OTL logfile created on: 2012-09-14 02:31:23 - Run 1
OTL by OldTimer - Version 3.2.61.3     Folder = C:\Users\Patrycja\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,96 Gb Total Physical Memory | 2,06 Gb Available Physical Memory | 69,52% Memory free
6,12 Gb Paging File | 5,26 Gb Available in Paging File | 86,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,78 Gb Total Space | 179,04 Gb Free Space | 80,37% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 4,01 Gb Free Space | 40,14% Space Free | Partition Type: NTFS
Drive F: | 3,79 Gb Total Space | 1,26 Gb Free Space | 33,08% Space Free | Partition Type: FAT32
 
Computer Name: PATRYCJA-PC | User Name: Patrycja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-09-14 07:29:50 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Patrycja\Desktop\OTL (1).exe
PRC - [2012-09-07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-09-07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012-09-07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012-06-29 19:52:24 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
PRC - [2008-10-29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-06-05 16:26:36 | 000,752,168 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2008-06-05 16:19:56 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2004-09-08 20:51:54 | 000,121,344 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2012-09-07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-09-07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012-08-21 19:24:34 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-06-29 19:52:24 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2012-04-21 03:19:00 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2008-01-21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2012-09-07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012-06-29 19:52:24 | 000,488,024 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2011-11-07 16:17:27 | 000,716,272 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010-06-09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010-06-09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2010-04-22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009-11-02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-07-10 05:44:52 | 000,122,880 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008-04-23 10:30:10 | 000,688,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2008-04-23 10:30:10 | 000,060,533 | ---- | M] (STMicroelectronics              ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stmatm.sys -- (Stmatm)
DRV - [2006-11-14 18:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [1999-09-10 13:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI32)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {AA74FE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={B78FE064-0BB6-11E1-B1AC-EEE657E04A2F}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2360824380-645357767-1739470740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-2360824380-645357767-1739470740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2360824380-645357767-1739470740-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-2360824380-645357767-1739470740-1000\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKU\S-1-5-21-2360824380-645357767-1739470740-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-2360824380-645357767-1739470740-1000\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms}
IE - HKU\S-1-5-21-2360824380-645357767-1739470740-1000\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms}
IE - HKU\S-1-5-21-2360824380-645357767-1739470740-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={B78FE064-0BB6-11E1-B1AC-EEE657E04A2F}
IE - HKU\S-1-5-21-2360824380-645357767-1739470740-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "GadgetBox"
FF - prefs.js..browser.search.defaultenginename,S: S", "GadgetBox"
FF - prefs.js..browser.search.defaulturl: "http://search.gboxapp.com/?q="
FF - prefs.js..browser.search.order.1: "GadgetBox"
FF - prefs.js..browser.search.order.1,S: S", "GadgetBox"
FF - prefs.js..browser.search.selectedEngine: "GadgetBox"
FF - prefs.js..browser.search.selectedEngine,S: S", "GadgetBox"
FF - prefs.js..browser.startup.homepage: "http://search.gboxapp.com/"
FF - prefs.js..extensions.enabledAddons: 4fe5fd90d0ebf@4fe5fd90d0ef8.info:1.0
FF - prefs.js..extensions.enabledAddons: gadget@gadgetbox:1.6
FF - prefs.js..keyword.URL: "http://search.gboxapp.com/?q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Patrycja\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Patrycja\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-05-08 09:14:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\THBExt [2012-06-29 18:30:24 | 000,000,000 | ---D | M]
 
[2012-05-08 09:15:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrycja\AppData\Roaming\mozilla\Extensions
[2012-09-13 22:16:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrycja\AppData\Roaming\mozilla\Firefox\Profiles\4ftr6ldg.default\extensions
[2012-07-30 19:22:16 | 000,000,000 | ---D | M] (wxDfast) -- C:\Users\Patrycja\AppData\Roaming\mozilla\Firefox\Profiles\4ftr6ldg.default\extensions\4fe5fd90d0ebf@4fe5fd90d0ef8.info
[2012-06-23 19:43:25 | 000,000,478 | ---- | M] () -- C:\Users\Patrycja\AppData\Roaming\mozilla\firefox\profiles\4ftr6ldg.default\searchplugins\GadgetBox.xml
[2012-06-29 19:05:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-06-29 19:06:00 | 000,000,000 | ---D | M] (Blokowanie banerów) -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
[2012-06-29 18:38:29 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
File not found (No name found) -- C:\USERS\PATRYCJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4FTR6LDG.DEFAULT\EXTENSIONS\GADGET@GADGETBOX
[2012-04-21 03:19:34 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-04-21 03:18:25 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012-04-21 03:18:25 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: null
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Patrycja\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Patrycja\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Patrycja\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Patrycja\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
 
O1 HOSTS File: ([2012-09-14 00:06:22 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKU\S-1-5-21-2360824380-645357767-1739470740-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [avp] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [OrangeDeamon] C:\Program Files\Orange\Orange.exe ()
O4 - HKU\S-1-5-21-2360824380-645357767-1739470740-1000..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2360824380-645357767-1739470740-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2360824380-645357767-1739470740-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img3.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img3.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011-04-27 19:19:32 | 452,493,312 | ---- | M] () - F:\AutoMapa_6.8.1_FINAL_PL.iso -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-09-14 02:30:08 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Patrycja\Desktop\OTL (1).exe
[2012-09-14 00:14:43 | 000,000,000 | ---D | C] -- C:\Users\Patrycja\AppData\Local\temp
[2012-09-14 00:06:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-09-13 23:51:15 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012-09-13 23:25:45 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012-09-13 23:25:45 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012-09-13 23:25:45 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012-09-13 23:24:20 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012-09-13 23:23:36 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012-09-13 23:22:13 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012-09-13 23:21:51 | 004,750,981 | R--- | C] (Swearware) -- C:\Users\Patrycja\Desktop\ComboFix.exe
[2012-09-13 22:56:12 | 000,000,000 | ---D | C] -- C:\Users\Patrycja\AppData\Roaming\Malwarebytes
[2012-09-13 22:55:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-09-13 22:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-09-13 22:55:53 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012-09-13 22:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012-09-13 22:39:18 | 000,000,000 | ---D | C] -- C:\found.001
[2012-09-13 22:09:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-09-13 22:09:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-09-13 21:01:43 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012-09-13 21:01:43 | 000,000,000 | ---D | C] -- C:\Users\Patrycja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012-09-13 18:54:33 | 000,000,000 | ---D | C] -- C:\found.000
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-09-14 07:29:50 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Patrycja\Desktop\OTL (1).exe
[2012-09-14 02:23:50 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-09-14 02:23:50 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-09-14 02:23:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-09-14 02:08:13 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2360824380-645357767-1739470740-1000UA.job
[2012-09-14 01:21:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-09-14 00:06:22 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012-09-13 23:52:29 | 000,001,660 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012-09-13 22:55:56 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-09-13 22:09:44 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-09-13 21:21:00 | 000,002,529 | ---- | M] () -- C:\Users\Patrycja\Desktop\HiJackThis.lnk
[2012-09-13 20:59:00 | 000,672,140 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-09-13 20:59:00 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-09-13 20:59:00 | 000,130,516 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-09-13 20:59:00 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-09-13 18:27:10 | 004,750,981 | R--- | M] (Swearware) -- C:\Users\Patrycja\Desktop\ComboFix.exe
[2012-09-07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012-08-22 19:19:53 | 000,002,059 | ---- | M] () -- C:\Users\Patrycja\Desktop\Google Chrome.lnk
[2012-08-21 19:24:29 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-08-21 19:24:29 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-08-16 21:09:15 | 000,019,456 | -H-- | M] () -- C:\Users\Patrycja\Desktop\photothumb.db
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-09-13 23:25:45 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012-09-13 23:25:45 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012-09-13 23:25:45 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012-09-13 23:25:45 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012-09-13 23:25:45 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012-09-13 22:55:56 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-09-13 22:09:44 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-09-13 21:01:43 | 000,002,529 | ---- | C] () -- C:\Users\Patrycja\Desktop\HiJackThis.lnk
[2012-06-29 18:36:03 | 000,113,933 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2012-06-29 18:36:02 | 000,097,549 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011-11-29 17:03:17 | 000,001,660 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2011-11-26 11:51:32 | 000,000,125 | ---- | C] () -- C:\Users\Patrycja\AppData\Roaming\burnaware.ini
[2011-11-10 18:34:11 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011-11-05 10:27:37 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011-11-05 10:27:37 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011-10-29 11:07:04 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2011-10-29 10:53:28 | 000,015,360 | ---- | C] () -- C:\Users\Patrycja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-10-29 09:46:03 | 000,688,864 | ---- | C] () -- C:\Windows\System32\drivers\torususb.sys
[2011-10-29 09:46:03 | 000,036,864 | ---- | C] () -- C:\Windows\System32\stmclean.exe
[2011-10-29 09:46:03 | 000,000,161 | ---- | C] () -- C:\Windows\DSLSetup.ini
[2011-10-29 04:59:28 | 000,672,140 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2011-10-29 04:59:28 | 000,332,832 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2011-10-29 04:59:28 | 000,130,516 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2011-10-29 04:59:28 | 000,037,468 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2011-10-28 19:24:25 | 000,001,356 | ---- | C] () -- C:\Users\Patrycja\AppData\Local\d3d9caps.dat
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-11-05 16:53:14 | 000,000,000 | ---D | M] -- C:\Users\Patrycja\AppData\Roaming\Anthropics
[2011-11-10 17:50:14 | 000,000,000 | ---D | M] -- C:\Users\Patrycja\AppData\Roaming\Ashampoo
[2011-11-03 19:18:24 | 000,000,000 | ---D | M] -- C:\Users\Patrycja\AppData\Roaming\Canon
[2012-01-28 12:56:03 | 000,000,000 | ---D | M] -- C:\Users\Patrycja\AppData\Roaming\DeepBurner
[2011-11-26 11:53:23 | 000,000,000 | ---D | M] -- C:\Users\Patrycja\AppData\Roaming\FinalBurner Video DVD
[2012-09-13 15:53:50 | 000,000,000 | ---D | M] -- C:\Users\Patrycja\AppData\Roaming\Gadu-Gadu 10
[2011-11-26 11:58:01 | 000,000,000 | ---D | M] -- C:\Users\Patrycja\AppData\Roaming\InfraRecorder
[2011-10-29 13:08:02 | 000,000,000 | ---D | M] -- C:\Users\Patrycja\AppData\Roaming\OpenFM
[2012-06-25 19:30:35 | 000,000,000 | ---D | M] -- C:\Users\Patrycja\AppData\Roaming\PhotoScape
[2011-11-05 16:54:45 | 000,000,000 | ---D | M] -- C:\Users\Patrycja\AppData\Roaming\Thinstall
[2012-09-13 23:52:29 | 000,032,498 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:B9AB561D

< End of report >