DDS LOG:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_20
Run by EricShang at 13:06:11 on 2012-02-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6069.2646 [GMT -5:00]
.
AV: Kaspersky Anti-Virus *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Anti-Virus *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Windows\system32\DllHost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\taskmgr.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\RO\DreamerRO's\exe.exe
C:\Program Files (x86)\RO\DreamerRO's\exe.exe
C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\msiexec.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://asus.msn.com
mWinlogon: Userinit=userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Google Update] "C:\Users\EricShang\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
uRun: [winupdate] C:\Windows\system32\install\winupdt.exe
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [<NO NAME>]
mRun: [Razer Imperator Driver] C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{05BDF0D1-9718-447B-9539-4FFA1E2CE07F} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{05BDF0D1-9718-447B-9539-4FFA1E2CE07F}\4556E62556E64556164596D656 : DhcpNameServer = 68.87.73.246 68.87.71.230
TCP: Interfaces\{05BDF0D1-9718-447B-9539-4FFA1E2CE07F}\86F6D656 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{05BDF0D1-9718-447B-9539-4FFA1E2CE07F}\A49616E676E4564777F627B6 : DhcpNameServer = 192.168.1.1 71.252.0.12
TCP: Interfaces\{05BDF0D1-9718-447B-9539-4FFA1E2CE07F}\C696E6B6379737 : DhcpNameServer = 68.87.73.246 68.87.71.230
TCP: Interfaces\{93422096-8B22-4798-A1C3-B195BD476D83} : DhcpNameServer = 128.8.74.2 128.8.76.2
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\ProgramData\dxmasf32.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
BHO-X64: IEVkbdBHO - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
BHO-X64: link filter bho - No File
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r
mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [(Default)]
mRun-x64: [Razer Imperator Driver] C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
AppInit_DLLs-X64: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\ProgramData\dxmasf32.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\EricShang\AppData\Roaming\Mozilla\Firefox\Profiles\5ecazms3.default\
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\EricShang\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true
============= SERVICES / DRIVERS ===============
.
R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [2010-7-1 352976]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-7-7 2314240]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-7-7 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-7-7 79360]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\system32\DRIVERS\ivusb.sys --> C:\Windows\system32\DRIVERS\ivusb.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SaiU0CCB;SaiU0CCB;C:\Windows\system32\DRIVERS\SaiU0CCB.sys --> C:\Windows\system32\DRIVERS\SaiU0CCB.sys [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-8-6 118672]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S4 Dyyno Launcher;Dyyno Service;C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe [2011-5-18 415072]
.
=============== Created Last 30 ================
.
2012-02-11 17:10:56 -------- d-----w- C:\Users\EricShang\AppData\Local\{91F9149A-5A1E-4E80-B8AC-2E2722E8227C}
2012-02-11 17:10:46 -------- d-----w- C:\Users\EricShang\AppData\Local\{0D811AFE-FBEA-43A4-B02E-ED46A1103B4D}
2012-02-11 01:41:03 -------- d-----w- C:\Users\EricShang\AppData\Local\{AB26BF26-E024-4E0D-8CB8-A39E7F16A134}
2012-02-11 01:40:42 -------- d-----w- C:\Users\EricShang\AppData\Local\{CF640CFF-24B5-4DF6-8879-F172A60611D9}
2012-02-10 13:40:19 -------- d-----w- C:\Users\EricShang\AppData\Local\{91F0354A-C61F-428C-8EFA-137A7388C6B0}
2012-02-10 13:40:09 -------- d-----w- C:\Users\EricShang\AppData\Local\{3925F8C6-91EE-4B47-9D60-8DE7AFBCE3BF}
2012-02-09 20:26:02 -------- d-----w- C:\Users\EricShang\AppData\Local\{87108E38-81BE-4EE3-B9DD-6D1D6A3815BB}
2012-02-09 20:25:52 -------- d-----w- C:\Users\EricShang\AppData\Local\{0D03904D-53E0-4AB7-8EEC-1301E5A3F648}
2012-02-09 02:18:05 -------- d-----w- C:\Users\EricShang\AppData\Local\{39B65EE8-256D-4EFE-B8C6-C6228472193A}
2012-02-08 14:17:58 -------- d-----w- C:\Users\EricShang\AppData\Local\{A39DB288-D095-4ED6-8B7B-808CE3BBAAD9}
2012-02-07 23:24:58 -------- d-----w- C:\Users\EricShang\AppData\Local\{2052FF16-6DC3-4E95-9974-1AECF81CB6CD}
2012-02-07 23:24:48 -------- d-----w- C:\Users\EricShang\AppData\Local\{DD5BD411-D96A-454D-BBBE-27D62AD490FD}
2012-02-07 07:19:50 -------- d-----w- C:\Users\EricShang\AppData\Local\{D558D81E-48D7-4909-88F6-DE61418B1525}
2012-02-06 19:19:29 -------- d-----w- C:\Users\EricShang\AppData\Local\{A5E9E886-51E3-406A-B5DF-FCA7B6FB2A1E}
2012-02-06 19:19:19 -------- d-----w- C:\Users\EricShang\AppData\Local\{61DDCB24-7BC7-45A0-84E8-BB8645ECD4F2}
2012-02-06 06:35:54 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-06 06:34:14 -------- d-----w- C:\Program Files (x86)\Yahoo!
2012-02-06 00:12:27 -------- d-----w- C:\Users\EricShang\AppData\Local\{886D528A-6EF6-457D-A691-27B10ECBB934}
2012-02-06 00:12:17 -------- d-----w- C:\Users\EricShang\AppData\Local\{2B978538-ECA2-4B5C-8864-27FFAECB71E6}
2012-02-05 19:18:12 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2012-02-05 19:17:41 -------- d-----w- C:\Users\EricShang\AppData\Local\Microsoft Help
2012-02-05 12:12:06 -------- d-----w- C:\Users\EricShang\AppData\Local\{B769F768-A08A-4963-8A06-968736123FDE}
2012-02-05 12:11:56 -------- d-----w- C:\Users\EricShang\AppData\Local\{20D46C26-4C3E-4386-83E8-FA95F0B0A51C}
2012-02-05 00:11:33 -------- d-----w- C:\Users\EricShang\AppData\Local\{EE998366-23B3-48AA-AABC-E702373842FA}
2012-02-05 00:11:22 -------- d-----w- C:\Users\EricShang\AppData\Local\{CEB9BAEF-DE20-464F-ADE4-6FECAB0374CF}
2012-02-04 12:10:59 -------- d-----w- C:\Users\EricShang\AppData\Local\{F7ACE8E2-6700-4034-B342-5E6AE76A23E3}
2012-02-04 00:10:35 -------- d-----w- C:\Users\EricShang\AppData\Local\{DBC37D10-11AB-49BF-AC3E-58101EBE620E}
2012-02-03 12:10:12 -------- d-----w- C:\Users\EricShang\AppData\Local\{C0FC6C3A-DE2E-4E44-B0D9-1922CD4F4978}
2012-02-03 00:09:49 -------- d-----w- C:\Users\EricShang\AppData\Local\{724FF88A-2B98-40FD-842B-3C492054AA11}
2012-02-02 12:09:28 -------- d-----w- C:\Users\EricShang\AppData\Local\{23D70725-DEED-42B7-9E34-F1F05EE7B630}
2012-02-02 00:09:05 -------- d-----w- C:\Users\EricShang\AppData\Local\{1B3C6937-574F-4C39-9BA2-40011BD3A98A}
2012-02-02 00:08:55 -------- d-----w- C:\Users\EricShang\AppData\Local\{38A37A4F-F3D4-4485-9EF1-7B3702F4C184}
2012-01-31 20:30:02 -------- d-----w- C:\Users\EricShang\AppData\Local\{7D077D53-AA60-44CB-8E7F-1CC5F5C275D2}
2012-01-31 20:29:52 -------- d-----w- C:\Users\EricShang\AppData\Local\{C82806EF-909A-4B32-92AE-29E79723DC2F}
2012-01-31 08:29:39 -------- d-----w- C:\Users\EricShang\AppData\Local\{1C0CE312-94D3-44CB-9E1E-905B697BB1D6}
2012-01-31 08:29:29 -------- d-----w- C:\Users\EricShang\AppData\Local\{3C4A4D91-1AF3-45F3-ACDB-37472029AA85}
2012-01-31 05:47:50 -------- d-----w- C:\Users\EricShang\AppData\Local\DDMSettings
2012-01-30 20:29:16 -------- d-----w- C:\Users\EricShang\AppData\Local\{BB8D5108-FA93-43E2-8B6D-2E2CFC2E1EA2}
2012-01-30 20:29:06 -------- d-----w- C:\Users\EricShang\AppData\Local\{05D0F715-382E-4749-90D4-5EB3762006AF}
2012-01-29 20:11:13 -------- d-----w- C:\Users\EricShang\AppData\Local\{17920AA1-D070-486A-8FD3-CCB474F982FA}
2012-01-29 20:11:02 -------- d-----w- C:\Users\EricShang\AppData\Local\{50927458-5420-4E41-96E8-A08049B1D668}
2012-01-28 19:55:09 -------- d-----w- C:\Users\EricShang\AppData\Local\{F094A0B3-6D03-4DDF-88B9-9A8767743F99}
2012-01-28 19:55:00 -------- d-----w- C:\Users\EricShang\AppData\Local\{3B0C632F-7F0A-4A3E-BB71-9A765777479E}
2012-01-28 04:16:18 -------- d-----w- C:\Users\EricShang\AppData\Local\{A305177B-1C82-4A4E-9E81-26ED3DF292A2}
2012-01-28 04:16:08 -------- d-----w- C:\Users\EricShang\AppData\Local\{48A72B3D-0E55-4079-89A5-6D05FA561449}
2012-01-27 16:15:56 -------- d-----w- C:\Users\EricShang\AppData\Local\{1A0795CB-93DD-4786-94D2-D201B7E7F70C}
2012-01-27 04:15:32 -------- d-----w- C:\Users\EricShang\AppData\Local\{5DD78A36-FBEE-4208-8F95-CD3A74714063}
2012-01-26 16:15:09 -------- d-----w- C:\Users\EricShang\AppData\Local\{C9D9DD04-8793-4F43-A508-0D53A2BE2E84}
2012-01-26 04:15:03 -------- d-----w- C:\Users\EricShang\AppData\Local\{37A0C866-B53E-4733-8EA6-A24D58193EC8}
2012-01-26 03:49:58 -------- d-----w- C:\Users\EricShang\AppData\Local\{CCD93393-AF14-4529-A64A-0601C3147A9C}
2012-01-26 02:08:52 -------- d-----w- C:\Users\EricShang\AppData\Local\{DA87D8EA-D65E-4C6F-B145-5107B311DCA6}
2012-01-24 10:18:19 -------- d-----w- C:\Users\EricShang\AppData\Local\{CC45B6CB-7D3E-4274-848F-40196F6D8C95}
2012-01-24 10:17:57 -------- d-----w- C:\Users\EricShang\AppData\Local\{A21C40BC-A946-406C-B491-4F1B1AF6C66B}
2012-01-23 22:17:44 -------- d-----w- C:\Users\EricShang\AppData\Local\{766B385F-BF2C-458B-A12E-E4BED2CD709C}
2012-01-23 22:17:23 -------- d-----w- C:\Users\EricShang\AppData\Local\{79FD2759-A2A5-41F8-A53D-E942B6F62AE4}
2012-01-23 09:26:11 -------- d-----w- C:\Users\EricShang\AppData\Local\{305AE450-031A-4D6B-8C4F-88847875EC36}
2012-01-23 09:25:50 -------- d-----w- C:\Users\EricShang\AppData\Local\{031F0FB4-1C9E-48FA-837C-EFD2CEEEB04B}
2012-01-22 21:25:39 -------- d-----w- C:\Users\EricShang\AppData\Local\{BEE36CB6-6699-4A3C-9400-F5E84D731C9C}
2012-01-22 21:25:18 -------- d-----w- C:\Users\EricShang\AppData\Local\{67C092D2-629C-41C2-84ED-A61ABFEECAD6}
2012-01-22 09:25:07 -------- d-----w- C:\Users\EricShang\AppData\Local\{825A4C68-A9F6-43B5-9550-27D6184EBFCA}
2012-01-22 09:24:46 -------- d-----w- C:\Users\EricShang\AppData\Local\{B28A5506-6CD6-4F75-B4FE-9C2FE2124840}
2012-01-21 21:24:21 -------- d-----w- C:\Users\EricShang\AppData\Local\{32B6C2F4-98F1-44FF-BA9D-AF9F412157C6}
2012-01-21 21:24:12 -------- d-----w- C:\Users\EricShang\AppData\Local\{9A52037F-8E24-45B9-8D09-24E56346E3D1}
2012-01-21 06:36:45 -------- d-----w- C:\Users\EricShang\AppData\Local\{46489FF7-788A-4F0E-89A2-1B5785EC0777}
2012-01-21 06:36:31 -------- d-----w- C:\Users\EricShang\AppData\Local\{4958F794-559B-45D5-AF56-0EE477B9E1D4}
2012-01-20 07:59:07 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-20 07:59:07 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-20 07:59:07 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-20 07:59:07 43992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll
2012-01-20 03:08:25 -------- d-----w- C:\Users\EricShang\AppData\Local\{786ECF03-6977-4F00-9E80-169726D6023A}
2012-01-20 03:08:03 -------- d-----w- C:\Users\EricShang\AppData\Local\{8EAB585C-3010-4229-89B2-E30313B72B71}
2012-01-19 15:07:39 -------- d-----w- C:\Users\EricShang\AppData\Local\{BE66571A-8A81-43C1-AA0E-4133C1B13441}
2012-01-19 15:07:18 -------- d-----w- C:\Users\EricShang\AppData\Local\{73BAA9C3-E0E8-451A-9E7F-AC422F5B22ED}
2012-01-19 03:07:03 -------- d-----w- C:\Users\EricShang\AppData\Local\{F36E9FF6-46CA-469B-B656-A115BEDB1C05}
2012-01-19 03:06:53 -------- d-----w- C:\Users\EricShang\AppData\Local\{6803ADD0-2894-42ED-965D-78B9E749D7A7}
2012-01-17 21:00:15 -------- d-----w- C:\Users\EricShang\AppData\Local\{C0BE7011-4229-4F8A-B387-351748C8C6EB}
2012-01-17 20:59:55 -------- d-----w- C:\Users\EricShang\AppData\Local\{BC94B914-D75F-44FB-BE00-1267B2B35913}
2012-01-17 08:59:41 -------- d-----w- C:\Users\EricShang\AppData\Local\{2455A088-7E28-4947-85D0-BD1C2EA1F929}
2012-01-17 08:59:20 -------- d-----w- C:\Users\EricShang\AppData\Local\{2D2BB4C5-2CAC-4C1E-AD58-690BD5A78C01}
2012-01-16 20:58:52 -------- d-----w- C:\Users\EricShang\AppData\Local\{513E051F-B69D-499E-AD23-AB62976A3280}
2012-01-16 20:58:42 -------- d-----w- C:\Users\EricShang\AppData\Local\{4DE81B41-A394-4087-9E2A-AFBAD51F1CB6}
2012-01-16 01:24:56 -------- d-----w- C:\Users\EricShang\AppData\Local\{F7A345BB-E8A5-4439-981F-9D410A1C8E33}
2012-01-16 01:24:43 -------- d-----w- C:\Users\EricShang\AppData\Local\{6DFD34A4-272D-4215-8204-1A0218A09970}
2012-01-15 09:57:30 -------- d-----w- C:\Users\EricShang\AppData\Local\{EE832A73-CE76-4058-9AEC-371A9FC7C58E}
2012-01-14 21:56:45 -------- d-----w- C:\Users\EricShang\AppData\Local\{BCC68B3A-6D2F-4027-8EB1-04730F4FAB04}
2012-01-14 21:56:33 -------- d-----w- C:\Users\EricShang\AppData\Local\{5B4C7EEF-6E15-4911-9845-F70746C936F8}
2012-01-13 18:52:00 -------- d-----w- C:\Users\EricShang\AppData\Local\{95AE4399-7EFD-4504-B80F-78AA21330CBF}
2012-01-13 18:51:48 -------- d-----w- C:\Users\EricShang\AppData\Local\{F14F8C88-50B7-4974-8EAA-7BC6FF19B27B}
2012-01-13 00:31:07 -------- d-----w- C:\Users\EricShang\AppData\Local\{D1F8D15F-6299-4CC7-8615-5027834F3032}
2012-01-13 00:30:45 -------- d-----w- C:\Users\EricShang\AppData\Local\{C91B37CE-C422-40A1-942C-1D4085D1B82D}
.
==================== Find3M ====================
.
2012-02-11 17:10:35 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2012-02-10 19:50:38 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-02-10 19:50:38 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-02-10 19:50:23 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-01-04 00:48:42 354176 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
2012-01-03 06:14:58 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-20 03:57:01 0 ----a-w- C:\Windows\SysWow64\sho368.tmp
2011-11-19 14:58:00 77312 ----a-w- C:\Windows\System32\packager.dll
2011-11-19 14:01:00 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys
2011-11-17 06:41:18 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll
2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll
2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll
2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll
2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2011-11-17 05:38:39 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 13:08:45.05 ===============