Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014 Ran by Dominik (administrator) on MALINKA on 05-01-2014 20:30:19 Running from C:\Users\Dominik\Downloads\LOGS Windows 8.1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\Windows\System32\mspaint.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-12] (IDT, Inc.) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-29] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [BtTray] - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation) HKLM-x32\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-13] (Flexera Software LLC.) HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PPort12reminder] - C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini [377 2013-12-27] () HKLM-x32\...\Run: [PDFHook] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-11-03] (RealNetworks, Inc.) HKLM-x32\...\Run: [HPMessageService] - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] - C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe [77088 2013-07-24] (Hewlett-Packard Company) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-09] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2011-11-28] (CyberLink Corp.) HKLM\...\RunOnce: [NCPluginUpdater] - "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard) HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-13] (Flexera Software LLC.) HKCU\...\Run: [GarminExpressTrayApp] - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093976 2013-09-19] (Garmin Ltd or its subsidiaries) HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) Startup: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StarOffice 7.lnk ShortcutTarget: StarOffice 7.lnk -> C:\Program Files (x86)\StarOffice7\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPNOT13/1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1 SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75 FireFox: ======== FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\by5btxqo.default-1387910225292 FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll () FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.) FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll () FF Plugin-x32: nuance.com/DragonRIAPlugin - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll (Nuance Communications Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wolnelektury-pl.xml FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi FF Extension: Dragon NaturallySpeaking Rich Internet Application Support - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi FF Extension: Dragon NaturallySpeaking Rich Internet Application Support - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-29] (Advanced Micro Devices, Inc.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-09] (Avira Operations GmbH & Co. KG) R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1619704 2013-03-26] (IVT Corporation) R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-12] (WildTangent) R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries) R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.) R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-11-03] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows (R) Win 7 DDK provider) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation) U4 BthAvrcpTg; U4 BthHFEnum; U4 bthhfhid; S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation) R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-12-26] (Disc Soft Ltd) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2013-11-12] (Realtek Semiconductor Corp.) R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1149232 2013-03-09] (Ralink Technology, Corp.) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation) R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2013-11-12] (Synaptics Incorporated) S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33008 2013-04-05] (Synaptics Incorporated) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-05 16:38 - 2014-01-05 16:38 - 06951048 _____ (Microsoft Corporation) C:\Users\Dominik\Downloads\Silverlight.exe 2014-01-04 15:58 - 2014-01-05 13:01 - 00000000 ____D C:\Users\Dominik\Desktop\Weronika 2013-12-26 16:07 - 2013-12-26 16:07 - 00000000 ____D C:\Users\Dominik\Documents\Electronic Arts 2013-12-26 16:03 - 2013-12-26 16:03 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE 2013-12-26 16:03 - 2008-09-04 13:17 - 00447752 ____R (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll 2013-12-26 16:02 - 2013-12-26 16:02 - 00002114 _____ C:\Users\Public\Desktop\The Sims™ 3.lnk 2013-12-26 16:02 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll 2013-12-26 16:02 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll 2013-12-26 15:56 - 2013-12-26 15:56 - 00000000 ____D C:\Program Files (x86)\Electronic Arts 2013-12-26 15:50 - 2013-12-26 15:53 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\DAEMON Tools Lite 2013-12-26 15:50 - 2013-12-26 15:50 - 00283064 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys 2013-12-26 15:50 - 2013-12-26 15:50 - 00001973 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2013-12-26 15:50 - 2013-12-26 15:50 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite 2013-12-26 15:49 - 2013-12-26 15:54 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2013-12-26 15:49 - 2013-12-26 15:49 - 13485616 _____ (Disc Soft Ltd) C:\Users\Dominik\Downloads\daemon-tools-4.48.1(1).exe 2013-12-26 15:48 - 2013-12-26 15:48 - 00486832 _____ C:\Users\Dominik\Downloads\daemon-tools-4.48.1.exe 2013-12-26 13:54 - 2013-12-26 13:54 - 00002090 _____ C:\Users\Dominik\Downloads\Activity.CSV 2013-12-25 23:39 - 2013-12-25 23:39 - 00000000 ____D C:\Users\Public\Documents\CyberLink 2013-12-25 12:43 - 2013-12-25 12:43 - 00000000 ____D C:\Users\Dominik\Documents\Avatar 2013-12-25 12:41 - 2013-12-25 12:42 - 00979928 _____ (CyberLink) C:\Users\Dominik\Downloads\CyberLink_YouCam_Downloader.exe 2013-12-25 12:40 - 2013-12-25 12:40 - 00001382 _____ C:\Users\Public\Desktop\CyberLink YouCam 5.lnk 2013-12-25 12:40 - 2011-04-13 22:47 - 00031216 _____ (CyberLink Corporation) C:\WINDOWS\system32\Drivers\clwvd.sys 2013-12-25 12:32 - 2013-12-25 12:37 - 160410373 _____ C:\Users\Dominik\Downloads\c5d.zip 2013-12-25 12:27 - 2013-12-25 12:27 - 00000000 ____D C:\ProgramData\SUPPORTDIR 2013-12-25 12:06 - 2013-12-25 12:06 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-12-25 12:04 - 2013-12-25 12:06 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk 2013-12-25 12:03 - 2013-12-25 12:03 - 19337216 _____ C:\Users\Dominik\Downloads\SkypeSetup_5.10.0.116.msi 2013-12-25 11:14 - 2014-01-05 20:11 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype 2013-12-25 11:14 - 2013-12-25 12:06 - 00000000 ____D C:\ProgramData\Skype 2013-12-25 11:11 - 2013-12-25 11:11 - 01551008 _____ (Skype Technologies S.A.) C:\Users\Dominik\Downloads\SkypeSetup.exe 2013-12-24 13:37 - 2013-12-24 13:37 - 00000000 ____D C:\Users\Dominik\Desktop\Old Firefox Data 2013-12-24 12:58 - 2013-12-24 14:00 - 00028543 _____ C:\Users\Dominik\Downloads\Addition.txt 2013-12-24 12:57 - 2013-12-24 14:00 - 00050591 _____ C:\Users\Dominik\Downloads\FRST.txt 2013-12-24 11:51 - 2014-01-05 20:13 - 00000000 ____D C:\FRST 2013-12-24 11:46 - 2013-12-24 11:46 - 00868491 _____ (Farbar) C:\Users\Dominik\Downloads\ListParts64.exe 2013-12-22 12:51 - 2013-12-26 21:59 - 00000000 ____D C:\Filmy 2013-12-22 12:48 - 2013-12-22 12:48 - 00000906 _____ C:\Users\Dominik\Desktop\µTorrent.lnk 2013-12-22 12:48 - 2013-12-22 12:48 - 00000886 _____ C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2013-12-22 12:16 - 2013-12-22 12:16 - 00000000 ____D C:\Users\dom\AppData\Roaming\Macromedia 2013-12-22 12:16 - 2013-12-22 12:16 - 00000000 ____D C:\Users\dom\AppData\Local\Macromedia 2013-12-22 12:15 - 2013-12-22 12:15 - 00000000 ____D C:\Users\dom\AppData\Roaming\Mozilla 2013-12-22 12:15 - 2013-12-22 12:15 - 00000000 ____D C:\Users\dom\AppData\Local\Mozilla 2013-12-22 11:18 - 2013-12-22 12:20 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3442084834-3400189357-3585569311-1007 2013-12-22 11:18 - 2013-12-22 11:18 - 00000000 ____D C:\Users\dom\AppData\Roaming\Avira 2013-12-22 11:14 - 2013-12-22 11:14 - 00000000 ____D C:\Users\dom\AppData\Roaming\ATI 2013-12-22 11:14 - 2013-12-22 11:14 - 00000000 ____D C:\Users\dom\AppData\Local\ATI 2013-12-22 11:14 - 2013-12-22 11:14 - 00000000 ____D C:\Users\dom\AppData\Local\AMD 2013-12-22 11:13 - 2013-12-22 11:13 - 00000000 ____D C:\Users\dom\Documents\Bluetooth 2013-12-22 11:13 - 2013-12-22 11:13 - 00000000 ____D C:\Users\dom\AppData\Roaming\Real 2013-12-22 11:13 - 2013-12-22 11:13 - 00000000 ____D C:\Users\dom\AppData\Roaming\ControlCenter4 2013-12-22 11:13 - 2013-12-22 11:13 - 00000000 ____D C:\Users\dom\AppData\Local\Hewlett-Packard 2013-12-22 11:13 - 2013-12-22 11:13 - 00000000 ____D C:\Users\dom\AppData\Local\bluesoleil 2013-12-22 11:12 - 2013-12-22 11:16 - 00000000 ____D C:\Users\dom\AppData\Local\Packages 2013-12-22 11:12 - 2013-12-22 11:12 - 00001453 _____ C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-12-22 11:12 - 2013-12-22 11:12 - 00000020 ___SH C:\Users\dom\ntuser.ini 2013-12-22 11:12 - 2013-12-22 11:12 - 00000000 ___RD C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-12-22 11:12 - 2013-12-22 11:12 - 00000000 ___RD C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-12-22 11:12 - 2013-12-22 11:12 - 00000000 ____D C:\Users\dom\AppData\Roaming\Synaptics 2013-12-22 11:12 - 2013-12-22 11:12 - 00000000 ____D C:\Users\dom\AppData\Roaming\Adobe 2013-12-22 11:12 - 2013-12-22 11:12 - 00000000 ____D C:\Users\dom\AppData\Local\VirtualStore 2013-12-22 11:12 - 2013-12-22 11:12 - 00000000 ____D C:\Users\dom 2013-12-22 11:12 - 2013-11-03 00:17 - 00000000 ____D C:\Users\dom\Documents\hp.system.package.metadata 2013-12-22 11:12 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-12-22 11:12 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-12-22 11:12 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-12-22 11:12 - 2013-08-22 10:36 - 00000000 ____D C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-12-21 21:03 - 2013-12-21 21:03 - 00063359 _____ C:\Users\Dominik\Downloads\Despicable.Me.2010.1080p.BluRay.x264.YIFY.srt 2013-12-21 20:51 - 2013-12-21 20:52 - 00000000 ____D C:\WINDOWS\SysWOW64\C2MP 2013-12-21 20:51 - 2013-12-21 20:51 - 22145896 _____ (Windows 8 - Codec Pack) C:\Users\Dominik\Downloads\windows.8.codec.pack.v2.0.1.setup.exe 2013-12-21 20:48 - 2013-12-21 22:45 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\BESTplayer 2013-12-21 20:45 - 2013-12-21 20:46 - 01093632 _____ (Karol Winnicki) C:\Users\Dominik\Downloads\BESTplayer.exe 2013-12-21 20:37 - 2013-12-26 15:45 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\uTorrent 2013-12-21 20:37 - 2013-12-21 20:37 - 01340496 _____ (BitTorrent Inc.) C:\Users\Dominik\Downloads\utorrent.exe 2013-12-21 15:40 - 2013-12-21 15:41 - 00915368 _____ (Oracle Corporation) C:\Users\Dominik\Downloads\jxpiinstall(1).exe 2013-12-21 15:38 - 2013-12-21 15:38 - 00001170 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-12-21 15:38 - 2013-12-21 15:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-12-21 15:37 - 2013-12-21 15:37 - 24039048 _____ (Mozilla) C:\Users\Dominik\Downloads\Firefox_Setup_26.0.exe 2013-12-21 14:51 - 2013-12-25 10:28 - 00000000 ____D C:\AdwCleaner 2013-12-21 12:10 - 2013-12-21 12:11 - 00280680 _____ C:\WINDOWS\Minidump\122113-43062-01.dmp 2013-12-21 12:10 - 2013-12-21 12:10 - 1246164907 _____ C:\WINDOWS\MEMORY.DMP 2013-12-19 23:19 - 2013-12-21 15:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-12-19 22:49 - 2013-12-19 22:49 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Avira 2013-12-19 22:46 - 2013-12-19 22:46 - 00002093 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-12-19 22:46 - 2013-12-19 22:46 - 00000000 ____D C:\ProgramData\Avira 2013-12-19 22:46 - 2013-12-19 22:46 - 00000000 ____D C:\Program Files (x86)\Avira 2013-12-19 22:46 - 2013-12-09 11:37 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2013-12-19 22:46 - 2013-12-09 11:37 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2013-12-19 22:46 - 2013-12-09 11:37 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2013-12-19 22:46 - 2013-12-09 11:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2013-12-19 22:37 - 2013-12-19 22:40 - 129564536 _____ C:\Users\Dominik\Downloads\avira_free_antivirus_en.exe 2013-12-19 22:31 - 2013-11-11 18:41 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-12-19 22:31 - 2013-11-11 18:40 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-12-19 22:31 - 2013-11-11 18:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2013-12-19 22:31 - 2013-11-11 18:24 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2013-12-19 22:31 - 2013-11-10 21:48 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2013-12-19 22:31 - 2013-11-09 06:55 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2013-12-19 22:31 - 2013-11-09 01:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2013-12-19 22:31 - 2013-11-09 00:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2013-12-19 22:31 - 2013-11-08 05:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2013-12-19 22:31 - 2013-11-07 23:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2013-12-19 22:31 - 2013-11-07 23:28 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2013-12-19 22:31 - 2013-11-07 23:26 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2013-12-19 22:31 - 2013-11-07 23:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2013-12-19 22:31 - 2013-11-07 23:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2013-12-19 22:31 - 2013-11-07 23:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2013-12-19 22:31 - 2013-11-07 22:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2013-12-19 22:31 - 2013-11-07 22:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2013-12-19 22:31 - 2013-11-05 09:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2013-12-19 22:31 - 2013-11-05 09:03 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2013-12-19 22:31 - 2013-11-05 08:57 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2013-12-19 22:31 - 2013-11-05 08:33 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2013-12-19 22:31 - 2013-11-05 08:32 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2013-12-19 22:31 - 2013-11-04 12:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2013-12-19 22:31 - 2013-11-04 12:13 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2013-12-19 22:31 - 2013-11-04 08:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2013-12-19 22:31 - 2013-11-04 06:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2013-12-19 22:31 - 2013-11-04 05:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2013-12-19 22:31 - 2013-11-03 21:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2013-12-19 22:31 - 2013-11-03 20:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2013-12-19 22:31 - 2013-11-01 06:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2013-12-19 22:31 - 2013-11-01 01:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2013-12-19 22:31 - 2013-11-01 00:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2013-12-19 22:31 - 2013-10-30 19:58 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2013-12-19 22:31 - 2013-10-30 19:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2013-12-19 22:31 - 2013-10-30 19:33 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2013-12-19 22:31 - 2013-10-30 19:33 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2013-12-19 22:31 - 2013-10-30 19:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2013-12-19 22:31 - 2013-10-30 19:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2013-12-19 22:31 - 2013-10-25 20:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys 2013-12-19 22:31 - 2013-10-24 04:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2013-12-19 22:31 - 2013-10-24 04:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2013-12-19 22:31 - 2013-10-19 03:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2013-12-19 22:31 - 2013-10-19 02:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2013-12-19 22:31 - 2013-10-17 06:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2013-12-19 22:31 - 2013-10-17 05:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2013-12-19 22:31 - 2013-10-05 09:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2013-12-19 22:31 - 2013-10-05 09:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2013-12-19 22:31 - 2013-10-05 07:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2013-12-19 22:31 - 2013-10-05 07:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2013-12-19 22:29 - 2013-11-26 06:54 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2013-12-19 22:29 - 2013-11-26 05:11 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2013-12-19 22:29 - 2013-11-26 04:41 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2013-12-19 22:29 - 2013-11-26 03:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2013-12-19 22:29 - 2013-11-26 03:38 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2013-12-19 22:29 - 2013-11-26 03:35 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2013-12-19 22:29 - 2013-11-26 03:16 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2013-12-19 22:29 - 2013-11-26 03:02 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2013-12-19 22:29 - 2013-11-26 02:48 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2013-12-19 22:29 - 2013-11-26 02:32 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2013-12-19 22:29 - 2013-11-26 02:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2013-12-19 22:29 - 2013-11-26 02:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2013-12-19 22:29 - 2013-11-26 01:40 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2013-12-19 22:29 - 2013-11-26 01:34 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2013-12-19 22:29 - 2013-11-26 01:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2013-12-19 22:29 - 2013-11-26 01:33 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2013-12-19 22:29 - 2013-11-26 01:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2013-12-19 22:29 - 2013-11-22 23:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2013-12-19 22:29 - 2013-11-22 23:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2013-12-19 22:29 - 2013-11-22 22:32 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2013-12-19 22:29 - 2013-11-22 22:10 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2013-12-19 22:29 - 2013-11-08 02:21 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2013-12-19 22:29 - 2013-10-15 03:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2013-12-19 22:29 - 2013-10-15 03:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2013-12-19 22:28 - 2013-11-09 01:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2013-12-19 22:28 - 2013-11-09 01:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2013-12-19 22:28 - 2013-11-09 00:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2013-12-17 12:22 - 2013-12-21 12:10 - 00000000 ____D C:\WINDOWS\Minidump 2013-12-15 19:37 - 2013-12-15 19:37 - 00014951 _____ C:\Users\Dominik\Downloads\Clarinda visit Dec17th.xlsx 2013-12-15 19:35 - 2013-12-15 19:35 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-12-15 19:34 - 2013-12-15 19:43 - 00000000 ____D C:\ProgramData\Adobe 2013-12-15 19:33 - 2013-12-15 19:42 - 00000000 ____D C:\Users\Dominik\AppData\Local\Adobe ==================== One Month Modified Files and Folders ======= 2014-01-05 20:22 - 2013-11-02 14:39 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9D0F8905-051E-4D54-A719-229068DFCBC9} 2014-01-05 20:13 - 2013-12-24 11:51 - 00000000 ____D C:\FRST 2014-01-05 20:11 - 2013-12-25 11:14 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype 2014-01-05 20:02 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\sru 2014-01-05 20:01 - 2013-11-03 21:56 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-01-05 16:38 - 2014-01-05 16:38 - 06951048 _____ (Microsoft Corporation) C:\Users\Dominik\Downloads\Silverlight.exe 2014-01-05 16:04 - 2013-11-12 22:12 - 00000000 _____ C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-01-05 16:04 - 2013-11-12 21:11 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log 2014-01-05 16:03 - 2013-03-22 12:00 - 00000983 _____ C:\WINDOWS\SysWOW64\bscs.ini 2014-01-05 16:00 - 2013-10-16 12:20 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI 2014-01-05 16:00 - 2013-10-16 12:20 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI 2014-01-05 14:58 - 2013-11-02 14:46 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3442084834-3400189357-3585569311-1002 2014-01-05 13:11 - 2013-11-02 17:08 - 00000000 ____D C:\Users\Dominik\Documents\Youcam 2014-01-05 13:01 - 2014-01-04 15:58 - 00000000 ____D C:\Users\Dominik\Desktop\Weronika 2014-01-05 12:46 - 2013-11-03 00:27 - 01241162 _____ C:\WINDOWS\WindowsUpdate.log 2014-01-04 17:24 - 2013-11-03 10:52 - 00045056 ___SH C:\Users\Dominik\Desktop\Thumbs.db 2014-01-03 14:03 - 2013-11-12 22:11 - 00003174 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDominik 2014-01-03 14:03 - 2013-11-12 22:11 - 00000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDominik.job 2014-01-03 13:24 - 2013-11-19 19:58 - 00003342 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3442084834-3400189357-3585569311-1002 2014-01-03 13:24 - 2013-11-19 19:58 - 00003290 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3442084834-3400189357-3585569311-1002 2013-12-31 10:48 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2013-12-30 18:19 - 2013-11-03 17:41 - 00000000 ____D C:\Users\Dominik\AppData\Local\CrashDumps 2013-12-27 12:01 - 2013-11-03 00:44 - 00000000 __RDO C:\Users\Dominik\SkyDrive 2013-12-27 11:57 - 2013-11-03 00:13 - 00000000 ____D C:\Users\Dominik 2013-12-27 11:57 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-12-27 11:56 - 2013-09-29 22:55 - 02947974 _____ C:\WINDOWS\PFRO.log 2013-12-26 21:59 - 2013-12-22 12:51 - 00000000 ____D C:\Filmy 2013-12-26 16:07 - 2013-12-26 16:07 - 00000000 ____D C:\Users\Dominik\Documents\Electronic Arts 2013-12-26 16:03 - 2013-12-26 16:03 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE 2013-12-26 16:02 - 2013-12-26 16:02 - 00002114 _____ C:\Users\Public\Desktop\The Sims™ 3.lnk 2013-12-26 16:02 - 2013-04-27 21:45 - 00000397 _____ C:\WINDOWS\DirectX.log 2013-12-26 15:56 - 2013-12-26 15:56 - 00000000 ____D C:\Program Files (x86)\Electronic Arts 2013-12-26 15:56 - 2013-04-27 21:51 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-12-26 15:54 - 2013-12-26 15:49 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2013-12-26 15:54 - 2013-09-29 23:04 - 00956476 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-12-26 15:53 - 2013-12-26 15:50 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\DAEMON Tools Lite 2013-12-26 15:50 - 2013-12-26 15:50 - 00283064 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys 2013-12-26 15:50 - 2013-12-26 15:50 - 00001973 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2013-12-26 15:50 - 2013-12-26 15:50 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite 2013-12-26 15:49 - 2013-12-26 15:49 - 13485616 _____ (Disc Soft Ltd) C:\Users\Dominik\Downloads\daemon-tools-4.48.1(1).exe 2013-12-26 15:48 - 2013-12-26 15:48 - 00486832 _____ C:\Users\Dominik\Downloads\daemon-tools-4.48.1.exe 2013-12-26 15:45 - 2013-12-21 20:37 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\uTorrent 2013-12-26 13:54 - 2013-12-26 13:54 - 00002090 _____ C:\Users\Dominik\Downloads\Activity.CSV 2013-12-25 23:39 - 2013-12-25 23:39 - 00000000 ____D C:\Users\Public\Documents\CyberLink 2013-12-25 12:43 - 2013-12-25 12:43 - 00000000 ____D C:\Users\Dominik\Documents\Avatar 2013-12-25 12:42 - 2013-12-25 12:41 - 00979928 _____ (CyberLink) C:\Users\Dominik\Downloads\CyberLink_YouCam_Downloader.exe 2013-12-25 12:40 - 2013-12-25 12:40 - 00001382 _____ C:\Users\Public\Desktop\CyberLink YouCam 5.lnk 2013-12-25 12:40 - 2013-08-22 09:46 - 00297509 _____ C:\WINDOWS\setupact.log 2013-12-25 12:39 - 2013-10-16 12:32 - 00000000 ____D C:\Program Files (x86)\CyberLink 2013-12-25 12:38 - 2013-10-16 12:46 - 00000000 ____D C:\ProgramData\install_clap 2013-12-25 12:37 - 2013-12-25 12:32 - 160410373 _____ C:\Users\Dominik\Downloads\c5d.zip 2013-12-25 12:37 - 2012-01-19 16:21 - 00000000 ____D C:\Users\Dominik\Downloads\CLYC_5_Deluxe_5.0.1129 2013-12-25 12:27 - 2013-12-25 12:27 - 00000000 ____D C:\ProgramData\SUPPORTDIR 2013-12-25 12:23 - 2013-10-16 12:31 - 00000000 ____D C:\ProgramData\CyberLink 2013-12-25 12:06 - 2013-12-25 12:06 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-12-25 12:06 - 2013-12-25 12:04 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk 2013-12-25 12:06 - 2013-12-25 11:14 - 00000000 ____D C:\ProgramData\Skype 2013-12-25 12:03 - 2013-12-25 12:03 - 19337216 _____ C:\Users\Dominik\Downloads\SkypeSetup_5.10.0.116.msi 2013-12-25 11:13 - 2013-11-02 14:38 - 00000000 ____D C:\Users\Dominik\AppData\Local\Packages 2013-12-25 11:11 - 2013-12-25 11:11 - 01551008 _____ (Skype Technologies S.A.) C:\Users\Dominik\Downloads\SkypeSetup.exe 2013-12-25 10:34 - 2013-08-22 08:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2013-12-25 10:28 - 2013-12-21 14:51 - 00000000 ____D C:\AdwCleaner 2013-12-24 14:00 - 2013-12-24 12:58 - 00028543 _____ C:\Users\Dominik\Downloads\Addition.txt 2013-12-24 14:00 - 2013-12-24 12:57 - 00050591 _____ C:\Users\Dominik\Downloads\FRST.txt 2013-12-24 13:37 - 2013-12-24 13:37 - 00000000 ____D C:\Users\Dominik\Desktop\Old Firefox Data 2013-12-24 13:36 - 2013-11-03 14:23 - 00001742 _____ C:\Users\Dominik\Desktop\Internet home.txt 2013-12-24 11:46 - 2013-12-24 11:46 - 00868491 _____ (Farbar) C:\Users\Dominik\Downloads\ListParts64.exe 2013-12-23 23:55 - 2013-11-02 14:39 - 00000000 ___RD C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-12-22 12:48 - 2013-12-22 12:48 - 00000906 _____ C:\Users\Dominik\Desktop\µTorrent.lnk 2013-12-22 12:48 - 2013-12-22 12:48 - 00000886 _____ C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2013-12-22 12:20 - 2013-12-22 11:18 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3442084834-3400189357-3585569311-1007 2013-12-22 12:16 - 2013-12-22 12:16 - 00000000 ____D C:\Users\dom\AppData\Roaming\Macromedia 2013-12-22 12:16 - 2013-12-22 12:16 - 00000000 ____D C:\Users\dom\AppData\Local\Macromedia 2013-12-22 12:15 - 2013-12-22 12:15 - 00000000 ____D C:\Users\dom\AppData\Roaming\Mozilla 2013-12-22 12:15 - 2013-12-22 12:15 - 00000000 ____D C:\Users\dom\AppData\Local\Mozilla 2013-12-22 11:18 - 2013-12-22 11:18 - 00000000 ____D C:\Users\dom\AppData\Roaming\Avira 2013-12-22 11:16 - 2013-12-22 11:12 - 00000000 ____D C:\Users\dom\AppData\Local\Packages 2013-12-22 11:14 - 2013-12-22 11:14 - 00000000 ____D C:\Users\dom\AppData\Roaming\ATI 2013-12-22 11:14 - 2013-12-22 11:14 - 00000000 ____D C:\Users\dom\AppData\Local\ATI 2013-12-22 11:14 - 2013-12-22 11:14 - 00000000 ____D C:\Users\dom\AppData\Local\AMD 2013-12-22 11:13 - 2013-12-22 11:13 - 00000000 ____D C:\Users\dom\Documents\Bluetooth 2013-12-22 11:13 - 2013-12-22 11:13 - 00000000 ____D C:\Users\dom\AppData\Roaming\Real 2013-12-22 11:13 - 2013-12-22 11:13 - 00000000 ____D C:\Users\dom\AppData\Roaming\ControlCenter4 2013-12-22 11:13 - 2013-12-22 11:13 - 00000000 ____D C:\Users\dom\AppData\Local\Hewlett-Packard 2013-12-22 11:13 - 2013-12-22 11:13 - 00000000 ____D C:\Users\dom\AppData\Local\bluesoleil 2013-12-22 11:13 - 2013-11-03 00:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD 2013-12-22 11:12 - 2013-12-22 11:12 - 00001453 _____ C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-12-22 11:12 - 2013-12-22 11:12 - 00000020 ___SH C:\Users\dom\ntuser.ini 2013-12-22 11:12 - 2013-12-22 11:12 - 00000000 ___RD C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-12-22 11:12 - 2013-12-22 11:12 - 00000000 ___RD C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-12-22 11:12 - 2013-12-22 11:12 - 00000000 ____D C:\Users\dom\AppData\Roaming\Synaptics 2013-12-22 11:12 - 2013-12-22 11:12 - 00000000 ____D C:\Users\dom\AppData\Roaming\Adobe 2013-12-22 11:12 - 2013-12-22 11:12 - 00000000 ____D C:\Users\dom\AppData\Local\VirtualStore 2013-12-22 11:12 - 2013-12-22 11:12 - 00000000 ____D C:\Users\dom 2013-12-21 22:45 - 2013-12-21 20:48 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\BESTplayer 2013-12-21 21:03 - 2013-12-21 21:03 - 00063359 _____ C:\Users\Dominik\Downloads\Despicable.Me.2010.1080p.BluRay.x264.YIFY.srt 2013-12-21 20:52 - 2013-12-21 20:51 - 00000000 ____D C:\WINDOWS\SysWOW64\C2MP 2013-12-21 20:51 - 2013-12-21 20:51 - 22145896 _____ (Windows 8 - Codec Pack) C:\Users\Dominik\Downloads\windows.8.codec.pack.v2.0.1.setup.exe 2013-12-21 20:46 - 2013-12-21 20:45 - 01093632 _____ (Karol Winnicki) C:\Users\Dominik\Downloads\BESTplayer.exe 2013-12-21 20:37 - 2013-12-21 20:37 - 01340496 _____ (BitTorrent Inc.) C:\Users\Dominik\Downloads\utorrent.exe 2013-12-21 16:06 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\rescache 2013-12-21 15:42 - 2013-11-12 22:23 - 00000000 ____D C:\ProgramData\Oracle 2013-12-21 15:42 - 2013-11-12 22:22 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2013-12-21 15:42 - 2013-11-12 22:21 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2013-12-21 15:42 - 2013-11-12 20:50 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2013-12-21 15:42 - 2013-11-12 20:50 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2013-12-21 15:41 - 2013-12-21 15:40 - 00915368 _____ (Oracle Corporation) C:\Users\Dominik\Downloads\jxpiinstall(1).exe 2013-12-21 15:39 - 2013-11-03 14:20 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Mozilla 2013-12-21 15:38 - 2013-12-21 15:38 - 00001170 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-12-21 15:38 - 2013-12-21 15:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-12-21 15:38 - 2013-12-19 23:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-12-21 15:37 - 2013-12-21 15:37 - 24039048 _____ (Mozilla) C:\Users\Dominik\Downloads\Firefox_Setup_26.0.exe 2013-12-21 14:30 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2013-12-21 13:30 - 2013-11-12 20:50 - 00000000 ____D C:\Program Files (x86)\Java 2013-12-21 12:11 - 2013-12-21 12:10 - 00280680 _____ C:\WINDOWS\Minidump\122113-43062-01.dmp 2013-12-21 12:10 - 2013-12-21 12:10 - 1246164907 _____ C:\WINDOWS\MEMORY.DMP 2013-12-21 12:10 - 2013-12-17 12:22 - 00000000 ____D C:\WINDOWS\Minidump 2013-12-20 09:01 - 2013-11-03 21:56 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2013-12-19 23:08 - 2013-08-22 09:44 - 00374104 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-12-19 23:07 - 2013-08-22 10:36 - 00000000 ___RD C:\WINDOWS\ToastData 2013-12-19 23:07 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\WinStore 2013-12-19 23:07 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\MediaViewer 2013-12-19 23:07 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\FileManager 2013-12-19 23:07 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Camera 2013-12-19 23:05 - 2013-11-02 22:42 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-12-19 23:04 - 2013-11-02 22:42 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-12-19 23:00 - 2013-10-16 12:11 - 00005544 _____ C:\WINDOWS\system32\RaCoInst.log 2013-12-19 22:59 - 2012-08-03 19:02 - 00000000 ____D C:\SWSetup 2013-12-19 22:52 - 2013-11-03 21:49 - 00000000 ____D C:\Program Files (x86)\FlvPlayer 2013-12-19 22:49 - 2013-12-19 22:49 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Avira 2013-12-19 22:46 - 2013-12-19 22:46 - 00002093 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-12-19 22:46 - 2013-12-19 22:46 - 00000000 ____D C:\ProgramData\Avira 2013-12-19 22:46 - 2013-12-19 22:46 - 00000000 ____D C:\Program Files (x86)\Avira 2013-12-19 22:41 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2013-12-19 22:41 - 2012-07-26 03:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2013-12-19 22:40 - 2013-12-19 22:37 - 129564536 _____ C:\Users\Dominik\Downloads\avira_free_antivirus_en.exe 2013-12-19 22:04 - 2013-08-22 10:36 - 00000000 __RSD C:\WINDOWS\Media 2013-12-19 22:04 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2013-12-19 22:04 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2013-12-19 22:04 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Globalization 2013-12-19 22:04 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2013-12-19 22:03 - 2013-11-02 14:40 - 00000000 ____D C:\Users\Dominik\AppData\Local\Hewlett-Packard 2013-12-19 22:03 - 2013-11-02 14:40 - 00000000 ____D C:\Users\Dominik\AppData\Local\bluesoleil 2013-12-19 22:03 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2013-12-19 22:03 - 2013-04-27 21:50 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2013-12-19 21:48 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\registration 2013-12-19 21:47 - 2013-11-03 22:07 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Real 2013-12-17 12:31 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2013-12-15 19:43 - 2013-12-15 19:34 - 00000000 ____D C:\ProgramData\Adobe 2013-12-15 19:42 - 2013-12-15 19:33 - 00000000 ____D C:\Users\Dominik\AppData\Local\Adobe 2013-12-15 19:42 - 2013-11-02 14:39 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Adobe 2013-12-15 19:37 - 2013-12-15 19:37 - 00014951 _____ C:\Users\Dominik\Downloads\Clarinda visit Dec17th.xlsx 2013-12-15 19:35 - 2013-12-15 19:35 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-12-09 11:37 - 2013-12-19 22:46 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2013-12-09 11:37 - 2013-12-19 22:46 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2013-12-09 11:37 - 2013-12-19 22:46 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2013-12-09 11:37 - 2013-12-19 22:46 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys Some content of TEMP: ==================== C:\Users\Dominik\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-04 16:04 ==================== End Of Log ============================