DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16635 Run by kayze at 22:59:29 on 2013-07-27 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1979.935 [GMT -4:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\vds.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Windows\system32\wbem\wmiprvse.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\SysWOW64\WerFault.exe C:\Program Files (x86)\Aurora\firefox.exe C:\Program Files (x86)\Aurora\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\taskhost.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://google.com/ mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={22B9319B-BB5F-11E2-83D2-C80AA9B6ED59} uProxyOverride = local uSearchAssistant = hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=US&userid=d4fa43b5-c96d-4eb6-a0d9-6fbcd7953502&searchtype=ds&q={searchTerms}&installDate={installDate} BHO: AutorunsDisabled - BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll uRun: [soundcodecs] "C:\ProgramData\audiofilter0\zpyemhvct.exe" mRun: [soundcodecs] "C:\ProgramData\audiofilter0\zpyemhvct.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 mPolicies-System: SynchronousMachineGroupPolicy = dword:0 mPolicies-System: SynchronousUserGroupPolicy = dword:0 mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:1 TCP: NameServer = 192.168.33.1 TCP: Interfaces\{6887BB8E-8928-4D62-919C-E1F4E5E4F8F0} : DHCPNameServer = 192.168.33.1 TCP: Interfaces\{6887BB8E-8928-4D62-919C-E1F4E5E4F8F0}\14E47454C414F5E4564777F627B6 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{6887BB8E-8928-4D62-919C-E1F4E5E4F8F0}\2656C6B696E6534376 : DHCPNameServer = 192.168.2.1 208.180.42.68 208.180.42.100 TCP: Interfaces\{6887BB8E-8928-4D62-919C-E1F4E5E4F8F0}\46C696E6B6 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{6887BB8E-8928-4D62-919C-E1F4E5E4F8F0}\C696E6B6379737 : DHCPNameServer = 208.180.42.68 208.180.42.100 TCP: Interfaces\{6887BB8E-8928-4D62-919C-E1F4E5E4F8F0}\C696E6B6379737F5F475F593834333 : DHCPNameServer = 208.180.42.68 208.180.42.100 SSODL: WebCheck - mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe x64-Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\kayze\AppData\Roaming\Mozilla\Firefox\Profiles\5p61tx90.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN37453546851872619&UM=2&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - about:home FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll FF - ExtSQL: 2013-06-09 14:06; elemhidehelper@adblockplus.org; C:\Users\kayze\AppData\Roaming\Mozilla\Firefox\Profiles\5p61tx90.default\extensions\elemhidehelper@adblockplus.org.xpi FF - ExtSQL: 2013-06-09 14:49; {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}; C:\Users\kayze\AppData\Roaming\Mozilla\Firefox\Profiles\5p61tx90.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi FF - ExtSQL: 2013-06-09 14:49; adblockpopups@jessehakanen.net; C:\Users\kayze\AppData\Roaming\Mozilla\Firefox\Profiles\5p61tx90.default\extensions\adblockpopups@jessehakanen.net.xpi FF - ExtSQL: 2013-07-15 04:29; {cd617375-6743-4ee8-bac4-fbf10f35729e}; C:\Users\kayze\AppData\Roaming\Mozilla\Firefox\Profiles\5p61tx90.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi FF - ExtSQL: 2013-07-15 11:37; {394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}; C:\Users\kayze\AppData\Roaming\Mozilla\Firefox\Profiles\5p61tx90.default\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B} FF - ExtSQL: 2013-07-21 05:28; personas@christopher.beard; C:\Users\kayze\AppData\Roaming\Mozilla\Firefox\Profiles\5p61tx90.default\extensions\personas@christopher.beard.xpi . ---- FIREFOX POLICIES ---- FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - 2e3fff3600000000000070f1a1a40d3f FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15848 FF - user.js: extensions.delta.vrsn - 1.8.21.5 FF - user.js: extensions.delta.vrsni - 1.8.21.5 FF - user.js: extensions.delta.vrsnTs - 1.8.21.56:55:06 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst srcExt=def FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta_i.babTrack - affID=119549&tt=gc_ FF - user.js: extensions.delta_i.babExt - FF - user.js: extensions.delta_i.srcExt - FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false . ============= SERVICES / DRIVERS =============== . R1 cnnctfy2;Connectify LightWeight Filter;C:\Windows\System32\drivers\cnnctfy2.sys [2012-11-2 31344] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208] R2 HPWMISVC;HPWMISVC;C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-1-18 20480] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-5 418376] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-8-19 25928] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2011-9-8 1225832] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-5 701512] S3 anvsnddrv;AnvSoft Virtual Sound Device;C:\Windows\System32\drivers\anvsnddrv.sys [2012-10-5 33872] S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2013-7-26 36680] S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368] S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-6-19 19032] S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-6-19 12384] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-5-23 19456] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-6-20 42184] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-5-23 57856] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-19 1255736] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120] S4 Connectify;Connectify;C:\Program Files (x86)\Connectify\ConnectifyService.exe [2012-11-2 65536] . =============== Created Last 30 ================ . 2013-07-28 02:51:02 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2013-07-28 02:48:29 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2D65478D-F4C1-4D5F-9B34-502E75C5E8C9}\mpengine.dll 2013-07-28 02:41:16 9460976 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll 2013-07-28 01:30:33 -------- d-----w- C:\Users\kayze\AppData\Local\temp 2013-07-28 01:16:36 98816 ----a-w- C:\Windows\sed.exe 2013-07-28 01:16:36 256000 ----a-w- C:\Windows\PEV.exe 2013-07-28 01:16:36 208896 ----a-w- C:\Windows\MBR.exe 2013-07-28 00:15:29 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-07-28 00:15:29 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-07-28 00:13:00 -------- d-----w- C:\Program Files (x86)\Aurora 2013-07-28 00:01:37 -------- d-----w- C:\Program Files\Adblock Plus for IE 2013-07-27 23:47:16 -------- d-----w- C:\Program Files\Unlocker 2013-07-27 21:48:45 -------- d-----w- C:\Users\kayze\AppData\Roaming\uTorrent 2013-07-27 20:40:21 -------- d-----w- C:\Users\kayze\AppData\Roaming\ParetoLogic 2013-07-27 20:40:21 -------- d-----w- C:\Users\kayze\AppData\Roaming\DriverCure 2013-07-27 20:40:08 -------- d-----w- C:\ProgramData\ParetoLogic 2013-07-27 05:17:25 -------- d-----w- C:\Windows\ERUNT 2013-07-27 05:04:58 81920 ----a-w- C:\Windows\eSellerateControl350.dll 2013-07-27 05:04:58 356352 ----a-w- C:\Windows\eSellerateEngine.dll 2013-07-27 05:04:58 274432 ----a-w- C:\Windows\SysWow64\ssleay32.dll 2013-07-27 05:04:58 1122304 ----a-w- C:\Windows\SysWow64\libeay32.dll 2013-07-27 05:04:58 -------- d-----w- C:\Program Files (x86)\Win 32. Betabot Removal Tool 2013-07-27 03:11:49 36680 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2013-07-27 00:54:18 -------- d-----w- C:\Users\kayze\AppData\Roaming\Xilisoft 2013-07-27 00:54:10 -------- d-sh--w- C:\ProgramData\audiofilter0 2013-07-27 00:50:17 -------- d-----w- C:\Program Files (x86)\Xilisoft 2013-07-27 00:24:15 -------- d-----w- C:\Users\kayze\AppData\Local\Apple Computer 2013-07-27 00:23:11 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-07-27 00:22:19 -------- d-----w- C:\Users\kayze\AppData\Local\Apple 2013-07-24 10:44:24 -------- d-----w- C:\Users\kayze\.mobione 2013-07-24 10:04:27 -------- d-----w- C:\Users\kayze\AppData\Local\MobiOne Studio 2013-07-23 04:25:00 -------- d-----w- C:\Program Files\CoolPic - Fun Social Pictures 2013-07-21 09:51:19 -------- d-----w- C:\Users\kayze\AppData\Roaming\mkvtoolnix 2013-07-21 04:40:21 -------- d-----w- C:\Program Files (x86)\MKVToolNix 2013-07-17 11:17:20 -------- d-----w- C:\Program Files (x86)\Bethesda Softworks 2013-07-17 11:11:58 -------- d-----w- C:\Users\kayze\AppData\Roaming\Mp3tag 2013-07-17 10:16:55 -------- d-----w- C:\Program Files (x86)\Mp3tag 2013-07-16 07:57:45 -------- d-----w- C:\Users\kayze\AppData\Roaming\Rovio Entertainment Ltd 2013-07-15 23:02:37 -------- d-----w- C:\Users\kayze\AppData\Roaming\Foxit Software 2013-07-12 13:39:19 -------- d-----w- C:\Users\kayze\AppData\Roaming\cYo 2013-07-12 13:39:19 -------- d-----w- C:\Users\kayze\AppData\Local\cYo 2013-07-12 13:18:48 -------- d-----w- C:\CBR 2013-07-12 09:41:30 -------- d-----w- C:\GTK 2013-07-12 07:45:41 -------- d-----w- C:\Users\kayze\AppData\Roaming\tor 2013-07-12 07:44:41 -------- d-----w- C:\Users\kayze\AppData\Local\Vidalia 2013-07-12 07:06:36 -------- d-----w- C:\Holotable 2013-07-10 08:49:15 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll 2013-07-10 08:49:15 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll 2013-07-10 08:49:15 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll 2013-07-10 08:49:15 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll 2013-07-10 08:49:15 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll 2013-07-10 08:49:15 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll 2013-07-10 08:49:15 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll 2013-07-10 08:49:08 624128 ----a-w- C:\Windows\System32\qedit.dll 2013-07-10 08:49:08 509440 ----a-w- C:\Windows\SysWow64\qedit.dll 2013-07-10 08:49:08 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-07-10 08:49:07 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2013-07-10 08:49:02 1643520 ----a-w- C:\Windows\System32\DWrite.dll 2013-07-10 08:49:02 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-07-10 08:48:59 3153920 ----a-w- C:\Windows\System32\win32k.sys 2013-07-10 08:48:49 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2013-07-10 08:48:49 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2013-07-10 08:47:14 -------- d-----w- C:\Users\kayze\AppData\Roaming\PowerISO 2013-07-10 08:44:38 127384 ----a-w- C:\Windows\System32\drivers\scdemu.sys 2013-07-10 08:44:38 -------- d-----w- C:\Program Files (x86)\PowerISO 2013-07-10 06:14:02 -------- d-----w- C:\Program Files\ComicRack 2013-07-03 22:41:34 -------- d-----w- C:\Users\kayze\AppData\Local\ElevatedDiagnostics 2013-06-30 20:53:53 -------- d-----w- C:\Program Files\Media Preview 2013-06-30 20:53:53 -------- d-----w- C:\Program Files (x86)\Media Preview 2013-06-30 20:45:05 206336 ----a-w- C:\Windows\System32\unrar64.dll 2013-06-30 20:45:05 148992 ----a-w- C:\Windows\System32\lagarith.dll 2013-06-30 20:45:04 127488 ----a-w- C:\Windows\System32\ff_vfw.dll 2013-06-30 20:45:02 -------- d-----w- C:\Program Files\K-Lite Codec Pack x64 2013-06-30 20:23:23 -------- d-----w- C:\Program Files\Icaros 2013-06-30 20:05:15 -------- d-----w- C:\Program Files\DivX 2013-06-30 20:02:16 -------- d-----w- C:\ProgramData\DivX 2013-06-29 23:56:34 112640 ----a-w- C:\Windows\SysWow64\ff_vfw.dll 2013-06-29 23:56:32 -------- d-----w- C:\Program Files (x86)\ffdshow . ==================== Find3M ==================== . 2013-06-23 13:56:33 82816 ----a-w- C:\Users\kayze\AppData\Roaming\pcouffin.sys 2013-06-21 01:09:46 42184 ----a-w- C:\Windows\System32\drivers\taphss6.sys 2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-05-29 02:43:27 149 ----a-w- C:\Users\kayze\AppData\Roaming\uninstall.bat 2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll 2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe 2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll 2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll 2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll 2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-05-08 06:10:12 770384 ----a-w- C:\Windows\SysWow64\msvcr100.dll 2013-05-08 06:10:12 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll 2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe . ============= FINISH: 23:00:05.99 ===============