:\Documents and Settings\m\Application Data\Mozilla\Firefox\Profiles\k9aa9uzg.default-1386241888593\Extensions\ramback@pavlov.net.xpi [2014-07-19]
FF Extension: NoScript - C:\Documents and Settings\m\Application Data\Mozilla\Firefox\Profiles\k9aa9uzg.default-1386241888593\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-05-27]
FF Extension: Adblock Plus - C:\Documents and Settings\m\Application Data\Mozilla\Firefox\Profiles\k9aa9uzg.default-1386241888593\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-06]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-10-13]
Chrome:
=======
CHR Profile: C:\Documents and Settings\m\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\m\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-29]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\m\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
StartMenuInternet: Google Chrome - C:\Documents and Settings\m\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AffinegyService; C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [569752 2010-07-28] (Affinegy, Inc.)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [152064 2010-02-17] () [File not signed]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [49152 2010-02-09] () [File not signed]
R3 Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
S2 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [File not signed]
R2 ChromodoUpdater; C:\Program Files\Comodo\Chromodo\chromodo_updater.exe [1998520 2015-08-19] (Comodo)
R2 CLPSLauncher; C:\Program Files\Common Files\Comodo\launcher_service.exe [70352 2012-08-23] (Comodo Security Solutions Inc.)
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
R2 DCSLoader; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE [24576 2004-03-02] (Oki Data Corporation)
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation) [File not signed]
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [1994936 2015-06-26] (Comodo)
R2 ehRecvr; C:\WINDOWS\eHome\ehRecvr.exe [237568 2006-10-09] (Microsoft Corporation) [File not signed]
R2 ehSched; C:\WINDOWS\eHome\ehSched.exe [102912 2005-08-05] (Microsoft Corporation) [File not signed]
R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation) [File not signed]
R3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
R2 Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [132768 2011-11-09] (Intel Corporation)
R2 lanmanserver; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation) [File not signed]
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [File not signed]
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation) [File not signed]
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [11552 2012-03-26] (Microsoft Corporation)
R3 Nla; C:\WINDOWS\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\WINDOWS\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
R2 SCWatch 4.0; C:\Program Files\WhiteCanyon\SecureClean 4\scwatch4.exe [364544 2007-05-17] (WhiteCanyon Inc.) [File not signed]
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [327680 2013-08-08] () [File not signed]
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient.exe [3941096 2015-08-10] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation) [File not signed]
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
R2 tvnserver; C:\Program Files\Common Files\Comodo\tvnserver.exe [828944 2012-01-27] (GlavSoft LLC.)
S3 WinRM; C:\WINDOWS\system32\WsmSvc.dll [1107456 2009-10-09] (Microsoft Corporation) [File not signed]
R2 WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [53520 2000-06-26] (Microsoft Corporation) [File not signed]
S3 Wmi; C:\WINDOWS\System32\advapi32.dll [617472 2009-02-09] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [439808 2008-05-26] (Microsoft Corporation) [File not signed]
S2 Avira.ServiceHost; "C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe" [X]
S2 CmdAgent; "C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" [X]
S3 cmdvirth; "C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe" [X]
S3 KOT; no ImagePath
S2 vpnclient; no ImagePath
S2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -service [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21035 2010-10-06] (Meetinghouse Data Communications) [File not signed]
R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) [File not signed]
S3 AFGSp50; C:\WINDOWS\System32\Drivers\AFGSp50.sys [27072 2010-06-23] (Printing Communications Assoc., Inc. (PCAUSA))
R3 AtlsAud; C:\WINDOWS\System32\drivers\AtlsAud.sys [21504 2002-12-03] (Dell Computer Corporation)
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2011-06-03] () [File not signed]
S3 Belkin700F; C:\WINDOWS\System32\DRIVERS\BLKWGDv7.sys [303616 2006-10-19] (Belkin Corporation. ) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 Cdr4_xp; C:\WINDOWS\system32\Drivers\Cdr4_xp.sys [61424 2010-09-27] (Roxio) [File not signed]
R1 Cdralw2k; C:\WINDOWS\system32\Drivers\Cdralw2k.sys [23420 2010-09-27] (Roxio) [File not signed]
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2004-12-13] (Adaptec, Inc.) [File not signed]
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [15808 2015-08-05] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [631872 2015-08-05] (COMODO)
R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [30144 2015-08-05] (COMODO)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [287920 2003-03-27] (Creative Technology Ltd)
R3 EMATCORE; C:\WINDOWS\System32\Drivers\AtlsVid.sys [134304 2002-12-04] (Dell Computer Corporation)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [823616 2003-03-26] (Creative Technology Ltd)
R3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [141536 2003-03-26] (Creative Technology Ltd)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [35992 2015-08-17] ()
R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation) [File not signed]
R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [105664 2015-08-05] (COMODO)
R0 KL1; C:\WINDOWS\System32\DRIVERS\kl1.sys [133208 2012-01-09] (Kaspersky Lab ZAO)
R1 kl2; C:\WINDOWS\System32\DRIVERS\kl2.sys [11352 2012-01-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [485808 2012-01-09] (Kaspersky Lab)
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed]
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [98520 2015-09-07] (Malwarebytes Corporation)
S3 MHIKEY10; C:\WINDOWS\System32\Drivers\MHIKEY10.sys [51968 2011-02-10] (Generic USB smartcard reader)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation) [File not signed]
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) [File not signed]
S3 NAL; C:\WINDOWS\system32\Drivers\iqvw32.sys [30368 2011-11-09] (Intel Corporation )
S3 ndiscm; C:\WINDOWS\System32\DRIVERS\NetMotCM.sys [14336 2003-08-10] (Motorola Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) [File not signed]
R3 Neo_vpn jp; C:\WINDOWS\System32\DRIVERS\Neo_0029.sys [22000 2012-08-07] (SoftEther Corporation)
R1 OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [13632 2001-08-22] (Dell Computer Corporation) [File not signed]
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [9856 2002-11-11] (Padus, Inc.) [File not signed]
R2 PfModNT; C:\WINDOWS\system32\drivers\PfModNT.sys [15840 2003-03-06] (Creative Technology Ltd.)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20576 2005-05-12] (Sonic Solutions) [File not signed]
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys [118656 2009-02-25] (TRENDware International, Inc )
S3 SEE; C:\WINDOWS\System32\drivers\see.sys [43104 2014-01-08] (SoftEther VPN Project at University of Tsukuba, Japan.)
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) [File not signed]
R3 sxuptp; C:\WINDOWS\System32\DRIVERS\sxuptp.sys [246936 2009-06-22] (silex technology, Inc.)
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
S3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [32768 2012-01-05] (AnchorFree Inc)
S3 tapoas; C:\WINDOWS\System32\DRIVERS\tapoas.sys [26112 2011-08-19] (The OpenVPN Project) [File not signed]
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed]
S3 usbaudio; C:\WINDOWS\System32\drivers\usbaudio.sys [60160 2013-07-17] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [14976 2013-07-03] (Microsoft Corporation) [File not signed]
S3 USTORAGE; C:\WINDOWS\System32\DRIVERS\UStorage.sys [31104 2009-04-14] (USB Mass Storage.)
R1 Vsdatant; C:\WINDOWS\System32\vsdatant.sys [526608 2012-05-03] (Check Point Software Technologies LTD)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2099-11-13 20:58 - 2011-08-24 05:53 - 00000000 __SHD C:\WINDOWS\xxclone.arc
2015-09-24 16:53 - 2015-09-24 16:55 - 00025546 _____ C:\Documents and Settings\m\Desktop\FRST.txt
2015-09-23 17:56 - 2015-09-23 21:09 - 00003758 _____ C:\WINDOWS\bitssetup.log
2015-09-23 17:47 - 2014-01-11 07:45 - 00000000 ____D C:\Documents and Settings\m\Desktop\ComIntRepair
2015-09-23 17:02 - 2015-09-23 17:02 - 01586165 _____ C:\Documents and Settings\m\Desktop\ComIntRepair.exe
2015-09-22 10:53 - 2015-09-22 10:59 - 00017705 _____ C:\Documents and Settings\m\Desktop\MTB.txt
2015-09-22 10:48 - 2015-09-22 10:48 - 00002469 _____ C:\Documents and Settings\m\Desktop\FSS.txt
2015-09-22 08:33 - 2015-09-22 08:37 - 00000000 ____D C:\Documents and Settings\m\Desktop\desktop icons
2015-09-21 21:15 - 2015-09-21 21:15 - 00891392 _____ (Farbar) C:\Documents and Settings\m\Desktop\MiniToolBox.exe
2015-09-21 21:14 - 2015-09-21 21:14 - 00899072 _____ (Farbar) C:\Documents and Settings\m\Desktop\FSS.exe
2015-09-20 21:53 - 2015-09-20 21:53 - 00002528 _____ C:\Documents and Settings\m\Application Data\$_hpcst$.hpc
2015-09-12 23:16 - 2015-09-20 21:58 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TEMP
2015-09-11 23:17 - 2015-09-24 16:55 - 00000000 ____D C:\Documents and Settings\m\Local Settings\temp
2015-09-11 23:17 - 2015-09-11 23:17 - 00024529 _____ C:\ComboFix.txt
2015-09-11 23:17 - 2015-09-11 23:17 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Local Settings\temp
2015-09-11 23:17 - 2015-09-11 23:17 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2015-09-11 23:17 - 2015-09-11 23:17 - 00000000 ____D C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\temp
2015-09-11 23:17 - 2015-09-11 23:17 - 00000000 ____D C:\Documents and Settings\M.5F5A4C13557347C\Local Settings\temp
2015-09-11 23:17 - 2015-09-11 23:17 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2015-09-11 23:17 - 2015-09-11 23:17 - 00000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\temp
2015-09-11 23:17 - 2015-09-11 23:17 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\temp
2015-09-11 23:17 - 2015-09-11 23:17 - 00000000 ____D C:\Documents and Settings\Administrator.5F5A4C13557347C\Local Settings\temp
2015-09-11 23:17 - 2015-09-11 23:17 - 00000000 ____D C:\Documents and Settings\Administrator.5F5A4C13557347C.000\Local Settings\temp
2015-09-11 22:57 - 2015-09-11 22:57 - 00000000 _RSHD C:\cmdcons
2015-09-11 22:57 - 2015-07-29 21:02 - 00000338 _____ C:\Boot.bak
2015-09-11 22:57 - 2004-08-03 23:00 - 00260272 __RSH C:\cmldr
2015-09-10 20:18 - 2015-09-10 20:18 - 00000000 ____H C:\WINDOWS\system32\config\system.tmp.LOG
2015-09-10 20:18 - 2015-09-10 20:18 - 00000000 ____H C:\WINDOWS\system32\config\software.tmp.LOG
2015-09-10 20:18 - 2015-09-10 20:18 - 00000000 ____H C:\WINDOWS\system32\config\sam.tmp.LOG
2015-09-10 20:18 - 2015-09-10 20:18 - 00000000 ____H C:\WINDOWS\system32\config\default.tmp.LOG
2015-09-10 20:17 - 2015-09-10 20:17 - 00008192 ____H C:\WINDOWS\system32\config\security.tmp.LOG
2015-09-10 19:47 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2015-09-10 19:47 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2015-09-10 19:47 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-09-10 19:47 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-09-10 19:47 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-09-10 19:47 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-09-10 19:47 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe
2015-09-10 19:47 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe
2015-09-10 19:47 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe
2015-09-10 19:46 - 2015-09-10 19:46 - 00016280 _____ C:\FixitRegBackup.reg
2015-09-04 23:43 - 2015-09-05 11:30 - 00035064 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-09-04 23:43 - 2015-09-05 11:30 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\RogueKiller
2015-09-03 00:25 - 2015-09-24 16:53 - 00000000 ____D C:\FRST
2015-09-02 22:14 - 2015-09-16 22:02 - 01695232 _____ (Farbar) C:\Documents and Settings\m\Desktop\FRST.exe
2015-09-01 23:34 - 2015-09-01 23:34 - 00380598 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-329068152-1035525444-725345543-1003-0.dat
2015-08-30 21:34 - 2015-08-30 21:34 - 00001695 _____ C:\Documents and Settings\All Users\Desktop\COMODO Internet Security.lnk
2015-08-30 21:07 - 2015-08-30 21:07 - 00000702 _____ C:\WINDOWS\system32\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
2015-08-29 22:43 - 2015-08-29 22:43 - 00000781 _____ C:\Documents and Settings\All Users\Desktop\Internet (Chromodo).lnk
2015-08-29 00:19 - 2015-09-01 23:56 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Package Cache
2015-08-28 00:36 - 2015-08-28 21:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-24 16:48 - 2010-09-09 16:42 - 01238083 ____C C:\WINDOWS\WindowsUpdate.log
2015-09-24 16:46 - 2013-12-17 22:40 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2015-09-24 16:45 - 2014-03-10 12:04 - 00000214 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-09-24 16:45 - 2010-09-09 16:40 - 00000000 ____D C:\WINDOWS\Registration
2015-09-24 16:44 - 2014-04-11 13:16 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
2015-09-24 16:44 - 2010-11-28 18:15 - 00000159 ____C C:\WINDOWS\wiadebug.log
2015-09-24 16:44 - 2010-11-28 18:15 - 00000049 ____C C:\WINDOWS\wiaservc.log
2015-09-24 16:43 - 2010-09-09 18:18 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2015-09-24 16:37 - 2010-09-09 18:20 - 00000178 __SHC C:\Documents and Settings\m\ntuser.ini
2015-09-24 11:48 - 2015-08-17 23:36 - 00038502 _____ C:\WINDOWS\setupapi.log
2015-09-23 21:13 - 2010-09-27 14:53 - 00001080 ____C C:\WINDOWS\system32\settingsbkup.sfm
2015-09-23 21:13 - 2010-09-27 14:53 - 00001080 ____C C:\WINDOWS\system32\settings.sfm
2015-09-23 21:13 - 2010-09-27 14:53 - 00000288 ____C C:\WINDOWS\system32\DVCStateBkp-{00000002-00000000-00000001-00001102-00000004-10031102}.dat
2015-09-23 21:13 - 2010-09-27 14:53 - 00000288 ____C C:\WINDOWS\system32\DVCState-{00000002-00000000-00000001-00001102-00000004-10031102}.dat
2015-09-23 21:12 - 2010-11-02 00:16 - 00000962 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1035525444-725345543-1005UA.job
2015-09-23 21:12 - 2010-09-09 18:20 - 00000000 ____D C:\Documents and Settings\m
2015-09-23 21:12 - 2010-09-09 18:18 - 00032022 _____ C:\WINDOWS\SchedLgU.Txt
2015-09-23 21:03 - 2014-04-11 13:16 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2015-09-23 21:03 - 2014-04-11 13:16 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2015-09-23 20:39 - 2010-09-29 00:44 - 00000962 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1035525444-725345543-1003UA.job
2015-09-23 20:33 - 2015-08-10 21:24 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-22 12:01 - 2014-02-25 05:26 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2015-09-21 20:33 - 2011-03-08 23:36 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
2015-09-21 20:33 - 2010-12-28 22:18 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SharePoint
2015-09-21 20:33 - 2010-12-26 22:42 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2015-09-20 21:39 - 2010-09-29 00:44 - 00000910 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1035525444-725345543-1003Core.job
2015-09-20 12:12 - 2010-11-02 00:16 - 00000910 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1035525444-725345543-1005Core.job
2015-09-20 00:06 - 2010-12-26 22:58 - 00131072 _____ C:\WINDOWS\system32\config\OAlerts.evt
2015-09-16 22:31 - 2010-09-09 18:18 - 00000000 ____D C:\Documents and Settings\LocalService
2015-09-16 22:02 - 2010-09-30 15:06 - 00000000 ____D C:\Documents and Settings\K\Local Settings\Temp
2015-09-12 21:01 - 2010-09-09 18:18 - 00000000 ____D C:\Documents and Settings\NetworkService
2015-09-11 23:17 - 2014-07-13 20:35 - 00000000 ____D C:\Qoobox
2015-09-11 23:13 - 2004-08-10 12:00 - 00000285 _____ C:\WINDOWS\system.ini
2015-09-11 23:13 - 2004-08-10 12:00 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts.bak
2015-09-11 22:57 - 2010-09-09 16:33 - 00000454 __RSH C:\boot.ini
2015-09-10 21:09 - 2014-07-13 20:31 - 00000000 ____D C:\WINDOWS\erdnt
2015-09-10 20:19 - 2014-06-19 23:43 - 56360960 _____ C:\WINDOWS\system32\config\software.bak
2015-09-10 20:19 - 2014-06-19 23:43 - 31195136 _____ C:\WINDOWS\system32\config\system.bak
2015-09-10 20:19 - 2014-06-19 23:43 - 00028672 _____ C:\WINDOWS\system32\config\sam.bak
2015-09-10 20:19 - 2014-06-19 23:42 - 05369856 _____ C:\WINDOWS\system32\config\default.bak
2015-09-10 20:19 - 2014-06-19 23:42 - 00065536 _____ C:\WINDOWS\system32\config\security.bak
2015-09-10 19:31 - 2012-08-08 22:49 - 00000000 ____D C:\Documents and Settings\m\Application Data\vlc
2015-09-10 19:31 - 2011-01-09 20:33 - 00000000 ____D C:\Documents and Settings\m\Application Data\playitall
2015-09-08 20:56 - 2014-07-13 20:36 - 00000000 ____D C:\AdwCleaner
2015-09-07 14:17 - 2014-06-25 03:26 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-06 20:53 - 2015-08-21 22:51 - 00000000 __SHD C:\WINDOWS\CSC
2015-09-01 23:35 - 2012-05-17 20:49 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2015-09-01 23:34 - 2012-05-14 01:39 - 00380598 ____C C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2015-09-01 21:15 - 2010-09-09 16:42 - 00000000 ____D C:\WINDOWS\system32\Restore
2015-09-01 01:14 - 2011-10-22 16:29 - 00000000 ____D C:\Program Files\WinFF
2015-08-31 00:03 - 2014-04-11 13:16 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
2015-08-30 21:54 - 2010-09-29 00:45 - 00002258 ____C C:\Documents and Settings\m\Desktop\Google Chrome.lnk
2015-08-30 21:34 - 2012-05-17 20:37 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Comodo
2015-08-30 21:34 - 2012-05-17 20:36 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Comodo
2015-08-30 21:30 - 2012-05-17 20:36 - 00000000 ____D C:\Program Files\Comodo
2015-08-30 21:25 - 2012-05-17 20:36 - 00000000 ____D C:\Documents and Settings\m\Local Settings\Application Data\Comodo
2015-08-29 21:35 - 2012-09-16 19:39 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-28 21:53 - 2012-04-17 13:54 - 00778440 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-08-28 21:53 - 2011-05-20 01:22 - 00142536 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-08-28 21:51 - 2014-09-11 20:21 - 00000000 ____D C:\Documents and Settings\m\Local Settings\Application Data\Adobe
2015-08-28 00:39 - 2011-08-18 23:36 - 00000000 ____D C:\Documents and Settings\m\Application Data\Skype
2015-08-28 00:33 - 2014-11-07 13:51 - 00002265 _____ C:\Documents and Settings\All Users\Desktop\Skype.lnk
==================== Files in the root of some directories =======
2015-09-20 21:53 - 2015-09-20 21:53 - 0002528 _____ () C:\Documents and Settings\m\Application Data\$_hpcst$.hpc
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\dnsapi.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================