Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-12-2014
Ran by Admin (administrator) on BLEBLE on 19-12-2014 07:20:40
Running from C:\Documents and Settings\Admin\Pulpit\trojany wypad
Loaded Profile: Admin (Available profiles: Admin)
Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\WINNT\system32\smss.exe
(Microsoft Corporation) C:\WINNT\system32\winlogon.exe
(Microsoft Corporation) C:\WINNT\system32\services.exe
(Microsoft Corporation) C:\WINNT\system32\lsass.exe
(Microsoft Corporation) C:\WINNT\system32\svchost.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\WINNT\system32\svchost.exe
(Microsoft Corporation) C:\WINNT\system32\spoolsv.exe
(Microsoft Corporation) C:\WINNT\explorer.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
(Simply Super Software) C:\Program Files\Trojan Remover\Trjscan.exe
(Microsoft Corporation) C:\WINNT\system32\ctfmon.exe
(Mobogenie.com) C:\Program Files\Mobogenie3\MobogenieService.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\WINNT\system32\svchost.exe
(Microsoft Corporation) C:\WINNT\system32\wuauclt.exe
(Microsoft Corporation) C:\WINNT\system32\wscntfy.exe
(Microsoft Corporation) C:\WINNT\system32\svchost.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1243352 2014-12-09] (COMODO)
HKLM\...\Run: [Anti Trojan Elite] => C:\Program Files\Anti Trojan Elite\TJEnder.exe :NO
HKLM\...\Run: [TrojanScanner] => C:\Program Files\Trojan Remover\Trjscan.exe [1791856 2014-12-18] (Simply Super Software)
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\update.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\checkt.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\avwsc.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\avgnt.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\avira_en____fm.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\ccuac.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\avwebloader.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\fact.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\avguard.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\avconfig.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\guardgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\offercast_avirav7_.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\avshadow.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%System32\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\avscan.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\avupgsvc.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\avcenter.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\setuppending.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\licmgr.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\sched.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\ipmgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\updrgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\avrestart.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira\AntiVir Desktop\avcenter.exe <====== ATTENTION
HKLM\...\Winlogon: [Userinit] C:\WINNT\System32\Userinit.exe,
HKLM\...\Winlogon: [Shell] Explorer.exe [x ] ()
HKLM\...\Winlogon: [UIHost] C:\WINNT\system32\logonui.exe [515072 2008-04-14] (Microsoft Corporation)
Winlogon\Notify\crypt32chain: C:\WINNT\system32\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINNT\system32\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINNT\system32\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINNT\System32\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\ScCertProp: C:\WINNT\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINNT\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINNT\system32\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINNT\system32\WlNotify.dll (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINNT\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINNT\system32\wlnotify.dll (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [CTFMON.EXE] => C:\WINNT\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [nlsf] => C:\WINNT\System32\syssetup.dll [999936 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [tscuninstall] => C:\WINNT\system32\tscupgrd.exe [44544 2004-08-04] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [CTFMON.EXE] => C:\WINNT\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [nlsf] => C:\WINNT\System32\syssetup.dll [999936 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [tscuninstall] => C:\WINNT\system32\tscupgrd.exe [44544 2004-08-04] (Microsoft Corporation)
HKU\S-1-5-21-796845957-2052111302-725345543-1003\...\Run: [CTFMON.EXE] => C:\WINNT\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-796845957-2052111302-725345543-1003\...\Run: [ccleaner] => C:\Program Files\CCleaner\CCleaner.exe [4624152 2014-06-24] (Piriform Ltd)
HKU\S-1-5-21-796845957-2052111302-725345543-1003\...\MountPoints2: {6bce5b6c-8bb7-11e1-a2e7-00b0c4005a59} - G:\Launcher.exe
HKU\S-1-5-21-796845957-2052111302-725345543-1003\...\MountPoints2: {94ab951e-eac0-11e1-a345-00b0c4005a59} - G:\urDrive.exe
HKU\S-1-5-18\...\Run: [CTFMON.EXE] => C:\WINNT\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Stronghold AntiMalware] => C:\Program Files\Stronghold AntiMalware\StrongholdAntiMalware.exe
HKU\S-1-5-18\...\RunOnce: [nlsf] => C:\WINNT\System32\syssetup.dll [999936 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [tscuninstall] => C:\WINNT\system32\tscupgrd.exe [44544 2004-08-04] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-796845957-2052111302-725345543-1003] => localhost:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-796845957-2052111302-725345543-1003\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
HKU\S-1-5-21-796845957-2052111302-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki
HKU\S-1-5-21-796845957-2052111302-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINNT\system32\mshtml.dll (Microsoft Corporation)
Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINNT\system32\wiascr.dll (Microsoft Corporation)
Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINNT\system32\urlmon.dll (Microsoft Corporation)
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINNT\system32\urlmon.dll (Microsoft Corporation)
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINNT\system32\SHELL32.dll (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINNT\system32\shell32.dll [8489984 2008-04-14] (Microsoft Corporation)
Winsock: Catalog5 01 C:\WINNT\system32\mswsock.dll [246784] (Microsoft Corporation)
Winsock: Catalog5 02 C:\WINNT\system32\winrnr.dll [16896] (Microsoft Corporation)
Winsock: Catalog5 03 C:\WINNT\system32\mswsock.dll [246784] (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINNT\system32\mswsock.dll [246784] (Microsoft Corporation)
Winsock: Catalog9 02 C:\WINNT\system32\mswsock.dll [246784] (Microsoft Corporation)
Winsock: Catalog9 03 C:\WINNT\system32\mswsock.dll [246784] (Microsoft Corporation)
Winsock: Catalog9 04 C:\WINNT\system32\mswsock.dll [246784] (Microsoft Corporation)
Winsock: Catalog9 05 C:\WINNT\system32\mswsock.dll [246784] (Microsoft Corporation)
Winsock: Catalog9 06 C:\WINNT\system32\mswsock.dll [246784] (Microsoft Corporation)
Winsock: Catalog9 07 C:\WINNT\system32\mswsock.dll [246784] (Microsoft Corporation)
Winsock: Catalog9 08 C:\WINNT\system32\mswsock.dll [246784] (Microsoft Corporation)
Winsock: Catalog9 09 C:\WINNT\system32\mswsock.dll [246784] (Microsoft Corporation)
Winsock: Catalog9 10 C:\WINNT\system32\mswsock.dll [246784] (Microsoft Corporation)
Winsock: Catalog9 11 C:\WINNT\system32\mswsock.dll [246784] (Microsoft Corporation)
Winsock: Catalog9 12 C:\WINNT\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Winsock: Catalog9 13 C:\WINNT\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\e4i9simb.default-1415468783078
FF Plugin: @adobe.com/FlashPlayer -> C:\WINNT\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINNT\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=1.1.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Webber-SW - C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\e4i9simb.default-1415468783078\Extensions\{f6b3c972-5bb5-48ca-a9e7-d26a28a366d5} [2014-11-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINNT\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINNT\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-10-29]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINNT\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2014-12-11] (Adobe Systems Incorporated)
S4 Alerter; C:\WINNT\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation)
R3 ALG; C:\WINNT\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation)
S3 AppMgmt; C:\WINNT\System32\appmgmts.dll [172032 2008-04-14] (Microsoft Corporation)
S3 aspnet_state; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [34312 2008-07-25] (Microsoft Corporation)
R2 AudioSrv; C:\WINNT\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation)
S3 BITS; C:\WINNT\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation)
R2 Browser; C:\WINNT\System32\browser.dll [77824 2008-04-14] (Microsoft Corporation)
S3 CiSvc; C:\WINNT\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation)
S4 ClipSrv; C:\WINNT\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation)
S3 clr_optimization_v2.0.50727_32; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [69632 2008-07-25] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\WINNT\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5868440 2014-12-09] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664216 2014-12-09] (COMODO)
S3 COMSysApp; C:\WINNT\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
R2 CryptSvc; C:\WINNT\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation)
R2 DcomLaunch; C:\WINNT\system32\rpcss.dll [399360 2008-04-14] (Microsoft Corporation)
R2 Dhcp; C:\WINNT\System32\dhcpcsvc.dll [126464 2008-04-14] (Microsoft Corporation)
S3 dmadmin; C:\WINNT\System32\dmadmin.exe [225280 2008-04-14] (Microsoft Corp., Veritas Software)
R2 dmserver; C:\WINNT\System32\dmserver.dll [24064 2008-04-14] (Microsoft Corp.)
R2 Dnscache; C:\WINNT\System32\dnsrslvr.dll [45568 2008-04-14] (Microsoft Corporation)
S3 Dot3svc; C:\WINNT\System32\dot3svc.dll [133632 2008-04-14] (Microsoft Corporation)
S3 EapHost; C:\WINNT\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation)
R2 ERSvc; C:\WINNT\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation)
R2 Eventlog; C:\WINNT\system32\services.exe [109056 2008-04-14] (Microsoft Corporation)
R3 EventSystem; C:\WINNT\system32\es.dll [246272 2008-04-14] (Microsoft Corporation)
R3 FastUserSwitchingCompatibility; C:\WINNT\System32\shsvcs.dll [135680 2008-04-14] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\WINNT\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104 2008-07-29] (Microsoft Corporation)
R2 helpsvc; C:\WINNT\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation)
S3 hkmsvc; C:\WINNT\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation)
R3 HTTPFilter; C:\WINNT\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation)
S3 idsvc; C:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [881664 2008-07-29] (Microsoft Corporation)
S3 ImapiService; C:\WINNT\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation)
R2 lanmanserver; C:\WINNT\System32\srvsvc.dll [96768 2008-04-14] (Microsoft Corporation)
R2 lanmanworkstation; C:\WINNT\System32\wkssvc.dll [132096 2008-04-14] (Microsoft Corporation)
R2 LmHosts; C:\WINNT\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S4 Messenger; C:\WINNT\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation)
S3 mnmsrvc; C:\WINNT\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation)
R2 MobogenieService; C:\Program Files\Mobogenie3\MobogenieService.exe [116928 2014-12-17] (Mobogenie.com)
S3 MSDTC; C:\WINNT\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation)
S3 MSIServer; C:\WINNT\System32\msiexec.exe [78848 2008-04-14] (Microsoft Corporation)
S3 napagent; C:\WINNT\System32\qagentrt.dll [293376 2008-04-14] (Microsoft Corporation)
S4 NetDDE; C:\WINNT\system32\netdde.exe [114688 2008-04-14] (Microsoft Corporation)
S4 NetDDEdsdm; C:\WINNT\system32\netdde.exe [114688 2008-04-14] (Microsoft Corporation)
S3 Netlogon; C:\WINNT\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R3 Netman; C:\WINNT\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [132096 2008-07-29] (Microsoft Corporation)
R3 Nla; C:\WINNT\System32\mswsock.dll [246784 2008-04-14] (Microsoft Corporation)
S3 NtLmSsp; C:\WINNT\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 NtmsSvc; C:\WINNT\system32\ntmssvc.dll [435712 2008-04-14] (Microsoft Corporation)
S2 NVSvc; C:\WINNT\system32\nvsvc32.exe [77824 2003-11-17] (NVIDIA Corporation) [File not signed]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PlugPlay; C:\WINNT\system32\services.exe [109056 2008-04-14] (Microsoft Corporation)
R2 PolicyAgent; C:\WINNT\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R2 ProtectedStorage; C:\WINNT\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R3 RasAuto; C:\WINNT\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation)
R3 RasMan; C:\WINNT\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation)
S3 RDSessMgr; C:\WINNT\system32\sessmgr.exe [142336 2008-04-14] (Microsoft Corporation)
S4 RemoteAccess; C:\WINNT\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation)
R2 RemoteRegistry; C:\WINNT\system32\regsvc.dll [59904 2008-04-14] (Microsoft Corporation)
S3 RpcLocator; C:\WINNT\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation)
R2 RpcSs; C:\WINNT\system32\rpcss.dll [399360 2008-04-14] (Microsoft Corporation)
S3 RSVP; C:\WINNT\system32\rsvp.exe [132608 2001-10-26] (Microsoft Corporation)
R2 SamSs; C:\WINNT\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 SCardSvr; C:\WINNT\System32\SCardSvr.exe [98304 2008-04-14] (Microsoft Corporation)
R2 Schedule; C:\WINNT\system32\schedsvc.dll [193536 2008-04-14] (Microsoft Corporation)
R2 seclogon; C:\WINNT\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation)
R2 SENS; C:\WINNT\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation)
R2 SharedAccess; C:\WINNT\System32\ipnathlp.dll [330752 2008-04-14] (Microsoft Corporation)
R2 ShellHWDetection; C:\WINNT\System32\shsvcs.dll [135680 2008-04-14] (Microsoft Corporation)
R2 Spooler; C:\WINNT\system32\spoolsv.exe [57856 2008-04-14] (Microsoft Corporation)
R2 srservice; C:\WINNT\system32\srsvc.dll [171520 2008-04-14] (Microsoft Corporation)
R3 SSDPSRV; C:\WINNT\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation)
R2 stisvc; C:\WINNT\system32\wiaservc.dll [334336 2008-04-14] (Microsoft Corporation)
S3 SwPrv; C:\WINNT\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
S3 SysmonLog; C:\WINNT\system32\smlogsvc.exe [91136 2008-04-14] (Microsoft Corporation)
R3 TapiSrv; C:\WINNT\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation)
R3 TermService; C:\WINNT\System32\termsrv.dll [296448 2008-04-14] (Microsoft Corporation)
R2 Themes; C:\WINNT\System32\shsvcs.dll [135680 2008-04-14] (Microsoft Corporation)
S4 TlntSvr; C:\WINNT\system32\tlntsvr.exe [75264 2008-04-14] (Microsoft Corporation)
R2 TrkWks; C:\WINNT\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation)
R2 UMWdf; C:\WINNT\system32\wdfmgr.exe [38912 2005-01-28] (Microsoft Corporation)
R3 upnphost; C:\WINNT\System32\upnphost.dll [186880 2008-04-14] (Microsoft Corporation)
S3 UPS; C:\WINNT\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation)
S3 VSS; C:\WINNT\System32\vssvc.exe [291840 2008-04-14] (Microsoft Corporation)
R2 W32Time; C:\WINNT\system32\w32time.dll [176128 2008-04-14] (Microsoft Corporation)
R2 WebClient; C:\WINNT\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation)
R2 winmgmt; C:\WINNT\system32\wbem\WMIsvc.dll [145408 2008-04-14] (Microsoft Corporation)
S3 WmdmPmSN; C:\WINNT\system32\MsPMSNSv.dll [25088 2005-01-28] (Microsoft Corporation)
S3 Wmi; C:\WINNT\System32\advapi32.dll [686592 2008-04-14] (Microsoft Corporation)
S3 WmiApSrv; C:\WINNT\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation)
S3 WPFFontCache_v0400; C:\WINNT\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [753504 2010-03-18] (Microsoft Corporation)
R2 wscsvc; C:\WINNT\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation)
R2 wuauserv; C:\WINNT\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation)
R2 WZCSVC; C:\WINNT\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation)
S3 xmlprov; C:\WINNT\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 ACPI; C:\WINNT\System32\DRIVERS\ACPI.sys [188544 2008-04-14] (Microsoft Corporation)
S4 ACPIEC; C:\WINNT\system32\Drivers\ACPIEC.sys [12032 2001-10-26] (Microsoft Corporation)
S3 aec; C:\WINNT\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation)
R1 AFD; C:\WINNT\System32\drivers\afd.sys [138112 2008-04-14] (Microsoft Corporation)
R1 AFS2K; C:\WINNT\system32\Drivers\AFS2K.sys [82380 2012-01-14] (Oak Technology Inc.) [File not signed]
R1 AmdK7; C:\WINNT\System32\DRIVERS\amdk7.sys [41856 2008-04-14] (Microsoft Corporation)
S3 AsyncMac; C:\WINNT\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation)
R0 atapi; C:\WINNT\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation)
S3 Atmarpc; C:\WINNT\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation)
R3 audstub; C:\WINNT\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation)
R1 Beep; C:\WINNT\system32\Drivers\Beep.sys [4224 2001-08-18] (Microsoft Corporation)
S4 cbidf2k; C:\WINNT\system32\Drivers\cbidf2k.sys [13952 2001-08-18] (Microsoft Corporation)
S1 Cdaudio; C:\WINNT\system32\Drivers\Cdaudio.sys [18688 2006-05-13] (Microsoft Corporation)
R4 Cdfs; C:\WINNT\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation)
R1 Cdrom; C:\WINNT\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Corporation)
R1 CFRMD; C:\WINNT\System32\DRIVERS\CFRMD.sys [36112 2014-06-26] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\WINNT\System32\DRIVERS\cmderd.sys [15576 2014-12-09] (COMODO)
R1 cmdGuard; C:\WINNT\System32\DRIVERS\cmdguard.sys [619992 2014-12-09] (COMODO)
R3 cmuda; C:\WINNT\System32\drivers\cmuda.sys [754560 2003-10-17] (C-Media Inc)
S3 DIGIRPS; C:\WINNT\System32\DRIVERS\digirlpt.sys [42560 2001-10-26] (Digi International, Inc.)
R0 Disk; C:\WINNT\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Corporation)
S4 dmboot; C:\WINNT\System32\drivers\dmboot.sys [800000 2008-04-14] (Microsoft Corp., Veritas Software)
R0 dmio; C:\WINNT\System32\drivers\dmio.sys [153856 2008-04-14] (Microsoft Corp., Veritas Software)
R0 dmload; C:\WINNT\System32\drivers\dmload.sys [5888 2001-08-18] (Microsoft Corp., Veritas Software.)
S3 DMusic; C:\WINNT\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation)
S3 drmkaud; C:\WINNT\System32\drivers\drmkaud.sys [2944 2008-04-14] (Microsoft Corporation)
R4 Fastfat; C:\WINNT\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation)
R3 Fdc; C:\WINNT\System32\DRIVERS\fdc.sys [27392 2008-04-14] (Microsoft Corporation)
R1 Fips; C:\WINNT\system32\Drivers\Fips.sys [44672 2008-04-14] (Microsoft Corporation)
R3 Flpydisk; C:\WINNT\System32\DRIVERS\flpydisk.sys [20480 2008-04-14] (Microsoft Corporation)
R0 FltMgr; C:\WINNT\System32\drivers\fltmgr.sys [129792 2008-04-14] (Microsoft Corporation)
U1 Fs_Rec; C:\WINNT\system32\Drivers\Fs_Rec.sys [7936 2001-08-18] (Microsoft Corporation)
R0 Ftdisk; C:\WINNT\System32\DRIVERS\ftdisk.sys [125568 2001-10-26] (Microsoft Corporation)
R0 gagp30kx; C:\WINNT\System32\DRIVERS\gagp30kx.sys [46464 2008-04-14] (Microsoft Corporation)
R3 gameenum; C:\WINNT\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
R3 Gpc; C:\WINNT\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation)
R3 HCF_MSFT; C:\WINNT\System32\DRIVERS\HCF_MSFT.sys [907584 2001-10-26] (Conexant)
R3 hidusb; C:\WINNT\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation)
R1 HMD; C:\WINNT\System32\DRIVERS\hmd.sys [14272 2014-06-26] ()
R3 HTTP; C:\WINNT\System32\Drivers\HTTP.sys [264832 2008-04-14] (Microsoft Corporation)
R1 i8042prt; C:\WINNT\System32\DRIVERS\i8042prt.sys [53248 2008-04-14] (Microsoft Corporation)
R1 Imapi; C:\WINNT\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation)
S3 Ip6Fw; C:\WINNT\System32\drivers\ip6fw.sys [36608 2008-04-14] (Microsoft Corporation)
S3 IpFilterDriver; C:\WINNT\System32\DRIVERS\ipfltdrv.sys [32896 2001-08-18] (Microsoft Corporation)
S3 IpInIp; C:\WINNT\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation)
R3 IpNat; C:\WINNT\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation)
R1 IPSec; C:\WINNT\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation)
S3 IRENUM; C:\WINNT\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation)
R0 isapnp; C:\WINNT\System32\DRIVERS\isapnp.sys [37632 2008-04-14] (Microsoft Corporation)
R1 Kbdclass; C:\WINNT\System32\DRIVERS\kbdclass.sys [24960 2008-04-14] (Microsoft Corporation)
S3 kmixer; C:\WINNT\System32\drivers\kmixer.sys [172416 2008-04-14] (Microsoft Corporation)
R0 KSecDD; C:\WINNT\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation)
R3 MBAMProtector; C:\WINNT\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R1 mnmdd; C:\WINNT\system32\Drivers\mnmdd.sys [4224 2001-08-18] (Microsoft Corporation)
R3 Modem; C:\WINNT\system32\Drivers\Modem.sys [30208 2008-04-14] (Microsoft Corporation)
R1 Mouclass; C:\WINNT\System32\DRIVERS\mouclass.sys [23296 2008-04-14] (Microsoft Corporation)
R3 mouhid; C:\WINNT\System32\DRIVERS\mouhid.sys [12160 2006-05-13] (Microsoft Corporation)
R0 MountMgr; C:\WINNT\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Corporation)
R3 MRxDAV; C:\WINNT\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Corporation)
R1 MRxSmb; C:\WINNT\System32\DRIVERS\mrxsmb.sys [456576 2008-04-14] (Microsoft Corporation)
R1 Msfs; C:\WINNT\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation)
S3 MSKSSRV; C:\WINNT\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Corporation)
S3 MSPCLOCK; C:\WINNT\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Corporation)
S3 MSPQM; C:\WINNT\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Corporation)
R3 mssmbios; C:\WINNT\System32\DRIVERS\mssmbios.sys [15488 2008-04-14] (Microsoft Corporation)
R0 Mup; C:\WINNT\system32\Drivers\Mup.sys [105344 2008-04-14] (Microsoft Corporation)
R0 NDIS; C:\WINNT\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation)
R3 NdisTapi; C:\WINNT\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation)
R3 Ndisuio; C:\WINNT\System32\DRIVERS\ndisuio.sys [14592 2008-04-14] (Microsoft Corporation)
R3 NdisWan; C:\WINNT\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation)
R3 NDProxy; C:\WINNT\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation)
R1 NetBIOS; C:\WINNT\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation)
R1 NetBT; C:\WINNT\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation)
S3 nmwcd; C:\WINNT\System32\drivers\ccdcmb.sys [18176 2011-11-01] (Nokia)
S3 nmwcdc; C:\WINNT\System32\drivers\ccdcmbo.sys [23168 2011-11-01] (Nokia)
S3 nmwcdnsu; C:\WINNT\System32\drivers\nmwcdnsu.sys [137600 2011-11-01] (Nokia)
R1 Npfs; C:\WINNT\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation)
R4 Ntfs; C:\WINNT\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Corporation)
R1 Null; C:\WINNT\system32\Drivers\Null.sys [2944 2001-08-18] (Microsoft Corporation)
R3 nv; C:\WINNT\System32\DRIVERS\nv4_mini.sys [1897408 2004-08-03] (NVIDIA Corporation)
S3 NwlnkFlt; C:\WINNT\System32\DRIVERS\nwlnkflt.sys [12416 2001-08-18] (Microsoft Corporation)
S3 NwlnkFwd; C:\WINNT\System32\DRIVERS\nwlnkfwd.sys [32512 2001-08-18] (Microsoft Corporation)
R3 Parport; C:\WINNT\System32\DRIVERS\parport.sys [80256 2008-04-14] (Microsoft Corporation)
R0 PartMgr; C:\WINNT\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation)
R2 ParVdm; C:\WINNT\system32\Drivers\ParVdm.sys [6912 2001-10-26] (Microsoft Corporation)
S3 pccsmcfd; C:\WINNT\System32\DRIVERS\pccsmcfd.sys [18816 2008-08-26] (Nokia)
R0 PCI; C:\WINNT\System32\DRIVERS\pci.sys [68608 2008-04-14] (Microsoft Corporation)
R0 PCIIde; C:\WINNT\System32\DRIVERS\pciide.sys [3456 2001-10-26] (Microsoft Corporation)
S4 Pcmcia; C:\WINNT\system32\Drivers\Pcmcia.sys [120320 2008-04-14] (Microsoft Corporation)
R3 PptpMiniport; C:\WINNT\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation)
R3 PSched; C:\WINNT\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation)
R3 Ptilink; C:\WINNT\System32\DRIVERS\ptilink.sys [17792 2001-08-18] (Parallel Technologies, Inc.)
R0 PxHelp20; C:\WINNT\System32\Drivers\PxHelp20.sys [45648 2011-03-04] (Sonic Solutions)
R1 RasAcd; C:\WINNT\System32\DRIVERS\rasacd.sys [8832 2001-08-18] (Microsoft Corporation)
R3 Rasl2tp; C:\WINNT\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation)
R3 RasPppoe; C:\WINNT\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation)
R3 Raspti; C:\WINNT\System32\DRIVERS\raspti.sys [16512 2001-08-18] (Microsoft Corporation)
R1 Rdbss; C:\WINNT\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Corporation)
R1 RDPCDD; C:\WINNT\System32\DRIVERS\RDPCDD.sys [4224 2001-08-18] (Microsoft Corporation)
R3 rdpdr; C:\WINNT\System32\DRIVERS\rdpdr.sys [196224 2008-04-14] (Microsoft Corporation)
S3 RDPWD; C:\WINNT\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation)
R1 redbook; C:\WINNT\System32\DRIVERS\redbook.sys [58880 2008-04-14] (Microsoft Corporation)
R3 rtl8139; C:\WINNT\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 Secdrv; C:\WINNT\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R3 serenum; C:\WINNT\System32\DRIVERS\serenum.sys [15744 2008-04-14] (Microsoft Corporation)
R1 Serial; C:\WINNT\System32\DRIVERS\serial.sys [65280 2008-04-14] (Microsoft Corporation)
S1 Sfloppy; C:\WINNT\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation)
R0 SISAGP; C:\WINNT\System32\DRIVERS\SISAGPX.sys [30848 2002-10-31] (Silicon Integrated Systems Corporation) [File not signed]
R3 SISNIC; C:\WINNT\System32\DRIVERS\sisnic.sys [32256 2002-07-10] (SiS Corporation)
S3 splitter; C:\WINNT\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation)
R0 sr; C:\WINNT\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation)
R3 Srv; C:\WINNT\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation)
R2 StarOpen; C:\WINNT\system32\Drivers\StarOpen.sys [13120 2013-08-25] ()
R3 swenum; C:\WINNT\System32\DRIVERS\swenum.sys [4352 2008-04-14] (Microsoft Corporation)
S3 swmidi; C:\WINNT\System32\drivers\swmidi.sys [56576 2008-04-14] (Microsoft Corporation)
R3 sysaudio; C:\WINNT\System32\drivers\sysaudio.sys [60800 2008-04-14] (Microsoft Corporation)
R1 Tcpip; C:\WINNT\System32\DRIVERS\tcpip.sys [361344 2008-04-14] (Microsoft Corporation)
S3 TDPIPE; C:\WINNT\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation)
S3 TDTCP; C:\WINNT\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation)
R1 TermDD; C:\WINNT\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation)
S4 Udfs; C:\WINNT\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation)
R3 Update; C:\WINNT\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation)
S3 upperdev; C:\WINNT\System32\DRIVERS\usbser_lowerflt.sys [8192 2011-11-01] (Nokia)
S3 usbccgp; C:\WINNT\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] (Microsoft Corporation)
R3 usbehci; C:\WINNT\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation)
R3 usbhub; C:\WINNT\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation)
R3 usbohci; C:\WINNT\System32\DRIVERS\usbohci.sys [17152 2008-04-14] (Microsoft Corporation)
S3 usbprint; C:\WINNT\System32\DRIVERS\usbprint.sys [25856 2008-04-14] (Microsoft Corporation)
S3 usbscan; C:\WINNT\System32\DRIVERS\usbscan.sys [15104 2008-04-14] (Microsoft Corporation)
S3 usbser; C:\WINNT\System32\drivers\usbser.sys [26240 2013-08-29] (Microsoft Corporation)
S3 UsbserFilt; C:\WINNT\System32\DRIVERS\usbser_lowerfltj.sys [8192 2011-11-01] (Nokia)
R3 USBSTOR; C:\WINNT\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-14] (Microsoft Corporation)
R1 VgaSave; C:\WINNT\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation)
R0 VolSnap; C:\WINNT\system32\Drivers\VolSnap.sys [52864 2008-04-14] (Microsoft Corporation)
R3 Wanarp; C:\WINNT\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation)
S3 Wdf01000; C:\WINNT\System32\Drivers\wdf01000.sys [444136 2009-07-14] (Microsoft Corporation)
R3 wdmaud; C:\WINNT\System32\drivers\wdmaud.sys [83072 2008-04-14] (Microsoft Corporation)
S3 WinUSB; C:\WINNT\System32\DRIVERS\WinUSB.sys [34944 2009-07-13] (Microsoft Corporation)
S3 WpdUsb; C:\WINNT\System32\Drivers\wpdusb.sys [18944 2005-01-28] (Microsoft Corporation)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINNT\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-19 07:20 - 2014-12-19 07:20 - 00000000 ____D () C:\FRST
2014-12-19 05:39 - 2014-12-19 05:39 - 00000000 _____ () C:\WINNT\Sti_Trace.log
2014-12-19 00:38 - 2014-12-19 00:38 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2014-12-19 00:38 - 2014-12-19 00:38 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Licenses
2014-12-18 14:28 - 2014-12-19 00:34 - 00000000 ____D () C:\Program Files\Trojan Remover
2014-12-18 14:28 - 2014-12-18 14:28 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Trojan Remover
2014-12-18 14:28 - 2014-12-18 14:28 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Simply Super Software
2014-12-18 14:28 - 2014-12-18 14:28 - 00000000 ____D () C:\Documents and Settings\Admin\Moje dokumenty\Simply Super Software
2014-12-18 14:28 - 2014-12-18 14:28 - 00000000 ____D () C:\Documents and Settings\Admin\Dane aplikacji\Simply Super Software
2014-12-18 14:28 - 2012-06-15 16:39 - 00169744 _____ () C:\WINNT\system32\ztvunrar36.dll
2014-12-18 14:28 - 2012-06-15 16:35 - 00185616 _____ () C:\WINNT\system32\ztvunrar39.dll
2014-12-18 14:28 - 2012-06-15 16:33 - 00605968 _____ (Igor Pavlov) C:\WINNT\system32\ztv7z.dll
2014-12-18 14:28 - 2012-06-15 16:33 - 00077072 _____ (Microsoft Corporation) C:\WINNT\system32\ztvcabinet.dll
2014-12-18 14:28 - 2005-08-26 01:50 - 00077312 _____ () C:\WINNT\system32\ztvunace26.dll
2014-12-18 14:28 - 2003-02-02 20:06 - 00153088 _____ () C:\WINNT\system32\UNRAR3.dll
2014-12-18 14:28 - 2002-03-06 01:00 - 00075264 _____ () C:\WINNT\system32\unacev2.dll
2014-12-18 10:59 - 2014-12-19 07:20 - 00000000 ____D () C:\Documents and Settings\Admin\Pulpit\trojany wypad
2014-12-18 10:55 - 2014-12-18 10:55 - 00000000 ____D () C:\Documents and Settings\Admin\Pulpit\akta spawy unieważnienia darowizny
2014-12-17 20:05 - 2014-12-17 20:05 - 00000000 ____D () C:\Documents and Settings\Admin\Dane aplikacji\Comodo
2014-12-17 14:14 - 2014-12-17 14:14 - 00000000 ____D () C:\Documents and Settings\Admin\mobogenieP2sp
2014-12-17 12:50 - 2014-12-17 20:01 - 00000000 ____D () C:\Program Files\Anti Trojan Elite
2014-12-17 12:31 - 2014-12-17 12:31 - 00000000 ____D () C:\Documents and Settings\Admin\Dane aplikacji\dlg
2014-12-17 12:30 - 2014-12-17 13:35 - 00000000 ____D () C:\Program Files\Wise Registry Cleaner
2014-12-17 12:30 - 2014-12-17 12:30 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Wise Registry Cleaner Free
2014-12-17 12:27 - 2014-12-17 12:39 - 00000000 ____D () C:\Documents and Settings\Admin\Pulpit\programy
2014-12-17 07:52 - 2014-12-17 12:55 - 00001726 _____ () C:\WINNT\system32\Drivers\fvstore.dat
2014-12-17 07:52 - 2014-12-17 07:52 - 00497366 _____ () C:\WINNT\system32\prfh0415.dat
2014-12-17 07:52 - 2014-12-17 07:52 - 00085766 _____ () C:\WINNT\system32\prfc0415.dat
2014-12-11 17:56 - 2014-12-13 08:36 - 00065536 _____ () C:\WINNT\system32\config\Doctor Web.evt
2014-12-11 17:56 - 2014-12-11 17:56 - 00000000 ____D () C:\Documents and Settings\Admin\Doctor Web
2014-12-11 17:52 - 2014-12-11 17:52 - 157879376 _____ () C:\Documents and Settings\Admin\Pulpit\dr web.exe
2014-12-11 14:03 - 2014-12-11 14:03 - 00000730 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk
2014-12-11 14:03 - 2014-12-11 14:03 - 00000724 _____ () C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
2014-12-11 14:03 - 2014-12-11 14:03 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-11 14:03 - 2014-12-11 14:03 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-11 13:16 - 2014-12-11 13:16 - 00000000 ____D () C:\Documents and Settings\Admin\Dane aplikacji\Mobogenie
2014-12-11 13:15 - 2014-12-11 13:16 - 00000000 ____D () C:\Documents and Settings\Admin\Moje dokumenty\Mobogenie
2014-12-11 12:30 - 2014-12-11 12:30 - 00000000 ____D () C:\Documents and Settings\LocalService\Menu Start\Programy
2014-12-11 12:30 - 2014-12-11 12:30 - 00000000 ____D () C:\Documents and Settings\LocalService\Menu Start
2014-12-11 12:29 - 2014-12-11 12:29 - 00000000 ____D () C:\Documents and Settings\Admin\Moje dokumenty\ProcAlyzer Dumps
2014-12-11 12:28 - 2014-12-11 13:38 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2014-12-11 12:28 - 2014-12-11 13:27 - 00065536 _____ () C:\WINNT\system32\config\SpybotSD.evt
2014-12-11 12:27 - 2014-12-11 13:39 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-12-11 12:15 - 2014-12-19 07:17 - 00002465 _____ () C:\WINNT\WindowsUpdate.log
2014-12-11 12:15 - 2014-12-19 05:39 - 00000159 _____ () C:\WINNT\wiadebug.log
2014-12-11 12:15 - 2014-12-19 05:39 - 00000050 _____ () C:\WINNT\wiaservc.log
2014-12-11 12:14 - 2014-12-13 08:36 - 00509792 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-19 07:22 - 2012-01-14 10:17 - 00000000 ____D () C:\Documents and Settings\Admin\Ustawienia lokalne\Temp
2014-12-19 05:39 - 2014-09-21 08:33 - 00000440 _____ () C:\WINNT\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2014-12-19 05:39 - 2014-09-21 08:33 - 00000440 _____ () C:\WINNT\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2014-12-19 05:39 - 2014-09-21 08:33 - 00000440 _____ () C:\WINNT\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
2014-12-19 05:39 - 2014-09-21 08:33 - 00000440 _____ () C:\WINNT\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
2014-12-19 05:39 - 2012-08-29 06:05 - 00000431 _____ () C:\WINNT\system32\Drivers\etc\hosts.ics
2014-12-19 05:39 - 2012-01-14 10:52 - 00000000 ____D () C:\WINNT\Temp
2014-12-19 05:39 - 2012-01-14 10:52 - 00000000 ____D () C:\WINNT
2014-12-19 05:39 - 2012-01-14 10:14 - 00000006 ____H () C:\WINNT\Tasks\SA.DAT
2014-12-19 00:43 - 2014-09-21 08:32 - 01474832 _____ () C:\WINNT\system32\Drivers\sfi.dat
2014-12-19 00:43 - 2012-01-14 10:17 - 00000188 ___SH () C:\Documents and Settings\Admin\ntuser.ini
2014-12-19 00:43 - 2012-01-14 10:14 - 00032670 ____N () C:\WINNT\SchedLgU.Txt
2014-12-19 00:38 - 2012-01-14 10:58 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2014-12-19 00:32 - 2012-01-14 10:17 - 00000000 ____D () C:\Documents and Settings\Admin\Pulpit
2014-12-19 00:15 - 2014-11-10 09:10 - 00000926 _____ () C:\WINNT\Tasks\Adobe Flash Player Updater.job
2014-12-18 14:28 - 2012-01-14 10:58 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy
2014-12-18 14:28 - 2012-01-14 10:17 - 00000000 __RHD () C:\Documents and Settings\Admin\Dane aplikacji
2014-12-18 14:28 - 2012-01-14 10:17 - 00000000 ___RD () C:\Documents and Settings\Admin\Moje dokumenty
2014-12-18 14:24 - 2012-01-14 10:58 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokumenty
2014-12-17 20:07 - 2014-09-09 10:24 - 00000000 ____D () C:\Program Files\Mobogenie3
2014-12-17 14:14 - 2014-09-09 10:25 - 00000645 _____ () C:\Documents and Settings\All Users\Pulpit\Mobogenie3.lnk
2014-12-17 14:14 - 2012-01-14 10:17 - 00000000 ____D () C:\Documents and Settings\Admin
2014-12-17 07:52 - 2014-09-21 08:30 - 00001858 _____ () C:\Documents and Settings\All Users\Pulpit\COMODO Antivirus.lnk
2014-12-17 00:08 - 2001-07-22 01:17 - 00002206 _____ () C:\WINNT\system32\wpa.dbl
2014-12-16 22:41 - 2014-09-21 08:29 - 00065536 _____ () C:\WINNT\system32\config\COMODO I.evt
2014-12-16 15:44 - 2014-11-10 08:37 - 00000000 ____D () C:\Documents and Settings\Admin\Moje dokumenty\Pobrane
2014-12-13 08:36 - 2012-01-14 10:14 - 00000000 ___HD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji
2014-12-11 17:31 - 2012-04-14 09:01 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Installations
2014-12-11 14:03 - 2012-01-14 10:58 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-12-11 13:53 - 2013-08-23 14:27 - 00701616 _____ (Adobe Systems Incorporated) C:\WINNT\system32\FlashPlayerApp.exe
2014-12-11 13:53 - 2012-01-14 12:50 - 00071344 _____ (Adobe Systems Incorporated) C:\WINNT\system32\FlashPlayerCPLApp.cpl
2014-12-11 13:38 - 2012-01-14 10:26 - 00000079 _____ () C:\WINNT\Wininit.ini
2014-12-11 12:30 - 2012-01-14 10:14 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-12-11 12:29 - 2012-01-14 10:56 - 00000241 ___SH () C:\boot.ini
2014-12-11 12:16 - 2014-09-21 07:38 - 00114904 _____ (Malwarebytes Corporation) C:\WINNT\system32\Drivers\MBAMSwissArmy.sys
2014-12-11 12:14 - 2014-09-21 08:07 - 00000000 ____D () C:\AdwCleaner
2014-12-11 12:12 - 2014-09-21 08:26 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Comodo
2014-12-11 12:12 - 2012-01-14 10:58 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
2014-12-11 10:10 - 2012-10-29 07:25 - 00000000 ____D () C:\WINNT\Microsoft.NET
2014-12-11 09:32 - 2012-01-14 10:59 - 01055026 _____ () C:\WINNT\system32\PerfStringBackup.INI
2014-12-11 09:32 - 2001-10-26 19:15 - 00495874 _____ () C:\WINNT\system32\perfh015.dat
2014-12-11 09:32 - 2001-10-26 19:15 - 00084758 _____ () C:\WINNT\system32\perfc015.dat
2014-12-09 01:20 - 2014-04-16 21:12 - 00619992 _____ (COMODO) C:\WINNT\system32\Drivers\cmdGuard.sys
2014-12-09 01:20 - 2014-04-16 21:12 - 00105560 _____ (COMODO) C:\WINNT\system32\Drivers\inspect.sys
2014-12-09 01:20 - 2014-04-16 21:12 - 00029912 _____ (COMODO) C:\WINNT\system32\Drivers\cmdhlp.sys
2014-12-09 01:20 - 2014-04-16 21:12 - 00015576 _____ (COMODO) C:\WINNT\system32\Drivers\cmderd.sys
2014-12-09 01:20 - 2014-03-25 19:22 - 00352272 _____ (COMODO) C:\WINNT\system32\guard32.dll
2014-12-09 01:20 - 2014-03-25 19:22 - 00286424 _____ (COMODO) C:\WINNT\system32\cmdvrt32.dll
2014-12-09 01:20 - 2014-03-25 19:22 - 00040664 _____ (COMODO) C:\WINNT\system32\cmdkbd32.dll
2014-12-09 01:20 - 2014-03-25 19:22 - 00033520 _____ (COMODO) C:\WINNT\system32\cmdcsr.dll
2014-11-21 06:14 - 2014-09-21 07:37 - 00054360 _____ (Malwarebytes Corporation) C:\WINNT\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-09-21 07:37 - 00023256 _____ (Malwarebytes Corporation) C:\WINNT\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Documents and Settings\Admin\Ustawienia lokalne\Temp\hp_B8.tmp.exe
C:\Documents and Settings\Admin\Ustawienia lokalne\Temp\Opera_NI_stable.exe
C:\Documents and Settings\Admin\Ustawienia lokalne\Temp\rtesetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINNT\explorer.exe => File is digitally signed
C:\WINNT\system32\winlogon.exe => File is digitally signed
C:\WINNT\system32\svchost.exe => File is digitally signed
C:\WINNT\system32\services.exe => File is digitally signed
C:\WINNT\system32\User32.dll => File is digitally signed
C:\WINNT\system32\userinit.exe => File is digitally signed
C:\WINNT\system32\rpcss.dll => File is digitally signed
C:\WINNT\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================