Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Look Nice Clean Log?


  • This topic is locked This topic is locked
9 replies to this topic

#1 valdur55

valdur55

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:20 AM

Posted 27 August 2008 - 01:28 AM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:27:22, on 27.08.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neti.ee/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live'i sisselogimisabiline - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [EstEID AIP switch] "C:\Program Files\IT Arendus\ID-kaart\aipswitch.exe" 1
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {096DCF31-53FA-4BA6-A729-D85D29FC0D70} (Detect Class) - https://installer.id.ee/IDInstaller.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1218629493859
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.ilm.ee/tehvandi/AxisCamControl.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 7000 bytes

I think... I have clean log.
But i am not sure :thumbsup:

BC AdBot (Login to Remove)

 


#2 harrythook

harrythook


  • Security Colleague
  • 4,152 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Philadelphia
  • Local time:04:20 PM

Posted 12 September 2008 - 10:54 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. We aim to provide the valuable service known to come from BC to every member we can, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.

Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.


Thanks and again sorry for the delay.

We need to create an OTViewIt Report
  • Please download OTViewIt by OldTimer.
  • Save it to your desktop.
  • Double click on the OTViewIt icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Click the Run Scan button.
  • Two reports will open, copy and paste them in a reply here:
  • OTViewIt.txt <-- Will be opened
  • Extra.txt <-- Will be minimized
If you have not downloaded HiJackThis yet:
Posted ImageClick here to download HJTInstall.exe
  • Save HJTInstall.exe to your desktop.
  • Doubleclick on the HJTInstall.exe icon on your desktop.
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed, it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
In your reply:
  • Fresh HJT log
  • OTViewIt results
Thanks


Harry

Veni Vidi Vici
THE FIGHT AGAINST MALWARE

Become a BleepingComputer fan: Facebook

#3 harrythook

harrythook


  • Security Colleague
  • 4,152 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Philadelphia
  • Local time:04:20 PM

Posted 17 September 2008 - 04:16 AM

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.
All others please read The Preparation Guide before starting your topic.

Veni Vidi Vici
THE FIGHT AGAINST MALWARE

Become a BleepingComputer fan: Facebook

#4 harrythook

harrythook


  • Security Colleague
  • 4,152 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Philadelphia
  • Local time:04:20 PM

Posted 17 September 2008 - 01:01 PM

Topic reopened at user request

Veni Vidi Vici
THE FIGHT AGAINST MALWARE

Become a BleepingComputer fan: Facebook

#5 valdur55

valdur55
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:20 AM

Posted 18 September 2008 - 07:42 AM

TY :)
OTViewIt Extras logfile created on: 17.09.2008 20:12:55 - Run ordi
OTViewIt by OldTimer - Version 1.0.5.0 Folder = C:\Documents and Settings\ordi\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18241)
Locale: 00000425 | Country: Estonia | Language: ETI | Date Format: d.MM.yyyy

959,48 Mb Total Physical Memory | 460,38 Mb Available Physical Memory | 47,98% Memory free
2,26 Gb Paging File | 1,82 Gb Available in Paging File | 80,52% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 3,58 Gb Free Space | 18,33% Space Free | Partition Type: NTFS
Drive D: | 54,99 Gb Total Space | 26,45 Gb Free Space | 48,10% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: XPSP3
Current User Name: ordi
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
Files within: 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hta [@ = htafile] -- C:\WINDOWS\system32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[07.10.2008 08:51:06 | 00,095,744 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player
[05.12.2005 10:06:08 | 00,200,704 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
[03.15.2005 15:12:10 | 00,417,792 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe
File not found -- E:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup
[05.28.2008 03:14:08 | 00,421,888 | ---- | M] () -- C:\Games\Paintball2\paintball2.exe:*:Enabled:paintball2
[08.19.2008 11:06:46 | 00,282,928 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
[09.04.2008 09:54:54 | 01,707,208 | ---- | M] (Orbitdownloader.com) -- C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit
[11.25.2002 23:35:10 | 00,155,648 | ---- | M] () -- C:\Program Files\SHOUTcast\sc_serv.exe:*:Enabled:sc_serv
[08.22.2008 09:07:26 | 02,567,992 | ---- | M] (www.BitComet.com) -- C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client
[08.22.2008 03:16:40 | 00,637,984 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer
[09.02.2008 20:45:10 | 00,106,496 | ---- | M] (Madis Ester) -- C:\Documents and Settings\ordi\Local Settings\Apps\2.0\V2VLTED9.7T1\Q7C2NBJE.15O\digi..tion_bac3c0867c426f1b_0001.0000_48327bea6e7ea57a\DigiTvStation.exe:*:Enabled:DigiTvStation
[08.21.2008 16:38:30 | 08,676,885 | ---- | M] () -- C:\Program Files\aMule\amule.exe:*:Enabled:All-Platform P2P Client Based on eMule
[12.23.2007 15:29:26 | 00,962,560 | ---- | M] () -- D:\Need mis jäävad alles\Iptv Client\friptv.exe:*:Enabled:friptv

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[08.22.2008 03:09:32 | 05,699,584 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll (about:{3050F406-98B5-11CF-BB82-00AA00BDCE0B} (HKLM) [Microsoft HTML About Pluggable Protocol])
[08.22.2008 03:08:22 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll (cdl:{3dd53d40-7b8b-11D0-b013-00aa0059ce02} (HKLM) [CDL: Asychronous Pluggable Protocol Handler])
[08.22.2008 03:08:22 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll (file:{79eac9e7-baf9-11ce-8c82-00aa004ba90b} (HKLM) [file:, local: Asychronous Pluggable Protocol Handler])
[08.22.2008 03:08:22 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll (ftp:{79eac9e3-baf9-11ce-8c82-00aa004ba90b} (HKLM) [ftp: Asychronous Pluggable Protocol Handler])
[08.22.2008 03:08:22 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll (gopher:{79eac9e4-baf9-11ce-8c82-00aa004ba90b} (HKLM) [gopher: Asychronous Pluggable Protocol Handler])
[08.22.2008 03:08:22 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll (http:{79eac9e2-baf9-11ce-8c82-00aa004ba90b} (HKLM) [http: Asychronous Pluggable Protocol Handler])
[08.22.2008 03:08:22 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll (https:{79eac9e5-baf9-11ce-8c82-00aa004ba90b} (HKLM) [https: Asychronous Pluggable Protocol Handler])
ipp: [HKLM - No CLSID value]
[08.22.2008 03:09:32 | 05,699,584 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll (java script:{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} (HKLM) [Microsoft HTML Javascript Pluggable Protocol])
[08.22.2008 03:08:22 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll (local:{79eac9e7-baf9-11ce-8c82-00aa004ba90b} (HKLM) [file:, local: Asychronous Pluggable Protocol Handler])
[08.22.2008 03:09:32 | 05,699,584 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll (mailto:{3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} (HKLM) [Microsoft HTML Mailto Pluggable Protocol])
[08.22.2008 03:08:22 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll (mk:{79eac9e6-baf9-11ce-8c82-00aa004ba90b} (HKLM) [mk: Asychronous Pluggable Protocol Handler])
msdaipp: [HKLM - No CLSID value]
[08.22.2008 03:09:32 | 05,699,584 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll (res:{3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} (HKLM) [Microsoft HTML Resource Pluggable Protocol])
[08.22.2008 03:09:32 | 05,699,584 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll (sysimage:{76E67A63-06E9-11D2-A840-006008059382} (HKLM) [Microsoft HTML Resource Pluggable Protocol])
[08.22.2008 03:09:32 | 05,699,584 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll (vbscript:{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} (HKLM) [Microsoft HTML Javascript Pluggable Protocol])

========== (O18) Protocol Filters ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[08.22.2008 03:08:22 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll Class Install Handler:{32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} (HKLM) [AP Class Install Handler filter]
[08.22.2008 03:08:22 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll deflate:{8f6b0360-b80d-11d0-a9b3-006097942311} (HKLM) [AP encoding/decoding Filters]
[08.22.2008 03:08:22 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll gzip:{8f6b0360-b80d-11d0-a9b3-006097942311} (HKLM) [AP encoding/decoding Filters]
[08.22.2008 03:08:22 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll lzdhtml:{8f6b0360-b80d-11d0-a9b3-006097942311} (HKLM) [AP encoding/decoding Filters]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}"=CP_Package_Variety1
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}"=Destinations
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}"=AiO_Scan
"{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}"=Security Update for CAPICOM (KB931906)
"{0F9196C6-58B4-445B-B56E-B1200FECC151}"=Microsoft Bootvis
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}"=HP Software Update
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}"=Adobe AIR
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}"=CP_Package_Variety3
"{20D4A895-748C-4D88-871C-FDB1695B0169}"=Platform
"{248AAA00-2F64-11D5-B5AD-0080C877640C}"=USB Internet Keyboard
"{28EF6DD0-D02D-46BF-92D0-221707C072DD}"=ID-kaart
"{29E4709D-3E2C-4BB1-8922-E781FD3A91C7}"=Windows Live Mail
"{2B43252C-A1E3-4C47-927C-9F2C276D3515}"=S3GSetup
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}"=Unload
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}"=TrayApp
"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{36C9E08A-BE2B-40A0-83C5-576748F7B777}"=TestDrive Client
"{3921A67A-5AB1-4E48-9444-C71814CF3027}"=VCRedistSetup
"{3E9AD757-FC5D-4E62-8A1C-F754135C7328}"=Windows Live Messenger
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}"=Paint.NET v3.36
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}"=NewCopy
"{552171BC-30F8-3B29-9C4F-E3FE590B7CAC}"=Google Gears
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}"=neroxml
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}"=WebReg
"{5783F2D7-0301-0409-0002-0060B0CE6BBA}"=AutoCAD 2005 - English
"{5A710547-B58E-488B-828D-CA9A25A0533C}"=MSXML 6.0 Parser (KB927977)
"{5ACAFB32-6336-4304-9766-B233ACEC0A8F}"=PC Camera E
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}"=MarketResearch
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}"=HP PSC & OfficeJet 5.3.B
"{65248369-7CB9-43A9-82C8-C438AE04DED4}"=1500
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}"=eSupportQFolder
"{6846389C-BAC0-4374-808E-B120F86AF5D7}"=Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}"=DocProc
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}"=CustomerResearchQFolder
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}"=Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}"=Acrobat.com
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}"=AiOSoftware
"{7AE38076-D8FD-4EF9-A203-98A3EF0C66C1}"=Siemens Data Suite
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}"=ProductContext
"{81E06318-EEB9-4D55-8CD5-7AC9148D5E66}"=1500_Help
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}"=Microsoft Silverlight
"{8E72B982-D54F-486F-B35A-C24B6F171033}"=Nero 7 Essentials
"{90110409-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Professional Edition 2003
"{901E0425-6000-11D3-8CFE-0150048383C9}"=Microsoft Office 2003 Estonian User Interface Pack
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}"=Readme
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}"=ScannerCopy
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}"=DeviceManagementQFolder
"{AC76BA86-7AD7-1061-7B44-A81200000003}"=Adobe Reader 8 - Estonian
"{AC76BA86-7AD7-1061-7B44-A81200000003}_Adobe Reader 8 - Estonian"=Adobe Reader 8.1.2 Security Update 1 (KB403742)
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}"=Microsoft Virtual PC 2007 SP1
"{ADB77783-0845-46EC-B23E-9C689A193099}"=DigiDoc Client
"{AF5A39FE-51FB-4BA3-B399-2D1F0C65D617}_is1"=AusLogics System Information
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}"=Windows Live'i sisselogimisabimees
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1"=Spybot - Search & Destroy
"{B6D0F294-B844-4FAF-9993-FAC10E9E0F94}"=AlacrityPC
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}"=CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}"=BufferChm
"{C04E32E0-0416-434D-AFB9-6969D703A9EF}"=MSXML 4.0 SP2 (KB936181)
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}"=Scan
"{C89DFB26-A677-46EB-A189-7F27F89FFAE1}"=Windows Live installer
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{CBA30674-A242-4531-82B5-586B31F90E04}"=1500Trb
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}"=LightScribe System Software 1.10.13.1
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}"=Fax
"{D21B65C4-F7ED-4805-8781-BB835AC85D14}"=Thoosje Quick Xp Optimizer Installer V2
"{D627784F-B3EE-44E8-96B1-9509B991EA34}_is1"=AusLogics Registry Defrag
"{DE114695-AE58-4B66-8E0F-2505188602FB}_is1"=Uninstall Startup Inspector
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1"=AusLogics Disk Defrag
"{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7}"=Opera 9.52
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}"=HPProductAssistant
"{E7AD551F-D848-4639-80C9-D3507D1C66A5}_is1"=ID-kaardi tarkvara Firefoxile v0.8.3
"{EA103B64-C0E4-4C0E-A506-751590E1653D}"=SolutionCenter
"{F34D9A5F-484A-4E31-A9D3-908CB265B289}"=Sygate Personal Firewall
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}"=Status
"{FB08F381-6533-4108-B7DD-039E11FBC27E}"=Realtek AC'97 Audio
"{FE64AE29-0883-4C70-8388-DC026019C900}"=HP Image Zone Express
"001FFFFFFF12FF00FF0701F02F02F000-R1"=ArchiCAD 12 INT
"040FFFFFFF12FF00FF0701F00F02F000-R1"=ArchiCAD Guide - BIM Experience
"044FFFFFFF11FF00FF0701F00F02F000-R1"=ArchiCAD Guide - Basic INT
"3D Windows XP"=3D Windows XP Screen Saver
"Adobe AIR"=Adobe AIR
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player Plugin
"Adobe Shockwave Player"=Adobe Shockwave Player
"Advanced SystemCare 3_is1"=Advanced SystemCare 3 Beta
"aMule"=aMule
"a-squared HiJackFree_is1"=a-squared HiJackFree 3.1
"Autodesk DWF Viewer"=Autodesk DWF Viewer
"avast!"=avast! Antivirus
"Bandwidth Monitor_is1"=Bandwidth Monitor
"Belarc Advisor"=Belarc Advisor 7.2
"BFGC"=Big Fish Games Client
"BitComet"=BitComet 1.04
"BitLord"=BitLord 1.1
"BulentsScreenRecorder4"=BSR Screen Recorder 4
"CAL"=Canon Camera Access Library
"CameraWindowDVC5"=Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6"=Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC"=Canon Camera Window MC 6 for ZoomBrowser EX
"Camtasia Studio 3"=Camtasia Studio 3
"Canon G.726 WMP-Decoder"=Canon G.726 WMP-Decoder
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1"=Acrobat.com
"CounterStrike 1.6 from VSI (Version 1.02)"=CounterStrike 1.6 from VSI (Version 1.02)
"CSCLIB"=Canon Camera Support Core Library
"DriverGuide DriverScan"=DriverGuide DriverScan
"DVD-lab PRO 2.3_is1"=DVD-lab PRO 2.3
"E38B2136962D21A7BDE5AAC98CD1C6EA6B6D0687"=Windows Driver Package - Microsoft (USBCCID) SmartCardReader (05/17/2005 5.2.3790.2444)
"Eesti-Inglise-Eesti_sõnaraamat_1.0"=EN-ET 1.3
"EMCO Malware Destroyer_is1"=EMCO Malware Destroyer
"eMule"=eMule
"EOS Utility"=Canon Utilities EOS Utility
"ExtractNow_is1"=ExtractNow
"GOM Player"=GOM Player
"GrabProGrabPro"=GrabPro - Toolbar
"HijackThis"=HijackThis 2.0.2
"HP Imaging Device Functions"=HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools"=HP Solution Center & Imaging Support Tools 5.3
"HPExtendedCapabilities"=HP Extended Capabilities 5.3
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"ie7"=Windows Internet Explorer 7
"ie8"=Windows Internet Explorer 8 Beta 2
"iMesh"=iMesh
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}"=VIA Platform Device Manager
"InstallShield_{5ACAFB32-6336-4304-9766-B233ACEC0A8F}"=PC Camera E
"InstallShield_{7AE38076-D8FD-4EF9-A203-98A3EF0C66C1}"=Siemens Data Suite
"IrfanView"=IrfanView (remove only)
"KB892130"=Windows Genuine Advantage Validation Tool (KB892130)
"KB926139-v2"=Windows PowerShell™ 1.0
"KB928365.T1_1ToU569_1"=Security Update for Microsoft .NET Framework 2.0 (KB928365)
"KB929399"=Hotfix for Windows Media Format 11 SDK (KB929399)
"KB931906"=Security Update for CAPICOM (KB931906)
"KB936782_WMP11"=Security Update for Windows Media Player 11 (KB936782)
"KB938127-v2-IE7"=Security Update for Windows Internet Explorer 7 (KB938127-v2)
"KB939683"=Hotfix for Windows Media Player 11 (KB939683)
"KB953838-IE7"=Security Update for Windows Internet Explorer 7 (KB953838)
"KB954154_WM11"=Security Update for Windows Media Player 11 (KB954154)
"KP Typing Tutor"=KP Typing Tutor
"KP Typing Tutor_is1"=KP Typing Tutor v3.2 Beta International Edition
"M928366"=Microsoft .NET Framework 1.1 Hotfix (KB928366)
"Magic ISO Maker v5.5 (build 0272)"=Magic ISO Maker v5.5 (build 0272)
"MagicDisc 2.7.105"=MagicDisc 2.7.105
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"Malwarebytes' RogueRemover FREE_is1"=Malwarebytes' RogueRemover
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0"=Microsoft .NET Framework 2.0
"Mozilla Firefox (3.0.1)"=Mozilla Firefox (3.0.1)
"MovieEditTask"=Canon MovieEdit Task for ZoomBrowser EX
"MpcStar"=MpcStar 3.1
"MPEG2 Codec(libmpeg2/mad)"=MPEG2 Codec(libmpeg2/mad)
"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP
"MS-MPEG4"=Microsoft MPEG-4 VKI Video Codec V1/V2/V3
"My Pictures Editor_is1"=Photo! 3D Album 1.1
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"Notepad++"=Notepad++
"Orbit_is1"=Orbit Downloader
"Paintball2"=Paintball2 Alpha build 23
"PhotoStitch"=Canon Utilities PhotoStitch
"Picasa2"=Picasa 2
"QuicktimeAlt_is1"=QuickTime Alternative 2.6.0
"RAW Image Task"=Canon RAW Image Task for ZoomBrowser EX
"RegistryBooster 2_is1"=Uniblue RegistryBooster 2
"RemoteCaptureTask"=Canon RemoteCapture Task for ZoomBrowser EX
"SCDNAS"=SHOUTcast DNAS (remove only)
"SHOUTcastDSP"=SHOUTcast Source DSP 1.8.2 (remove only)
"SLABCOMM&10C4&EA60"=CP2101 USB to UART Bridge Controller
"SpeedUpMyPC_is1"=Uniblue SpeedUpMyPC 3
"Startup Inspector - Startup Monitor_is1"=Startup Monitor 1.0
"SubtitleWorkshop"=Subtitle Workshop 2.51
"System TuneUp_is1"=System TuneUp
"ZoomBrowser EX"=Canon Utilities ZoomBrowser EX
"TeamViewer 3"=TeamViewer 3
"Totalcmd"=Total Commander (Remove or Repair)
"Trillian"=Trillian
"WGA"=Windows Genuine Advantage Validation Tool (KB892130)
"VIA/S3G Display Driver"=VIA/S3G Display Driver
"VIA/S3G UniChrome Family Win2K/XP Display"=VIA/S3G Display Driver
"Winamp"=Winamp
"Windows Live OneCare safety scanner"=Windows Live OneCare safety scanner
"Windows Media Format Runtime"=Windows Media Format 11 runtime
"Windows Media Player"=Windows Media Player 11
"WinRAR archiver"=WinRAR archiver
"VLC media player"=VideoLAN VLC media player 0.8.6i
"WMFDist11"=Windows Media Format 11 runtime
"wmp11"=Windows Media Player 11
"VN_VUIns_Rhine_VIA"=VIA Rhine-Family Fast-Ethernet Adapter
"Wudf01000"=Microsoft User-Mode Driver Framework Feature Pack 1.0
"X-Chat 2_is1"=X-Chat 2.8.4-1
"xvid"=XviD MPEG-4 Video Codec

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f24f37bcff5fb315"=DigiTvStation
"Google Chrome"=Google Chrome
"QUICKMEDIACONVERTER"=Player
"uTorrent"=µTorrent

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 16.09.2008 11:18:12 | Computer Name = XPSP3 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\a2b885343fc84223a4ebe8\i386\images\faq_prgs.jpg failed, 00000005.

Error - 16.09.2008 11:18:13 | Computer Name = XPSP3 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\a2b885343fc84223a4ebe8\i386\ip\winnt32.msi failed, 00000005.

Error - 16.09.2008 11:18:16 | Computer Name = XPSP3 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\a2b885343fc84223a4ebe8\i386\smartnav.js failed, 00000005.

Error - 16.09.2008 11:18:16 | Computer Name = XPSP3 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\a2b885343fc84223a4ebe8\i386\smartnavie5.js failed, 00000005.

Error - 16.09.2008 11:18:17 | Computer Name = XPSP3 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\a2b885343fc84223a4ebe8\i386\update\update.msi failed, 00000005.

Error - 16.09.2008 11:18:19 | Computer Name = XPSP3 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\a2b885343fc84223a4ebe8\i386\xptht33d.jpg failed, 00000005.

Error - 16.09.2008 11:18:19 | Computer Name = XPSP3 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\a2b885343fc84223a4ebe8\i386\xptht78d.jpg failed, 00000005.

Error - 16.09.2008 11:18:19 | Computer Name = XPSP3 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\a2b885343fc84223a4ebe8\i386\xptht79d.jpg failed, 00000005.

Error - 16.09.2008 11:18:19 | Computer Name = XPSP3 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\a2b885343fc84223a4ebe8\i386\xptht80d.jpg failed, 00000005.

Error - 16.09.2008 11:18:19 | Computer Name = XPSP3 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\a608fcc79981c8e81495327e4997da\msxml6.msi failed, 00000005.

[ Application Events ]
Error - 23.08.2008 13:05:32 | Computer Name = XPSP3 | Source = MsiInstaller | ID = 1013
Description = Product: PC Camera E -- 1: This installation cannot be run by directly
launching the MSI package. You must run setup.exe.

Error - 24.08.2008 6:44:04 | Computer Name = XPSP3 | Source = MsiInstaller | ID = 1013
Description = Product: Siemens Data Suite -- 1: This installation can not be run
by directly launching the MSI package; you must run setup.exe.

Error - 24.08.2008 10:49:30 | Computer Name = XPSP3 | Source = Application Error | ID = 1000
Description = Faulting application camtasiastudio.exe, version 3.1.2.0, faulting
module camtasiastudio.exe, version 3.1.2.0, fault address 0x00070463.

Error - 25.08.2008 15:41:38 | Computer Name = XPSP3 | Source = Application Error | ID = 1000
Description = Faulting application orbitdm.exe, version 2.7.0.3, faulting module
download.dll, version 2.7.0.3, fault address 0x0006e95d.

Error - 26.08.2008 13:11:14 | Computer Name = XPSP3 | Source = MsiInstaller | ID = 1013
Description = Product: Siemens Data Suite -- 1: This installation can not be run
by directly launching the MSI package; you must run setup.exe.

Error - 27.08.2008 8:28:37 | Computer Name = XPSP3 | Source = MsiInstaller | ID = 1013
Description = Product: Siemens Data Suite -- 1: This installation can not be run
by directly launching the MSI package; you must run setup.exe.

Error - 28.08.2008 10:03:10 | Computer Name = XPSP3 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18241, faulting
module ieframe.dll, version 8.0.6001.18241, fault address 0x001121d1.

Error - 28.08.2008 13:12:50 | Computer Name = XPSP3 | Source = MsiInstaller | ID = 1013
Description = Toode: Adobe Reader 8 - Estonian -- Installiprogramm tuvastas, et
teil on suurema funktsioonikomplektiga toode juba installitud. Installiprogramm
lõpetab töö.

[ System Events ]
Error - 16.09.2008 9:10:54 | Computer Name = XPSP3 | Source = SCardSvr | ID = 610
Description = Smart Card Reader 'OMNIKEY CardMan 1021 0' rejected IOCTL GET_STATE:
The device has been removed.

Error - 16.09.2008 9:13:38 | Computer Name = XPSP3 | Source = SCardSvr | ID = 610
Description = Smart Card Reader 'OMNIKEY CardMan 1021 0' rejected IOCTL GET_STATE:
The device has been removed.

Error - 16.09.2008 9:13:38 | Computer Name = XPSP3 | Source = SCardSvr | ID = 610
Description = Smart Card Reader 'OMNIKEY CardMan 1021 0' rejected IOCTL GET_STATE:
The device has been removed.

Error - 16.09.2008 9:15:18 | Computer Name = XPSP3 | Source = SCardSvr | ID = 610
Description = Smart Card Reader 'OMNIKEY CardMan 1021 0' rejected IOCTL GET_STATE:
Access is denied.

Error - 16.09.2008 9:45:51 | Computer Name = XPSP3 | Source = Service Control Manager | ID = 7000
Description = The SASDIFSV service failed to start due to the following error: %%183

Error - 16.09.2008 11:14:00 | Computer Name = XPSP3 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASKUTIL

Error - 16.09.2008 13:01:46 | Computer Name = XPSP3 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASKUTIL

Error - 17.09.2008 6:05:41 | Computer Name = XPSP3 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASKUTIL

Error - 17.09.2008 7:46:02 | Computer Name = XPSP3 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASKUTIL

Error - 17.09.2008 11:08:11 | Computer Name = XPSP3 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASKUTIL


< End of report >

OTViewIt logfile created on: 17.09.2008 20:12:55 - Run 1
OTViewIt by OldTimer - Version 1.0.5.0 Folder = C:\Documents and Settings\ordi\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18241)
Locale: 00000425 | Country: Estonia | Language: ETI | Date Format: d.MM.yyyy

959,48 Mb Total Physical Memory | 460,38 Mb Available Physical Memory | 47,98% Memory free
2,26 Gb Paging File | 1,82 Gb Available in Paging File | 80,52% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 3,58 Gb Free Space | 18,33% Space Free | Partition Type: NTFS
Drive D: | 54,99 Gb Total Space | 26,45 Gb Free Space | 48,10% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: XPSP3
Current User Name: ordi
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
Files within: 30 Days

========== Processes - Non-Microsoft Only ==========

[09.10.2008 11:32:06 | 02,306,936 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3 Beta\AWC.exe
[09.04.2008 09:54:54 | 01,707,208 | ---- | M] (Orbitdownloader.com) -- C:\Program Files\Orbitdownloader\orbitdm.exe
[01.14.2005 09:32:38 | 00,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe
[09.17.2008 20:12:35 | 00,424,448 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ordi\Desktop\OTViewIt.exe

========== (O23) Win32 Services - Non-Microsoft Only ==========

[09.05.2008 20:04:32 | 00,074,360 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service [On_Demand | Stopped])
[01.14.2005 09:32:38 | 00,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator [Auto | Running])

========== Driver Services - Non-Microsoft Only ==========

[02.27.2008 13:49:00 | 00,003,840 | ---- | M] () -- C:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt [System | Running])
File not found -- D:\Program files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Stopped])
File not found -- D:\Program files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
File not found -- D:\Program files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Stopped])
File not found -- C:\WINDOWS\System32\DRIVERS\scrcap.sys -- (scrcap [On_Demand | Stopped])
[06.17.2004 04:05:46 | 00,136,832 | ---- | M] () -- C:\WINDOWS\system32\drivers\pfc027.sys -- (SoC PC-Camera Service [On_Demand | Stopped])
[08.28.2008 11:46:10 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip [System | Running])


========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.neti.ee/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{000123B4-9B42-4900-B3F7-F4B073EFC214} (HKLM) -- C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" (HKLM) -- C:\Program Files\Orbitdownloader\GrabPro.dll ()

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" (HKLM) -- C:\Program Files\Orbitdownloader\GrabPro.dll ()
"{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime (Apple Computer, Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 3"="C:\Program Files\IObit\Advanced SystemCare 3 Beta\AWC.exe" /startup (IObit)
"Google Update"="C:\Documents and Settings\ordi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (Google Inc.)

========== (O4) Startup Folders ==========

[09.04.2008 09:54:54 | 01,707,208 | ---- | M] (Orbitdownloader.com) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe

========== (O6 & O7) Internet Explorer Policies ==========
[HKEY_LOCAL_MACHINE\Software\policies\microsoft\internet explorer\Infodelivery] - present

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"LinkResolveIgnoreLinkInfo"=0
"NoResolveSearch"=1


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
"ClearRecentDocsOnExit"=01 00 00 00 00 00 00 00 [binary data]
"NoSMMyPictures"=1
"LinkResolveIgnoreLinkInfo"=0
"NoSaveSettings"= [binary data]
"NoActiveDesktop"= [binary data]

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
&Download by Orbit: C:\Program Files\Orbitdownloader\orbitmxt.dll [09.04.2008 09:54:46 | 00,101,496 | ---- | M] (Orbitdownloader.com)
&Grab video by Orbit: C:\Program Files\Orbitdownloader\orbitmxt.dll [09.04.2008 09:54:46 | 00,101,496 | ---- | M] (Orbitdownloader.com)
Do&wnload selected by Orbit: C:\Program Files\Orbitdownloader\orbitmxt.dll [09.04.2008 09:54:46 | 00,101,496 | ---- | M] (Orbitdownloader.com)
Down&load all by Orbit: C:\Program Files\Orbitdownloader\orbitmxt.dll [09.04.2008 09:54:46 | 00,101,496 | ---- | M] (Orbitdownloader.com)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
microsoft.com\www.update: https in My Computer
2 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}: http://download.microsoft.com/download/e/4.../OGAControl.cab -- Office Genuine Advantage Validation Tool
{096DCF31-53FA-4BA6-A729-D85D29FC0D70}: https://installer.id.ee/IDInstaller.cab -- Detect Class
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE}: http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab -- Symantec AntiVirus scanner
{4EFA317A-8569-4788-B175-5BAF9731A549}: http://www.microsoft.com/resources/virtual...iveXClient1.cab -- Microsoft Virtual Server VMRC Advanced Control
{644E432F-49D3-41A1-8DD5-E099162EEEC5}: http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab -- Symantec RuFSI Utility Class
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}: http://www.update.microsoft.com/microsoftu...b?1218629493859 -- MUWebControl Class
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{917623D1-D8E5-11D2-BE8B-00104B06BDE3}: http://www.ilm.ee/tehvandi/AxisCamControl.ocx -- CamImage Class
{C7DB51B4-BCF7-4923-8874-7F1A0DC92277}: http://office.microsoft.com/officeupdate/content/opuc4.cab -- Office Update Installation Engine
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab -- Shockwave Flash Object
{E8EB147D-ABEF-4228-A603-AAA845D1B2C1}: http://www.sk.ee/id-kontroll/20070223.cab -- esteidTool Class

========== (O17) DNS Name Servers ==========

{60ADE63A-797E-415C-9E55-A133632271A2} (Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC)
{CA96C22E-BC38-4F20-9C7D-31E58739D89F} (Servers: | Description: )
{F85BE00B-8E20-4A25-ADFA-A432636C76B6} (Servers: | Description: VIA Rhine II Fast Ethernet Adapter)

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
!SASWinLogon: "DllName" = Reg Error: Value DLLName does not exist or could not be read. -- File not found

========== (O21) SSODL Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} (HKLM) -- C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[08.13.2008 10:46:28 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\Shell]
""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\Shell\AutoRun]
""=Auto&Play


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\Shell\AutoRun\command]
""=G:\LaunchU3.exe -- File not found



========== Files/Folders - Created Within 30 days ==========

[08.19.2008 15:27:47 | 00,000,008 | ---- | C] () -- C:\Documents and Settings\ordi\Application Data\usb.dat.bin
[08.20.2008 14:58:07 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uxtheme.dll
[08.21.2008 09:25:03 | 00,000,758 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GOM Player.lnk
[08.21.2008 09:31:31 | 00,000,000 | ---- | C] () -- C:\Program Files\temp01
[08.21.2008 11:58:29 | 00,000,036 | ---- | C] () -- C:\Documents and Settings\ordi\Application Data\.googlewebacchosts
[08.21.2008 17:22:14 | 00,025,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[08.22.2008 03:05:00 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PrivacIE.dll
[08.22.2008 13:12:39 | 00,002,300 | -H-- | C] () -- D:\Minu Dokumendid\ZbThumbnail.info
[08.22.2008 13:16:04 | 00,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Picasa2.lnk
[08.22.2008 16:26:40 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[08.22.2008 16:26:40 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lmmib2.dll
[08.22.2008 16:26:41 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[08.22.2008 16:26:41 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hostmib.dll
[08.22.2008 16:26:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[08.22.2008 16:26:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmpmib.dll
[08.22.2008 16:26:42 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[08.22.2008 16:26:42 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmptrap.exe
[08.22.2008 16:26:42 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[08.22.2008 16:26:42 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\evntcmd.exe
[08.22.2008 16:26:42 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[08.22.2008 16:26:42 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmp.exe
[08.22.2008 16:26:42 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[08.22.2008 16:26:42 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\evntwin.exe
[08.22.2008 16:26:42 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[08.22.2008 16:26:42 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\evntagnt.dll
[08.22.2008 16:26:42 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[08.22.2008 16:26:43 | 00,015,597 | ---- | C] () -- C:\WINDOWS\System32\accserv.mib
[08.22.2008 16:26:43 | 00,016,617 | ---- | C] () -- C:\WINDOWS\System32\authserv.mib
[08.22.2008 16:26:43 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[08.22.2008 16:26:43 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[08.22.2008 16:26:43 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[08.22.2008 16:26:43 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[08.22.2008 16:26:44 | 00,004,597 | ---- | C] () -- C:\WINDOWS\System32\dhcp.mib
[08.22.2008 16:26:44 | 00,015,799 | ---- | C] () -- C:\WINDOWS\System32\ipforwd.mib
[08.22.2008 16:26:44 | 00,048,593 | ---- | C] () -- C:\WINDOWS\System32\hostmib.mib
[08.22.2008 16:26:45 | 00,026,100 | ---- | C] () -- C:\WINDOWS\System32\lmmib2.mib
[08.22.2008 16:26:45 | 00,030,448 | ---- | C] () -- C:\WINDOWS\System32\mcastmib.mib
[08.22.2008 16:26:46 | 00,000,581 | ---- | C] () -- C:\WINDOWS\System32\msft.mib
[08.22.2008 16:26:46 | 00,004,332 | ---- | C] () -- C:\WINDOWS\System32\smi.mib
[08.22.2008 16:26:46 | 00,010,313 | ---- | C] () -- C:\WINDOWS\System32\mripsap.mib
[08.22.2008 16:26:46 | 00,013,767 | ---- | C] () -- C:\WINDOWS\System32\msipbtp.mib
[08.22.2008 16:26:46 | 00,021,386 | ---- | C] () -- C:\WINDOWS\System32\mipx.mib
[08.22.2008 16:26:46 | 00,034,317 | ---- | C] () -- C:\WINDOWS\System32\msiprip2.mib
[08.22.2008 16:26:46 | 00,038,608 | ---- | C] () -- C:\WINDOWS\System32\nipx.mib
[08.22.2008 16:26:46 | 00,107,882 | ---- | C] () -- C:\WINDOWS\System32\mib_ii.mib
[08.22.2008 16:26:47 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[08.22.2008 16:26:47 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[08.22.2008 16:26:47 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[08.22.2008 16:26:47 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[08.22.2008 16:26:47 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[08.22.2008 16:26:47 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\simptcp.dll
[08.22.2008 16:26:47 | 00,026,236 | ---- | C] () -- C:\WINDOWS\System32\wins.mib
[08.22.2008 16:26:47 | 00,049,275 | ---- | C] () -- C:\WINDOWS\System32\wfospf.mib
[08.22.2008 17:12:46 | 03,520,552 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\ordi\Desktop\procexp.exe
[08.22.2008 20:32:01 | 00,885,167 | ---- | C] () -- D:\Minu Dokumendid\IMG_0937.jpg
[08.22.2008 21:52:33 | 00,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Winamp.lnk
[08.23.2008 20:11:17 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[08.23.2008 20:11:17 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[08.23.2008 20:11:19 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[08.23.2008 20:11:19 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[08.23.2008 20:11:19 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[08.23.2008 20:11:19 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[08.23.2008 20:11:19 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[08.23.2008 20:11:19 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[08.23.2008 20:11:19 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[08.23.2008 20:11:19 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[08.23.2008 20:11:26 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\PAStiSvc.exe
[08.23.2008 20:11:31 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[08.23.2008 20:11:31 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\CCDECODE.sys
[08.23.2008 20:11:33 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[08.23.2008 20:11:33 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NABTSFEC.sys
[08.23.2008 20:11:36 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[08.23.2008 20:11:36 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\WSTCODEC.SYS
[08.23.2008 20:11:39 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[08.23.2008 20:11:39 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\SLIP.sys
[08.23.2008 20:11:41 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[08.23.2008 20:11:41 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\StreamIP.sys
[08.23.2008 20:11:41 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[08.23.2008 20:11:41 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[08.23.2008 20:11:42 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[08.23.2008 20:11:42 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSTEE.sys
[08.23.2008 20:11:45 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[08.23.2008 20:11:45 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NdisIP.sys
[08.24.2008 13:43:20 | 00,005,776 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\slabwh.sys
[08.24.2008 13:43:20 | 00,051,040 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\slabbus.sys
[08.24.2008 13:43:21 | 00,000,101 | R--- | C] () -- C:\WINDOWS\System32\slabun.u2k
[08.24.2008 13:43:21 | 00,005,776 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\slabwhnt.sys
[08.24.2008 13:43:42 | 00,006,112 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\slabcm.sys
[08.24.2008 13:43:42 | 00,006,112 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\slabcmnt.sys
[08.24.2008 13:43:42 | 00,082,768 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\slabser.sys
[08.25.2008 13:23:35 | 00,002,048 | ---- | C] () -- C:\WINDOWS\System32\Tr_sttool.dat
[08.25.2008 13:23:35 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\bsratwmv.dll
[08.25.2008 13:23:35 | 00,585,728 | ---- | C] () -- C:\WINDOWS\System32\bsratswf.dll
[08.25.2008 14:08:38 | 00,045,056 | ---- | C] (TechSmith Corporation) -- C:\WINDOWS\System32\CSvidcap.dll
[08.25.2008 14:08:51 | 00,102,400 | ---- | C] (TechSmith Corporation) -- C:\WINDOWS\System32\tsccvid.dll
[08.25.2008 14:08:59 | 00,000,905 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Camtasia Studio 3.lnk
[08.25.2008 15:56:52 | 00,038,472 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[08.25.2008 15:56:53 | 00,017,144 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[08.25.2008 16:55:16 | 00,000,156 | ---- | C] () -- C:\Documents and Settings\ordi\Desktop\asi2.m3u
[08.25.2008 21:04:03 | 00,011,889 | ---- | C] (WayTech Development, Inc.) -- C:\WINDOWS\System32\drivers\kbfilter.sys
[08.26.2008 15:51:07 | 00,003,188 | -H-- | C] () -- C:\Documents and Settings\ordi\Desktop\ZbThumbnail.info
[08.26.2008 18:07:06 | 00,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[08.26.2008 18:07:09 | 00,001,748 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Belarc Advisor.lnk
[08.26.2008 21:23:44 | 00,001,560 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Orbit.lnk
[08.27.2008 08:42:52 | 00,000,390 | ---- | C] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job
[08.27.2008 08:42:53 | 00,000,268 | ---- | C] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
[08.27.2008 10:10:53 | 00,083,096 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\SSSensor.dll
[08.27.2008 10:10:57 | 00,021,075 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wpsdrvnt.sys
[08.27.2008 10:10:58 | 00,060,496 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\Teefer.sys
[08.27.2008 10:10:59 | 00,014,568 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wg3n.sys
[08.27.2008 10:10:59 | 00,014,568 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wg4n.sys
[08.27.2008 10:10:59 | 00,014,568 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wg5n.sys
[08.27.2008 10:11:00 | 00,014,568 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wg6n.sys
[08.27.2008 11:03:08 | 00,000,142 | ---- | C] () -- C:\WINDOWS\System32\cmabout.ini
[08.27.2008 11:03:08 | 00,010,357 | ---- | C] () -- C:\WINDOWS\System32\cmdiag.ini
[08.27.2008 11:03:08 | 00,241,664 | ---- | C] () -- C:\WINDOWS\System32\cmabout.dll
[08.27.2008 11:03:08 | 00,405,504 | ---- | C] (OMNIKEY) -- C:\WINDOWS\System32\cmdiag.cpl
[08.27.2008 16:15:13 | 00,001,391 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mobile.lnk
[08.28.2008 10:13:54 | 00,000,420 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E85A67AC-4819-4614-8523-CBA3D743B91D}.job
[08.28.2008 11:46:09 | 00,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys.ORIGINAL
[08.28.2008 11:46:09 | 00,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip.sys.ORIGINAL
[08.28.2008 12:14:53 | 00,000,814 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk
[08.28.2008 14:00:03 | 00,000,024 | ---- | C] () -- C:\Documents and Settings\ordi\Application Data\xpy.ini
[08.28.2008 20:20:44 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[08.29.2008 10:32:31 | 00,000,706 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\KP Typing Tutor.lnk
[08.29.2008 10:35:29 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\GkSui18.EXE
[08.30.2008 14:37:43 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[08.30.2008 14:37:46 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[08.30.2008 14:37:48 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[08.30.2008 14:37:49 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[08.30.2008 14:37:51 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[08.30.2008 14:37:52 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[08.30.2008 14:37:53 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[08.30.2008 14:37:53 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[08.30.2008 14:38:04 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[08.30.2008 14:38:04 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[08.30.2008 14:38:06 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[08.30.2008 14:38:07 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[08.30.2008 14:38:08 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[08.30.2008 14:38:08 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[08.30.2008 14:38:09 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[08.30.2008 14:38:09 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[08.30.2008 14:38:10 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[08.30.2008 14:38:11 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[08.30.2008 14:38:12 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[08.30.2008 14:38:13 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[08.30.2008 14:38:14 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[08.30.2008 14:38:15 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[08.30.2008 14:38:16 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[08.30.2008 14:38:17 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[08.30.2008 14:38:17 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[08.30.2008 14:38:18 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[08.30.2008 14:38:19 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[08.30.2008 14:38:20 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[08.30.2008 14:38:20 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[08.30.2008 14:38:21 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[08.30.2008 14:38:22 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[08.30.2008 14:38:22 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[08.30.2008 14:38:24 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[08.30.2008 14:38:25 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[08.30.2008 14:38:27 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[08.30.2008 14:38:27 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[08.30.2008 14:38:28 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[08.30.2008 14:38:29 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[08.30.2008 14:38:30 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[08.30.2008 14:38:31 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[08.30.2008 14:38:32 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[08.30.2008 14:38:32 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[08.30.2008 14:38:33 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[08.30.2008 14:38:34 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[08.30.2008 14:38:36 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[08.30.2008 14:38:36 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[08.30.2008 14:38:36 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[08.30.2008 14:38:37 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[08.30.2008 14:38:38 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[08.30.2008 14:38:38 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[08.30.2008 14:38:39 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[08.30.2008 14:38:40 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[08.30.2008 14:38:40 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[08.30.2008 14:38:41 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[08.30.2008 14:38:43 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[08.30.2008 14:38:43 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[08.30.2008 15:25:14 | 03,631,616 | ---- | C] (VicMan Software) -- C:\WINDOWS\Photo! 3D ScreenSaver.scr
[08.30.2008 15:25:41 | 00,000,859 | ---- | C] () -- C:\Documents and Settings\ordi\Desktop\Photo! 3D Album.lnk
[08.30.2008 15:25:42 | 00,000,606 | ---- | C] () -- C:\Documents and Settings\ordi\Desktop\Photo! 3D ScreenSaver.lnk
[08.30.2008 18:00:32 | 00,000,760 | ---- | C] () -- C:\Documents and Settings\ordi\Desktop\Bandwidth Monitor.lnk
[08.31.2008 12:54:01 | 00,002,373 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart Essentials.lnk
[09.01.2008 11:02:02 | 00,116,736 | ---- | C] (MagicISO, Inc.) -- C:\WINDOWS\System32\drivers\mcdbus.sys
[09.01.2008 11:02:11 | 00,000,652 | ---- | C] () -- C:\Documents and Settings\ordi\Start Menu\Programs\Startup\MagicDisc.lnk
[09.05.2008 17:45:09 | 00,025,600 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe
[09.05.2008 17:45:09 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe
[09.05.2008 17:45:09 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe
[09.05.2008 17:45:09 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[09.05.2008 17:45:09 | 00,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe
[09.05.2008 17:45:09 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.exe
[09.05.2008 17:45:09 | 00,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[09.05.2008 17:45:09 | 00,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe
[09.05.2008 17:45:09 | 00,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe
[09.05.2008 17:45:10 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe
[09.05.2008 17:45:10 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[09.05.2008 17:45:10 | 00,086,528 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe
[09.05.2008 17:45:10 | 00,088,576 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\AntiXPVSTFix.exe
[09.05.2008 20:02:21 | 00,001,692 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AutoCAD 2005.lnk
[09.05.2008 20:02:21 | 00,001,953 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk
[09.06.2008 10:49:08 | 00,001,829 | ---- | C] () -- C:\Documents and Settings\ordi\Desktop\Subtitle Workshop.lnk
[09.06.2008 14:50:52 | 00,000,640 | ---- | C] () -- C:\Documents and Settings\ordi\Desktop\Scary Movie 4 (2006) - SoulRedeemer.lnk
[09.06.2008 16:59:01 | 00,107,596 | ---- | C] () -- C:\toolkit_widget.gif
[09.06.2008 17:18:08 | 00,258,048 | ---- | C] (PixArt Imaging Incorporation) -- C:\WINDOWS\System32\PA207.dll
[09.06.2008 18:39:00 | 00,000,744 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QUICKMEDIACONVERTER.lnk
[09.06.2008 23:20:09 | 00,090,668 | ---- | C] () -- C:\WINDOWS\System32\vobis32.dll
[09.10.2008 21:14:24 | 00,000,061 | ---- | C] () -- C:\Documents and Settings\ordi\Desktop\Minu.Raadio.pls
[09.11.2008 16:39:53 | 00,010,446 | ---- | C] () -- C:\WINDOWS\vpd.properties
[09.11.2008 16:41:45 | 00,000,868 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ArchiCAD 12.lnk
[09.15.2008 15:33:45 | 00,000,594 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[09.15.2008 15:33:46 | 00,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF
[09.15.2008 15:33:46 | 00,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF
[09.15.2008 15:33:46 | 00,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF
[09.15.2008 15:33:46 | 00,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF
[09.15.2008 15:33:46 | 00,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF
[09.15.2008 15:33:46 | 00,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF
[09.15.2008 15:33:46 | 00,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF
[09.15.2008 15:33:48 | 00,000,548 | ---- | C] () -- C:\Documents and Settings\ordi\Desktop\Total Commander.lnk
[09.16.2008 17:26:00 | 00,000,406 | ---- | C] () -- C:\WINDOWS\tasks\AWC Update.job
[09.17.2008 20:12:34 | 00,424,448 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ordi\Desktop\OTViewIt.exe

========== Files - Modified Within 30 days ==========

[08.19.2008 15:27:47 | 00,000,008 | ---- | M] () -- C:\Documents and Settings\ordi\Application Data\usb.dat.bin
[08.20.2008 17:06:15 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[08.21.2008 09:25:03 | 00,000,758 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GOM Player.lnk
[08.21.2008 12:15:32 | 00,000,036 | ---- | M] () -- C:\Documents and Settings\ordi\Application Data\.googlewebacchosts
[08.22.2008 02:42:22 | 00,443,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[08.22.2008 02:42:22 | 00,443,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dll
[08.22.2008 02:49:56 | 00,056,413 | ---- | M] () -- C:\WINDOWS\System32\ieuinit.inf
[08.22.2008 02:57:56 | 00,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msls31.dll
[08.22.2008 02:57:56 | 00,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msls31.dll
[08.22.2008 02:58:12 | 00,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieui.dll
[08.22.2008 03:00:28 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[08.22.2008 03:04:50 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
[08.22.2008 03:04:50 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tdc.ocx
[08.22.2008 03:04:54 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshta.exe
[08.22.2008 03:04:54 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshta.exe
[08.22.2008 03:04:58 | 01,659,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.tlb
[08.22.2008 03:04:58 | 01,659,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.tlb
[08.22.2008 03:05:00 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmler.dll
[08.22.2008 03:05:00 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtmler.dll
[08.22.2008 03:05:00 | 00,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PrivacIE.dll
[08.22.2008 03:05:08 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[08.22.2008 03:05:08 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtmled.dll
[08.22.2008 03:05:10 | 00,217,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll
[08.22.2008 03:05:10 | 00,217,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtrans.dll
[08.22.2008 03:05:14 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imgutil.dll
[08.22.2008 03:05:14 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\imgutil.dll
[08.22.2008 03:05:14 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll
[08.22.2008 03:05:14 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pngfilt.dll
[08.22.2008 03:05:16 | 00,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll
[08.22.2008 03:05:16 | 00,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtmsft.dll
[08.22.2008 03:05:20 | 00,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[08.22.2008 03:05:20 | 00,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\icardie.dll
[08.22.2008 03:05:22 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedssync.exe
[08.22.2008 03:05:22 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[08.22.2008 03:05:22 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[08.22.2008 03:05:24 | 00,186,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[08.22.2008 03:05:24 | 00,186,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[08.22.2008 03:05:34 | 00,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[08.22.2008 03:05:34 | 00,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[08.22.2008 03:05:48 | 00,580,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[08.22.2008 03:05:48 | 00,580,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[08.22.2008 03:06:02 | 01,778,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[08.22.2008 03:06:02 | 01,778,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iertutil.dll
[08.22.2008 03:06:16 | 00,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inseng.dll
[08.22.2008 03:06:16 | 00,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inseng.dll
[08.22.2008 03:06:16 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\advpack.dll
[08.22.2008 03:06:16 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll
[08.22.2008 03:06:20 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll
[08.22.2008 03:06:20 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iernonce.dll
[08.22.2008 03:06:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieudinit.exe
[08.22.2008 03:06:24 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iesetup.dll
[08.22.2008 03:06:24 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iesetup.dll
[08.22.2008 03:06:24 | 00,162,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[08.22.2008 03:06:24 | 00,162,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[08.22.2008 03:06:24 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakui.dll
[08.22.2008 03:06:24 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakui.dll
[08.22.2008 03:06:30 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\admparse.dll
[08.22.2008 03:06:30 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admparse.dll
[08.22.2008 03:06:30 | 00,552,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[08.22.2008 03:06:30 | 00,552,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript.dll
[08.22.2008 03:06:36 | 00,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll
[08.22.2008 03:06:36 | 00,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakeng.dll
[08.22.2008 03:06:36 | 00,434,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[08.22.2008 03:06:36 | 00,434,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vbscript.dll
[08.22.2008 03:06:40 | 00,228,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll
[08.22.2008 03:06:40 | 00,228,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieaksie.dll
[08.22.2008 03:06:44 | 00,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[08.22.2008 03:06:44 | 00,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[08.22.2008 03:06:58 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[08.22.2008 03:06:58 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[08.22.2008 03:07:08 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[08.22.2008 03:07:08 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[08.22.2008 03:07:20 | 00,755,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[08.22.2008 03:07:50 | 00,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[08.22.2008 03:07:50 | 00,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\occache.dll
[08.22.2008 03:07:50 | 00,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll
[08.22.2008 03:07:50 | 00,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll
[08.22.2008 03:07:58 | 00,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[08.22.2008 03:07:58 | 00,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[08.22.2008 03:08:00 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[08.22.2008 03:08:00 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[08.22.2008 03:08:06 | 00,878,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[08.22.2008 03:08:06 | 00,878,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wininet.dll
[08.22.2008 03:08:08 | 00,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll
[08.22.2008 03:08:08 | 00,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\webcheck.dll
[08.22.2008 03:08:22 | 00,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WinFXDocObj.exe
[08.22.2008 03:08:22 | 01,206,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[08.22.2008 03:08:22 | 01,206,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\urlmon.dll
[08.22.2008 03:08:34 | 01,415,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[08.22.2008 03:08:34 | 01,415,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[08.22.2008 03:09:32 | 05,699,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[08.22.2008 03:09:32 | 05,699,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[08.22.2008 03:10:34 | 11,985,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[08.22.2008 03:10:34 | 11,985,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll
[08.22.2008 03:14:40 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\advpack.dll.mui
[08.22.2008 03:15:56 | 01,216,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[08.22.2008 03:15:56 | 01,216,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll.mui
[08.22.2008 03:16:40 | 00,637,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[08.22.2008 13:16:04 | 00,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Picasa2.lnk
[08.22.2008 16:26:52 | 00,063,018 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[08.22.2008 16:26:52 | 00,401,738 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[08.22.2008 16:26:52 | 00,471,692 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[08.22.2008 17:12:55 | 03,520,552 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\ordi\Desktop\procexp.exe
[08.22.2008 20:32:01 | 00,885,167 | ---- | M] () -- D:\Minu Dokumendid\IMG_0937.jpg
[08.22.2008 21:52:33 | 00,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Winamp.lnk
[08.25.2008 13:23:35 | 00,147,456 | ---- | M] () -- C:\WINDOWS\System32\bsratwmv.dll
[08.25.2008 13:23:35 | 00,585,728 | ---- | M] () -- C:\WINDOWS\System32\bsratswf.dll
[08.25.2008 14:08:59 | 00,000,905 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Camtasia Studio 3.lnk
[08.25.2008 16:55:16 | 00,000,156 | ---- | M] () -- C:\Documents and Settings\ordi\Desktop\asi2.m3u
[08.26.2008 16:18:31 | 00,002,300 | -H-- | M] () -- D:\Minu Dokumendid\ZbThumbnail.info
[08.26.2008 18:07:09 | 00,001,748 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Belarc Advisor.lnk
[08.26.2008 20:04:34 | 00,002,048 | ---- | M] () -- C:\WINDOWS\System32\Tr_sttool.dat
[08.26.2008 20:24:27 | 00,000,210 | -HS- | M] () -- C:\boot.ini
[08.26.2008 20:24:27 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[08.26.2008 23:28:12 | 16,208,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[08.27.2008 08:42:52 | 00,000,390 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job
[08.27.2008 16:15:13 | 00,001,391 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mobile.lnk
[08.28.2008 10:09:21 | 00,000,075 | -HS- | M] () -- D:\Minu Dokumendid\desktop.ini
[08.28.2008 11:46:10 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys
[08.28.2008 11:46:10 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip.sys
[08.28.2008 12:14:54 | 00,000,814 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk
[08.28.2008 14:00:03 | 00,000,024 | ---- | M] () -- C:\Documents and Settings\ordi\Application Data\xpy.ini
[08.28.2008 20:20:45 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[08.28.2008 22:36:57 | 00,082,432 | ---- | M] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[08.29.2008 10:32:31 | 00,000,706 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\KP Typing Tutor.lnk
[08.30.2008 15:25:41 | 00,000,859 | ---- | M] () -- C:\Documents and Settings\ordi\Desktop\Photo! 3D Album.lnk
[08.30.2008 15:25:42 | 00,000,606 | ---- | M] () -- C:\Documents and Settings\ordi\Desktop\Photo! 3D ScreenSaver.lnk
[08.30.2008 18:01:21 | 00,000,760 | ---- | M] () -- C:\Documents and Settings\ordi\Desktop\Bandwidth Monitor.lnk
[08.31.2008 12:54:01 | 00,002,373 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart Essentials.lnk
[09.01.2008 11:02:11 | 00,000,652 | ---- | M] () -- C:\Documents and Settings\ordi\Start Menu\Programs\Startup\MagicDisc.lnk
[09.02.2008 16:51:48 | 00,086,528 | ---- | M] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe
[09.02.2008 23:58:33 | 00,088,576 | ---- | M] (S!Ri.URZ) -- C:\WINDOWS\System32\AntiXPVSTFix.exe
[09.05.2008 20:02:21 | 00,001,692 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AutoCAD 2005.lnk
[09.05.2008 20:02:21 | 00,001,953 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk
[09.05.2008 20:05:23 | 00,069,424 | ---- | M] () -- C:\Documents and Settings\ordi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[09.06.2008 07:45:20 | 00,259,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[09.06.2008 08:42:01 | 00,000,268 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
[09.06.2008 10:49:08 | 00,001,829 | ---- | M] () -- C:\Documents and Settings\ordi\Desktop\Subtitle Workshop.lnk
[09.06.2008 14:50:52 | 00,000,640 | ---- | M] () -- C:\Documents and Settings\ordi\Desktop\Scary Movie 4 (2006) - SoulRedeemer.lnk
[09.06.2008 18:39:00 | 00,000,744 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QUICKMEDIACONVERTER.lnk
[09.06.2008 19:36:48 | 00,001,015 | ---- | M] () -- C:\WINDOWS\win.ini
[09.09.2008 18:46:50 | 00,003,188 | -H-- | M] () -- C:\Documents and Settings\ordi\Desktop\ZbThumbnail.info
[09.10.2008 10:32:36 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[09.10.2008 21:14:25 | 00,000,061 | ---- | M] () -- C:\Documents and Settings\ordi\Desktop\Minu.Raadio.pls
[09.11.2008 16:37:51 | 00,054,272 | ---- | M] () -- C:\Documents and Settings\ordi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[09.11.2008 16:41:45 | 00,000,868 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ArchiCAD 12.lnk
[09.11.2008 19:31:05 | 00,010,446 | ---- | M] () -- C:\WINDOWS\vpd.properties
[09.15.2008 15:33:48 | 00,000,548 | ---- | M] () -- C:\Documents and Settings\ordi\Desktop\Total Commander.lnk
[09.15.2008 15:38:26 | 00,000,594 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[09.15.2008 20:23:55 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[09.16.2008 08:56:06 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[09.16.2008 20:37:06 | 00,000,406 | ---- | M] () -- C:\WINDOWS\tasks\AWC Update.job
[09.17.2008 16:23:49 | 10,187,366 | -H-- | M] () -- C:\Documents and Settings\ordi\Local Settings\Application Data\IconCache.db
[09.17.2008 18:07:35 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[09.17.2008 18:07:40 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[09.17.2008 18:07:51 | 00,001,560 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Orbit.lnk
[09.17.2008 19:19:11 | 00,000,380 | ---- | M] () -- D:\Minu Dokumendid\Minu ühiskaustad.lnk
[09.17.2008 19:37:22 | 00,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E85A67AC-4819-4614-8523-CBA3D743B91D}.job
[09.17.2008 20:12:35 | 00,424,448 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ordi\Desktop\OTViewIt.exe

< End of report >

Nice forum :thumbsup:

Attached Files



#6 harrythook

harrythook


  • Security Colleague
  • 4,152 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Philadelphia
  • Local time:04:20 PM

Posted 20 September 2008 - 05:41 PM

Hi valdur55,
I took a quick look at the results there, nothing real bad jumping out at me. I will do a complete review later on.

Can you tell me, are you experiencing problems with your machine or did you just want someone to look over the logs to make sure theey are ok?

Harry

Veni Vidi Vici
THE FIGHT AGAINST MALWARE

Become a BleepingComputer fan: Facebook

#7 valdur55

valdur55
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:20 AM

Posted 21 September 2008 - 02:05 PM

Hi valdur55,
I took a quick look at the results there, nothing real bad jumping out at me. I will do a complete review later on.

Can you tell me, are you experiencing problems with your machine or did you just want someone to look over the logs to make sure theey are ok?

Harry

Thank you aswering Harry.
My computer is very OK, i use Advanced windowscare. And when i think my computer is infected i use Malwarebytes antimalware.
I don't scan often my coputer with Avast and i want know is my computer nicely clean.
In my mind was this OK. And now talk that this forum PRO .
OK. one quesion. What i need make for to better. What you think what can made better.
Any better virusscanner on firewall. But this firewall is allways allow.

#8 harrythook

harrythook


  • Security Colleague
  • 4,152 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Philadelphia
  • Local time:04:20 PM

Posted 21 September 2008 - 08:04 PM

Ok valdur55,
Unless you have some issue with your machine, I would say your good to surf the net :thumbsup:

You may want to look over the following:
Written by one of the best, check out the recommended prevention methods HERE

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein

In the future, if you have problems feel free to start a new thread :)
Harry

Veni Vidi Vici
THE FIGHT AGAINST MALWARE

Become a BleepingComputer fan: Facebook

#9 valdur55

valdur55
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:20 AM

Posted 23 September 2008 - 08:29 AM

Ok. I think..
This topic can now lock. because i have no problems... Whit this theme

Edited by valdur55, 23 September 2008 - 01:06 PM.


#10 harrythook

harrythook


  • Security Colleague
  • 4,152 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Philadelphia
  • Local time:04:20 PM

Posted 24 September 2008 - 06:23 PM

As this issue seems to be resolved, this thread will now be closed.
If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you.
Include the address of this thread in your request.
For all others, if you have a similar issue please start a new topic.

Thanks for asking in BleepingComputer.com

Veni Vidi Vici
THE FIGHT AGAINST MALWARE

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users