DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 10.0.9200.16438 BrowserJavaVersion: 10.10.2 Run by Grabek at 10:00:14 on 2012-12-26 Microsoft Windows 7 Home Premium 6.1.7601.1.1250.48.1045.18.2047.1095 [GMT 1:00] . AV: ESET NOD32 Antivirus 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1} SP: ESET NOD32 Antivirus 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\DllHost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe D:\dysk D\p.naprawa\czyszczenie\MBam\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\AntiLogger\AntiLogger.exe C:\Windows\system32\PrintIsolationHost.exe D:\dysk D\prog.nowe\Realplayer\Update\realsched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Users\Grabek\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe C:\Program Files\Sharp World Clock\Sharp World Clock.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe C:\Windows\notepad.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k WindowsMobile C:\Windows\System32\svchost.exe -k secsvcs . ============== Pseudo HJT Report =============== . uStart Page = hxxp://gazeta.pl/ BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll BHO: FlpLauncher Class: {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - c:\program files\e-book systems\flipalbum 6 pro\FpLaunch.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [IncrediMail] c:\program files\incredimail\bin\IncMail.exe /c uRun: [Google Update] "c:\users\grabek\appdata\local\google\update\GoogleUpdate.exe" /c mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice mRun: [AntiLogger] "c:\program files\antilogger\AntiLogger.exe" /minimized mRun: [TkBellExe] "d:\dysk d\prog.nowe\realplayer\update\realsched.exe" -osboot StartupFolder: c:\users\grabek\appdata\roaming\micros~1\windows\startm~1\programs\startup\worldc~1.lnk - c:\program files\sharp world clock\Sharp World Clock.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:221 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: NameServer = 79.139.16.1 79.139.16.2 TCP: Interfaces\{3DC20C63-FBCE-4639-89F4-5A562B466DA8} : DHCPNameServer = 79.139.16.1 79.139.16.2 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll SSODL: WebCheck - SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\grabek\appdata\roaming\mozilla\firefox\profiles\22cikxu1.default-1355323812796\ FF - prefs.js: browser.startup.homepage - hxxp://www.gazeta.pl/0,0.html FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\update\1.3.21.124\npGoogleUpdate3.dll FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll FF - plugin: c:\users\grabek\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1165635.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1166636.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1167637.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll FF - plugin: d:\dysk d\prog.nowe\quick t.player\plugins\npqtplugin.dll FF - plugin: d:\dysk d\prog.nowe\quick t.player\plugins\npqtplugin2.dll FF - plugin: d:\dysk d\prog.nowe\quick t.player\plugins\npqtplugin3.dll FF - plugin: d:\dysk d\prog.nowe\quick t.player\plugins\npqtplugin4.dll FF - plugin: d:\dysk d\prog.nowe\quick t.player\plugins\npqtplugin5.dll FF - plugin: d:\dysk d\prog.nowe\quick t.player\plugins\npqtplugin6.dll FF - plugin: d:\dysk d\prog.nowe\quick t.player\plugins\npqtplugin7.dll FF - plugin: d:\dysk d\prog.nowe\realplayer\netscape6\nppl3260.dll FF - plugin: d:\dysk d\prog.nowe\realplayer\netscape6\nprpplugin.dll FF - plugin: d:\dysk d\prog.nowe\vlc- player\vlc\npvlc.dll FF - ExtSQL: 2012-12-12 15:09; {34712C68-7391-4c47-94F3-8F88D49AD632}; c:\programdata\realnetworks\realdownloader\browserplugins\firefox\Ext FF - ExtSQL: 2012-12-12 18:52; translator@zoli.bod; c:\users\grabek\appdata\roaming\mozilla\firefox\profiles\22cikxu1.default-1355323812796\extensions\translator@zoli.bod.xpi . ---- FIREFOX POLICIES ---- FF - user.js: network.http.max-connections-per-server - 6 FF - user.js: network.http.max-persistent-connections-per-server - 3 FF - user.js: nglayout.initialpaint.delay - 750 FF - user.js: content.notify.interval - 750000 FF - user.js: content.max.tokenizing.time - 2250000 . ============= SERVICES / DRIVERS =============== . R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2012-5-12 15672] R1 AntiLog32;AntiLog32;c:\windows\system32\drivers\AntiLog32.sys [2012-12-20 81720] R1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2012-11-16 169120] R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2012-11-16 913184] R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2012-3-14 103112] R2 MBAMScheduler;MBAMScheduler;d:\dysk d\p.naprawa\czyszczenie\mbam\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-11 399432] R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-10-2 382824] R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files\avg\avg pc tuneup\TuneUpUtilitiesService32.exe [2012-8-23 1532280] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-4 22856] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2012-1-10 187392] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\avg\avg pc tuneup\TuneUpUtilitiesDriver32.sys [2012-7-4 10088] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 MBAMService;MBAMService;d:\dysk d\p.naprawa\czyszczenie\mbam\malwarebytes' anti-malware\mbamservice.exe [2012-9-11 676936] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-10-24 14848] S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-10-2 27192] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-10-24 49664] S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-10-24 27136] S3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\wat\WatAdminSvc.exe [2012-1-3 1343400] . =============== File Associations =============== . FileExt: .cmd: cmdfile=c:\windows\system32\NOTEPAD.EXE %1 [default=edit - 'Open' doesn't exist] FileExt: .vbe: VBEFile=NOTEPAD.EXE FileExt: .vbs: VBSFile=NOTEPAD.EXE FileExt: .js: JSFile=NOTEPAD.EXE FileExt: .jse: JSEFile=NOTEPAD.EXE FileExt: .wsf: WSFFile=NOTEPAD.EXE . =============== Created Last 30 ================ . 2012-12-25 17:58:21 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{09a66012-207b-4bbc-8185-4b1a627b67b3}\mpengine.dll 2012-12-23 16:45:28 262704 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2012-12-22 19:13:15 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-12-21 16:09:13 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-21 16:09:13 295424 ----a-w- c:\windows\system32\atmfd.dll 2012-12-20 21:16:45 40960 ----a-w- c:\windows\system32\akprogressbar.ocx 2012-12-20 21:16:44 90112 ----a-w- c:\windows\system32\kcommobj.ocx 2012-12-20 21:16:44 90112 ----a-w- c:\windows\system32\dgwaveedit.ocx 2012-12-20 21:16:44 69632 ----a-w- c:\windows\system32\webupdate.ocx 2012-12-20 21:16:44 619008 ----a-w- c:\windows\system32\dx7vb.dll 2012-12-20 21:16:44 151552 ----a-w- c:\windows\system32\dxvumeter3.ocx 2012-12-20 21:16:44 143360 ----a-w- c:\windows\system32\unzip32.dll 2012-12-20 21:16:44 133120 ----a-w- c:\windows\system32\zip32.dll 2012-12-20 21:16:44 1227264 ----a-w- c:\windows\system32\dx8vb.dll 2012-12-20 20:18:19 -------- dc-h--w- c:\programdata\{A62AB9D5-FDCF-49B1-9F0A-F80A3E614529} 2012-12-20 17:35:53 -------- d-----w- c:\users\grabek\appdata\local\Zemana 2012-12-20 17:35:51 -------- d-----w- c:\program files\AntiLogger 2012-12-20 16:56:02 81720 ----a-w- c:\windows\system32\drivers\AntiLog32.sys 2012-12-17 19:45:06 -------- d-----w- c:\users\grabek\appdata\roaming\IBKPRO 2012-12-13 15:39:46 2706432 ----a-w- c:\windows\system32\mshtml.tlb 2012-12-12 18:38:13 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 2012-12-12 14:11:21 -------- d-----w- c:\programdata\Symantec 2012-12-12 14:11:12 -------- d-----w- c:\programdata\Norton 2012-12-12 14:11:10 -------- d-----w- c:\programdata\NortonInstaller 2012-12-12 14:09:49 -------- d-----w- c:\program files\RealNetworks 2012-12-12 14:09:46 -------- d-----w- c:\programdata\RealNetworks 2012-12-12 14:07:58 -------- d-----w- c:\users\grabek\appdata\local\Real 2012-12-09 12:15:41 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-11-28 15:00:58 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-11-28 15:00:58 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe . ==================== Find3M ==================== . 2012-12-16 21:55:25 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-12-16 21:55:25 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-12-12 14:08:59 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-12-12 14:08:59 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-11-22 02:56:02 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-11-16 12:56:48 169120 ----a-w- c:\windows\system32\drivers\eamonm.sys 2012-11-14 21:59:27 6078 ----a-w- c:\windows\system32\cleartmp.cmd 2012-11-13 20:21:05 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2012-11-11 20:57:30 39904 ----a-w- c:\windows\system32\dischandler.exe 2012-11-11 17:42:32 3915776 ----a-w- c:\windows\system32\ffmpeg.dll 2012-11-11 17:41:46 112640 ----a-w- c:\windows\system32\ff_vfw.dll 2012-11-11 17:41:40 3504128 ----a-w- c:\windows\system32\ffdshow.ax 2012-11-11 17:41:14 271360 ----a-w- c:\windows\system32\TomsMoComp_ff.dll 2012-11-11 17:40:50 99840 ----a-w- c:\windows\system32\ff_wmv9.dll 2012-11-11 17:40:50 157184 ----a-w- c:\windows\system32\ff_unrar.dll 2012-11-11 17:40:48 211968 ----a-w- c:\windows\system32\ff_libdts.dll 2012-11-11 17:40:48 1525760 ----a-w- c:\windows\system32\ff_samplerate.dll 2012-11-11 17:40:48 147456 ----a-w- c:\windows\system32\ff_libmad.dll 2012-11-11 17:40:48 114688 ----a-w- c:\windows\system32\ff_liba52.dll 2012-11-11 13:32:34 7870928 ----a-w- c:\windows\system32\avcodec-lav-54.dll 2012-11-11 13:32:34 413864 ----a-w- c:\windows\system32\LAVSplitter.ax 2012-11-11 13:32:34 382120 ----a-w- c:\windows\system32\swscale-lav-2.dll 2012-11-11 13:32:34 281768 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll 2012-11-11 13:32:34 241832 ----a-w- c:\windows\system32\LAVAudio.ax 2012-11-11 13:32:34 238528 ----a-w- c:\windows\system32\avutil-lav-52.dll 2012-11-11 13:32:34 183976 ----a-w- c:\windows\system32\libbluray.dll 2012-11-11 13:32:34 167728 ----a-w- c:\windows\system32\avfilter-lav-3.dll 2012-11-11 13:32:34 158096 ----a-w- c:\windows\system32\avresample-lav-1.dll 2012-11-11 13:32:34 1182696 ----a-w- c:\windows\system32\avformat-lav-54.dll 2012-11-11 13:32:34 1172648 ----a-w- c:\windows\system32\LAVVideo.ax 2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll 2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll 2012-10-25 02:12:26 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-10-25 02:12:26 69632 ----a-w- c:\windows\system32\QuickTime.qts 2012-10-24 15:45:48 369856 ----a-w- c:\windows\system32\drivers\cng.sys 2012-10-24 15:45:48 247808 ----a-w- c:\windows\system32\schannel.dll 2012-10-24 15:45:48 220160 ----a-w- c:\windows\system32\ncrypt.dll 2012-10-24 15:45:48 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-10-24 15:45:48 1039360 ----a-w- c:\windows\system32\lsasrv.dll 2012-10-16 07:39:52 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-12 18:09:32 22912 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2012-10-10 20:15:04 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-10-10 20:15:00 2574696 ----a-w- c:\windows\system32\nvcuvid.dll 2012-10-10 20:14:50 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll 2012-10-10 20:14:50 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll 2012-10-10 20:14:46 17559912 ----a-w- c:\windows\system32\nvcompiler.dll 2012-10-10 20:14:44 2428776 ----a-w- c:\windows\system32\nvapi.dll 2012-10-10 20:14:42 7697768 ----a-w- c:\windows\system32\nvcuda.dll 2012-10-10 20:14:28 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-10-10 20:14:22 19906920 ----a-w- c:\windows\system32\nvoglv32.dll 2012-10-10 20:14:22 1009512 ----a-w- c:\windows\system32\nvdispco32.dll 2012-10-10 20:14:16 6127464 ----a-w- c:\windows\system32\nvopencl.dll 2012-10-10 20:14:16 15309160 ----a-w- c:\windows\system32\nvd3dum.dll 2012-10-09 17:40:31 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-10-09 17:40:31 193536 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-10-04 16:47:18 169984 ----a-w- c:\windows\system32\winsrv.dll 2012-10-04 16:43:05 293376 ----a-w- c:\windows\system32\KernelBase.dll 2012-10-04 14:57:58 271360 ----a-w- c:\windows\system32\conhost.exe 2012-10-04 14:41:50 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2012-10-04 14:41:50 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2012-10-04 14:41:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2012-10-04 14:41:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2012-10-04 10:33:31 963984 ----a-w- c:\program files\uTorrent.exe 2012-10-03 16:58:30 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-10-03 16:42:26 52224 ----a-w- c:\windows\system32\nlaapi.dll 2012-10-03 16:42:26 242176 ----a-w- c:\windows\system32\nlasvc.dll 2012-10-03 16:42:24 18944 ----a-w- c:\windows\system32\netevent.dll 2012-10-03 16:42:24 175104 ----a-w- c:\windows\system32\netcorehc.dll 2012-10-03 16:42:23 156672 ----a-w- c:\windows\system32\ncsi.dll 2012-10-03 16:40:35 499712 ----a-w- c:\windows\system32\iphlpsvc.dll 2012-10-03 15:21:38 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-10-02 19:29:42 645992 ----a-w- c:\windows\system32\nvvsvc.exe 2012-10-02 19:29:41 62312 ----a-w- c:\windows\system32\nvshext.dll 2012-10-02 19:29:41 2557288 ----a-w- c:\windows\system32\nvsvcr.dll 2012-10-02 19:29:41 108392 ----a-w- c:\windows\system32\nvmctray.dll 2012-10-02 19:29:22 2853224 ----a-w- c:\windows\system32\nvsvc.dll 2012-10-02 19:28:53 3965288 ----a-w- c:\windows\system32\nvcpl.dll 2012-10-02 12:15:52 430952 ----a-w- c:\windows\system32\nvStreaming.exe 2012-09-29 17:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys . ============= FINISH: 10:00:36,29 ===============