OTL logfile created on: 2012-08-06 19:59:50 - Run 2
OTL by OldTimer - Version 3.2.56.0     Folder = E:\
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,75 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 67,83% Memory free
5,50 Gb Paging File | 4,66 Gb Available in Paging File | 84,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 93,53 Gb Free Space | 64,93% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 143,75 Gb Free Space | 99,80% Space Free | Partition Type: NTFS
Drive E: | 3,73 Gb Total Space | 3,18 Gb Free Space | 85,26% Space Free | Partition Type: FAT32
 
Computer Name: OLA-KOMPUTER | User Name: Ola | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-08-06 12:51:52 | 000,596,480 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2012-07-26 10:29:46 | 000,244,656 | ---- | M] (Facebook) -- C:\Users\Ola\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe
PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-12-29 18:20:15 | 000,061,088 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
PRC - [2011-12-29 18:18:07 | 000,488,104 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
PRC - [2011-12-29 18:17:10 | 001,008,296 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
PRC - [2011-12-29 18:17:09 | 000,512,680 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32.exe
PRC - [2011-12-29 18:14:15 | 000,221,864 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
PRC - [2011-12-29 18:14:12 | 000,201,384 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Common\FSM32.EXE
PRC - [2011-12-29 18:14:12 | 000,189,096 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Common\FSMA32.EXE
PRC - [2011-12-29 18:14:12 | 000,090,792 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Common\FSHDLL32.EXE
PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2011-02-26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011-01-17 18:01:46 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011-01-17 18:01:46 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009-07-14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-07-26 10:30:04 | 021,014,960 | ---- | M] () -- C:\Users\Ola\AppData\Local\Facebook\Messenger\2.1.4590.0\libcef.dll
MOD - [2012-07-26 10:29:40 | 000,283,568 | ---- | M] () -- C:\Users\Ola\AppData\Local\Facebook\Messenger\2.1.4590.0\CefSharp.WinForms.dll
MOD - [2012-07-26 10:29:36 | 000,455,600 | ---- | M] () -- C:\Users\Ola\AppData\Local\Facebook\Messenger\2.1.4590.0\CefSharp.dll
MOD - [2012-06-15 12:59:00 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\84fbf353f91385690a3e4e982aa6930e\System.Web.ni.dll
MOD - [2012-06-15 12:58:07 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012-06-15 12:57:52 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012-05-15 06:19:15 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\294d439cfe959b5528ca81d37d3d502f\System.Data.ni.dll
MOD - [2012-05-14 20:59:48 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
MOD - [2012-05-14 20:59:42 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012-05-14 20:59:40 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012-05-14 20:59:24 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2011-10-26 12:42:56 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll
MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll
MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll
MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll
MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll
MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll
MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll
MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll
MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll
MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll
MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll
MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll
MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll
MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll
MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll
MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll
MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll
MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll
MOD - [2009-07-14 10:07:18 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-06-10 23:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011-12-29 18:20:15 | 000,061,088 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\F-Secure\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2011-12-29 18:14:15 | 000,221,864 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2011-12-29 18:14:12 | 000,189,096 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\F-Secure\Common\FSMA32.EXE -- (FSMA)
SRV - [2011-08-08 09:49:07 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\GEARAspiWDM.sys -- (GearAspiWDM)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\F-Secure\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Ola\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys -- (bdselfpr)
DRV - File not found [File_System | Disabled | Stopped] -- system32\DRIVERS\avckf.sys -- (avckf)
DRV - [2012-03-07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012-03-07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012-03-07 01:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012-03-07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012-03-07 01:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012-03-07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011-12-29 18:20:29 | 000,042,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\fsbts.sys -- (fsbts)
DRV - [2011-12-29 18:17:21 | 000,148,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2011-12-29 18:14:16 | 000,014,504 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\F-Secure\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2010-07-09 14:08:14 | 000,327,368 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\System32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 00:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20110804135746277&tb_oid=04-08-2011&tb_mrud=04-08-2011
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=vsl&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=100481&babsrc=SP_ss&mntrId=c81b18cb00000000000000235a61bbbb
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredimail.com/mb68/?search={searchTerms}&loc=search_box&u=92541887232335867
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20110804135746277&tb_oid=04-08-2011&tb_mrud=04-08-2011
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Ola\AppData\Local\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll (Facebook, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-09-06 14:17:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}: C:\Program Files\RelevantKnowledge
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-09-06 14:17:05 | 000,000,000 | ---D | M]
 
[2011-11-25 23:28:26 | 000,002,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Ola\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
CHR - Extension: YouTube = C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012-08-06 13:33:57 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\F-Secure\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW File not found
O4 - HKLM..\Run: [Onet.pl AutoUpdate] "C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe" /updateexetsr File not found
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" File not found
O4 - HKCU..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\Ola\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - Startup: C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Ola\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe (Facebook)
O4 - Startup: C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3361B57-7D2D-4FAF-ADDE-9366AC67A653}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D95320CC-C8C8-4992-B80A-C71688BBB16C}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012-08-06 12:29:38 | 000,000,000 | ---D | M] - E:\Autoruns -- [ FAT32 ]
O32 - AutoRun File - [2012-08-06 12:27:40 | 000,537,139 | ---- | M] () - E:\Autoruns.zip -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-08-06 13:34:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-08-06 13:29:25 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012-08-06 13:29:25 | 000,000,000 | ---D | C] -- C:\Users\Ola\AppData\Local\temp
[2012-08-06 13:18:10 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012-08-06 13:18:06 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012-08-06 13:17:01 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012-08-06 13:17:01 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012-08-06 08:09:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012-08-06 08:09:08 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012-08-06 07:54:23 | 000,000,000 | ---D | C] -- C:\BOS
[2012-07-27 06:52:38 | 000,000,000 | ---D | C] -- C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[1 C:\Users\Ola\AppData\Local\*.tmp files -> C:\Users\Ola\AppData\Local\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-08-06 20:08:03 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3823066037-3289312083-1517089074-1000UA.job
[2012-08-06 20:08:02 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-08-06 20:05:27 | 000,019,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-08-06 20:05:27 | 000,019,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-08-06 20:04:13 | 005,141,478 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-08-06 20:04:13 | 002,186,316 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-08-06 20:04:13 | 001,686,418 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-08-06 20:04:13 | 001,604,860 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-08-06 19:58:12 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-08-06 19:57:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-08-06 19:57:50 | 2213,351,424 | -HS- | M] () -- C:\hiberfil.sys
[2012-08-06 14:08:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3823066037-3289312083-1517089074-1000Core.job
[2012-08-06 13:33:57 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012-08-06 12:03:10 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012-08-06 12:03:10 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-08-05 20:26:39 | 000,019,381 | ---- | M] () -- C:\Users\Ola\Documents\Plan przygotowania do odbycia pracy w Niemczech2.odt
[2012-08-03 06:02:04 | 000,019,439 | ---- | M] () -- C:\Users\Ola\Documents\Plan przygotowania do egzaminy poprawkowego2.odt
[2012-08-02 15:13:09 | 000,002,250 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012-07-30 11:55:54 | 000,019,545 | ---- | M] () -- C:\Users\Ola\Documents\Plan przygotowania do egzaminy poprawkowego.odt
[2012-07-30 11:55:54 | 000,000,102 | -H-- | M] () -- C:\Users\Ola\Documents\.~lock.Plan przygotowania do egzaminy poprawkowego.odt#
[2012-07-30 11:19:09 | 000,020,541 | ---- | M] () -- C:\Users\Ola\Desktop\Zaimek dzierżawczy.odt
[2012-07-30 08:23:58 | 000,000,102 | -H-- | M] () -- C:\Users\Ola\Documents\.~lock.Odmiana czasownika2.odt#
[2012-07-30 07:01:57 | 000,015,667 | ---- | M] () -- C:\Users\Ola\Documents\Plan przygotowania do egzaminy poprawkowegoII.odt
[2012-07-27 11:04:47 | 000,014,486 | ---- | M] () -- C:\Users\Ola\Documents\Plan roku.odt
[2012-07-27 06:52:39 | 000,001,322 | ---- | M] () -- C:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2012-07-23 19:48:18 | 000,019,859 | ---- | M] () -- C:\Users\Ola\Documents\Plan przygotowania do odbycia pracy w Niemczech.odt
[2012-07-23 19:48:17 | 000,000,102 | -H-- | M] () -- C:\Users\Ola\Documents\.~lock.Plan przygotowania do odbycia pracy w Niemczech.odt#
[2012-07-15 10:45:55 | 000,018,178 | ---- | M] () -- C:\Users\Ola\Documents\tortilla.odt
[2012-07-11 21:20:39 | 000,293,776 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-07-10 10:06:03 | 000,018,025 | ---- | M] () -- C:\Users\Ola\Documents\Odwołanie.odt
[1 C:\Users\Ola\AppData\Local\*.tmp files -> C:\Users\Ola\AppData\Local\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-08-06 13:17:01 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012-08-06 13:17:01 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012-08-06 13:17:01 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012-08-06 13:17:01 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012-08-06 13:17:01 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012-08-06 12:03:10 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012-08-06 12:03:10 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012-08-03 06:02:02 | 000,019,439 | ---- | C] () -- C:\Users\Ola\Documents\Plan przygotowania do egzaminy poprawkowego2.odt
[2012-07-30 11:55:41 | 000,000,102 | -H-- | C] () -- C:\Users\Ola\Documents\.~lock.Plan przygotowania do egzaminy poprawkowego.odt#
[2012-07-30 11:19:07 | 000,020,541 | ---- | C] () -- C:\Users\Ola\Desktop\Zaimek dzierżawczy.odt
[2012-07-30 08:23:58 | 000,000,102 | -H-- | C] () -- C:\Users\Ola\Documents\.~lock.Odmiana czasownika2.odt#
[2012-07-30 06:22:09 | 000,019,381 | ---- | C] () -- C:\Users\Ola\Documents\Plan przygotowania do odbycia pracy w Niemczech2.odt
[2012-07-26 20:45:17 | 000,015,667 | ---- | C] () -- C:\Users\Ola\Documents\Plan przygotowania do egzaminy poprawkowegoII.odt
[2012-07-23 19:24:44 | 000,000,102 | -H-- | C] () -- C:\Users\Ola\Documents\.~lock.Plan przygotowania do odbycia pracy w Niemczech.odt#
[2012-07-19 21:07:48 | 000,019,545 | ---- | C] () -- C:\Users\Ola\Documents\Plan przygotowania do egzaminy poprawkowego.odt
[2012-07-15 10:45:54 | 000,018,178 | ---- | C] () -- C:\Users\Ola\Documents\tortilla.odt
[2012-02-05 23:23:55 | 000,003,584 | ---- | C] () -- C:\Users\Ola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-01-31 16:38:12 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{339FAACA-4ABD-4083-A1D0-3F6DBC7868DB}
[2012-01-25 19:47:35 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{E8557C78-E7C5-43C8-9E73-94FF691B633B}
[2012-01-25 11:08:37 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{D8187112-1ECC-4AC8-944A-C4D30DED6ADD}
[2012-01-18 18:49:24 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{B2860A5D-AFF2-46B3-AB54-D05B80E5D125}
[2012-01-18 18:40:11 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{2D34F7D6-BE6C-4773-A4C9-3F3C07AAE12D}
[2012-01-15 17:00:27 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{45FF3DD8-5329-4E70-B022-E5ABEF8D1511}
[2012-01-06 16:06:18 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{5EBB75C7-8FE0-4E2B-92EA-AA524B998B69}
[2012-01-05 23:40:33 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{49807EA9-CC35-4D16-A673-5DE537F65AA1}
[2012-01-05 22:37:01 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{059145AD-CF40-4E87-A28E-1D45DBA44AB4}
[2012-01-05 20:48:24 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{EE783A20-9F5B-42DD-A587-A651944BB34C}
[2012-01-04 13:21:08 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{92135DBD-89B5-484F-9233-7B688D017A36}
[2012-01-04 12:57:33 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{006C0E0A-4E60-4201-9C1B-34E048D2BFBD}
[2012-01-04 12:52:10 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{F96DBDB1-098E-495A-BA5D-0011EEF2ABA4}
[2012-01-04 10:55:23 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{C8A5FBE4-6DDB-45B3-AE43-BBC569418EAC}
[2012-01-04 10:39:27 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{8E0D6741-82FD-4DB0-8407-C84097097411}
[2012-01-03 15:25:06 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{0E6B7A9E-816D-49FE-AFBD-C665D0E8B7FE}
[2011-12-29 23:50:21 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{0F199069-AE23-4764-88C1-BD6ECA3EFB80}
[2011-12-29 20:18:52 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{22D7B14B-2DA5-488B-9904-CF2C797E1168}
[2011-12-29 20:12:45 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{4BA9D3A2-DB79-4DCF-A705-ED79444CD41E}
[2011-12-29 18:16:28 | 000,042,672 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
[2011-12-29 16:24:15 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{FCE9CF3A-00D2-4B59-8DC5-7417654D12EF}
[2011-12-29 14:50:46 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{0DB2D413-8D2D-462F-BD9A-0E52D7B2A4F0}
[2011-12-29 13:51:20 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{C7061BA6-9FB5-4FED-888A-274119FBB2C0}
[2011-12-29 12:56:43 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{798F51FE-866B-4B07-81DD-66D0DDE6C133}
[2011-12-28 21:23:44 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{05450A04-E7EB-4C50-8FA9-060691630413}
[2011-12-28 21:22:15 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{F71A7D3B-0AA3-4539-8D39-CC06CE34E0B3}
[2011-12-28 21:01:21 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{F7278836-D048-406A-893F-6331319C9F2A}
[2011-12-28 19:14:46 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{A0B5E776-360E-42A8-8BEF-965271AC96F0}
[2011-12-28 17:50:37 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{5E6B6935-6539-4669-98CD-C8FDA6846BDE}
[2011-12-28 17:46:00 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{E49D18B4-AE2E-4389-89E2-EA3FC9445431}
[2011-12-28 15:25:49 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{409A1A4D-4063-4064-890F-B1EC5C2B51DD}
[2011-12-28 15:22:15 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{20736819-5AC7-49BC-A335-15D68BDB1229}
[2011-12-27 20:37:39 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{1C14E2C5-5956-4D7A-A2D0-EE56743BAE6E}
[2011-12-27 20:35:49 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{28FC582C-1A29-494C-9024-AAC89331429B}
[2011-12-26 18:40:43 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{E2E7E716-2AFA-4029-B023-34686FBEC661}
[2011-12-25 16:26:56 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{40A4EA35-F160-4249-836C-7C04CBABD5FC}
[2011-12-20 23:51:50 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{B2EFB5EB-00DA-400F-A800-C5EEF75F861C}
[2011-12-19 18:05:26 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{6BF263A2-BB20-4112-848F-A1C22E4101A4}
[2011-12-19 17:44:01 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{8E41DA1E-6D21-4E66-90BC-2D88C3E9B118}
[2011-12-19 16:03:40 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{89C67D76-22A1-4104-8B23-C2491D7A83DA}
[2011-12-15 17:18:57 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{0D1C1DCD-42D6-4336-AEDF-D73E3AA155E5}
[2011-12-14 21:54:59 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{C6EFC917-955F-4BDA-B6F9-558F6A626DFD}
[2011-12-14 17:24:51 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{66746E57-ECB2-4313-9F68-B7CBBC3D1B92}
[2011-12-13 21:45:55 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{B6A289DD-BA5F-43D0-8776-389CAD4BA64C}
[2011-12-13 21:02:31 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{7E6E8C70-9EB1-4706-AD68-99A50734BED9}
[2011-12-12 22:46:27 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{980EAA96-296E-445B-BDA4-8D29BEEAD9A1}
[2011-12-12 22:44:00 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{B41EE688-6236-4741-8C23-27DB3A488487}
[2011-12-11 21:28:13 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{16695841-A1EF-4FFA-91D1-AFC384F608C7}
[2011-12-11 14:48:33 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{55BBDF71-D551-4DC2-B22D-D2CDF87771FD}
[2011-12-11 12:58:17 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{FEEDE017-A08D-4596-88DF-39354FAAD621}
[2011-12-10 12:55:02 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{BEE15673-1842-42D2-9624-47F8781AB703}
[2011-12-08 19:15:32 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{2A094F5A-438A-4C51-B292-585C9C662A18}
[2011-12-04 14:43:00 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{4DF1DD74-943B-45AC-89F9-5EE1B58F0420}
[2011-12-02 21:22:05 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{7554228B-D55B-4DFD-A1EF-3EC5605C9C09}
[2011-12-02 21:20:43 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{77743E0F-FAA7-4B6B-8CF1-4BEEFA5E6A30}
[2011-12-01 14:59:36 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{351DF0FC-D55C-4367-A0F5-FE1A7E68BE81}
[2011-12-01 14:58:20 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{B323A1A7-1596-4D81-B551-E261E3429A7F}
[2011-11-29 13:04:50 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{0ECC2FCB-A7B3-4DB2-B65E-1011632D85F3}
[2011-11-28 23:16:49 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{F74FA695-40F6-4DAC-A2D3-17A3D1151F2C}
[2011-11-28 23:11:30 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{AFCDC5E1-806A-40C9-A436-EFBB71F279AF}
[2011-11-28 22:34:07 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{17387251-7DF0-482D-A35B-08D6298EBC38}
[2011-11-28 20:45:33 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{34BFE0E7-88CC-4C67-A6DE-C6524B0E6790}
[2011-11-28 17:27:42 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{1F1A0DFD-FB2B-4AF6-A4A9-7348FAEC1E56}
[2011-11-28 17:18:47 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{4A8D18EA-51CA-457E-A8AA-D8504645C983}
[2011-11-28 14:05:44 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{5348FD1D-EBC5-4C24-B97F-377223F96006}
[2011-11-27 15:14:12 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{15DB0122-DE32-41A0-BC33-29984B81964D}
[2011-11-27 15:04:34 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{E67D9BE1-DFF2-4290-BED8-977E1C18E123}
[2011-11-25 00:28:55 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{7EB0F246-FA79-45AE-B30A-5DE8EBC60D1C}
[2011-11-23 22:06:41 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{8A1E1DA0-7D8B-4DA2-83D4-C3FBD17ACF8D}
[2011-11-23 21:52:17 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{7F1B497F-FB46-4926-8485-AC2B1C2CA46F}
[2011-11-23 20:31:35 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{ED42E5CB-4242-4549-9BA1-E545D29582F6}
[2011-11-23 06:44:33 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{6F5D2557-FA09-406A-A92F-33C940894AD8}
[2011-11-15 23:26:43 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{655BFEC5-D12D-496D-8DB5-B63C337774EC}
[2011-11-15 23:14:38 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{18F6D667-B0DB-4180-A5EE-8861B8EDAA73}
[2011-11-14 15:35:31 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{12ACE93C-DC90-43E2-A3DE-34F0627EA44C}
[2011-11-14 14:00:10 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{8F69D971-68C1-4840-B3EB-BD2CF1F0E8F8}
[2011-11-12 16:46:51 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{89B5F2E2-16C4-4B51-820C-65DF46204A2E}
[2011-11-11 22:13:23 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{3D453514-D6C7-4E9D-A461-3D0B405018DA}
[2011-11-11 15:22:06 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{0C7BB205-9E31-49B1-B5FD-F8718691EA97}
[2011-11-11 15:19:14 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{98051D47-83DB-4DD8-A6F4-E8283C2DC32F}
[2011-11-03 23:07:28 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{9CF27D22-860C-4CFB-81F8-4D8814273351}
[2011-11-03 15:48:50 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{8641173A-1690-4C75-885D-575FD803582A}
[2011-11-03 11:36:51 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{B53CFD56-46DA-4CA4-A6A3-3E918F136823}
[2011-11-02 15:34:36 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{FA65601E-6AD2-49C1-9AC9-85D1357957C8}
[2011-11-02 15:30:59 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{94C12BD6-2D15-4ECE-A37A-727042F44C68}
[2011-10-30 14:03:12 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{09D6BFA3-FB6F-461E-A3EC-A7D59D08B251}
[2011-10-26 15:43:07 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{89882349-9067-444A-94EC-C854B04E7205}
[2011-10-21 12:41:54 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{62EABA52-0116-499F-AD0E-AAE1A2364B21}
[2011-10-17 16:25:03 | 000,000,000 | ---- | C] () -- C:\Windows\System32\imblacklist.dat
[2011-10-14 11:18:49 | 000,076,756 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2011-10-13 18:40:11 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{131FF07D-C105-4C02-A16B-7A57208789B5}
[2011-10-11 14:48:54 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{FE8B28FE-431A-415F-8814-B9B2A1FA0BA8}
[2011-10-07 19:51:46 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{F18EB7DF-B38E-4889-A61F-645D5D9919AF}
[2011-09-09 16:17:04 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{E22302F6-7FF3-48C4-B115-FE5C276659FD}
[2011-09-06 14:13:11 | 000,169,709 | ---- | C] () -- C:\Windows\hpoins34.dat
[2011-09-06 14:13:11 | 000,000,396 | ---- | C] () -- C:\Windows\hpomdl34.dat
[2011-08-28 21:25:38 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{52D429D7-1C76-44D2-BC5B-E9F808646211}
[2011-08-28 21:24:23 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{79BA2830-2780-4C9F-92C3-5D74E2264272}
[2011-08-28 21:12:18 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{15FB0F03-4981-4DD1-AC58-45DD2A39AC10}
[2011-08-28 20:48:27 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{265C1DAA-50C0-45DF-BD67-1B4D55DFC605}
[2011-08-28 19:20:22 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{204A1CB2-C611-45F9-A49A-88CAAC2CFD36}
[2011-08-28 14:08:14 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{E0B00778-B516-45F4-87C9-551777FA9528}
[2011-08-22 20:36:07 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{3432653A-216D-40A5-8064-F2277CA7F57C}
[2011-08-22 20:28:16 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{A20E781C-E3F2-4F49-8C1B-6BFC259690C0}
[2011-08-22 20:18:49 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{910A9767-F8F6-4C6D-8B36-C4182705E631}
[2011-08-22 20:07:25 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{A2DB89D4-27C4-46EC-8F04-2E68BD009D57}
[2011-08-17 10:47:07 | 000,000,000 | ---- | C] () -- C:\Users\Ola\AppData\Local\{3B1005FE-26B6-400E-99B3-19FBA3EF0DB4}
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2011-11-20 18:32:35 | 000,000,000 | ---- | M] ()(C:\Windows\System32\?????) -- C:\Windows\System32\獷楬汢捯污
[2011-11-20 18:32:35 | 000,000,000 | ---- | C] ()(C:\Windows\System32\?????) -- C:\Windows\System32\獷楬汢捯污

< End of report >