DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.17207 Run by User at 15:11:35 on 2014-07-28 Microsoft Windows 7 Home Premium 6.1.7601.1.1250.48.1045.18.3882.1697 [GMT 2:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\WLANExt.exe C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\ProgramData\DatacardService\HWDeviceService64.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files (x86)\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\Common Files\YDP\UserAccessManager\useraccess.exe C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Hostless Modem\Router Wi-Fi Movil\CheckNDISPort_df.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\UI0Detect.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Elantech\ETDCtrlHelper.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe C:\Program Files (x86)\Opera\23.0.1522.60\opera_crashreporter.exe C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\webget\bin\utilwebget.exe C:\Program Files (x86)\webget\bin\webget.PurBrowse64.exe C:\Program Files (x86)\webget\updatewebget.exe C:\Program Files (x86)\webget\bin\webget.BrowserAdapter.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe C:\Users\User\Downloads\rf0dri1h.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://rts.dsrlte.com mWinlogon: Userinit = userinit.exe BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll uRun: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver uRun: [VoipCheapCom] "C:\Program Files (x86)\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized uRun: [uTorrent] "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [CheckNDISPortf0ac62] C:\Program Files (x86)\Hostless Modem\Router Wi-Fi Movil\CheckNDISPort_df.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{340BE65B-7621-4B0B-B0F9-DBCCD8D70887}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: NameServer = 62.179.1.63 62.179.1.62 TCP: Interfaces\{26CB0BB9-4318-45CA-A920-0CB1E21BD224} : DHCPNameServer = 172.20.10.1 TCP: Interfaces\{2AAD58BF-C239-4808-B4EA-3FF14F15B953} : NameServer = 89.108.195.21 89.108.202.21 TCP: Interfaces\{94817EB6-1E10-4766-BBE9-3A2CDDAEB93A} : NameServer = 89.108.202.20 89.108.195.20 TCP: Interfaces\{A003D4CA-C8C4-484F-9B67-BA27B7897B13} : DHCPNameServer = 172.20.10.1 TCP: Interfaces\{C73BBC24-F0D4-4BB9-9785-B5BD0A76C962} : DHCPNameServer = 192.168.1.1 192.168.1.1 TCP: Interfaces\{D1AF8FCC-B7B7-4BD6-8E06-F66CE4F8DB87} : DHCPNameServer = 62.179.1.63 62.179.1.62 TCP: Interfaces\{D1AF8FCC-B7B7-4BD6-8E06-F66CE4F8DB87}\3427560756370284F6473507F647 : DHCPNameServer = 192.168.7.1 TCP: Interfaces\{D1AF8FCC-B7B7-4BD6-8E06-F66CE4F8DB87}\55053403033373639333 : DHCPNameServer = 62.179.1.63 62.179.1.62 TCP: Interfaces\{D1AF8FCC-B7B7-4BD6-8E06-F66CE4F8DB87}\D616A61616D656C6B616 : DHCPNameServer = 192.168.1.1 192.168.1.1 Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - IFEO: bitguard.exe - tasklist.exe IFEO: bprotect.exe - tasklist.exe IFEO: bpsvc.exe - tasklist.exe IFEO: browserdefender.exe - tasklist.exe IFEO: browserprotect.exe - tasklist.exe x64-BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe x64-Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - x64-IFEO: bitguard.exe - tasklist.exe x64-IFEO: bprotect.exe - tasklist.exe x64-IFEO: bpsvc.exe - tasklist.exe x64-IFEO: browserdefender.exe - tasklist.exe x64-IFEO: browserprotect.exe - tasklist.exe . Note: multiple IFEO entries found. Please refer to Attach.txt . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\00yu86b5.default\ FF - prefs.js: browser.startup.homepage - www.google.pl FF - prefs.js: keyword.URL - FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll FF - plugin: C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll FF - plugin: C:\Users\User\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll FF - plugin: C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll . ---- FIREFOX POLICIES ---- . user_pref(extensions.autoDisableScopes,14); ============= SERVICES / DRIVERS =============== . R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-12-21 25960] R1 {55685567-4840-4a91-962b-49a412e9485a}w64;{55685567-4840-4a91-962b-49a412e9485a}w64;C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys [2014-6-3 61112] R1 {9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64;{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64;C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys [2014-5-19 61112] R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622;C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc1.cfg [2014-5-9 36224] R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\Windows\System32\drivers\SABI.sys [2013-12-21 13824] R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976] R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-12-21 2320920] R2 Update webget;Update webget;C:\Program Files (x86)\webget\updatewebget.exe [2014-5-18 321816] R2 Util webget;Util webget;C:\Program Files (x86)\webget\bin\utilwebget.exe [2014-5-19 321816] R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-11-12 138024] R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344] R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2013-12-23 90112] R3 IntcDAud;Intel(R) Audio dla ekranów;C:\Windows\System32\drivers\IntcDAud.sys [2010-8-30 289280] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] S2 PLAY ONLINE. RunOuc;PLAY ONLINE. OUC;C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [2013-12-23 246112] S2 SafetyNutManager;SafetyNut Manager;C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe --> C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe [?] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2013-12-23 117248] S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2013-12-23 13952] S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2013-12-23 104448] S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\drivers\ew_juextctrl.sys [2013-12-23 30720] S3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\drivers\ew_juwwanecm.sys [2013-12-23 229376] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-8 111616] S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-4-9 289256] S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-8-6 23040] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2013-3-18 54784] S3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-1-5 1255736] . =============== File Associations =============== . ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1" . =============== Created Last 30 ================ . 2014-07-28 02:56:14 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{402265E3-B59A-470E-B20C-439941C917B3}\offreg.dll 2014-07-25 20:29:40 -------- d-----w- C:\Program Files\Adblock Plus for IE 2014-07-25 20:29:33 -------- d-----w- C:\ProgramData\Package Cache 2014-07-25 11:40:36 10924376 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{402265E3-B59A-470E-B20C-439941C917B3}\mpengine.dll 2014-07-16 19:03:59 -------- d-----w- C:\Users\User\AppData\Roaming\Opera Software 2014-07-16 19:03:59 -------- d-----w- C:\Users\User\AppData\Local\Opera Software 2014-07-16 18:52:49 -------- d-----w- C:\Users\User\AppData\Local\WorldofTanks 2014-07-08 21:35:06 1719296 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL 2014-07-08 21:35:06 1380864 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll 2014-07-08 21:35:05 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2014-07-08 21:35:05 1389568 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll 2014-07-08 21:35:05 1354240 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2014-07-08 21:35:04 624128 ----a-w- C:\Windows\System32\qedit.dll 2014-07-08 21:35:04 509440 ----a-w- C:\Windows\SysWow64\qedit.dll 2014-07-08 21:35:01 1247232 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll 2014-07-08 21:35:00 3157504 ----a-w- C:\Windows\System32\win32k.sys 2014-07-08 21:32:47 1460736 ----a-w- C:\Windows\System32\lsasrv.dll 2014-07-08 21:32:46 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2014-07-08 21:32:46 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2014-07-04 07:12:08 -------- d-----w- C:\ProgramData\OnlineUpdate 2014-07-04 07:12:08 -------- d-----w- C:\ProgramData\log . ==================== Find3M ==================== . 2060-08-18 18:02:32 2023424 ------w- C:\Windows\SysWow64\Vcl50.bpl 2060-08-18 18:02:22 1496064 ------w- C:\Windows\SysWow64\Cc3250mt.dll 2060-08-18 18:02:12 248832 ------w- C:\Windows\SysWow64\Vclx50.bpl 2060-08-18 17:40:44 909824 ------w- C:\Windows\SysWow64\Cp3245mt.dll 2060-08-18 17:40:44 24064 ------w- C:\Windows\SysWow64\Borlndmm.dll 2014-07-08 22:14:24 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-07-08 22:14:24 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2014-06-19 01:06:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-06-19 01:06:24 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-06-19 00:42:57 548352 ----a-w- C:\Windows\System32\vbscript.dll 2014-06-19 00:42:49 66048 ----a-w- C:\Windows\System32\iesetup.dll 2014-06-19 00:41:52 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-06-19 00:41:16 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll 2014-06-19 00:24:30 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-06-19 00:24:12 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-06-19 00:23:53 752640 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-06-19 00:14:28 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-06-18 23:59:04 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-06-18 23:56:37 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2014-06-18 23:51:38 5721088 ----a-w- C:\Windows\System32\jscript9.dll 2014-06-18 23:38:40 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll 2014-06-18 23:37:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll 2014-06-18 23:36:35 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll 2014-06-18 23:35:55 62464 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll 2014-06-18 23:27:45 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll 2014-06-18 23:27:07 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-06-18 23:23:27 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2014-06-18 23:22:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2014-06-18 23:06:10 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll 2014-06-18 22:58:27 2266112 ----a-w- C:\Windows\System32\wininet.dll 2014-06-18 22:52:18 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll 2014-06-18 22:46:23 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll 2014-06-18 22:45:59 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2014-06-18 22:13:59 1791488 ----a-w- C:\Windows\SysWow64\wininet.dll 2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe 2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe 2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll 2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll 2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll 2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll 2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll 2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll 2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll 2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll 2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll 2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll 2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll 2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll 2014-05-30 06:45:52 497152 ----a-w- C:\Windows\System32\drivers\afd.sys 2014-05-26 18:57:16 61112 ----a-w- C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys 2014-05-16 16:34:54 61112 ----a-w- C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys 2014-05-12 18:27:52 0 ---h--w- C:\Windows\nsp163C.tmp 2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll 2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll . ============= FINISH: 15:12:31,49 ===============