I found a file in my sandbox roaming folder with a few eh interesting things: Found at: C:\Sandbox\Jezza\DefaultBox\user\current\AppData\Roaming\dclogs\2013-05-13-2.dc open in notepad and it reveals: :: Facebook - Google Chrome (7:43:59 AM) :: ESET Smart Security (7:44:00 AM) :: Facebook - Google Chrome (7:50:53 AM) Seems legit Seems legit :: Clipboard Change : size = 7 Bytes (7:50:53 AM)ktfo609 Have done malwarebytes full scan. ESET full scan. Bit defender scan. Nothing showing up but the fact the file was sitting there worries me. Other file attached DDS: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.21.2Run by Jezza at 21:17:12 on 2013-07-01Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.16381.9909 [GMT 1:00].AV: ESET Smart Security 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}SP: ESET Smart Security 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Program Files\COMODO\COMODO Internet Security\cmdagent.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\atieclxx.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Windows\SysWOW64\PnkBstrA.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Virtual Router\VirtualRouterService.exeC:\Windows\System32\alg.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\System32\WUDFHost.exeC:\Windows\System32\WUDFHost.exeC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\COMODO\COMODO Internet Security\cfp.exeC:\Windows\System32\StikyNot.exeC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Virtual Router\VirtualRouterClient.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Windows\system32\taskeng.exec:\Program Files\Microsoft Mouse and Keyboard Center\itype.exec:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exeC:\Program Files (x86)\Windows Media Player\wmplayer.exeC:\Windows\system32\taskhost.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\svchost.exe -k SDRSVCC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Origin\Origin.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\TechSmith\Jing\Jing.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\calc.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\mmc.exeC:\Program Files\ESET\ESET Smart Security\x86\ekrn.exeC:\Program Files\ESET\ESET Smart Security\egui.exeC:\Windows\servicing\TrustedInstaller.exeC:\Windows\system32\wuauclt.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\taskmgr.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\NOTEPAD.EXEC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Windows\system32\NOTEPAD.EXEC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uProxyServer = 210.125.29.212:80mWinlogon: Userinit = userinit.exe,BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dlluRun: [AdobeBridge] <no file>StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\VIRTUA~1.LNK - C:\Windows\Installer\{BE905C46-2B34-4D73-AEE1-769ED138E0FF}\_118D1A4EFFA6998C3492EB.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableLUA = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}LSP: C:\Program Files (x86)\FlyVPN\FlyVPNBind.dllTCP: NameServer = 192.168.0.1TCP: Interfaces\{7BF76A08-3D33-4207-889F-B069109A78FF} : DHCPNameServer = 192.168.0.1TCP: Interfaces\{870C08CE-07A5-4DFF-BA44-D8DCDC22B897} : DHCPNameServer = 192.168.0.1TCP: Interfaces\{BC796B97-C139-4F7C-8330-19ECC055EA07} : DHCPNameServer = 10.11.0.1TCP: Interfaces\{ED202015-80A0-49BA-BB26-FE823F0EB4F7} : DHCPNameServer = 192.168.0.1Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllAppInit_DLLs= c:\progra~2\magnipic\sprote~1.dll c:\progra~2\browse~1\sprote~1.dll C:\Windows\SysWOW64\guard32.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -hx64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Jezza\AppData\Roaming\Mozilla\Firefox\Profiles\hryejo7u.default\FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - about:homeFF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dllFF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dllFF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dllFF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dllFF - plugin: C:\Users\Jezza\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dllFF - plugin: C:\Windows\System32\Wat\npWatWeb.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dllFF - plugin: C:\Windows\SysWOW64\npDeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dll.============= SERVICES / DRIVERS ===============.R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2012-3-14 62496]R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdGuard.sys [2012-11-8 584056]R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2012-11-8 38144]R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2012-3-14 209768]R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2012-3-14 38288]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-10-23 240640]R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-9-28 361984]R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-3-7 913144]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-19 701512]R2 Virtual Router;VirtualRouterService;C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [2013-2-10 12288]R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-10-5 46136]R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2013-2-19 65152]R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2013-2-19 88832]R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-2-19 25928]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-1 646248]R3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2010-7-1 38992]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-4-24 161384]S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2013-2-19 30624]S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-14 96896]S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2013-1-3 17480]S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2013-1-3 9800]S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-10-17 920864]S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-11-19 80384]S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-11-19 181248]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-20 19456]S3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-12-16 202632]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-4-20 57856]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-4-20 30208]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-6 1255736]S4 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-4-19 2074760]S4 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-19 418376]S4 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2013-1-5 109168]S4 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [2012-10-17 185632]S4 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [2012-10-17 212256]S4 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-31 3467768].=============== File Associations ===============.FileExt: .js: Applications\Notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1".=============== Created Last 30 ================.2013-07-01 20:14:53 -------- d-----w- C:\Users\Jezza\AppData\Roaming\QuickScan2013-07-01 20:04:41 -------- d-----w- C:\Program Files\trend micro2013-06-28 06:45:25 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{25B66433-91E4-4679-8A9A-FAFFD668D59A}\mpengine.dll2013-06-27 21:42:29 -------- d-----w- C:\MTK FirmwareAdapter Tool2013-06-27 18:00:25 -------- d-----w- C:\Users\Jezza\AppData\Local\Chris_Pietschmann_(http__2013-06-27 17:05:03 -------- d-----w- C:\Program Files (x86)\Virtual Router2013-06-25 21:50:27 -------- d-----w- C:\ProgramData\SP_FT_Logs2013-06-25 00:25:27 256 ----a-w- C:\Users\Jezza\advanced_ip_scanner_Favorites.bin2013-06-24 20:31:02 210 ----a-w- C:\Users\Jezza\advanced_ip_scanner_MAC.bin2013-06-24 18:46:39 -------- d-----w- C:\Program Files (x86)\Advanced IP Scanner v22013-06-20 19:21:17 -------- d-----w- C:\Program Files (x86)\Battlelog Web Plugins2013-06-20 18:56:46 262552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll2013-06-20 18:45:25 3323752 ----a-w- C:\Windows\SysWow64\pbsvc.exe2013-06-19 20:45:32 308736 ----a-w- C:\Windows\System32\ssleay32.dll2013-06-19 20:45:32 1503744 ----a-w- C:\Windows\System32\libeay32.dll2013-06-19 20:45:21 327008 ----a-w- C:\Windows\System32\RaCoInstx.dll2013-06-19 20:45:21 1733216 ----a-w- C:\Windows\System32\drivers\netr28ux.sys2013-06-17 19:56:04 -------- d-----w- C:\ProgramData\Trymedia2013-06-17 19:54:53 98304 ----a-w- C:\Windows\SysWow64\CmdLineExt.dll2013-06-12 10:07:42 751104 ----a-w- C:\Windows\System32\win32spl.dll.==================== Find3M ====================.2013-07-01 18:04:39 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr2013-07-01 18:04:39 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe2013-07-01 18:04:30 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex02013-06-21 22:11:47 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-05-16 16:38:45 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-05-16 16:38:45 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-05-14 13:14:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-05-14 09:23:31 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll2013-05-08 20:14:46 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-05-08 20:14:43 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll2013-05-08 20:14:43 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-05-02 01:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll2013-04-19 16:57:02 56072 ----a-w- C:\Windows\System32\certsentry.dll2013-04-19 16:57:02 47368 ----a-w- C:\Windows\SysWow64\certsentry.dll2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys2013-04-04 13:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2012-12-28 17:47:39 14794312 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe.============= FINISH: 21:17:38.14 ===============