Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-09-2013
Ran by USERNAME at 2013-09-08 16:09:37
Running from C:\Users\USERNAME\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
64 Bit HP CIO Components Installer (Version: 13.2.1)
Acronis Drive Monitor (x32 Version: 1.0.566)
Adobe Acrobat XI Pro (x32 Version: 11.0.03)
Adobe AIR (x32 Version: 3.8.0.870)
Adobe Creative Suite 6 Design Standard (x32 Version: 6)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe® Content Viewer (x32 Version: 3.2.0)
Ashampoo Burning Studio 11 v.11.0.4 (x32 Version: 11.0.4)
Bonjour (Version: 2.0.2.0)
Bonjour-Druckdienste (Version: 2.0.2.0)
bpd_scan_ent (x32 Version: 3.00.0000)
CCleaner (Version: 3.24)
Chiavetta Internet (x32 Version: 21.003.27.10.192)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.03103)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.03103)
Citrix Authentication Manager (x32 Version: 4.0.0.53726)
Citrix Receiver (DV) (x32 Version: 13.4.0.25)
Citrix Receiver (HDX Flash-Umleitung) (x32 Version: 13.4.0.25)
Citrix Receiver (USB) (x32 Version: 13.4.0.25)
Citrix Receiver (x32 Version: 13.4.0.25)
Citrix Receiver Inside (x32 Version: 3.4.0.29585)
Citrix Receiver Updater (x32 Version: 3.4.0.29577)
Citrix Receiver(Aero) (x32 Version: 13.4.0.25)
CodeWallet Pro 2005 Desktop Companion (x32 Version: 5.07)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (x32)
dows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Enterprise (x32 Version: 140.0.001.000)
eWallet 7.4.4 for Windows PCs (x32 Version: 7.4.4)
FRANZIS onlineTV 8 (x32 Version: 8.5.0.0)
Free YouTube to MP3 Converter version 3.12.0.128 (x32 Version: 3.12.0.128)
Garmin USB Drivers (x32 Version: 2.3.1.0)
Get Local Admins GUI (Version: 2.0.0)
HijackThis 2.0.2 (x32 Version: 2.0.2)
HP Business Card Reader (x32 Version: 0.6.3.0)
HP Customer Experience Enhancements (x32 Version: 6.0.1.3)
HP Officejet 6500 E709 Series Corporate Edition 14.0 (Version: 14.0)
HP Quick Launch Buttons (x32 Version: 6.50.17.1)
HP Web Camera (Version: 1.0.0)
HP Webcam (x32 Version: 1.0.26.3)
IDT Audio (x32 Version: 1.0.6300.0)
inSSIDer (x32 Version: 2.1.6)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 43 (x32 Version: 6.0.430)
JDownloader 0.9 (x32 Version: 0.9)
Joe (x32 Version: 4.01.0000)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
KeePass Password Safe 2.22 (x32)
LightScribe System Software (x32 Version: 1.18.6.1)
Lights-Out Client x64 (Version: 1.5.4.2055)
LSI HDA Modem (Version: 2.2.100)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Messenger Plus! for Skype (x32 Version: 1.5.0.122)
Microsoft Access MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Access Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Antimalware (Version: 3.0.8410.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft DCF MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Excel MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Groove MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft InfoPath MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Lync MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017)
Microsoft Office OSM MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Shared Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft OneNote MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Outlook MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Project MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Project Professional 2013 (x32 Version: 15.0.4420.1017)
Microsoft Publisher MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Script Explorer for Windows PowerShell (x32 Version: 0.12.0.0)
Microsoft Security Client (Version: 2.2.0903.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visio MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Visio Professional 2013 (x32 Version: 15.0.4420.1017)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Word MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 23.0.1 (x86 en-US) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
Mp3tag v2.53 (x32 Version: v2.53)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Network64 (Version: 140.0.301.000)
Notepad++ (x32 Version: 6.2.2)
NVIDIA Control Panel 311.50 (Version: 311.50)
NVIDIA Graphics Driver 311.50 (Version: 311.50)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.109.718)
NVIDIA nView 140.54 (Version: 140.54)
NVIDIA PhysX (x32 Version: 9.12.0604)
NVIDIA PhysX System Software 9.12.0604 (Version: 9.12.0604)
Online Plug-in (x32 Version: 13.4.0.25)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017)
OxygenV2 (Version: 2.00.1850)
PDF Settings CS6 (x32 Version: 11.0)
Photo Gallery (x32 Version: 16.4.3505.0912)
PL-2303 USB-to-Serial (x32 Version: 1.7.0)
PL-2303 Vista Driver Installer (x32 Version: 3.0.1.0)
PuTTY version 0.63 (x32 Version: 0.63)
QLBCASL (x32 Version: 6.40.17.2)
Remote Desktop Manager (x32 Version: 8.4.5.0)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0)
RICOH Media Driver (x32 Version: 2.13.00.05)
RSSOwl (x32)
Samsung Mobile phone USB driver Drive Software
Samsung PC Studio 3 USB Driver Installer (x32 Version: 3.2.0.70701)
Scan (x32 Version: 140.0.253.000)
Secunia PSI (3.0.0.6005) (x32 Version: 3.0.0.6005)
Self-Service Plug-in (x32 Version: 3.4.0.33684)
Skype™ 6.6 (x32 Version: 6.6.106)
SlimDrivers (x32 Version: 2.2.28413)
Spybot - Search & Destroy (x32 Version: 1.6.2)
Synaptics Pointing Device Driver (Version: 15.0.24.0)
System Center 2012 Endpoint Protection (Version: 2.2.903.0)
TeamViewer 8 (x32 Version: 8.0.20768)
TightVNC (Version: 2.6.4.0)
TrueCrypt (x32 Version: 7.1a)
Unlocker 1.9.1 (x32 Version: 1.9.1)
Update for Microsoft Access 2013 (KB2760350) 32-Bit Edition (x32)
Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (x32)
Update for Microsoft Lync 2013 (KB2817621) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2727096) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2737954) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2752025) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2752094) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2752101) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760538) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2767851) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2767860) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2810010) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817320) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817482) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817489) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817492) 32-Bit Edition (x32)
Update for Microsoft OneNote 2013 (KB2817467) 32-Bit Edition (x32)
Update for Microsoft Outlook 2013 (KB2817629) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2013 (KB2726947) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2013 (KB2810006) 32-Bit Edition (x32)
Update for Microsoft SkyDrive Pro (KB2817622) 32-Bit Edition (x32)
Update for Microsoft Visio 2013 (KB2810008) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition (x32)
Update for Microsoft Word 2013 (KB2767863) 32-Bit Edition (x32)
Update for Microsoft Word 2013 (KB2810086) 32-Bit Edition (x32)
USB Drive Letter Manager (x64) (Version: 4.6.1.0)
USB Drive Letter Manager (x64) (Version: 4.7.0.0)
Validity Fingerprint Driver (Version: 4.0.15.0)
Validity WBF DDK (Version: 4.4.234.0)
VanDyke Software SecureCRT and SecureFX 6.7 (Version: 6.7.5)
VirusTotal Uploader 2.0 (x32)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0)
Visual CertExam Suite (x32)
VLC media player 2.0.8 (x32 Version: 2.0.8)
Windows Home Server 2011 Connector (Version: 6.1.8800.16400)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
Windows7FirewallControl (x64) 5.2.18.33 (Version: 5.2.18.33)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
WinSCP 5.1.7 (x32 Version: 5.1.7)
Wondershare Streaming Audio Recorder(Build 2.1.0.0) (x32 Version: 2.1.0.0)
==================== Restore Points =========================
27-08-2013 18:00:02 Windows Backup
27-08-2013 18:35:41 Removed HP Battery Check
29-08-2013 18:00:02 Windows Backup
31-08-2013 07:45:52 Windows Backup
31-08-2013 07:49:34 Windows Backup
01-09-2013 17:00:23 Windows Backup
01-09-2013 18:43:47 Windows Backup
03-09-2013 15:59:09 Restore Operation
03-09-2013 16:52:04 Removed HP Battery Check
03-09-2013 18:00:01 Windows Backup
04-09-2013 18:00:00 Windows Backup
07-09-2013 10:34:40 Installed Get Local Admins GUI
07-09-2013 18:09:48 Windows Backup
==================== Hosts content: ==========================
2012-07-26 07:26 - 2013-08-27 08:53 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {004F8E95-A718-4ABF-AD30-97CE5CF5BEF8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for COMPUTERNAME-USERNAME COMPUTERNAME => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-04] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {1E9BCA20-FAED-4F4B-AA1C-53F5F9D94C1C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {2015D5E6-CA53-4DBE-BBE8-AC48E33B7CF9} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation)
Task: {24B755A0-EC79-42E4-85F2-AB8345121C0A} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3914127844-14403796-372123521-1002
Task: {262F4C1C-977A-4CAB-AFC4-A73BCA4F4152} - System32\Tasks\Microsoft\Windows\Windows Server\Health Definition Updates => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-07-06] (Microsoft Corporation)
Task: {263CBC90-183F-4A7E-9010-4B5310889222} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => Sc.exe start wuauserv
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {3DE37160-4C04-4DC6-A897-2C01BF7C008D} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {470EFEE1-2940-4FEC-B995-9D1B3E9CE259} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5B471BC6-8E2F-45C0-94EE-FCC7D27EF50C} - System32\Tasks\Microsoft\Windows\Windows Server\InstallAddIns => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-07-06] (Microsoft Corporation)
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {5E851051-A0B8-4B79-B375-7D51F84FDFB5} - System32\Tasks\{1D117AC1-9A7F-44AD-A4D6-EEBD077BC6A5} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.60.106/de/abandoninstall?page=tsPlugin
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {66D980AD-B6C8-4827-8318-AF71E2E1A08F} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2012-07-26] (Microsoft Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {74A8E2F0-4950-4870-83E1-649426202909} - System32\Tasks\Microsoft\Windows\Windows Server\RenewClientCertificate => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-07-06] (Microsoft Corporation)
Task: {7AE378FD-E992-4632-8DBD-855D83291AC3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2012-07-26] (Microsoft Corporation)
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {7DB03A94-8D20-4EA0-AD78-CD2A31860DAA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {8D850624-62AE-421F-B758-80D2C50EC029} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {99322BD0-2A88-4BAE-9F47-CEE5FCB75BD0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {9F98B999-6F70-461F-9BFA-1A90827146AF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {AF6D6AD0-4941-46C5-9F72-8D298549D35D} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3914127844-14403796-372123521-1001
Task: {B21B01D2-F1D9-40DB-9E3A-7ED51AFE501A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-23] (Adobe Systems Incorporated)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-26] (Microsoft Corporation)
Task: {CBE37266-DC38-4B51-ADF3-2E0C15979AFA} - System32\Tasks\Microsoft\Windows\Windows Server\UploadCEIPData => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-07-06] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D01DD577-3DAA-4A15-BA45-FF2DB1C8A16E} - System32\Tasks\Microsoft\Windows\Windows Server\Alert Evaluations => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-07-06] (Microsoft Corporation)
Task: {D90C1247-9758-4B21-A4BE-74A4CC6D5631} - System32\Tasks\AdobeAAMUpdater-1.0-COMPUTERNAME-USERNAME => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-01-24] (Adobe Systems Incorporated)
Task: {DB734F3D-4395-4EB1-BFA0-B58B9464815C} - System32\Tasks\Microsoft\Windows\Windows Server\SaveCEIPData => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-07-06] (Microsoft Corporation)
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DDF0F7F6-2A2A-4024-B370-7AF3E2F7B105} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E190D61C-4479-4F46-A86F-6B8A96008271} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {E3EA6625-22FF-4DA0-911A-0B3719BC6E79} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3914127844-14403796-372123521-500
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E5DCE097-1ADB-42F3-B96E-18A0B4BFD445} - System32\Tasks\{DBE00103-13A0-4AF7-A51F-C8D0B37AFDA9} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.60.107/de/go/help.faq.installer?LastError=1618
Task: {E7B98416-AC68-4A07-81F9-68109D4C902C} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe [2012-08-15] (Microsoft Corporation)
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EAD237E7-D276-4257-9F16-51DF41548733} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {FE996E94-2262-4CF9-B465-368C728DA90C} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-09-02] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-08-14 11:39 - 2013-07-03 02:23 - 00788480 _____ (Microsoft Corporation) C:\Windows\winstore\WinStoreUI.dll
2012-10-31 16:02 - 2000-01-01 02:00 - 15055848 _____ (NVIDIA Corporation) C:\Windows\SYSTEM32\nvwgf2umx.dll
2013-07-10 19:31 - 2013-07-10 19:31 - 08865448 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-03-02 11:01 - 2013-02-18 22:56 - 02631168 _____ (LeapFILE Inc.) C:\Program Files\Oxygen Common\OxygenShellExtension_64.dll
2012-10-31 17:48 - 2012-04-26 14:43 - 00190480 _____ (EldoS Corporation) C:\Windows\system32\CbFsMntNtf3.dll
2012-10-31 16:16 - 2010-09-08 01:05 - 00651264 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2012-10-31 16:03 - 2013-04-06 08:38 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2012-10-31 16:04 - 2000-01-01 02:00 - 00496928 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2013-09-03 19:42 - 2013-08-14 13:22 - 00206264 _____ (Martin Prikryl) C:\Program Files (x86)\WinSCP\DragExt64.dll
2010-06-03 20:16 - 2010-06-03 20:16 - 00400168 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2010-06-03 20:16 - 2010-06-03 20:16 - 00215336 _____ (Synaptics Incorporated) C:\Windows\SYSTEM32\SynTPAPI.dll
2012-10-31 16:16 - 2010-09-08 01:05 - 01952256 _____ (IDT, Inc.) C:\Program Files\IDT\WDM\STLang64.dll
2011-12-13 17:20 - 2011-12-13 17:20 - 00378880 _____ (NLog) C:\Program Files\Windows Server\Bin\NLog.dll
2013-06-19 17:06 - 2013-06-19 17:06 - 00051360 _____ (AxoNet Software GmbH) C:\Program Files\Windows Server\Bin\AxoNet.LightsOut.VailCommonTypes.dll
2013-06-19 17:06 - 2013-06-19 17:06 - 00131744 _____ (AxoNet Software GmbH) C:\Program Files\Windows Server\Bin\AxoNet.LightsOut.VailCommon.dll
2012-10-10 04:48 - 2012-10-10 04:48 - 00200704 _____ (ICSharpCode.net) C:\Program Files\OxygenV2\ICSharpCode.SharpZipLib.dll
2012-07-26 03:54 - 2012-11-06 06:19 - 00513024 _____ (Microsoft Corporation) C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
2012-07-26 05:33 - 2012-11-06 06:39 - 00918016 _____ (Microsoft Corporation) C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRVUI.DLL
2009-07-14 02:41 - 2009-07-14 02:41 - 01591808 _____ (Hewlett-Packard Corporation) C:\Windows\system32\spool\DRIVERS\x64\3\hpfuiw73.dll
2009-07-14 02:41 - 2009-07-14 02:41 - 01858048 _____ (Hewlett Packard Corporation) C:\Windows\system32\spool\DRIVERS\x64\3\hpf3rw73.dll
2009-07-14 02:41 - 2009-07-14 02:41 - 00254976 _____ (Hewlett-Packard Company) C:\Windows\system32\spool\DRIVERS\x64\3\hpfiew73.dll
2013-09-08 09:23 - 2013-09-08 09:23 - 00109568 _____ () C:\Users\USERNAME\.OxygenV2\Bin\2.0.0.1850\CrashRpt1300.dll
2013-03-26 17:44 - 2013-03-26 17:44 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-07-04 13:56 - 2013-07-04 13:56 - 00011362 _____ () C:\ProgramData\Chiavetta Internet\OnlineUpdate\mingwm10.dll
2013-07-04 13:56 - 2013-07-04 13:56 - 00043008 _____ () C:\ProgramData\Chiavetta Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2013-07-04 13:56 - 2013-07-04 13:56 - 02415104 _____ () C:\ProgramData\Chiavetta Internet\OnlineUpdate\QtCore4.dll
2013-07-04 13:56 - 2013-07-04 13:56 - 01148416 _____ () C:\ProgramData\Chiavetta Internet\OnlineUpdate\QtNetwork4.dll
2009-06-17 12:40 - 2009-06-17 12:40 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-06-17 12:40 - 2009-06-17 12:40 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-06-17 12:40 - 2009-06-17 12:40 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2012-07-26 02:06 - 2012-07-26 05:04 - 00029184 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\vidcap.ax
2012-07-26 03:46 - 2012-07-26 05:04 - 00131072 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\kswdmcap.ax
2013-01-25 11:36 - 2013-01-25 11:36 - 00022608 _____ () C:\Program Files (x86)\Microsoft Office\Office15\lynchtmlconvpxy.dll
2011-02-24 19:06 - 2011-02-24 19:06 - 00292192 _____ (Acronis) C:\Program Files (x86)\Common Files\Acronis\DriveMonitor\Common\resource.dll
2011-02-24 19:05 - 2011-02-24 19:05 - 00111232 _____ (Acronis) C:\Program Files (x86)\Common Files\Acronis\DriveMonitor\Common\gc.dll
2011-02-24 18:39 - 2011-02-24 18:39 - 00012128 _____ () C:\Program Files (x86)\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
2011-02-24 18:48 - 2011-02-24 18:48 - 00022368 _____ (Acronis) C:\Program Files (x86)\Common Files\Acronis\DriveMonitor\Common\thread_pool.dll
2012-12-14 15:14 - 2012-12-14 15:14 - 00391736 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ctxmui.dll
2012-12-14 15:14 - 2012-12-14 15:14 - 00129592 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\CCMSDK.dll
2012-12-14 15:11 - 2012-12-14 15:11 - 00012344 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\de\ctxmuiUI.DLL
2012-12-14 15:12 - 2012-12-14 15:12 - 00428600 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\de\concenUI.DLL
2013-09-08 09:23 - 2012-12-14 17:18 - 00244208 _____ (Citrix Systems, Inc.) C:\Users\USERNAME\AppData\Local\Citrix\Receiver\WindowsAppRHelper_concentr.exe.dll
2012-12-14 15:14 - 2012-12-14 15:14 - 00025656 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\CCMProxy.dll
2012-12-14 17:18 - 2012-12-14 17:18 - 00621040 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\ResourceKeeper.dll
2012-12-14 17:18 - 2012-12-14 17:18 - 00055792 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\nativemessagebox.dll
2012-12-14 17:18 - 2012-12-14 17:18 - 00858608 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\nativesystrayue.dll
2012-12-14 17:18 - 2012-12-14 17:18 - 00104944 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\progressnotification.dll
2012-12-14 17:18 - 2012-12-14 17:18 - 00088560 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\toaster.dll
2012-12-12 14:33 - 2012-12-12 14:33 - 00250928 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\ReceiverShim.dll
2013-09-08 09:23 - 2012-12-14 17:20 - 00315376 _____ (Citrix Systems, Inc.) C:\Users\USERNAME\AppData\Local\Citrix\Receiver\WindowsAppRHelper_SelfServicePlugin.exe.dll
2012-12-14 15:21 - 2012-12-14 15:21 - 00088632 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ProgressNotificationCommon.dll
2012-12-14 15:22 - 2012-12-14 15:22 - 00076344 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\WFCWINN.dll
2012-12-14 15:20 - 2012-12-14 15:20 - 00117304 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\acrdlg.dll
2012-12-14 15:17 - 2012-12-14 15:17 - 00096824 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\statuin.dll
2012-12-14 15:15 - 2012-12-14 15:15 - 00092728 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\confmgr.dll
2012-12-14 15:14 - 2012-12-14 15:14 - 00023608 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ctxlogging.dll
2012-12-14 15:14 - 2012-12-14 15:14 - 00032824 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\icafile.dll
2012-12-14 15:24 - 2012-12-14 15:24 - 00481848 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\RSManager.dll
2012-12-14 15:21 - 2012-12-14 15:21 - 00498232 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\CST.dll
2012-12-14 15:23 - 2012-12-14 15:23 - 00029752 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\RSMHook.dll
2012-12-14 15:11 - 2012-12-14 15:11 - 00021048 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\de\ProgressNotificationCommonUI.dll
2012-12-14 15:12 - 2012-12-14 15:12 - 00571960 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\de\statuiUI.DLL
2012-12-14 15:11 - 2012-12-14 15:11 - 00117304 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\de\CSTUI.DLL
2012-12-14 15:12 - 2012-12-14 15:12 - 00125496 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\de\wfcrunUI.DLL
2013-09-08 09:23 - 2012-12-14 17:18 - 00244208 _____ (Citrix Systems, Inc.) C:\Users\USERNAME\AppData\Local\Citrix\Receiver\WindowsAppRHelper_wfcrun32.exe.dll
2013-09-08 09:23 - 2013-09-08 09:23 - 00010240 _____ () C:\Users\USERNAME\.OxygenV2\Bin\2.0.0.1850\oxygenqtwrapper.dll
2013-09-08 09:23 - 2013-09-08 09:23 - 10837504 _____ () C:\Users\USERNAME\.OxygenV2\Bin\2.0.0.1850\QtWebKit4.dll
2013-09-08 09:23 - 2013-09-08 09:23 - 08173568 _____ () C:\Users\USERNAME\.OxygenV2\Bin\2.0.0.1850\QtGui4.dll
2013-09-08 09:23 - 2013-09-08 09:23 - 00971776 _____ () C:\Users\USERNAME\.OxygenV2\Bin\2.0.0.1850\QtNetwork4.dll
2013-09-08 09:23 - 2013-09-08 09:23 - 02293248 _____ () C:\Users\USERNAME\.OxygenV2\Bin\2.0.0.1850\QtCore4.dll
2013-09-08 09:23 - 2013-09-08 09:23 - 00266752 _____ () C:\Users\USERNAME\.OxygenV2\Bin\2.0.0.1850\phonon4.dll
2013-09-08 09:23 - 2013-09-08 09:23 - 00026624 _____ () C:\Users\USERNAME\.OxygenV2\Bin\2.0.0.1850\imageformats\qgif4.dll
2013-09-08 09:23 - 2013-09-08 09:23 - 00237568 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\USERNAME\.OxygenV2\Bin\2.0.0.1850\ssleay32.dll
2013-09-08 09:23 - 2013-09-08 09:23 - 01099776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\USERNAME\.OxygenV2\Bin\2.0.0.1850\LIBEAY32.dll
2012-12-18 21:08 - 2012-12-18 21:08 - 03990248 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\AdobePDFMakerX.dll
2012-10-01 21:32 - 2012-10-01 21:32 - 01014400 _____ () C:\Program Files (x86)\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2013-02-05 18:43 - 2013-02-05 18:43 - 00125008 _____ () C:\Program Files (x86)\Microsoft Office\Office15\OUTLCTL.DLL
2013-09-05 09:20 - 2013-08-14 19:55 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2012-10-31 17:48 - 2012-04-26 14:43 - 00141328 _____ (EldoS Corporation) C:\Windows\system32\CbFsNetRdr3.dll
2013-07-10 19:31 - 2013-07-10 19:31 - 08865448 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-03-02 11:01 - 2013-02-18 22:49 - 02457088 _____ (LeapFILE Inc.) C:\Program Files\Oxygen Common\OxygenShellExtension_32.dll
2012-10-31 17:48 - 2012-04-26 14:43 - 00190480 _____ (EldoS Corporation) C:\Windows\SYSTEM32\CbFsMntNtf3.dll
==================== Alternate Data Streams (whitelisted) ==========
==================== Faulty Device Manager Devices =============
Name: Officejet 6500 E709n
Description: Officejet 6500 E709n
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Officejet 6500 E709n
Description: Officejet 6500 E709n
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/08/2013 04:10:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: LANConfigSvc.exe, version: 6.1.8800.16385, time stamp: 0x4d6ed265
Faulting module name: ServerLocator.dll, version: 6.1.8800.16385, time stamp: 0x4d6ed338
Exception code: 0xc0000025
Fault offset: 0x00000000000081ed
Faulting process id: 0x22d0
Faulting application start time: 0xLANConfigSvc.exe0
Faulting application path: LANConfigSvc.exe1
Faulting module path: LANConfigSvc.exe2
Report Id: LANConfigSvc.exe3
Faulting package full name: LANConfigSvc.exe4
Faulting package-relative application ID: LANConfigSvc.exe5
Error: (09/08/2013 04:08:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: LANConfigSvc.exe, version: 6.1.8800.16385, time stamp: 0x4d6ed265
Faulting module name: ServerLocator.dll, version: 6.1.8800.16385, time stamp: 0x4d6ed338
Exception code: 0xc0000025
Fault offset: 0x00000000000081ed
Faulting process id: 0x1184
Faulting application start time: 0xLANConfigSvc.exe0
Faulting application path: LANConfigSvc.exe1
Faulting module path: LANConfigSvc.exe2
Report Id: LANConfigSvc.exe3
Faulting package full name: LANConfigSvc.exe4
Faulting package-relative application ID: LANConfigSvc.exe5
Error: (09/08/2013 04:05:53 PM) (Source: Application Error) (User: )
Description: Faulting application name: LANConfigSvc.exe, version: 6.1.8800.16385, time stamp: 0x4d6ed265
Faulting module name: ServerLocator.dll, version: 6.1.8800.16385, time stamp: 0x4d6ed338
Exception code: 0xc0000025
Fault offset: 0x00000000000081ed
Faulting process id: 0xd10
Faulting application start time: 0xLANConfigSvc.exe0
Faulting application path: LANConfigSvc.exe1
Faulting module path: LANConfigSvc.exe2
Report Id: LANConfigSvc.exe3
Faulting package full name: LANConfigSvc.exe4
Faulting package-relative application ID: LANConfigSvc.exe5
Error: (09/08/2013 10:36:57 AM) (Source: MsgPlusService) (User: )
Description: MsgPlusServiceService failed to shut down.
Error: (09/08/2013 10:36:57 AM) (Source: MsgPlusService) (User: )
Description: MsgPlusServiceReceiving shutdown message.
Error: (09/08/2013 09:32:06 AM) (Source: Microsoft-Windows-User Profiles Service) (User: COMPUTERNAME)
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Error: (09/08/2013 09:32:06 AM) (Source: Microsoft-Windows-User Profiles Service) (User: COMPUTERNAME)
Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.
Error: (09/07/2013 10:06:07 AM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location \\BackupNAS\clientcomputersicherungen$\. The error is: The network name cannot be found. (0x80070043).
Error: (09/06/2013 07:55:44 AM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location \\BackupNAS\clientcomputersicherungen$\. The error is: The network name cannot be found. (0x80070043).
Error: (09/05/2013 01:31:33 PM) (Source: MsgPlusService) (User: )
Description: MsgPlusServiceReceiving shutdown message.
System errors:
=============
Error: (09/08/2013 04:08:04 PM) (Source: Service Control Manager) (User: )
Description: The Windows Server LAN Configuration service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (09/08/2013 04:05:59 PM) (Source: Service Control Manager) (User: )
Description: The Windows Server LAN Configuration service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (09/08/2013 04:04:59 PM) (Source: pcmcia) (User: )
Description: The PCMCIA controller encountered an error powering up the inserted device.
Error: (09/08/2013 11:08:44 AM) (Source: pcmcia) (User: )
Description: The PCMCIA controller encountered an error powering up the inserted device.
Error: (09/08/2013 10:37:50 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.
Feature: %%835
Error Code: 0x80004005
Error description: Unspecified error
Reason: %%842
Error: (09/08/2013 10:37:35 AM) (Source: Service Control Manager) (User: )
Description: The Chiavetta Internet. OUC service failed to start due to the following error:
%%1053
Error: (09/08/2013 10:37:35 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Chiavetta Internet. OUC service to connect.
Error: (09/08/2013 10:35:01 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.
Feature: %%835
Error Code: 0x80004005
Error description: Unspecified error
Reason: %%842
Error: (09/08/2013 10:34:46 AM) (Source: Service Control Manager) (User: )
Description: The Chiavetta Internet. OUC service failed to start due to the following error:
%%1053
Error: (09/08/2013 10:34:46 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Chiavetta Internet. OUC service to connect.
Microsoft Office Sessions:
=========================
Error: (09/08/2013 04:10:05 PM) (Source: Application Error)(User: )
Description: LANConfigSvc.exe6.1.8800.163854d6ed265ServerLocator.dll6.1.8800.163854d6ed338c000002500000000000081ed22d001ceac9cf9f2f261C:\Program Files\Windows Server\Bin\LANConfigSvc.exeC:\Program Files\Windows Server\Bin\ServerLocator.dll5bf0cce7-1890-11e3-bee8-70f39520344b
Error: (09/08/2013 04:08:00 PM) (Source: Application Error)(User: )
Description: LANConfigSvc.exe6.1.8800.163854d6ed265ServerLocator.dll6.1.8800.163854d6ed338c000002500000000000081ed118401ceac9caf30785fC:\Program Files\Windows Server\Bin\LANConfigSvc.exeC:\Program Files\Windows Server\Bin\ServerLocator.dll115a78b1-1890-11e3-bee8-70f39520344b
Error: (09/08/2013 04:05:53 PM) (Source: Application Error)(User: )
Description: LANConfigSvc.exe6.1.8800.163854d6ed265ServerLocator.dll6.1.8800.163854d6ed338c000002500000000000081edd1001ceac6eac765e6eC:\Program Files\Windows Server\Bin\LANConfigSvc.exeC:\Program Files\Windows Server\Bin\ServerLocator.dllc54e1a2a-188f-11e3-bee8-70f39520344b
Error: (09/08/2013 10:36:57 AM) (Source: MsgPlusService)(User: )
Description: MsgPlusServiceService failed to shut down.
Error: (09/08/2013 10:36:57 AM) (Source: MsgPlusService)(User: )
Description: MsgPlusServiceReceiving shutdown message.
Error: (09/08/2013 09:32:06 AM) (Source: Microsoft-Windows-User Profiles Service)(User: COMPUTERNAME)
Description:
Error: (09/08/2013 09:32:06 AM) (Source: Microsoft-Windows-User Profiles Service)(User: COMPUTERNAME)
Description:
Error: (09/07/2013 10:06:07 AM) (Source: Windows Backup)(User: )
Description: \\BackupNAS\clientcomputersicherungen$ The network name cannot be found. (0x80070043)
Error: (09/06/2013 07:55:44 AM) (Source: Windows Backup)(User: )
Description: \\BackupNAS\clientcomputersicherungen$ The network name cannot be found. (0x80070043)
Error: (09/05/2013 01:31:33 PM) (Source: MsgPlusService)(User: )
Description: MsgPlusServiceReceiving shutdown message.
CodeIntegrity Errors:
===================================
Date: 2013-08-09 17:51:55.039
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 17:51:55.012
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 17:51:28.398
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 17:51:28.376
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 17:51:12.165
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 17:51:12.141
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 17:50:20.797
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 17:50:20.775
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 17:49:26.521
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 17:49:26.494
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 32%
Total physical RAM: 8121.51 MB
Available physical RAM: 5516.71 MB
Total Pagefile: 16313.51 MB
Available Pagefile: 13503.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:148.71 GB) (Free:47.08 GB) NTFS
Drive o: (Oxygen) (Removable) (Total:1024 GB) (Free:46.93 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 00D86B6A)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-09-2013
Ran by USER (administrator) on COMPUTERNAMEN on 08-09-2013 16:08:45
Running from C:\Users\USER\Desktop
Windows 8 Enterprise (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
() C:\Windows\system32\valWBFPolicyService.exe
(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Broadcom Corporation.) C:\Windows\system32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\ProgramData\Chiavetta Internet\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(AxoNet Software GmbH) C:\Program Files\Windows Server\bin\LightsOutClientService.exe
(Yuna Software) C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Uwe Sieber - www.uwe-sieber.de) C:\Program Files\USBDLM\USBDLM.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WSConnectorUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Uwe Sieber - www.uwe-sieber.de) C:\Program Files\USBDLM\USBDLM_usr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
(AxoNet Software GmbH) C:\Program Files\Windows Server\Bin\LightsOutClientGui.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Oxygen Cloud, Inc.) C:\Program Files\OxygenV2\OxygenDesktop.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
() C:\Users\USER\.OxygenV2\Bin\2.0.0.1850\oxygenlauncher.exe
(LeapFILE, Inc.) C:\Users\USER\.OxygenV2\Bin\2.0.0.1850\oxygenvfs.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\sysWow64\SearchProtocolHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-03] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [489472 2010-09-08] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [477600 2013-01-24] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1437064 2011-10-29] (Microsoft Corporation)
HKLM\...\Run: [Launchpad] - C:\Program Files\Windows Server\Bin\Launchpad.exe [1099360 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [462400 2011-02-12] (Acronis)
HKLM\...\Run: [Windows7FirewallControl] - C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1143296 2013-04-16] (Sphinx Software)
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2716960 2000-01-01] ()
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKCU\...\Run: [Lync] - C:\Program Files (x86)\Microsoft Office\Office15\lync.exe [18621600 2013-07-10] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478600 2013-05-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [adm_tray.exe] - C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [383544 2012-12-14] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-03-26] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKU\Administrator\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\USER.old\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\USER.old\...\Run: [AdobeBridge] -
HKU\USER.old\...\Run: [Lync] - C:\Program Files (x86)\Microsoft Office\Office15\lync.exe [18621600 2013-07-10] (Microsoft Corporation)
HKU\USER.old\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19876456 2013-06-21] (Skype Technologies S.A.)
HKU\USER.old\...\Run: [Akamai NetSession Interface] - "C:\Users\USER\AppData\Local\Akamai\netsession_win.exe"
HKU\USER.old\...\Run: [Spotify Web Helper] - "C:\Users\USER\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
HKU\USER.old\...\Run: [HW_OPENEYE_OUC_Chiavetta Internet] - C:\Program Files (x86)\Chiavetta Internet\UpdateDog\ouc.exe [224096 2013-07-04] ()
HKU\USER.old\...\RunOnce: [Uninstall C:\Users\USER\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\USER\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL [485920 2013-05-15] ()
AppInit_DLLs-x32: c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll [ ] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lights-Out Client.lnk
ShortcutTarget: Lights-Out Client.lnk -> C:\Program Files\Windows Server\Bin\LightsOutClientGui.exe (AxoNet Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start OxygenV2.lnk
ShortcutTarget: Start OxygenV2.lnk -> C:\Program Files\OxygenV2\OxygenDesktop.exe (Oxygen Cloud, Inc.)
Startup: C:\Users\USER.old\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RSSOwl.exe - Shortcut.lnk
ShortcutTarget: RSSOwl.exe - Shortcut.lnk -> C:\Program Files (x86)\RSSOwl\RSSOwl.exe ()
Startup: C:\Users\USER.old\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\USER.old\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SkyDrive Pro.lnk
ShortcutTarget: SkyDrive Pro.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVE.EXE (Microsoft Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
==================== Internet (Whitelisted) ====================
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\vwocf8cd.default
FF Homepage: file:///C:/Startseite/index.html
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Citrix.com/npican - C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Extension: iMacros for Firefox - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\vwocf8cd.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
FF Extension: WOT - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\vwocf8cd.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: sendtophone - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\vwocf8cd.default\Extensions\sendtophone@martinezdelizarrondo.com.xpi
FF Extension: No Name - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\vwocf8cd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
==================== Services (Whitelisted) =================
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2246184 2011-12-15] (Broadcom Corporation.)
S2 Chiavetta Internet. RunOuc; C:\Program Files (x86)\Chiavetta Internet\UpdateDog\ouc.exe [224096 2013-07-04] ()
R2 HealthAlertsSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 initMonitor; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 LoClntService; C:\Program Files\Windows Server\bin\LightsOutClientService.exe [21152 2013-06-19] (AxoNet Software GmbH)
R2 MsgPlusService; C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [125952 2013-01-23] (Yuna Software)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12768 2011-09-02] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288256 2011-09-02] (Microsoft Corporation)
R2 NotificationsProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 providers_system; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1223704 2013-02-07] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660504 2013-02-07] (Secunia)
R2 ServiceProviderRegistry; C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe [41600 2012-07-06] (Microsoft Corporation)
S4 SqmProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 USBDLM; C:\Program Files\USBDLM\USBDLM.exe [433120 2012-01-15] (Uwe Sieber - www.uwe-sieber.de)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-09-06] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [778752 2013-04-16] (Sphinx Software)
R2 WSS_ComputerBackupProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S3 akshasp; C:\Windows\system32\DRIVERS\akshasp.sys [60488 2013-03-15] (SafeNet Inc.)
S3 aksusb; C:\Windows\system32\DRIVERS\aksusb.sys [303368 2013-03-15] (SafeNet Inc.)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-26] (EldoS Corporation)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331144 2013-03-15] (SafeNet Inc.)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [189424 2011-10-05] (Microsoft Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4309032 2012-10-19] (Intel Corporation)
R3 NETwNx64; C:\Windows\system32\DRIVERS\Netwxw00.sys [11080192 2012-03-12] (Intel Corporation)
R3 NisDrv; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [84864 2011-10-05] (Microsoft Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-02-07] (Secunia)
R3 rismcx64; C:\Windows\system32\DRIVERS\rismcx64.sys [59008 2009-07-20] (RICOH Company, Ltd.)
S3 s125bus; C:\Windows\System32\drivers\s125bus.sys [108296 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\system32\DRIVERS\s125mdfl.sys [19720 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\system32\DRIVERS\s125mdm.sys [144648 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\system32\DRIVERS\s125mgmt.sys [126216 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\system32\DRIVERS\s125obex.sys [123656 2007-04-24] (MCCI Corporation)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [50128 2013-03-26] (Cisco Systems, Inc.)
R3 WsAudioDevice_383; C:\Windows\system32\drivers\VirtualAudio.sys [31080 2013-01-17] (Wondershare)
U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()
S0 vhjrap; No ImagePath
S0 zlnimc; No ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-08 16:08 - 2013-09-08 16:08 - 00000000 ____D C:\FRST
2013-09-08 11:17 - 2013-09-08 11:26 - 00000000 ____D C:\Users\USER\AppData\Roaming\TrueCrypt
2013-09-08 11:10 - 2013-09-08 11:10 - 00000000 ____D C:\Users\USER\AppData\Roaming\Ilium Software
2013-09-08 11:09 - 2013-09-08 11:09 - 00000000 ____D C:\Users\USER~1\AppData\Local\Ilium_Software,_Inc
2013-09-08 10:42 - 2013-09-08 10:42 - 00000000 ____D C:\Users\USER\AppData\Roaming\Skype
2013-09-08 10:31 - 2013-09-08 10:36 - 00000000 ____D C:\AdwCleaner
2013-09-08 09:55 - 2013-09-08 09:55 - 00000000 ____D C:\Users\USER\AppData\Roaming\TeamViewer
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\System Tools
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Startup
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Administrative Tools
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Accessories
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Accessibility
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\WinRAR
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Unlocker
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\RSSOwl
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\MetaGeek
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Maintenance
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\FRANZIS
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Data Crow
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Ashampoo
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Acronis
2013-09-08 09:40 - 2013-05-29 20:01 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\MP3Gain
2013-09-08 09:40 - 2013-05-28 10:58 - 00002233 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\SkyDrive.lnk
2013-09-08 09:40 - 2013-05-24 13:40 - 00001783 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Spotify.lnk
2013-09-08 09:40 - 2013-03-19 12:10 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\CodeWallet Pro 2005 Desktop Companion
2013-09-08 09:40 - 2013-02-20 12:08 - 00001680 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Active Directory Users and Computers.lnk
2013-09-08 09:40 - 2012-11-06 11:35 - 00001254 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\CmRcViewer.lnk
2013-09-08 09:40 - 2012-11-06 11:35 - 00001192 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\RC.lnk
2013-09-08 09:40 - 2012-10-31 17:49 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Notepad++
2013-09-08 09:40 - 2012-10-31 15:11 - 00001426 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Internet Explorer.lnk
2013-09-08 09:39 - 2013-09-08 09:39 - 00000000 ____D C:\Users\USER\AppData\Local\Apps\2.0
2013-09-08 09:37 - 2013-09-08 09:37 - 00000000 ____D C:\Users\USER~1\AppData\Local\Macromedia
2013-09-08 09:33 - 2013-09-08 09:33 - 00000000 ____D C:\Users\USER~1\AppData\Local\Adobe
2013-09-08 09:31 - 2013-09-08 09:31 - 00000000 ____D C:\Users\USER\AppData\Roaming\Mozilla
2013-09-08 09:31 - 2013-09-08 09:31 - 00000000 ____D C:\Users\USER~1\AppData\Local\Mozilla
2013-09-08 09:30 - 2013-09-08 09:30 - 00000000 ____D C:\Users\USER\AppData\Roaming\WinRAR
2013-09-08 09:28 - 2013-09-08 09:31 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3914127844-14403796-372123521-1002
2013-09-08 09:26 - 2013-09-08 09:27 - 00000000 ___HD C:\Users\USER\.rssowl2
2013-09-08 09:24 - 2013-09-08 09:24 - 00000000 ____D C:\Users\USER~1\AppData\Local\Devolutions
2013-09-08 09:23 - 2013-09-08 11:14 - 00000000 ____D C:\Users\USER\.OxygenV2
2013-09-08 09:23 - 2013-09-08 09:23 - 00000000 ____D C:\Users\USER\AppData\Roaming\ICAClient
2013-09-08 09:23 - 2013-09-08 09:23 - 00000000 ____D C:\Users\USER~1\AppData\Local\CrashRpt
2013-09-08 09:23 - 2013-09-08 09:23 - 00000000 ____D C:\Users\USER~1\AppData\Local\Citrix
2013-09-08 09:22 - 2013-09-08 09:33 - 00000000 ____D C:\Users\USER\AppData\Roaming\Adobe
2013-09-08 09:22 - 2013-09-08 09:26 - 00000000 ____D C:\Users\USER
2013-09-08 09:22 - 2013-09-08 09:22 - 00001426 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-08 09:22 - 2013-09-08 09:22 - 00000455 _____ C:\Users\USER\Downloads\Desktop.lnk
2013-09-08 09:22 - 2013-09-08 09:22 - 00000020 ___SH C:\Users\USER\ntuser.ini
2013-09-08 09:22 - 2013-09-08 09:22 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-08 09:22 - 2013-09-08 09:22 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-08 09:22 - 2013-09-08 09:22 - 00000000 ____D C:\Users\USER~1\AppData\Local\VirtualStore
2013-09-08 09:22 - 2013-09-08 09:22 - 00000000 ____D C:\Users\USER~1\AppData\Local\Packages
2013-09-08 09:22 - 2013-08-14 11:51 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-09-08 09:22 - 2013-06-12 19:30 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-09-08 09:22 - 2013-02-12 21:59 - 00000000 ____D C:\Users\USER~1\AppData\Local\Microsoft Help
2013-09-08 09:22 - 2012-10-31 17:33 - 00000000 ____D C:\Users\USER\AppData\Roaming\Macromedia
2013-09-08 09:22 - 2012-10-31 17:32 - 00002096 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-09-08 09:22 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-08 09:22 - 2012-07-26 10:13 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-07 12:34 - 2013-09-07 12:34 - 00000000 ____D C:\Program Files\Cjwdev
2013-09-07 12:33 - 2013-09-07 12:34 - 02294256 _____ C:\Users\USER\Desktop\GetLocalAdminsGUI.zip
2013-09-05 09:20 - 2013-09-08 09:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-05 09:20 - 2013-09-05 09:20 - 00001103 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-05 09:20 - 2013-09-05 09:20 - 00000000 ____D C:\Users\USER.old\AppData\Roaming\Mozilla
2013-09-05 09:20 - 2013-09-05 09:20 - 00000000 ____D C:\Users\USER.old\AppData\Local\Mozilla
2013-09-05 09:20 - 2013-09-05 09:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-03 17:49 - 2013-09-03 17:49 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-09-03 09:06 - 2013-09-03 18:01 - 00000000 ____D C:\VEXPLite
2013-09-02 12:05 - 2013-09-06 11:44 - 00063848 _____ C:\Users\USER\Desktop\Wochenziele_2013.xlsx
2013-08-31 10:46 - 2013-09-03 18:01 - 00000000 ____D C:\Sandbox
2013-08-31 10:45 - 2013-09-03 18:01 - 00000000 ____D C:\Program Files\Sandboxie
2013-08-27 11:04 - 2013-08-27 11:04 - 00000600 _____ C:\Users\USER.old\AppData\Local\PUTTY.RND
2013-08-24 13:08 - 2013-09-07 13:57 - 00000181 _____ C:\Users\USER.old\datacrow.properties
2013-08-24 13:06 - 2013-08-24 13:16 - 00000000 ____D C:\Program Files (x86)\Data Crow
2013-08-22 11:35 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-08-22 09:41 - 2013-08-22 09:41 - 00000000 ___RD C:\Users\USER.old\SharePoint
2013-08-20 07:02 - 2013-08-20 07:02 - 00204568 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2013-08-20 07:02 - 2013-08-20 07:02 - 00103576 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2013-08-19 13:13 - 2013-08-19 13:13 - 00000000 ____D C:\Users\USER\Documents\Podcast Studio
2013-08-19 12:00 - 2013-08-19 12:00 - 00000000 ____D C:\Program Files (x86)\FRANZIS
2013-08-18 10:12 - 2013-08-18 10:12 - 05054216 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-16 09:33 - 2013-08-23 17:50 - 00000000 ____D C:\Users\USER\Documents\onlineTV 8
2013-08-16 09:33 - 2013-08-19 13:13 - 00000000 ____D C:\Users\USER.old\AppData\Roaming\concept design
2013-08-16 09:33 - 2013-08-16 09:33 - 00000000 ____D C:\Program Files (x86)\concept design
2013-08-16 09:33 - 2012-03-01 12:08 - 00966144 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioInformation2.dll
2013-08-16 09:33 - 2012-03-01 12:08 - 00877568 _____ (NCT Company Ltd.) C:\Windows\SysWOW64\NCTAudioFile2.dll
2013-08-16 09:33 - 2012-03-01 12:08 - 00634880 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioEditor2.dll
2013-08-16 09:33 - 2012-03-01 12:08 - 00522752 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioTransform2.dll
2013-08-16 09:33 - 2012-03-01 12:08 - 00467968 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioRecord2.dll
2013-08-16 09:33 - 2012-03-01 12:08 - 00467456 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioPlayer2.dll
2013-08-16 09:33 - 2012-03-01 12:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2013-08-16 09:33 - 2012-02-11 22:07 - 00413696 _____ (Gabest) C:\Windows\SysWOW64\flvsplitter.ax
2013-08-16 09:33 - 2011-03-29 13:52 - 00962560 _____ (East Wind Software) C:\Windows\SysWOW64\advdaudio.ocx
2013-08-16 09:33 - 2011-03-29 13:52 - 00110080 _____ C:\Windows\SysWOW64\advd.dll
2013-08-16 09:33 - 2011-03-29 13:52 - 00023040 _____ C:\Windows\SysWOW64\auth.dll
2013-08-16 09:33 - 2003-08-07 15:01 - 00237568 _____ C:\Windows\SysWOW64\lame_enc.dll
2013-08-14 11:41 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 11:41 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 11:41 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-08-14 11:41 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-08-14 11:41 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 11:41 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 11:41 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 11:41 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 11:41 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 11:41 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 11:41 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 11:41 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 11:41 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 11:41 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 11:41 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 11:41 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 11:41 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 11:41 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 11:41 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-08-14 11:41 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 11:41 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 11:41 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 11:41 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 11:41 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 11:41 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 11:41 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 11:41 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 11:41 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 11:41 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 11:41 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 11:41 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-14 11:39 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 11:39 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 11:39 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 11:39 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2013-08-14 11:39 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2013-08-14 11:39 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 11:39 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 11:39 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2013-08-14 11:39 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2013-08-14 11:39 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2013-08-14 11:39 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-08-14 11:39 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 11:39 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-08-14 11:39 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-08-14 11:39 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2013-08-14 11:39 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-08-14 11:39 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2013-08-14 11:39 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2013-08-14 11:39 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-08-14 11:39 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-08-14 11:39 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-08-14 11:39 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-08-14 11:39 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-08-14 11:39 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-08-14 11:39 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-08-14 11:39 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-08-14 11:39 - 2013-07-03 01:51 - 04039680 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-08-14 11:39 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-08-14 11:39 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml
2013-08-14 11:39 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-08-14 11:39 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-08-14 11:39 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2013-08-14 11:39 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-08-14 11:39 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-08-14 11:39 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-08-14 11:39 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-08-14 11:39 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-08-14 11:39 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-08-14 11:39 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-08-14 11:39 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2013-08-14 11:39 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2013-08-14 11:39 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2013-08-14 11:39 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-08-14 11:39 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-08-14 11:39 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-08-14 11:39 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-08-14 11:39 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-08-14 11:39 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-08-14 11:39 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-08-14 11:39 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-08-14 11:39 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-08-14 11:39 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-08-14 11:39 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-08-14 11:39 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-08-14 11:39 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-08-14 11:39 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 11:39 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-12 20:12 - 2013-08-12 20:12 - 00359416 _____ C:\Windows\Minidump\081213-13322-01.dmp
2013-08-12 19:25 - 2013-08-14 12:54 - 00000000 ____D C:\Program Files (x86)\Garmin
2013-08-12 19:25 - 2013-08-12 19:25 - 00000000 ____D C:\Users\USER.old\AppData\Roaming\Garmin
2013-08-12 19:25 - 2013-08-12 19:25 - 00000000 ____D C:\Program Files\DIFX
2013-08-10 10:32 - 2013-08-10 10:32 - 00001099 _____ C:\Users\Administrator\Desktop\IntelliTamper.lnk
2013-08-09 08:17 - 2013-08-09 08:17 - 00343136 _____ C:\Windows\Minidump\080913-9048-01.dmp
==================== One Month Modified Files and Folders =======
2013-09-08 16:08 - 2013-09-08 16:08 - 01948988 _____ (Farbar) C:\Users\USER\Desktop\FRST64.exe
2013-09-08 16:08 - 2013-09-08 16:08 - 00000000 ____D C:\FRST
2013-09-08 16:04 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-09-08 11:38 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-09-08 11:37 - 2012-10-31 15:11 - 01558124 _____ C:\Windows\WindowsUpdate.log
2013-09-08 11:32 - 2013-03-05 17:18 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-08 11:26 - 2013-09-08 11:17 - 00000000 ____D C:\Users\USER\AppData\Roaming\TrueCrypt
2013-09-08 11:21 - 2012-07-26 09:28 - 00855670 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-08 11:14 - 2013-09-08 09:23 - 00000000 ____D C:\Users\USER\.OxygenV2
2013-09-08 11:10 - 2013-09-08 11:10 - 00000000 ____D C:\Users\USER\AppData\Roaming\Ilium Software
2013-09-08 11:09 - 2013-09-08 11:09 - 00000000 ____D C:\Users\USER~1\AppData\Local\Ilium_Software,_Inc
2013-09-08 10:42 - 2013-09-08 10:42 - 00000000 ____D C:\Users\USER\AppData\Roaming\Skype
2013-09-08 10:37 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-08 10:37 - 2012-07-26 07:26 - 01048576 ___SH C:\Windows\system32\config\BBI
2013-09-08 10:36 - 2013-09-08 10:31 - 00000000 ____D C:\AdwCleaner
2013-09-08 10:34 - 2013-04-16 09:54 - 00014768 _____ C:\Windows\PFRO.log
2013-09-08 09:55 - 2013-09-08 09:55 - 00000000 ____D C:\Users\USER\AppData\Roaming\TeamViewer
2013-09-08 09:44 - 2013-09-05 09:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\System Tools
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Startup
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Administrative Tools
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Accessories
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Accessibility
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\WinRAR
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Unlocker
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\RSSOwl
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\MetaGeek
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Maintenance
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\FRANZIS
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Data Crow
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Ashampoo
2013-09-08 09:40 - 2013-09-08 09:40 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Acronis
2013-09-08 09:39 - 2013-09-08 09:39 - 00000000 ____D C:\Users\USER\AppData\Local\Apps\2.0
2013-09-08 09:37 - 2013-09-08 09:37 - 00000000 ____D C:\Users\USER~1\AppData\Local\Macromedia
2013-09-08 09:33 - 2013-09-08 09:33 - 00000000 ____D C:\Users\USER~1\AppData\Local\Adobe
2013-09-08 09:33 - 2013-09-08 09:22 - 00000000 ____D C:\Users\USER\AppData\Roaming\Adobe
2013-09-08 09:31 - 2013-09-08 09:31 - 00000000 ____D C:\Users\USER\AppData\Roaming\Mozilla
2013-09-08 09:31 - 2013-09-08 09:31 - 00000000 ____D C:\Users\USER~1\AppData\Local\Mozilla
2013-09-08 09:31 - 2013-09-08 09:28 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3914127844-14403796-372123521-1002
2013-09-08 09:30 - 2013-09-08 09:30 - 00000000 ____D C:\Users\USER\AppData\Roaming\WinRAR
2013-09-08 09:30 - 2013-08-07 13:57 - 00001785 _____ C:\Users\USER\Desktop\PuTTY.lnk
2013-09-08 09:30 - 2012-11-06 11:19 - 00002421 _____ C:\Users\USER\Desktop\CmRcViewer - Shortcut.lnk
2013-09-08 09:27 - 2013-09-08 09:26 - 00000000 ___HD C:\Users\USER\.rssowl2
2013-09-08 09:26 - 2013-09-08 09:22 - 00000000 ____D C:\Users\USER
2013-09-08 09:24 - 2013-09-08 09:24 - 00000000 ____D C:\Users\USER~1\AppData\Local\Devolutions
2013-09-08 09:23 - 2013-09-08 09:23 - 00000000 ____D C:\Users\USER\AppData\Roaming\ICAClient
2013-09-08 09:23 - 2013-09-08 09:23 - 00000000 ____D C:\Users\USER~1\AppData\Local\CrashRpt
2013-09-08 09:23 - 2013-09-08 09:23 - 00000000 ____D C:\Users\USER~1\AppData\Local\Citrix
2013-09-08 09:22 - 2013-09-08 09:22 - 00001426 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-08 09:22 - 2013-09-08 09:22 - 00000455 _____ C:\Users\USER\Downloads\Desktop.lnk
2013-09-08 09:22 - 2013-09-08 09:22 - 00000020 ___SH C:\Users\USER\ntuser.ini
2013-09-08 09:22 - 2013-09-08 09:22 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-08 09:22 - 2013-09-08 09:22 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-08 09:22 - 2013-09-08 09:22 - 00000000 ____D C:\Users\USER~1\AppData\Local\VirtualStore
2013-09-08 09:22 - 2013-09-08 09:22 - 00000000 ____D C:\Users\USER~1\AppData\Local\Packages
2013-09-08 09:10 - 2012-10-31 17:42 - 00000000 ____D C:\Users\USER.old\AppData\Roaming\Skype
2013-09-08 08:56 - 2012-11-06 12:00 - 00005010 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for COMPUTERNAMEN-USER COMPUTERNAMEN
2013-09-08 08:56 - 2012-10-31 20:40 - 00000000 ____D C:\ProgramData\LightsOut
2013-09-07 22:49 - 2012-10-31 17:12 - 00002186 ____H C:\Users\USER.old\Documents\Default.rdp
2013-09-07 13:57 - 2013-08-24 13:08 - 00000181 _____ C:\Users\USER.old\datacrow.properties
2013-09-07 13:56 - 2012-10-31 17:55 - 00000000 ____D C:\Users\USER\Downloads\Jdownloader
2013-09-07 12:34 - 2013-09-07 12:34 - 00000000 ____D C:\Program Files\Cjwdev
2013-09-07 12:34 - 2013-09-07 12:33 - 02294256 _____ C:\Users\USER\Desktop\GetLocalAdminsGUI.zip
2013-09-06 18:12 - 2012-12-27 17:01 - 00000000 ____D C:\Users\USER\Documents\Switch Conf Log
2013-09-06 12:00 - 2012-10-31 15:11 - 00000000 ____D C:\Users\USER.old\AppData\Local\Packages
2013-09-05 15:27 - 2012-10-31 15:16 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3914127844-14403796-372123521-1001
2013-09-05 13:32 - 2012-12-06 14:22 - 00000000 ____D C:\Program Files (x86)\WinSCP
2013-09-05 09:20 - 2013-09-05 09:20 - 00001103 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-05 09:20 - 2013-09-05 09:20 - 00000000 ____D C:\Users\USER.old\AppData\Roaming\Mozilla
2013-09-05 09:20 - 2013-09-05 09:20 - 00000000 ____D C:\Users\USER.old\AppData\Local\Mozilla
2013-09-05 09:20 - 2013-09-05 09:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-05 09:15 - 2012-10-31 15:11 - 00000000 ____D C:\Users\USER.old
2013-09-05 08:56 - 2013-02-25 12:34 - 00000000 ___HD C:\Users\USER.old\.rssowl2
2013-09-04 20:22 - 2012-11-06 16:53 - 00000000 ____D C:\Users\USER.old\AppData\Roaming\vlc
2013-09-04 18:39 - 2012-10-31 17:27 - 00000000 ____D C:\Users\USER.old\AppData\Local\Adobe
2013-09-04 18:36 - 2012-10-31 17:50 - 00000000 ____D C:\Program Files (x86)\Yuna Software
2013-09-03 19:34 - 2013-01-10 20:13 - 00001050 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-09-03 18:55 - 2013-06-06 14:15 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-09-03 18:52 - 2012-10-31 16:14 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-09-03 18:52 - 2012-10-31 16:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-03 18:03 - 2012-12-21 14:46 - 00000000 ____D C:\Windows\Minidump
2013-09-03 18:02 - 2012-11-01 11:22 - 00000000 ____D C:\Users\Administrator
2013-09-03 18:02 - 2012-10-31 17:48 - 00000000 ____D C:\Users\USER.old\AppData\Roaming\Notepad++
2013-09-03 18:01 - 2013-09-03 09:06 - 00000000 ____D C:\VEXPLite
2013-09-03 18:01 - 2013-08-31 10:46 - 00000000 ____D C:\Sandbox
2013-09-03 18:01 - 2013-08-31 10:45 - 00000000 ____D C:\Program Files\Sandboxie
2013-09-03 18:01 - 2012-10-31 17:36 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-09-03 18:01 - 2012-10-31 17:32 - 00000000 ____D C:\Program Files (x86)\VirusTotalUploader2
2013-09-03 18:00 - 2012-10-31 17:17 - 00000000 __RHD C:\MSOCache
2013-09-03 18:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\registration
2013-09-03 17:49 - 2013-09-03 17:49 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-09-02 15:32 - 2013-05-24 13:40 - 00000000 ____D C:\Users\USER.old\AppData\Local\Spotify
2013-08-31 10:37 - 2013-01-02 12:20 - 00000600 _____ C:\Users\USER.old\AppData\Roaming\winscp.rnd
2013-08-30 13:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-08-27 17:03 - 2013-02-26 11:10 - 00000000 ____D C:\Users\USER\Documents\Outlook Files
2013-08-27 11:04 - 2013-08-27 11:04 - 00000600 _____ C:\Users\USER.old\AppData\Local\PUTTY.RND
2013-08-26 20:10 - 2012-07-26 07:26 - 00000874 _____ C:\Windows\system32\Drivers\etc\hosts.bak
2013-08-26 17:49 - 2013-01-30 15:40 - 00000000 ____D C:\Users\USER.old\AppData\Roaming\KeePass
2013-08-26 16:23 - 2013-04-10 17:51 - 00060367 _____ C:\Windows\setupact.log
2013-08-24 14:33 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-08-24 13:16 - 2013-08-24 13:06 - 00000000 ____D C:\Program Files (x86)\Data Crow
2013-08-23 17:50 - 2013-08-16 09:33 - 00000000 ____D C:\Users\USER\Documents\onlineTV 8
2013-08-22 12:52 - 2013-05-24 13:40 - 00000000 ____D C:\Users\USER.old\AppData\Roaming\Spotify
2013-08-22 11:36 - 2013-08-22 11:35 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-08-22 09:41 - 2013-08-22 09:41 - 00000000 ___RD C:\Users\USER.old\SharePoint
2013-08-20 07:02 - 2013-08-20 07:02 - 00204568 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2013-08-20 07:02 - 2013-08-20 07:02 - 00103576 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2013-08-19 15:21 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-08-19 13:13 - 2013-08-19 13:13 - 00000000 ____D C:\Users\USER\Documents\Podcast Studio
2013-08-19 13:13 - 2013-08-16 09:33 - 00000000 ____D C:\Users\USER.old\AppData\Roaming\concept design
2013-08-19 12:00 - 2013-08-19 12:00 - 00000000 ____D C:\Program Files (x86)\FRANZIS
2013-08-18 10:12 - 2013-08-18 10:12 - 05054216 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-16 09:33 - 2013-08-16 09:33 - 00000000 ____D C:\Program Files (x86)\concept design
2013-08-14 12:54 - 2013-08-12 19:25 - 00000000 ____D C:\Program Files (x86)\Garmin
2013-08-14 11:51 - 2013-09-08 09:22 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-08-14 11:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-08-14 11:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-14 11:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-14 11:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-08-14 11:48 - 2012-10-31 17:18 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-14 11:48 - 2012-07-26 07:26 - 00000167 _____ C:\Windows\win.ini
2013-08-14 11:44 - 2013-07-09 21:09 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 11:43 - 2012-12-01 18:48 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-12 20:12 - 2013-08-12 20:12 - 00359416 _____ C:\Windows\Minidump\081213-13322-01.dmp
2013-08-12 20:12 - 2013-07-08 16:32 - 551511383 _____ C:\Windows\MEMORY.DMP
2013-08-12 19:25 - 2013-08-12 19:25 - 00000000 ____D C:\Users\USER.old\AppData\Roaming\Garmin
2013-08-12 19:25 - 2013-08-12 19:25 - 00000000 ____D C:\Program Files\DIFX
2013-08-12 19:13 - 2013-06-21 14:12 - 00001257 _____ C:\Users\Public\Desktop\Remote Desktop Manager.lnk
2013-08-10 10:32 - 2013-08-10 10:32 - 00001099 _____ C:\Users\Administrator\Desktop\IntelliTamper.lnk
2013-08-09 17:10 - 2012-10-31 17:12 - 00002113 _____ C:\Users\USER\Desktop\Hris.lnk
2013-08-09 08:17 - 2013-08-09 08:17 - 00343136 _____ C:\Windows\Minidump\080913-9048-01.dmp
Files to move or delete:
====================
C:\Users\USER~1\AppData\Local\Temp\Quarantine.exe
C:\Users\USER.old\AppData\Local\Temp\WaitProgress.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-31 08:31
==================== End Of Log ============================
--- --- --- |
FRST 32-Bit | FRST 64-Bit