DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK Internet Explorer: 10.0.9200.16618 Run by Philipp_T_Eirich at 13:29:32 on 2013-06-30 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8142.6009 [GMT -5:00] . AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\Explorer.EXE C:\windows\system32\ctfmon.exe C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe C:\windows\system32\notepad.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe C:\windows\system32\prevhost.exe C:\Windows\SysWOW64\prevhost.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll BHO: File Sanitizer for HP ProtectTools: {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll BHO: WsftpBrowserHelper Class: {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files (x86)\Ipswitch\WS_FTP Pro\wsbho2k0.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ips\ipsbho.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Adobe Acrobat Create PDF Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - uRun: [GM4IE] C:\Program Files (x86)\GM4IE\gm4ie.exe uRun: [NETGEARGenie] "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect uRun: [Google Update] "C:\Users\Philipp_T_Eirich\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [Gadwin PrintScreen] "C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash uRun: [Akamai NetSession Interface] "C:\Users\Philipp_T_Eirich\AppData\Local\Akamai\netsession_win.exe" mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe mRun: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [THGuard] "C:\Program Files (x86)\TrojanHunter 5.3\THGuard.exe" mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe mRun: [Matrox PowerDesk SE] "C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe" mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup mRun: [IFXSPMGT] "C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun: [HPQuickWebProxy] "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe mRun: [File Sanitizer] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent StartupFolder: C:\Users\PHILIP~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\BUFFAL~1.LNK - C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe StartupFolder: C:\Users\PHILIP~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\NASSCH~1.LNK - C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INTUIT~1.LNK - C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MAILWA~1.LNK - C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll IE: {38E51477-DDB4-4aed-9D61-D0C193E10749} - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\SoundTaxi\YouTubeRipper.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm LSP: C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll DPF: {0AD584EB-F10F-46F7-BCB8-1085C386BEAE} - hxxps://merchantaccount.quickbooks.com/recurchrg/IntuitRecurPayCom2009.cab DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab DPF: {5C709EEC-DDE1-4738-8E57-7564E2637891} - hxxps://merchantaccount.quickbooks.com/sync/QBMASSyncCom1_2009.cab DPF: {6C6E003B-9B8C-4CE9-A1D5-A8E3AF0D651A} - hxxps://www.videoalert.net/veCamitX.cab DPF: {788539E8-002D-4E59-9089-40B694A99C9A} - hxxps://merchantaccount.quickbooks.com/sync/QBMASSyncCom2_2008.cab TCP: NameServer = 192.168.2.1 TCP: Interfaces\{337444DD-8CC2-4F95-920F-490C0B182F21} : NameServer = 8.8.8.8,8.8.4.4 TCP: Interfaces\{337444DD-8CC2-4F95-920F-490C0B182F21} : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{70D77247-7959-44DF-8C52-F7FBBF2143B4}\3344255687F52456C6B696E6F5E413F565963796F6E6 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{70D77247-7959-44DF-8C52-F7FBBF2143B4}\3344D22556870255C6472716 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{70D77247-7959-44DF-8C52-F7FBBF2143B4}\3344D2255687028497075627 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{70D77247-7959-44DF-8C52-F7FBBF2143B4}\3344D2255687F534963736F6 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{70D77247-7959-44DF-8C52-F7FBBF2143B4}\3344D2255687F534963736F6F5548545 : DHCPNameServer = 192.168.0.143 TCP: Interfaces\{70D77247-7959-44DF-8C52-F7FBBF2143B4}\64259445A51224F6870264F6E60275C414E40273137303 : DHCPNameServer = 192.168.178.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Notify: DeviceNP - DeviceNP.dll SSODL: WebCheck - LSA: Notification Packages = DPPassFilter EpePcNp64 scecli LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp msoidssp x64-mWinlogon: Userinit = C:\windows\System32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL x64-Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet x64-Run: [Logitech Download Assistant] C:\windows\System32\rundll32.exe C:\windows\System32\LogiLDA.dll,LogiFetch x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE x64-Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden x64-Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-RunOnce: [BrowserChoice] browserchoice.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll x64-Notify: WB - C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\fast64.dll x64-SSODL: WebCheck - x64-STS: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - x64-STS: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Philipp_T_Eirich\AppData\Roaming\Mozilla\Firefox\Profiles\99tfu3q6.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z139&form=ZGAADF&install_date=20110812&q= FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101710.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll FF - plugin: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll FF - plugin: C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll FF - plugin: C:\Users\Philipp_T_Eirich\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-06-05 21:55; {FCE04E1F-9378-4f39-96F6-5689A9159E45}; C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext . ---- FIREFOX POLICIES ---- FF - user.js: general.useragent.extra.brc - . FF - user.js: extensions.autoDisableScopes - 14 FF - user.js: security.csp.enable - false . FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 FF - user.js: browser.sessionstore.resume_session_once - true FF - user.js: browser.sessionstore.resume_session_once - true FF - user.js: browser.sessionstore.resume_session_once - true . ============= SERVICES / DRIVERS =============== . R0 MfeEpePc;MfeEpePc;C:\windows\System32\drivers\MfeEpePc.sys [2011-3-29 168008] R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2011-5-6 55856] R0 SymDS;Symantec Data Store;C:\windows\System32\drivers\N360x64\1404000.028\symds64.sys [2013-6-7 493656] R0 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\N360x64\1404000.028\symefa64.sys [2013-6-7 1139800] R1 PersonalSecureDrive;PersonalSecureDrive;C:\windows\System32\drivers\psd.sys [2011-8-16 44576] R3 johci;JMicron 1394 Filter Driver;C:\windows\System32\drivers\johci.sys [2011-2-9 26712] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-10 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248] S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130620.001\BHDrvx64.sys [2013-6-24 1393240] S1 ccSet_N360;Norton 360 Settings Manager;C:\windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys [2013-6-7 169048] S1 ElRawDisk;ElRawDisk;C:\windows\System32\drivers\rsdrvx64.sys [2012-8-14 26024] S1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130627.001\IDSviA64.sys [2013-6-28 513184] S1 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\N360x64\1404000.028\ironx64.sys [2013-6-7 224416] S1 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\drivers\N360x64\1404000.028\symnets.sys [2013-6-7 433752] S2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-8-16 89600] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 DymoPnpService;DYMO PnP Service;C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2013-3-5 33072] S2 EMP_NSWLSV;EMP_NSWLSV;C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2\EMP_NSWLSV.exe [2013-6-7 147968] S2 EMP_QWSA;EMP_QWSA;C:\Program Files (x86)\EPSON Projector\Quick Wireless Connection V1.32\EMP_QWSA.exe [2013-6-7 102400] S2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-3-17 132152] S2 HPDayStarterService;HP DayStarter Service;C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-1-28 133688] S2 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-5-9 320512] S2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2011-7-6 1698360] S2 hpsrv;HP Service;C:\windows\System32\hpservice.exe [2011-5-13 30520] S2 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2012-12-12 87368] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-5 13336] S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944] S2 L4301_Solar;Logitech Solar Keyboard Service;C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [2010-10-26 403536] S2 LytroService;Lytro Desktop Application Service;C:\Program Files (x86)\Lytro\lytroservice.exe [2012-10-6 209024] S2 Matrox.Pdesk.ServicesHost;Matrox.Pdesk.ServicesHost;C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe [2008-12-3 323840] S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-3-29 1318912] S2 msoidsvc;Microsoft Online Services Sign-in Assistant;C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2012-5-17 2079520] S2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccsvchst.exe [2013-6-7 144368] S2 NasPmService;NAS PM Service;C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe -Service_Execute -dcyc=60 -dto=3 -dluc=0 -dmin=1 -dmax=60 -dflc=0 -apc=0 -log=0 -pm=1 -pall=1 -phttp=0 -pbc=0 -ppro=0 -pcyc=0 -pmin=1 -pmax=60 -pflc=0 --> C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe -Service_Execute -dcyc=60 -dto=3 -dluc=0 -dmin=1 -dmax=60 -dflc=0 -apc=0 -log=0 -pm=1 -pall=1 -phttp=0 -pbc=0 -ppro=0 -pcyc=0 -pmin=1 -pmax=60 -pflc=0 [?] S2 NETGEARGenieDaemon;NETGEARGenieDaemon;C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [2013-4-7 232192] S2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2012-1-31 66560] S2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-3-13 1872568] S2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-1-10 167424] S2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-5-6 1128952] S2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-5-6 113264] S2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2012-12-23 1248256] S2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Belkin\F9L1103\v1\Common\RaRegistry.exe [2012-1-12 374112] S2 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Belkin\F9L1103\v1\Common\RaRegistry64.exe [2012-1-12 451936] S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-4-16 39056] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-3-1 161384] S2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-8 4150112] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-12-8 2028864] S2 uArcCapture;ArcCapture;C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe [2011-8-5 502464] S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-8-5 2656280] S2 vcsFPService;Validity VCS Fingerprint Service;C:\windows\System32\vcsFPService.exe [2011-3-24 3161904] S2 VideoAcceleratorService;VideoAcceleratorService;C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe -start -scm --> C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe -start -scm [?] S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;C:\windows\System32\drivers\ArcSoftVCapture.sys [2011-8-5 32192] S3 btwampfl;Bluetooth AMP USB Filter;C:\windows\System32\drivers\btwampfl.sys [2011-8-5 344616] S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2011-8-5 39464] S3 CDVDService;CDVDService;"C:\Program Files (x86)\1Step DVD Copy\CDVDService.exe" --> C:\Program Files (x86)\1Step DVD Copy\CDVDService.exe [?] S3 DAMDrv;DAMDrv;C:\windows\System32\drivers\DAMDrv64.sys [2011-3-3 63336] S3 EMP_MIRRNP;EMP_MIRRNP;C:\windows\System32\drivers\EMP_MirrNP.sys [2013-6-7 5632] S3 EMP_MIRRQW;EMP_MIRRQW;C:\windows\System32\drivers\EMP_MirrQW.sys [2013-6-7 5632] S3 EPPVAD2_simple;EPSON Projector ENP Audio Device;C:\windows\System32\drivers\EMP_NSAU.sys [2013-6-7 23040] S3 EPPVADQW_simple;EPSON Projector QW Audio Device;C:\windows\System32\drivers\EMP_QWAU.sys [2013-6-7 23040] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-1-26 138912] S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;C:\Windows\SysWOW64\flcdlock.exe [2011-3-7 464512] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-8-12 1038088] S3 GSService;GSService;C:\Windows\SysWOW64\GSService.exe [2011-8-12 122880] S3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-5-23 1098296] S3 HTCAND64;HTC Device Driver;C:\windows\System32\drivers\ANDROIDUSB.sys [2009-11-1 33736] S3 htcnprot;HTC NDIS Protocol Driver;C:\windows\System32\drivers\htcnprot.sys [2010-6-25 36928] S3 ivusb;Initio Driver for USB Default Controller;C:\windows\System32\drivers\ivusb.sys [2010-7-29 29720] S3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2011-3-8 174680] S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\windows\System32\drivers\LEqdUsb.sys [2009-6-17 74256] S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\windows\System32\drivers\LHidEqd.sys [2009-6-17 13328] S3 libusb0;libusb-win32 - Kernel Driver 10/02/2010 1.2.2.0;C:\windows\System32\drivers\libusb0.sys [2012-3-7 43456] S3 MHIKEY10;MHIKEY10;C:\windows\System32\drivers\MHIKEY10x64.sys [2010-9-15 60288] S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\windows\System32\drivers\nx6000.sys [2010-5-20 36720] S3 RGService;RGService;C:\Program Files (x86)\GetRadio\RGService.exe [2011-8-12 385024] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2011-2-15 1116656] S3 SMServer;SMServer;C:\Windows\SysWOW64\snmvtsvc.exe [2011-8-12 245760] S3 SndTAudio;SndTAudio;C:\windows\System32\drivers\SndTAudio.sys [2011-8-12 34040] S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 STSService;STSService;C:\Program Files (x86)\SoundTaxi Media Suite\STSService.exe [2011-2-16 385024] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2011-8-14 59392] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-7-7 11856] S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-8-14 1255736] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 59744] S4 RsFx0151;RsFx0151 Driver;C:\windows\System32\drivers\RsFx0151.sys [2011-6-17 313696] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-6-17 431456] . =============== Created Last 30 ================ . 2013-06-30 15:41:45 65536 ---hatw- C:\~archive_outlook_philipp_personal_2011_0728.pst.tmp 2013-06-30 09:03:25 -------- d-----w- C:\MGtools 2013-06-30 08:52:28 -------- d-----w- C:\Program Files\HitmanPro 2013-06-30 08:50:50 -------- d-----w- C:\ProgramData\HitmanPro 2013-06-30 08:40:47 -------- d-----w- C:\Users\Philipp_T_Eirich\AppData\Roaming\Malwarebytes 2013-06-30 08:40:37 25928 ----a-w- C:\windows\System32\drivers\mbam.sys 2013-06-30 08:40:37 -------- d-----w- C:\ProgramData\Malwarebytes 2013-06-30 08:40:37 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-06-29 23:06:28 -------- d-----w- C:\FRST 2013-06-28 10:35:14 294912 ----a-w- C:\windows\System32\browserchoice.exe 2013-06-21 16:57:51 -------- d-----w- C:\Users\Philipp_T_Eirich\AppData\Roaming\SolidDocuments 2013-06-19 21:18:51 -------- d-----w- C:\Users\Philipp_T_Eirich\AppData\Local\Akamai 2013-06-12 08:09:57 1887232 ----a-w- C:\windows\System32\d3d11.dll 2013-06-12 08:09:57 1505280 ----a-w- C:\windows\SysWow64\d3d11.dll 2013-06-09 14:16:22 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-06-09 14:16:22 -------- d-----w- C:\Program Files\iTunes 2013-06-09 14:16:22 -------- d-----w- C:\Program Files\iPod 2013-06-09 14:16:22 -------- d-----w- C:\Program Files (x86)\iTunes 2013-06-08 04:54:01 493656 ----a-w- C:\windows\System32\drivers\N360x64\1404000.028\symds64.sys 2013-06-08 04:54:01 433752 ----a-w- C:\windows\System32\drivers\N360x64\1404000.028\symnets.sys 2013-06-08 04:54:01 23448 ----a-r- C:\windows\System32\drivers\N360x64\1404000.028\symelam.sys 2013-06-08 04:54:01 1139800 ----a-w- C:\windows\System32\drivers\N360x64\1404000.028\symefa64.sys 2013-06-08 04:54:00 796760 ----a-w- C:\windows\System32\drivers\N360x64\1404000.028\srtsp64.sys 2013-06-08 04:54:00 36952 ----a-w- C:\windows\System32\drivers\N360x64\1404000.028\srtspx64.sys 2013-06-08 04:54:00 224416 ----a-w- C:\windows\System32\drivers\N360x64\1404000.028\ironx64.sys 2013-06-08 04:54:00 169048 ----a-w- C:\windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys 2013-06-08 04:53:39 -------- d-----w- C:\windows\System32\drivers\N360x64\1404000.028 2013-06-07 20:40:56 -------- d-----w- C:\Program Files (x86)\Common Files\EPSON Projector 2013-06-07 20:40:18 5632 ----a-w- C:\windows\System32\drivers\EMP_MirrNP.sys 2013-06-07 20:40:18 23040 ----a-w- C:\windows\System32\drivers\EMP_NSAU.sys 2013-06-07 20:40:18 15360 ----a-w- C:\windows\System32\EMP_MirrNP.dll 2013-06-07 20:36:23 5632 ----a-w- C:\windows\System32\drivers\EMP_MirrQW.sys 2013-06-07 20:36:23 23040 ----a-w- C:\windows\System32\drivers\EMP_QWAU.sys 2013-06-07 20:36:23 15360 ----a-w- C:\windows\System32\EMP_MirrQW.dll 2013-06-07 20:36:23 -------- d-----w- C:\ProgramData\SEIKO EPSON CORPORATION 2013-06-07 20:36:22 -------- d-----w- C:\Program Files (x86)\EPSON Projector 2013-06-07 20:32:04 -------- d-----w- C:\Program Files (x86)\epson 2013-06-07 01:05:55 -------- d-----w- C:\ProgramData\SPEEDbit 2013-06-06 02:59:44 -------- d-----w- C:\Program Files (x86)\SpeedBit Video Accelerator 2013-06-06 02:56:19 -------- d-----w- C:\Users\Philipp_T_Eirich\AppData\Roaming\RealNetworks 2013-06-06 02:55:13 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared 2013-06-02 21:58:43 -------- d-----w- C:\ProgramData\AirParrot 2013-06-02 21:58:42 -------- d-----w- C:\Users\Philipp_T_Eirich\AppData\Local\AirParrot 2013-06-02 21:58:32 -------- d-----w- C:\Program Files\AirParrot 2013-06-02 20:12:59 -------- d-----w- C:\Users\Philipp_T_Eirich\AppData\Roaming\Seas0nPass . ==================== Find3M ==================== . 2013-06-17 22:15:16 177312 ----a-w- C:\windows\System32\drivers\SYMEVENT64x86.SYS 2013-06-12 16:30:17 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-12 16:30:17 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2013-06-12 16:30:11 9089416 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe 2013-06-06 02:54:49 499712 ----a-w- C:\windows\SysWow64\msvcp71.dll 2013-06-06 02:54:49 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll 2013-06-04 17:18:11 96784 ----a-w- C:\windows\SysWow64\packet.dll 2013-06-04 17:18:11 369168 ----a-w- C:\windows\System32\wpcap.dll 2013-06-04 17:18:11 35344 ----a-w- C:\windows\System32\drivers\npf.sys 2013-06-04 17:18:11 281104 ----a-w- C:\windows\SysWow64\wpcap.dll 2013-06-04 17:18:11 106000 ----a-w- C:\windows\System32\packet.dll 2013-05-14 19:44:01 83 ----a-w- C:\windows\SysWow64\gpupdate.bin 2013-05-13 05:51:01 184320 ----a-w- C:\windows\System32\cryptsvc.dll 2013-05-13 05:51:00 1464320 ----a-w- C:\windows\System32\crypt32.dll 2013-05-13 05:51:00 139776 ----a-w- C:\windows\System32\cryptnet.dll 2013-05-13 05:50:40 52224 ----a-w- C:\windows\System32\certenc.dll 2013-05-13 04:45:55 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll 2013-05-13 04:45:55 1160192 ----a-w- C:\windows\SysWow64\crypt32.dll 2013-05-13 04:45:55 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll 2013-05-13 03:43:55 1192448 ----a-w- C:\windows\System32\certutil.exe 2013-05-13 03:08:10 903168 ----a-w- C:\windows\SysWow64\certutil.exe 2013-05-13 03:08:06 43008 ----a-w- C:\windows\SysWow64\certenc.dll 2013-05-10 05:49:27 30720 ----a-w- C:\windows\System32\cryptdlg.dll 2013-05-10 03:20:54 24576 ----a-w- C:\windows\SysWow64\cryptdlg.dll 2013-05-08 06:39:01 1910632 ----a-w- C:\windows\System32\drivers\tcpip.sys 2013-05-01 08:59:12 94208 ----a-w- C:\windows\SysWow64\QuickTimeVR.qtx 2013-05-01 08:59:12 69632 ----a-w- C:\windows\SysWow64\QuickTime.qts 2013-04-26 05:51:36 751104 ----a-w- C:\windows\System32\win32spl.dll 2013-04-26 04:55:21 492544 ----a-w- C:\windows\SysWow64\win32spl.dll 2013-04-17 07:02:06 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll 2013-04-17 06:24:46 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll 2013-04-13 05:49:23 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll 2013-04-12 14:45:08 1656680 ----a-w- C:\windows\System32\drivers\ntfs.sys 2013-04-10 06:01:54 265064 ----a-w- C:\windows\System32\drivers\dxgmms1.sys 2013-04-10 06:01:53 983400 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys 2013-04-10 03:30:50 3153920 ----a-w- C:\windows\System32\win32k.sys . ============= FINISH: 13:29:48.38 ===============