Anonim / 3 lata, 2 miesiące temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-12-2014 01
Ran by Kasia (administrator) on NOWAK-RSUQBEJRJ on 15-12-2014 19:30:04
Running from C:\Documents and Settings\Kasia\Pulpit
Loaded Profile: Kasia (Available profiles: Kasia & Administrator)
Platform: Microsoft Windows XP Professional Dodatek Service Pack 2 (X86) OS Language: Polski
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
() C:\Program Files\D51D0083\auhhlzqovx.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\007\nkdytjtjsw32.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\WINWORD.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1632360 2011-07-05] ()
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20026472 2011-01-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AVP] => C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-03-20] (Kaspersky Lab ZAO)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\klogon: C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
HKU\S-1-5-21-606747145-1580818891-725345543-1003\...\Run: [ALLUpdate] => C:\Program Files\ALLPlayer\ALLUpdate.exe [2765256 2014-11-03] (ALLPlayer Group Ltd.)
HKU\S-1-5-21-606747145-1580818891-725345543-1003\...\MountPoints2: {093a788f-3c60-11e0-aa24-0018f3122744} - K:\AutoRun.exe
HKU\S-1-5-21-606747145-1580818891-725345543-1003\...\MountPoints2: {3f8cd7fc-d491-11e0-acb0-0018f3122744} - K:\AutoRun.exe
HKU\S-1-5-21-606747145-1580818891-725345543-1003\...\MountPoints2: {3f8cd801-d491-11e0-acb0-0018f3122744} - K:\AutoRun.exe
HKU\S-1-5-21-606747145-1580818891-725345543-1003\...\MountPoints2: {45f2de40-6e0d-11e1-8375-0018f3122744} - K:\AutoRun.exe
HKU\S-1-5-21-606747145-1580818891-725345543-1003\...\MountPoints2: {528a649c-cd3c-11df-a8a3-0018f3122744} - K:\AutoRun.exe
HKU\S-1-5-21-606747145-1580818891-725345543-1003\...\MountPoints2: {528a649e-cd3c-11df-a8a3-0018f3122744} - K:\AutoRun.exe
HKU\S-1-5-21-606747145-1580818891-725345543-1003\...\MountPoints2: {a3367041-6e9d-11e1-b57a-0018f3122744} - K:\AutoRun.exe
HKU\S-1-5-21-606747145-1580818891-725345543-1003\...\MountPoints2: {c7c51640-6dd1-11e1-a793-0018f3122744} - K:\AutoRun.exe
HKU\S-1-5-21-606747145-1580818891-725345543-1003\...\MountPoints2: {d3eaeda6-328d-11e0-a9f6-0018f3122744} - K:\Play.exe
HKU\S-1-5-21-606747145-1580818891-725345543-1003\...\MountPoints2: {d9d05f47-5641-11e1-93af-0018f3122744} - K:\AutoRun.exe
HKU\S-1-5-21-606747145-1580818891-725345543-1003\...\MountPoints2: {f6120940-193a-11e1-99a6-0018f3122744} - K:\Setup.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-606747145-1580818891-725345543-1003] => http=;ftp=;https=;
HKU\S-1-5-21-606747145-1580818891-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=170
HKU\S-1-5-21-606747145-1580818891-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-606747145-1580818891-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.onet.pl
SearchScopes: HKU\S-1-5-21-606747145-1580818891-725345543-1003 -> DefaultScope {1B2D3637-BCB7-4773-BC33-4E419B157701} URL = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7ADFA_pl
SearchScopes: HKU\S-1-5-21-606747145-1580818891-725345543-1003 -> {1B2D3637-BCB7-4773-BC33-4E419B157701} URL = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7ADFA_pl
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: ALLYouTubeDownloader -> {61DB16C5-B733-43F4-872E-B20DC9E72740} -> C:\Program Files\ALLYouTubeDownloader\ALLYouTubeDownloader.dll (ALLCinema Ltd.)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> C:\Documents and Settings\Kasia\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll No File
Toolbar: HKU\S-1-5-21-606747145-1580818891-725345543-1003 -> &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 89.231.1.206
Tcpip\..\Interfaces\{6619AE68-67C5-4818-A061-DC477002C4C3}: [NameServer] 8.26.56.26,156.154.70.22

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Kasia\Dane aplikacji\Mozilla\Firefox\Profiles\vzwdmw4b.default
FF Homepage: hxxp://www.gazeta.pl/0,0.html?p=170
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll No File
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Iplex to ALLPlayer - C:\Documents and Settings\Kasia\Dane aplikacji\Mozilla\Firefox\Profiles\vzwdmw4b.default\Extensions\IplextoALL@ALLPlayer.org [2013-08-11]
FF Extension: IE Tab - C:\Documents and Settings\Kasia\Dane aplikacji\Mozilla\Firefox\Profiles\vzwdmw4b.default\Extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2013-09-12]
FF Extension: Iplex to ALLPlayer - C:\Documents and Settings\Kasia\Dane aplikacji\Mozilla\Firefox\Profiles\vzwdmw4b.default\Extensions\IplextoALL@ALLPlayer.org.xpi [2013-05-30]
FF Extension: ALLYouTubeDownloader - C:\Documents and Settings\Kasia\Dane aplikacji\Mozilla\Firefox\Profiles\vzwdmw4b.default\Extensions\YouTubetoALL@ALLPlayer.org.xpi [2014-07-16]
FF Extension: Adblock Plus - C:\Documents and Settings\Kasia\Dane aplikacji\Mozilla\Firefox\Profiles\vzwdmw4b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-21]
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-03-20]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-03-20]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-03-20]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-03-20]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-03-20]

Chrome: 
=======
CHR DefaultSearchURL: Default -> http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7ADFA_pl
CHR DefaultSuggestURL: Default -> 
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\WINDOWS\system32\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Profile: C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-21]
CHR Extension: (Dysk Google) - C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-21]
CHR Extension: (YouTube) - C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-21]
CHR Extension: (Szukaj w Google) - C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-21]
CHR Extension: (Kaspersky URL Advisor) - C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-03-21]
CHR Extension: (Bezpieczne pieniądze) - C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-03-21]
CHR Extension: (Blokada zawartości) - C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-03-21]
CHR Extension: (Klawiatura wirtualna) - C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-03-21]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-08]
CHR Extension: (Bitdefender QuickScan) - C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-04-15]
CHR Extension: (Gmail) - C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-21]
CHR Extension: (Blokowanie banerów) - C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-03-21]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-29]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-29]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-29]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-29]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-29]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-03-20] (Kaspersky Lab ZAO)
R2 CouponMonkeyService; C:\Program Files\D51D0083\auhhlzqovx.exe [150528 2014-11-26] () [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-08-06] (Oracle Corporation)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-12-06] (Hewlett-Packard Company) [File not signed]
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 nkdytjtjsw32; C:\Program Files\007\nkdytjtjsw32.exe [683848 2014-11-26] ()
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [69632 2006-03-03] (HP) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-03] (Microsoft Corporation)
R2 EIO; C:\WINDOWS\system32\drivers\EIO.sys [12288 2006-06-14] (ASUSTeK Computer Inc.) [File not signed]
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-12] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP)
R0 iteatapi; C:\WINDOWS\System32\DRIVERS\iteatapi.sys [28672 2008-03-01] (ITE Tech. Inc.)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [136024 2012-06-19] (Kaspersky Lab ZAO)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [586584 2013-03-20] (Kaspersky Lab)
R3 klim5; C:\WINDOWS\System32\DRIVERS\klim5.sys [35672 2012-06-27] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\WINDOWS\System32\DRIVERS\klkbdflt.sys [24408 2013-03-20] (Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\System32\DRIVERS\klmouflt.sys [24920 2013-03-20] (Kaspersky Lab)
R1 kltdi; C:\WINDOWS\System32\DRIVERS\kltdi.sys [43608 2013-03-20] (Kaspersky Lab)
R1 kneps; C:\WINDOWS\System32\DRIVERS\kneps.sys [144344 2012-08-13] (Kaspersky Lab)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-03] (Microsoft Corporation)
R1 netfilter; C:\WINDOWS\System32\drivers\netfilter.sys [54800 2014-11-26] (NetFilterSDK.com)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [100456 2010-11-12] (NVIDIA Corporation)
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2001-07-22] ()
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [428088 2011-11-27] () [File not signed]
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [298784 2010-09-15] (Marvell)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74072 2012-08-13] (Kaspersky Lab)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96256 2004-08-03] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 19:30 - 2014-12-15 19:30 - 00021249 _____ () C:\Documents and Settings\Kasia\Pulpit\FRST.txt
2014-12-15 19:28 - 2014-12-15 19:30 - 00000000 ____D () C:\FRST
2014-12-15 19:28 - 2014-12-15 19:28 - 01111040 _____ (Farbar) C:\Documents and Settings\Kasia\Pulpit\FRST.exe
2014-12-13 21:59 - 2014-12-14 23:02 - 00051712 _____ () C:\Documents and Settings\Kasia\Pulpit\product List.xls
2014-12-13 12:08 - 2014-12-13 12:11 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit\goł
2014-12-11 22:29 - 2014-12-15 19:11 - 00000000 ____D () C:\Program Files\CouponMonkey
2014-12-11 22:29 - 2014-12-11 22:29 - 00000005 _____ () C:\end
2014-12-05 18:51 - 2014-12-05 18:51 - 00011776 _____ () C:\Documents and Settings\Kasia\Pulpit\BRBOX.xls
2014-12-03 20:40 - 2014-12-11 22:29 - 00000000 ____D () C:\Program Files\D51D0083
2014-12-03 20:40 - 2014-12-03 20:40 - 00000000 ____D () C:\Program Files\007
2014-11-30 14:19 - 2014-12-01 19:10 - 00000014 _____ () C:\Documents and Settings\Kasia\Pulpit\Nowy Dokument tekstowy.txt
2014-11-30 10:27 - 2014-11-30 10:27 - 00000852 _____ () C:\Documents and Settings\Kasia\Pulpit\Any Video Converter.lnk
2014-11-30 10:27 - 2014-11-30 10:27 - 00000000 ____D () C:\Program Files\Anvsoft
2014-11-30 10:27 - 2014-11-30 10:27 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Anvsoft
2014-11-30 10:01 - 2014-11-30 10:01 - 00000000 ____D () C:\Documents and Settings\Kasia\Moje dokumenty\Any Video Converter
2014-11-30 00:05 - 2014-11-30 00:06 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit\SAMSUNG Filmy
2014-11-29 23:22 - 2014-11-29 23:26 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit\Nowy folder (2)
2014-11-26 21:51 - 2014-11-26 21:51 - 00054800 _____ (NetFilterSDK.com) C:\WINDOWS\system32\Drivers\netfilter.sys
2014-11-23 20:34 - 2014-11-23 20:37 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit\CHINY

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 19:30 - 2008-11-21 11:03 - 00000000 ____D () C:\Documents and Settings\Kasia\Ustawienia lokalne\temp
2014-12-15 19:30 - 2008-10-15 18:19 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit
2014-12-15 19:11 - 2008-10-16 16:34 - 00002515 _____ () C:\Documents and Settings\Kasia\Pulpit\Microsoft Word.lnk
2014-12-15 18:34 - 2014-04-18 21:59 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-15 18:34 - 2011-12-20 22:57 - 00319563 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-15 18:33 - 2010-12-02 19:32 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-15 18:29 - 2010-03-20 10:54 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
2014-12-15 18:28 - 2011-12-20 22:58 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-12-15 18:28 - 2011-12-20 22:58 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-12-15 18:27 - 2010-12-02 19:32 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-15 18:27 - 2008-10-15 18:15 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-14 23:08 - 2011-12-20 22:58 - 00032466 _____ () C:\WINDOWS\SchedLgU.Txt
2014-12-14 23:08 - 2008-10-15 18:19 - 00000188 ___SH () C:\Documents and Settings\Kasia\ntuser.ini
2014-12-14 23:08 - 2008-10-15 18:19 - 00000000 ____D () C:\Documents and Settings\Kasia
2014-12-14 22:54 - 2011-01-01 18:50 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit\BEAVER
2014-12-14 21:08 - 2014-04-18 21:59 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-12-14 21:08 - 2014-04-18 21:59 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware
2014-12-14 20:44 - 2014-07-31 09:07 - 00000000 ____D () C:\Documents and Settings\Kasia\Moje dokumenty\Pobrane
2014-12-13 14:53 - 2008-11-10 23:22 - 00000116 _____ () C:\WINDOWS\NeroDigital.ini
2014-12-11 22:27 - 2001-07-21 23:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-12-10 22:40 - 2014-10-20 09:44 - 00000600 _____ () C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
2014-12-10 21:42 - 2008-10-15 18:19 - 00000000 ___HD () C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji
2014-12-07 19:12 - 2008-10-15 19:03 - 00033792 _____ () C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-07 13:03 - 2013-03-17 15:50 - 00030208 _____ () C:\Documents and Settings\Kasia\Pulpit\DWORCOWA.xls
2014-12-03 21:25 - 2012-09-04 12:11 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ALLPlayer
2014-12-03 21:25 - 2008-10-15 18:56 - 00000000 ____D () C:\Program Files\ALLPlayer
2014-11-30 10:27 - 2011-01-06 20:49 - 00000000 ____D () C:\Documents and Settings\Kasia\Dane aplikacji\AnvSoft
2014-11-30 10:27 - 2008-10-15 19:08 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy
2014-11-30 10:01 - 2008-10-15 18:19 - 00000000 ___RD () C:\Documents and Settings\Kasia\Moje dokumenty
2014-11-29 23:54 - 2014-06-15 14:51 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit\Nowy folder (7)
2014-11-29 23:33 - 2014-08-04 22:48 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit\Miasto wieczoro -nocą
2014-11-26 18:44 - 2008-10-15 18:43 - 00000000 ____D () C:\Documents and Settings\Kasia\Dane aplikacji\Winamp
2014-11-23 19:00 - 2013-12-03 19:51 - 00000026 _____ () C:\WINDOWS\Zone.Identifier
2014-11-21 06:14 - 2014-04-18 21:59 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-04-18 21:59 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-11-19 20:12 - 2008-10-15 20:08 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2014-11-16 15:22 - 2011-01-16 19:57 - 00000000 ____D () C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Apple Computer
2014-11-15 09:21 - 2013-03-19 17:29 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

Some content of TEMP:
====================
C:\Documents and Settings\Kasia\Ustawienia lokalne\temp\genteert.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================