DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702
Run by Brat at 12:09:30 on 2013-11-05
Systm Microsoft Windows XP Home Edition  5.1.2600.3.1250.421.1033.18.2046.975 [GMT 1:00]
.
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Online Armor Firewall *Enabled* 
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Online Armor\OAcat.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Online Armor\OAui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Online Armor\OAhlp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\AthServer.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [BigDogPath] c:\windows\vm_sti.exe %;usb\VID_0AC8&PID_0302.DeviceDesc%
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [@OnlineArmor GUI] "c:\program files\online armor\OAui.exe"
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\tp-lin~1.lnk - c:\program files\tp-link\tp-link wireless configuration utility\TWCU.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: c:\program files\avira\antivir desktop\avsda.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1383582969453
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{44920A82-ED9B-4630-A5B2-C0E5B9F5F85B} : DHCPNameServer = 192.168.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: OA Shell Helper - {4F07DA45-8170-4859-9B5F-037EF2970034} - c:\program files\online armor\oaevent.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\brat\application data\mozilla\firefox\profiles\2bf4s09j.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.type - 2
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\winamp detect\npwachk.dll
FF - plugin: c:\windows\npMSDM.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-11-04 18:58; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-11-04 22:09; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\brat\application data\mozilla\firefox\profiles\2bf4s09j.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-11-04 22:10; muter@yxl.name; c:\documents and settings\brat\application data\mozilla\firefox\profiles\2bf4s09j.default\extensions\muter@yxl.name
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2013-11-4 37352]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2013-11-4 210360]
R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [2013-11-4 44984]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2013-11-4 34856]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [2013-11-4 31912]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2013/11/04 20:57:39];c:\program files\cyberlink\powerdvd9\000.fcl [2009-2-28 87536]
R2 AntiVirService;Avira Real-Time Protection;c:\program files\avira\antivir desktop\avguard.exe [2013-11-4 440392]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2013-11-4 440392]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2013-11-4 89376]
R2 OAcat;Online Armor Helper Service;c:\program files\online armor\oacat.exe [2013-11-4 584864]
R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2007-5-28 275968]
R2 SvcOnlineArmor;Online Armor;c:\program files\online armor\oasrv.exe [2013-11-4 4457688]
R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [2013-11-4 1763584]
R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [2013-11-4 57440]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-9-5 171680]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2013-11-4 1691480]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files\tp-link\tp-link wireless configuration utility\wps\jswpsapi.exe [2013-11-4 360529]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2006-2-28 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
S4 AntiVirWebService;Avira Web Protection;c:\program files\avira\antivir desktop\avwebgrd.exe [2013-11-4 1164360]
.
=============== Created Last 30 ================
.
2013-11-05 11:08:14	--------	d-----w-	c:\program files\trend micro
2013-11-05 11:05:32	--------	d-----w-	C:\FRST
2013-11-05 09:06:44	--------	d-----w-	c:\windows\pss
2013-11-04 21:08:04	--------	d-----w-	c:\documents and settings\brat\application data\uTorrent
2013-11-04 21:03:44	--------	d--h--w-	c:\documents and settings\all users\application data\CanonIJSolutionMenuEX
2013-11-04 21:03:43	--------	d--h--w-	c:\documents and settings\all users\application data\CanonIJEPPEX2
2013-11-04 21:03:43	--------	d--h--w-	c:\documents and settings\all users\application data\CanonEPP
2013-11-04 21:03:42	--------	d--h--w-	c:\documents and settings\all users\application data\CanonIJMyPrinter
2013-11-04 21:03:11	--------	d-----w-	c:\documents and settings\all users\application data\CanonIJPLM
2013-11-04 21:02:59	--------	d-----w-	c:\documents and settings\all users\application data\Canon IJ Network Tool
2013-11-04 21:02:37	286720	----a-w-	c:\windows\system32\CNC_ATC.dll
2013-11-04 21:02:37	114688	----a-w-	c:\windows\system32\CNC_ATU.dll
2013-11-04 21:02:36	323584	----a-w-	c:\windows\system32\CNC_ATL.dll
2013-11-04 21:02:36	15872	----a-w-	c:\windows\system32\CNHMCA.dll
2013-11-04 21:02:36	114688	----a-w-	c:\windows\system32\CNC_ATI.dll
2013-11-04 21:01:42	--------	d-----w-	c:\documents and settings\brat\application data\Canon Easy-WebPrint EX
2013-11-04 21:00:46	--------	d-----w-	c:\program files\common files\CANON
2013-11-04 21:00:37	--------	d-----w-	c:\documents and settings\all users\application data\CanonIJWSpt
2013-11-04 20:57:35	83968	----a-w-	c:\windows\system32\spool\prtprocs\w32x86\CNMPPAT.DLL
2013-11-04 20:57:35	29184	----a-w-	c:\windows\system32\spool\prtprocs\w32x86\CNMPDAT.DLL
2013-11-04 20:57:34	310272	----a-w-	c:\windows\system32\CNMLMAT.DLL
2013-11-04 20:57:24	184320	----a-w-	c:\windows\system32\CNMIUAT.DLL
2013-11-04 20:57:05	363008	----a-w-	c:\windows\system32\CNMNPPM.DLL
2013-11-04 20:57:05	35328	----a-w-	c:\windows\system32\CNMNPUI.DLL
2013-11-04 20:57:05	--------	d-----w-	c:\windows\system32\STRING
2013-11-04 20:52:36	--------	d-----w-	c:\program files\Canon
2013-11-04 20:39:03	--------	d-----w-	c:\documents and settings\brat\application data\Windows Search
2013-11-04 20:38:35	--------	d-----w-	c:\documents and settings\brat\application data\xrecode2
2013-11-04 20:38:33	--------	d-----w-	c:\program files\xrecode II
2013-11-04 20:36:50	--------	d-----w-	c:\documents and settings\brat\application data\OnlineArmor
2013-11-04 20:36:50	--------	d-----w-	c:\documents and settings\all users\application data\OnlineArmor
2013-11-04 20:36:23	44984	----a-w-	c:\windows\system32\drivers\oahlp32.sys
2013-11-04 20:36:23	34856	----a-w-	c:\windows\system32\drivers\OAmon.sys
2013-11-04 20:36:23	31912	----a-w-	c:\windows\system32\drivers\OAnet.sys
2013-11-04 20:36:23	210360	----a-w-	c:\windows\system32\drivers\OADriver.sys
2013-11-04 20:36:20	--------	d-----w-	c:\program files\Online Armor
2013-11-04 20:12:35	33104	----a-w-	c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2013-11-04 20:12:35	31640	----a-w-	c:\windows\system32\msonpmon.dll
2013-11-04 20:09:40	--------	d-----w-	c:\program files\Microsoft Visual Studio 8
2013-11-04 20:09:05	--------	d-----w-	c:\windows\SHELLNEW
2013-11-04 20:08:55	--------	d-----w-	c:\documents and settings\brat\local settings\application data\Microsoft Help
2013-11-04 20:04:43	--------	d-----w-	c:\program files\Alcohol Soft
2013-11-04 20:02:52	685816	----a-w-	c:\windows\system32\drivers\sptd.sys
2013-11-04 19:57:34	--------	d-----w-	c:\program files\common files\CyberLink
2013-11-04 19:56:57	505128	----a-w-	c:\windows\system32\msvcp71.dll
2013-11-04 19:56:57	353576	----a-w-	c:\windows\system32\msvcr71.dll
2013-11-04 19:56:57	29480	----a-w-	c:\windows\system32\msxml3a.dll
2013-11-04 19:55:28	--------	d-----w-	c:\documents and settings\all users\application data\ACD Systems
2013-11-04 19:55:24	--------	d-----w-	c:\program files\common files\ACD Systems
2013-11-04 19:55:24	--------	d-----w-	c:\program files\ACD Systems
2013-11-04 19:54:37	--------	d-----w-	c:\documents and settings\brat\application data\ZipGenius
2013-11-04 19:44:06	--------	d-----w-	c:\windows\SxsCaPendDel
2013-11-04 19:40:32	--------	d-----w-	c:\program files\Sony
2013-11-04 19:40:32	--------	d-----w-	c:\program files\common files\Sony Shared
2013-11-04 19:38:56	--------	d-----w-	c:\documents and settings\brat\local settings\application data\Downloaded Installations
2013-11-04 19:37:59	--------	d-----w-	c:\windows\system32\LogFiles
2013-11-04 19:37:04	545	----a-w-	c:\windows\UC.PIF
2013-11-04 19:37:04	545	----a-w-	c:\windows\RAR.PIF
2013-11-04 19:37:04	545	----a-w-	c:\windows\PKZIP.PIF
2013-11-04 19:37:04	545	----a-w-	c:\windows\PKUNZIP.PIF
2013-11-04 19:37:04	545	----a-w-	c:\windows\NOCLOSE.PIF
2013-11-04 19:37:04	545	----a-w-	c:\windows\LHA.PIF
2013-11-04 19:37:04	545	----a-w-	c:\windows\ARJ.PIF
2013-11-04 19:37:04	--------	d-----w-	C:\totalcmd
2013-11-04 19:31:10	--------	d-----w-	c:\documents and settings\brat\local settings\application data\Adobe
2013-11-04 19:29:02	--------	d-----r-	c:\program files\Skype
2013-11-04 19:28:16	2414360	----a-w-	c:\windows\system32\d3dx9_31.dll
2013-11-04 19:28:16	1892184	----a-w-	c:\windows\system32\D3DX9_42.dll
2013-11-04 19:28:12	--------	d-----w-	c:\windows\Logs
2013-11-04 19:28:10	47616	----a-w-	c:\program files\windows media player\msoobci.dll
2013-11-04 19:28:10	1669120	----a-w-	c:\program files\windows media player\wmsetsdk.exe
2013-11-04 19:28:10	--------	d-----w-	c:\program files\Winamp Detect
2013-11-04 19:26:06	--------	d-----w-	c:\program files\ZipGenius 6
2013-11-04 19:24:59	--------	d-----w-	c:\documents and settings\brat\application data\BSplayer Pro
2013-11-04 19:24:59	--------	d-----w-	c:\documents and settings\brat\application data\BSplayer
2013-11-04 19:24:58	--------	d-----w-	c:\program files\Webteh
2013-11-04 19:24:31	217176	----a-w-	c:\windows\system32\unrar.dll
2013-11-04 19:24:27	--------	d-----w-	c:\program files\K-Lite Codec Pack
2013-11-04 19:23:50	--------	d-----w-	c:\program files\CCleaner
2013-11-04 19:21:15	89376	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-11-04 19:21:15	37352	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-11-04 19:21:14	--------	d-----w-	c:\program files\Avira
2013-11-04 19:21:14	--------	d-----w-	c:\documents and settings\all users\application data\Avira
2013-11-04 19:11:39	--------	d-----w-	c:\documents and settings\brat\local settings\application data\ApplicationHistory
2013-11-04 18:52:34	--------	d-----w-	c:\windows\system32\winrm
2013-11-04 18:52:31	--------	dc-h--w-	c:\windows\$968930Uinstall_KB968930$
2013-11-04 18:52:25	--------	d-----w-	c:\documents and settings\brat\local settings\application data\Identities
2013-11-04 18:52:24	--------	d-----w-	c:\documents and settings\brat\application data\Windows Desktop Search
2013-11-04 18:52:13	--------	d-----w-	c:\windows\system32\GroupPolicy
2013-11-04 18:52:13	--------	d-----w-	c:\program files\Windows Desktop Search
2013-11-04 18:51:47	98304	-c----w-	c:\windows\system32\dllcache\nlhtml.dll
2013-11-04 18:51:47	29696	-c----w-	c:\windows\system32\dllcache\mimefilt.dll
2013-11-04 18:51:47	192000	-c----w-	c:\windows\system32\dllcache\offfilt.dll
2013-11-04 18:51:11	--------	d-----w-	c:\windows\system32\URTTEMP
2013-11-04 18:50:23	6144	-c----w-	c:\windows\system32\dllcache\iecompat.dll
2013-11-04 17:48:15	471552	-c----w-	c:\windows\system32\dllcache\aclayers.dll
2013-11-04 17:43:46	--------	d-----w-	c:\windows\system32\MRT
2013-11-04 17:25:51	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-04 17:25:51	692616	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-11-04 17:17:07	60160	-c----w-	c:\windows\system32\dllcache\usbaudio.sys
2013-11-04 17:17:07	123008	-c----w-	c:\windows\system32\dllcache\usbvideo.sys
2013-11-04 17:17:05	25088	-c----w-	c:\windows\system32\dllcache\hidparse.sys
2013-11-04 17:17:05	14976	-c----w-	c:\windows\system32\dllcache\usbscan.sys
2013-11-04 17:17:03	5376	-c----w-	c:\windows\system32\dllcache\usbd.sys
2013-11-04 17:17:03	32384	-c----w-	c:\windows\system32\dllcache\usbccgp.sys
2013-11-04 17:17:03	30336	-c----w-	c:\windows\system32\dllcache\usbehci.sys
2013-11-04 17:17:03	144128	-c----w-	c:\windows\system32\dllcache\usbport.sys
2013-11-04 17:16:56	55296	-c----w-	c:\windows\system32\dllcache\msfeedsbs.dll
2013-11-04 17:16:56	247808	-c----w-	c:\windows\system32\dllcache\ieproxy.dll
2013-11-04 17:16:56	12800	-c----w-	c:\windows\system32\dllcache\xpshims.dll
2013-11-04 17:16:55	743424	-c----w-	c:\windows\system32\dllcache\iedvtool.dll
2013-11-04 17:16:55	630272	-c----w-	c:\windows\system32\dllcache\msfeeds.dll
2013-11-04 17:16:54	522240	-c----w-	c:\windows\system32\dllcache\jsdbgui.dll
2013-11-04 17:16:54	2006016	-c----w-	c:\windows\system32\dllcache\iertutil.dll
2013-11-04 17:16:54	11113472	-c----w-	c:\windows\system32\dllcache\ieframe.dll
2013-11-04 17:15:48	12928	-c----w-	c:\windows\system32\dllcache\usb8023x.sys
2013-11-04 17:15:48	12928	-c----w-	c:\windows\system32\dllcache\usb8023.sys
2013-11-04 17:15:09	139784	-c----w-	c:\windows\system32\dllcache\rdpwd.sys
2013-11-04 17:14:08	3072	-c----w-	c:\windows\system32\dllcache\iacenc.dll
2013-11-04 17:14:08	3072	------w-	c:\windows\system32\iacenc.dll
2013-11-04 17:13:18	456320	-c----w-	c:\windows\system32\dllcache\mrxsmb.sys
2013-11-04 17:13:16	10496	-c----w-	c:\windows\system32\dllcache\ndistapi.sys
2013-11-04 17:13:08	105472	-c----w-	c:\windows\system32\dllcache\mup.sys
2013-11-04 17:11:59	40960	-c----w-	c:\windows\system32\dllcache\ndproxy.sys
2013-11-04 17:11:52	45568	-c----w-	c:\windows\system32\dllcache\wab.exe
2013-11-04 17:11:44	978944	-c----w-	c:\windows\system32\dllcache\mfc42.dll
2013-11-04 17:11:44	953856	-c----w-	c:\windows\system32\dllcache\mfc40u.dll
2013-11-04 17:11:35	617472	-c----w-	c:\windows\system32\dllcache\comctl32.dll
2013-11-04 17:11:18	3558912	-c----w-	c:\windows\system32\dllcache\moviemk.exe
2013-11-04 17:11:03	744448	-c----w-	c:\windows\system32\dllcache\helpsvc.exe
2013-11-04 17:10:45	293376	------w-	c:\windows\system32\browserchoice.exe
2013-11-04 17:09:56	81920	-c----w-	c:\windows\system32\dllcache\fontsub.dll
2013-11-04 17:09:56	119808	-c----w-	c:\windows\system32\dllcache\t2embed.dll
2013-11-04 17:09:04	153088	-c----w-	c:\windows\system32\dllcache\triedit.dll
2013-11-04 17:07:58	331776	-c----w-	c:\windows\system32\dllcache\msadce.dll
2013-11-04 17:07:34	272128	-c----w-	c:\windows\system32\dllcache\bthport.sys
2013-11-04 17:07:31	203136	-c----w-	c:\windows\system32\dllcache\rmcast.sys
.
==================== Find3M  ====================
.
2013-11-04 15:51:49	0	----a-w-	c:\windows\ativpsrm.bin
2013-10-22 19:38:24	5578456	----a-w-	c:\windows\system32\drivers\RtkHDAud.sys
2013-10-04 11:29:32	20145368	----a-w-	c:\windows\RTHDCPL.EXE
2013-09-24 17:59:34	86232	----a-w-	c:\windows\system32\RtkCoInstIIXP.dll
2013-09-23 18:33:58	920064	----a-w-	c:\windows\system32\wininet.dll
2013-09-23 18:33:57	43520	----a-w-	c:\windows\system32\licmgr10.dll
2013-09-23 18:33:57	1469440	----a-w-	c:\windows\system32\inetcpl.cpl
2013-09-23 18:33:56	18944	----a-w-	c:\windows\system32\corpol.dll
2013-09-23 18:06:48	385024	----a-w-	c:\windows\system32\html.iec
2013-09-13 17:44:26	2080472	----a-w-	c:\windows\RtlExUpd.dll
2013-08-29 01:31:44	1878656	----a-w-	c:\windows\system32\win32k.sys
2013-08-09 01:56:45	386560	----a-w-	c:\windows\system32\themeui.dll
2013-08-09 00:55:08	144128	----a-w-	c:\windows\system32\drivers\usbport.sys
2013-08-09 00:55:06	5376	----a-w-	c:\windows\system32\drivers\usbd.sys
.
============= FINISH: 12:10:15,04 ===============
