Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2014
Ran by Tajon (administrator) on TAJON-KOMPUTER on 12-01-2014 16:31:00
Running from C:\Users\Tajon\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Alcohol Soft Development Team) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Freemake) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Creative Technology Ltd) C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Macrovision Europe Ltd.) C:\Users\Tajon\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RunDLLEntry] - C:\Windows\system32\AmbRunE.dll [17920 2009-02-26] (Creative Technology Ltd.)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [CTSyncService] - C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe [1233195 2009-07-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [ATICustomerCare] - C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-11-07] (Advanced Micro Devices, Inc.)
HKCU\...\Run: [zASRockInstantBoot] - [x]
MountPoints2: G - G:\Setup.exe
MountPoints2: {313086c0-3cb0-11e1-aef7-806e6f6e6963} - H:\BSAutoRun.exe
MountPoints2: {7cbaee63-46ef-11e3-92b9-002522ebc235} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {b69dc25d-314d-11e1-91c6-002522ebc235} - G:\autorun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.kotor2.pl
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
SearchScopes: HKCU - {3B9244E8-6F9C-4fec-9FB3-07439A6B5473} URL = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=pl&q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://www.google.pl/"
CHR Extension: (Google Docs) - C:\Users\Tajon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-11-21]
CHR Extension: (Google Drive) - C:\Users\Tajon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 [2013-11-21]
CHR Extension: (Color Change for Facebook) - C:\Users\Tajon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apkekhcjmilamfcfeabnaidffgenboeg\4.106_0 [2013-11-28]
CHR Extension: (Ancient Map) - C:\Users\Tajon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcjaemihddenoopkkhaamlcoliiiain\1.4_0 [2013-11-21]
CHR Extension: (YouTube) - C:\Users\Tajon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-11-21]
CHR Extension: (Adblock Plus) - C:\Users\Tajon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0 [2013-12-20]
CHR Extension: (Google Search) - C:\Users\Tajon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-11-21]
CHR Extension: (Google Wallet) - C:\Users\Tajon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 [2013-12-20]
CHR Extension: (Gmail) - C:\Users\Tajon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 [2013-11-21]
CHR HKLM-x32\...\Chrome\Extension: [hendmekoldfacfhlojkjcnbjegkahclb] - C:\Program Files (x86)\diamondata\hendmekoldfacfhlojkjcnbjegkahclb.crx [2013-11-21]

==================== Services (Whitelisted) =================

S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [100864 2012-09-07] (Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704 2012-09-07] (Freemake)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
S2 pgsql-8.3; C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe [65536 2008-02-01] (PostgreSQL Global Development Group)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-09-24] ()
R3 dmxfire; C:\Windows\System32\drivers\dmx6fire.sys [129120 2007-03-22] (Terratec Electronic GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-09-24] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-11-24] (Duplex Secure Ltd.)
U3 a8nnu9kp; C:\Windows\System32\Drivers\a8nnu9kp.sys [0 ] (Advanced Micro Devices)
U3 ats47k7t; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-12 16:27 - 2014-01-12 16:27 - 00002060 _____ C:\Windows\PFRO.log
2014-01-12 16:24 - 2014-01-12 16:24 - 00448512 _____ (OldTimer Tools) C:\Users\Tajon\Desktop\TFC.exe
2014-01-12 14:41 - 2014-01-12 14:41 - 00000956 _____ C:\Users\Tajon\Desktop\GMER.txt
2014-01-12 14:18 - 2014-01-12 14:18 - 00090924 _____ C:\Users\Tajon\Desktop\Extras.Txt
2014-01-12 14:17 - 2014-01-12 14:17 - 00102900 _____ C:\Users\Tajon\Desktop\OTL.Txt
2014-01-12 14:05 - 2014-01-12 14:05 - 00043625 _____ C:\Users\Tajon\Desktop\Addition.txt
2014-01-12 14:04 - 2014-01-12 16:31 - 00010922 _____ C:\Users\Tajon\Desktop\FRST.txt
2014-01-12 14:03 - 2014-01-12 14:03 - 00000000 ____D C:\FRST
2014-01-12 13:59 - 2014-01-12 13:59 - 00000000 ____D C:\Program Files (x86)\Hijack
2014-01-12 13:33 - 2014-01-12 13:33 - 00602112 _____ (OldTimer Tools) C:\Users\Tajon\Desktop\OTL.scr
2014-01-12 13:31 - 2014-01-12 13:31 - 02075136 _____ (Farbar) C:\Users\Tajon\Desktop\FRST64.exe
2014-01-12 13:30 - 2014-01-12 13:30 - 00377856 _____ C:\Users\Tajon\Desktop\v2zsmi7b.exe
2014-01-12 13:28 - 2014-01-12 13:28 - 00148376 _____ C:\Users\Tajon\Documents\cc_20140112_132832.reg
2014-01-12 12:57 - 2014-01-12 12:59 - 00015367 _____ C:\Windows\WindowsUpdate.log
2014-01-12 12:51 - 2014-01-12 16:27 - 00000224 _____ C:\Windows\setupact.log
2014-01-12 12:51 - 2014-01-12 12:51 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 12:16 - 2014-01-12 12:18 - 00000000 ___SD C:\ComboFix
2014-01-12 12:16 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-12 12:16 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-12 12:16 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-12 12:16 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-12 12:16 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-12 12:16 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-12 12:16 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-12 12:16 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-12 12:09 - 2014-01-12 12:16 - 00000000 ____D C:\Qoobox
2014-01-12 12:09 - 2014-01-12 12:09 - 00000000 ____D C:\Windows\erdnt
2014-01-12 11:03 - 2014-01-12 12:59 - 00000000 ____D C:\AdwCleaner
2014-01-12 09:22 - 2014-01-12 09:22 - 00915368 _____ (Oracle Corporation) C:\Users\Tajon\Desktop\chromeinstall-7u45.exe
2014-01-11 03:15 - 2014-01-11 03:15 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-11 01:29 - 2014-01-11 01:29 - 00000000 ____D C:\Program Files (x86)\HijackThis
2014-01-11 01:16 - 2014-01-11 01:16 - 00000958 _____ C:\Users\Tajon\Documents\cc_20140111_011634.reg
2014-01-10 02:03 - 2014-01-10 02:03 - 00000964 _____ C:\Users\Tajon\Desktop\Nowy dokument tekstowy.txt
2014-01-09 01:34 - 2014-01-09 01:35 - 51019822 _____ C:\Users\Tajon\Desktop\The Spinners - Smile, We Have Each Other.wav
2014-01-08 17:26 - 2014-01-08 17:26 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2014-01-05 19:36 - 2014-01-05 19:40 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\Synthesia
2014-01-05 19:36 - 2014-01-05 19:36 - 00000000 ____D C:\Program Files (x86)\Synthesia
2014-01-05 19:32 - 2014-01-05 19:35 - 00000000 __SHD C:\Users\Tajon\AppData\Roaming\.#
2014-01-05 15:11 - 2014-01-09 00:31 - 00000000 ____D C:\Users\Tajon\Documents\VirtualDJ
2014-01-05 15:11 - 2014-01-05 15:11 - 00000570 _____ C:\Users\poker\Desktop\Virtual DJ Pro.lnk
2014-01-05 15:11 - 2014-01-05 15:11 - 00000570 _____ C:\Users\elephant\Desktop\Virtual DJ Pro.lnk
2014-01-03 21:31 - 2014-01-03 21:36 - 00000161 _____ C:\Users\Tajon\Documents\PrawkoB2013P.tmp
2014-01-03 21:31 - 2014-01-03 21:31 - 00000094 _____ C:\Users\Tajon\Documents\PrawkoB2013P.ini
2013-12-29 00:39 - 2013-12-29 00:39 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2013-12-29 00:39 - 2013-12-29 00:39 - 00000000 ____D C:\Users\Tajon\AppData\Local\WarThunder
2013-12-29 00:39 - 2013-12-29 00:39 - 00000000 ____D C:\ProgramData\WarThunder
2013-12-25 13:32 - 2013-12-25 13:32 - 00009452 _____ C:\Users\Tajon\Documents\cc_20131225_133236.reg
2013-12-25 12:39 - 2013-12-25 14:01 - 499477558 _____ C:\Users\Tajon\Desktop\FMH14v503-youme-androidowka.rar
2013-12-24 18:13 - 2013-12-24 18:35 - 402796194 _____ C:\Users\Tajon\Desktop\Mafia_2_Spolszczenie.rar
2013-12-24 16:30 - 2013-12-24 16:30 - 00000000 ____D C:\Users\Tajon\Desktop\Nowy folder (2)
2013-12-23 23:16 - 2013-12-23 23:16 - 00000000 ____D C:\Users\Tajon\Desktop\Nowy folder
2013-12-20 22:33 - 2014-01-11 01:11 - 00000000 ____D C:\Users\Tajon\AppData\Local\SKIDROW
2013-12-20 22:33 - 2013-12-20 22:34 - 00000000 ____D C:\Users\Tajon\AppData\Local\Urban Trial Freestyle
2013-12-17 12:11 - 2013-12-17 12:11 - 57355822 _____ C:\Users\Tajon\Desktop\Fr.Chopin - Nokturn f-moll op.55 nr 1.wav
2013-12-14 18:39 - 2013-12-14 18:39 - 39601198 _____ C:\Users\Tajon\Desktop\Mikis Theodorakis- Maria Farantouri_ MARINA - ΜΑΡΙΝΑ.wav
2013-12-14 18:38 - 2013-12-14 18:38 - 10404910 _____ C:\Users\Tajon\Desktop\Take me Home (Tol & Tol).wav
2013-12-14 18:36 - 2013-12-14 18:36 - 40006702 _____ C:\Users\Tajon\Desktop\Tol & Tol (The Netherlands) - Sedalia.wav
2013-12-14 01:43 - 2014-01-12 13:12 - 00000000 ____D C:\Users\elephant
2013-12-14 01:43 - 2013-12-14 01:43 - 00000715 _____ C:\Users\poker\Desktop\Deus Ex PL.lnk
2013-12-14 01:43 - 2013-12-14 01:43 - 00000715 _____ C:\Users\elephant\Desktop\Deus Ex PL.lnk
2013-12-14 01:43 - 2013-12-14 01:43 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Deus Ex
2013-12-14 01:27 - 2013-12-14 01:27 - 00000000 ____D C:\Program Files (x86)\directx

==================== One Month Modified Files and Folders =======

2014-01-12 16:31 - 2014-01-12 14:04 - 00010922 _____ C:\Users\Tajon\Desktop\FRST.txt
2014-01-12 16:28 - 2013-11-21 15:28 - 00000000 ____D C:\Users\Tajon\AppData\Local\LogMeIn Hamachi
2014-01-12 16:27 - 2014-01-12 16:27 - 00002060 _____ C:\Windows\PFRO.log
2014-01-12 16:27 - 2014-01-12 12:51 - 00000224 _____ C:\Windows\setupact.log
2014-01-12 16:24 - 2014-01-12 16:24 - 00448512 _____ (OldTimer Tools) C:\Users\Tajon\Desktop\TFC.exe
2014-01-12 14:41 - 2014-01-12 14:41 - 00000956 _____ C:\Users\Tajon\Desktop\GMER.txt
2014-01-12 14:18 - 2014-01-12 14:18 - 00090924 _____ C:\Users\Tajon\Desktop\Extras.Txt
2014-01-12 14:17 - 2014-01-12 14:17 - 00102900 _____ C:\Users\Tajon\Desktop\OTL.Txt
2014-01-12 14:05 - 2014-01-12 14:05 - 00043625 _____ C:\Users\Tajon\Desktop\Addition.txt
2014-01-12 14:03 - 2014-01-12 14:03 - 00000000 ____D C:\FRST
2014-01-12 13:59 - 2014-01-12 13:59 - 00000000 ____D C:\Program Files (x86)\Hijack
2014-01-12 13:33 - 2014-01-12 13:33 - 00602112 _____ (OldTimer Tools) C:\Users\Tajon\Desktop\OTL.scr
2014-01-12 13:31 - 2014-01-12 13:31 - 02075136 _____ (Farbar) C:\Users\Tajon\Desktop\FRST64.exe
2014-01-12 13:30 - 2014-01-12 13:30 - 00377856 _____ C:\Users\Tajon\Desktop\v2zsmi7b.exe
2014-01-12 13:28 - 2014-01-12 13:28 - 00148376 _____ C:\Users\Tajon\Documents\cc_20140112_132832.reg
2014-01-12 13:27 - 2013-11-24 21:03 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Pro
2014-01-12 13:14 - 2011-12-27 18:11 - 00000000 ____D C:\Users\Tajon
2014-01-12 13:12 - 2013-12-14 01:43 - 00000000 ____D C:\Users\elephant
2014-01-12 13:12 - 2013-10-04 16:02 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-12 13:12 - 2012-02-27 18:00 - 00000000 ____D C:\Users\poker
2014-01-12 13:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2014-01-12 13:06 - 2013-10-04 16:06 - 00000000 ____D C:\ProgramData\Oracle
2014-01-12 13:05 - 2013-11-22 21:19 - 00000000 ____D C:\Users\Tajon\AppData\Local\CrashDumps
2014-01-12 12:59 - 2014-01-12 12:57 - 00015367 _____ C:\Windows\WindowsUpdate.log
2014-01-12 12:59 - 2014-01-12 11:03 - 00000000 ____D C:\AdwCleaner
2014-01-12 12:59 - 2009-07-14 05:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-12 12:59 - 2009-07-14 05:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-12 12:53 - 2013-05-07 11:38 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\foobar2000
2014-01-12 12:51 - 2014-01-12 12:51 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 12:46 - 2012-01-17 05:04 - 00000000 ____D C:\Windows\Minidump
2014-01-12 12:18 - 2014-01-12 12:16 - 00000000 ___SD C:\ComboFix
2014-01-12 12:16 - 2014-01-12 12:09 - 00000000 ____D C:\Qoobox
2014-01-12 12:09 - 2014-01-12 12:09 - 00000000 ____D C:\Windows\erdnt
2014-01-12 10:56 - 2012-04-04 01:14 - 00001042 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-12 10:55 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-12 10:53 - 2012-04-04 01:14 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-12 09:22 - 2014-01-12 09:22 - 00915368 _____ (Oracle Corporation) C:\Users\Tajon\Desktop\chromeinstall-7u45.exe
2014-01-12 02:12 - 2013-02-23 18:23 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-11 21:36 - 2012-08-17 19:07 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1281161299-3748696522-1358860833-1001UA.job
2014-01-11 19:36 - 2012-08-17 19:07 - 00001002 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1281161299-3748696522-1358860833-1001Core.job
2014-01-11 03:51 - 2013-11-22 21:15 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\Opencl
2014-01-11 03:15 - 2014-01-11 03:15 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-11 01:29 - 2014-01-11 01:29 - 00000000 ____D C:\Program Files (x86)\HijackThis
2014-01-11 01:16 - 2014-01-11 01:16 - 00000958 _____ C:\Users\Tajon\Documents\cc_20140111_011634.reg
2014-01-11 01:11 - 2013-12-20 22:33 - 00000000 ____D C:\Users\Tajon\AppData\Local\SKIDROW
2014-01-11 01:00 - 2012-01-28 21:57 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\OpenOffice.org2
2014-01-11 00:59 - 2013-01-23 14:38 - 00000000 ____D C:\Users\Tajon\Desktop\Beaty
2014-01-11 00:58 - 2012-11-11 14:39 - 00000000 ____D C:\Users\Tajon\Desktop\Reason Beaty
2014-01-10 02:03 - 2014-01-10 02:03 - 00000964 _____ C:\Users\Tajon\Desktop\Nowy dokument tekstowy.txt
2014-01-09 01:35 - 2014-01-09 01:34 - 51019822 _____ C:\Users\Tajon\Desktop\The Spinners - Smile, We Have Each Other.wav
2014-01-09 00:31 - 2014-01-05 15:11 - 00000000 ____D C:\Users\Tajon\Documents\VirtualDJ
2014-01-08 18:35 - 2013-11-21 15:29 - 00117280 _____ C:\Users\Tajon\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-08 18:35 - 2009-07-14 05:45 - 00458920 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-08 17:26 - 2014-01-08 17:26 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2014-01-05 19:40 - 2014-01-05 19:36 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\Synthesia
2014-01-05 19:36 - 2014-01-05 19:36 - 00000000 ____D C:\Program Files (x86)\Synthesia
2014-01-05 19:35 - 2014-01-05 19:32 - 00000000 __SHD C:\Users\Tajon\AppData\Roaming\.#
2014-01-05 15:11 - 2014-01-05 15:11 - 00000570 _____ C:\Users\poker\Desktop\Virtual DJ Pro.lnk
2014-01-05 15:11 - 2014-01-05 15:11 - 00000570 _____ C:\Users\elephant\Desktop\Virtual DJ Pro.lnk
2014-01-04 00:36 - 2013-01-20 17:09 - 00000000 ____D C:\Users\Tajon\Desktop\Tapety
2014-01-03 21:39 - 2013-11-06 02:55 - 00000000 ___HD C:\_acestream_cache_
2014-01-03 21:36 - 2014-01-03 21:31 - 00000161 _____ C:\Users\Tajon\Documents\PrawkoB2013P.tmp
2014-01-03 21:31 - 2014-01-03 21:31 - 00000094 _____ C:\Users\Tajon\Documents\PrawkoB2013P.ini
2014-01-03 19:49 - 2013-11-24 20:56 - 00000000 ____D C:\Users\Tajon\AppData\Local\Nero
2014-01-01 18:16 - 2013-11-06 02:55 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\.ACEStream
2014-01-01 16:11 - 2013-11-06 02:50 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\ACEStream
2013-12-31 01:29 - 2011-12-28 20:38 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-12-30 01:20 - 2013-11-25 20:46 - 00000000 ____D C:\Program Files (x86)\Grupa IMAGE
2013-12-30 00:57 - 2013-11-19 23:34 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\Raptr
2013-12-29 21:08 - 2011-04-12 14:21 - 09594804 _____ C:\Windows\system32\perfh015.dat
2013-12-29 21:08 - 2011-04-12 14:21 - 03234038 _____ C:\Windows\system32\perfc015.dat
2013-12-29 21:08 - 2009-07-14 06:13 - 00006456 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-29 03:08 - 2013-11-12 23:48 - 00000000 ____D C:\Users\Tajon\Documents\FIFA 14
2013-12-29 00:39 - 2013-12-29 00:39 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2013-12-29 00:39 - 2013-12-29 00:39 - 00000000 ____D C:\Users\Tajon\AppData\Local\WarThunder
2013-12-29 00:39 - 2013-12-29 00:39 - 00000000 ____D C:\ProgramData\WarThunder
2013-12-29 00:39 - 2011-12-28 15:01 - 00000000 ____D C:\Users\Tajon\Documents\My Games
2013-12-26 19:50 - 2012-01-04 17:31 - 00000000 ____D C:\Users\Tajon\Documents\Deluxe Ski Jump 4
2013-12-26 15:03 - 2013-12-05 01:59 - 00000000 ____D C:\Users\Tajon\AppData\Local\DOSBox
2013-12-25 14:01 - 2013-12-25 12:39 - 499477558 _____ C:\Users\Tajon\Desktop\FMH14v503-youme-androidowka.rar
2013-12-25 13:32 - 2013-12-25 13:32 - 00009452 _____ C:\Users\Tajon\Documents\cc_20131225_133236.reg
2013-12-25 13:32 - 2013-11-24 21:03 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\DAEMON Tools Pro
2013-12-25 13:32 - 2011-12-28 13:53 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\DAEMON Tools Lite
2013-12-25 13:32 - 2011-12-28 01:03 - 00000000 ____D C:\Windows\Panther
2013-12-24 18:35 - 2013-12-24 18:13 - 402796194 _____ C:\Users\Tajon\Desktop\Mafia_2_Spolszczenie.rar
2013-12-24 16:30 - 2013-12-24 16:30 - 00000000 ____D C:\Users\Tajon\Desktop\Nowy folder (2)
2013-12-23 23:16 - 2013-12-23 23:16 - 00000000 ____D C:\Users\Tajon\Desktop\Nowy folder
2013-12-20 22:34 - 2013-12-20 22:33 - 00000000 ____D C:\Users\Tajon\AppData\Local\Urban Trial Freestyle
2013-12-20 12:27 - 2013-11-19 23:34 - 00000000 ____D C:\Program Files (x86)\Raptr
2013-12-17 12:11 - 2013-12-17 12:11 - 57355822 _____ C:\Users\Tajon\Desktop\Fr.Chopin - Nokturn f-moll op.55 nr 1.wav
2013-12-16 19:04 - 2012-01-27 21:26 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-12-15 02:27 - 2009-07-14 06:08 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-14 22:45 - 2013-08-14 15:49 - 00000000 ____D C:\Windows\system32\MRT
2013-12-14 18:39 - 2013-12-14 18:39 - 39601198 _____ C:\Users\Tajon\Desktop\Mikis Theodorakis- Maria Farantouri_ MARINA - ΜΑΡΙΝΑ.wav
2013-12-14 18:38 - 2013-12-14 18:38 - 10404910 _____ C:\Users\Tajon\Desktop\Take me Home (Tol & Tol).wav
2013-12-14 18:36 - 2013-12-14 18:36 - 40006702 _____ C:\Users\Tajon\Desktop\Tol & Tol (The Netherlands) - Sedalia.wav
2013-12-14 01:43 - 2013-12-14 01:43 - 00000715 _____ C:\Users\poker\Desktop\Deus Ex PL.lnk
2013-12-14 01:43 - 2013-12-14 01:43 - 00000715 _____ C:\Users\elephant\Desktop\Deus Ex PL.lnk
2013-12-14 01:43 - 2013-12-14 01:43 - 00000000 ____D C:\Users\Tajon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Deus Ex
2013-12-14 01:27 - 2013-12-14 01:27 - 00000000 ____D C:\Program Files (x86)\directx
2013-12-14 00:21 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-09 14:11

==================== End Of Log ============================