Don't know if it is right place to post.
Thank you.
Windows cannot find C:\DOCUME~1\Owner\LOCALS~1\Temp\dwm.exe __Could not load or run C:\DOCUME~1\Owner\LOCALS~1\Temp\dwm.exe
OTL Extras logfile created on: 12/14/2010 3:26:30 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,023.00 Mb Total Physical Memory | 129.00 Mb Available Physical Memory | 13.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 319.92 Gb Free Space | 68.69% Space Free | Partition Type: NTFS
Computer Name: SERGEY-CEAC4837 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"135:TCP" = 135:TCP:*:Enabled:TCP Port 135
"5000:TCP" = 5000:TCP:*:Enabled:TCP Port 5000
"5001:TCP" = 5001:TCP:*:Enabled:TCP Port 5001
"5002:TCP" = 5002:TCP:*:Enabled:TCP Port 5002
"5003:TCP" = 5003:TCP:*:Enabled:TCP Port 5003
"5004:TCP" = 5004:TCP:*:Enabled:TCP Port 5004
"5005:TCP" = 5005:TCP:*:Enabled:TCP Port 5005
"5006:TCP" = 5006:TCP:*:Enabled:TCP Port 5006
"5007:TCP" = 5007:TCP:*:Enabled:TCP Port 5007
"5008:TCP" = 5008:TCP:*:Enabled:TCP Port 5008
"5009:TCP" = 5009:TCP:*:Enabled:TCP Port 5009
"5010:TCP" = 5010:TCP:*:Enabled:TCP Port 5010
"5011:TCP" = 5011:TCP:*:Enabled:TCP Port 5011
"5012:TCP" = 5012:TCP:*:Enabled:TCP Port 5012
"5013:TCP" = 5013:TCP:*:Enabled:TCP Port 5013
"5014:TCP" = 5014:TCP:*:Enabled:TCP Port 5014
"5015:TCP" = 5015:TCP:*:Enabled:TCP Port 5015
"5016:TCP" = 5016:TCP:*:Enabled:TCP Port 5016
"5017:TCP" = 5017:TCP:*:Enabled:TCP Port 5017
"5018:TCP" = 5018:TCP:*:Enabled:TCP Port 5018
"5019:TCP" = 5019:TCP:*:Enabled:TCP Port 5019
"5020:TCP" = 5020:TCP:*:Enabled:TCP Port 5020
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\lxcqcoms.exe" = C:\WINDOWS\system32\lxcqcoms.exe:*:Enabled:Lexmark Communications System -- ( )
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\TELUS\TELUS security advisor\ServicepointService.exe" = C:\Program Files\TELUS\TELUS security advisor\ServicepointService.exe:*:Enabled:Servicepoint Service -- (Radialpoint Inc.)
"C:\Program Files\River Past\Audio Converter Pro\AudioConverter.exe" = C:\Program Files\River Past\Audio Converter Pro\AudioConverter.exe:*:Enabled:River Past Audio Converter Pro -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{006CF4B6-0078-7333-EFDC-7FEF1E03DB4D}" = CCC Help English
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08343BC4-60FE-969C-6EF9-B698237E7F97}" = CCC Help Russian
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{114FCA9C-F847-5666-EAB4-F4A28CCA9386}" = Catalyst Control Center Localization Finnish
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1BA7B068-4719-42A3-B553-D4ED97434F92}" = ASUS Utilities
"{1C669D58-74B4-20CA-E207-16A68C02ECDB}" = CCC Help Finnish
"{1CF130A7-51AA-4475-7951-E467B33DE0B3}" = Catalyst Control Center Graphics Full New
"{1DEC4547-4C7F-0006-2DE9-7A0D653780EF}" = Catalyst Control Center Localization French
"{1E18F9E8-B58C-EF7E-264C-C5A31D35AB43}" = Catalyst Control Center Graphics Full Existing
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - SP1 x86 9.0.30729.4148
"{1F6097C5-863D-4EFD-AEC4-501DBE97AFC7}" = Adobe Dreamweaver CS4
"{1F9D123D-2850-494B-AAA0-24492F70C4A4}" = RPS CRT
"{2340BEA0-C3E3-4D82-5218-4FE88974EDA2}" = CCC Help Thai
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{29F1345E-4DD7-487E-80E9-9E43A3ABC253}" = ASUS VGA Driver
"{2F8136C3-E4B0-33C2-4E42-8B5EF5394B88}" = CCC Help Norwegian
"{3410AD6E-6FA6-E284-FDCF-137E590ADF5D}" = CCC Help Korean
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{361871CD-629E-4A67-87FA-904053B3846B}" = Catalyst Control Center Localization Russian
"{364B0B05-7449-1E0B-22B9-9505AD6E19A9}" = CCC Help Turkish
"{3AA7C632-8D2B-7EC4-B550-D5658EF49A8E}" = CCC Help Italian
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{412DEB8A-6560-6768-1B72-78E023174650}" = CCC Help Chinese Standard
"{43A1F382-992D-AA32-EDE2-86A773A826EA}" = Catalyst Control Center Localization Thai
"{4C5D136B-0E17-3012-F607-60859418D9EA}" = CCC Help German
"{508D7D51-84AE-0297-7E75-41C85A844FC8}" = Catalyst Control Center Localization Italian
"{541C85A8-EE12-B548-569C-0513A4B6D4DC}" = Catalyst Control Center Localization Dutch
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{54EDE5B3-509B-3D10-8C82-5B19ECCA0933}" = Catalyst Control Center Localization Polish
"{5C1E3F85-3FBA-40F0-9BA6-3A640E505357}" = RPS PerfectDiskStub
"{5D8CC168-A12E-422D-A3DF-53AD64E4F1ED}" = RPS CRT
"{607FA8E9-2185-802E-516C-CBE20AD2E323}" = CCC Help Japanese
"{60822D71-AF56-0457-E593-BB8F93351DFD}" = CCC Help Danish
"{64EA7595-4874-8710-D943-7CD09931A158}" = Catalyst Control Center Localization Czech
"{65393662-E3AF-1DC5-7CA0-36698B9F0354}" = CCC Help Czech
"{67680883-F64E-5A26-809F-3012AA936101}" = ccc-utility
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{71CF445D-B4E6-8663-8622-9AE5621754E3}" = CCC Help French
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72CD4C5F-AB0B-4814-8780-9A4F26A2086B}" = Presto! PageManager 7.12.10
"{76EF2723-1755-378A-271D-0564B671FBBD}" = Skins
"{770DD896-3993-D6E0-BC06-E8AB86D81C96}" = Catalyst Control Center Localization Chinese Standard
"{7962FC39-62AF-4FFC-8F6A-7A01341C9659}" = LogMeIn
"{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"{7B738CD9-D107-48C7-8E65-2E6639A39C8D}" = PerfectDisk 10 Professional
"{7D8EB6EC-82C2-47CA-99BA-05DE6C3D4D45}" = RPS RpsCore
"{7F848F48-63B6-8ADD-0DD5-DC1F323DC6AA}" = Catalyst Control Center Localization Chinese Traditional
"{8265D6DA-AE00-45B6-8763-5E6FC0E32028}" = TELUS security services
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable - SP1 x86 8.0.59193
"{862BA3AE-3F2C-7A86-AA99-732096623112}" = Catalyst Control Center Localization Japanese
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8CA9E580-93A8-7B16-077A-55AD0A200F2E}" = Catalyst Control Center Localization Portuguese
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9272CBA2-3D74-E264-92A4-45C869249660}" = CCC Help Dutch
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A370D8D-1606-B167-A7D0-A466EF90F4E0}" = CCC Help Polish
"{9A99A067-DBD3-B633-32CE-C8D9DA566F2D}" = CCC Help Chinese Traditional
"{9D7F058F-C711-412B-A2D3-ECE86215D675}" = ASUS Smart Doctor
"{9F8D2B4E-ABB8-BE44-E507-750D3423AC76}" = Catalyst Control Center Localization Korean
"{A1D011F6-7990-A00A-9AE0-C6305CF9F05F}" = CCC Help Hungarian
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A961C6FD-C583-45F6-A0A4-5E4376C29E41}" = Catalyst Control Center - Branding
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.5
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ADBBC8A9-2728-C6CB-4D5D-1135A9BC1FDB}" = Catalyst Control Center Core Implementation
"{AE06DF7E-5E0B-8C38-5164-BA40F929BC46}" = Catalyst Control Center Localization Spanish
"{AF7C01FA-975D-3878-308F-866393AADF91}" = Catalyst Control Center Localization Hungarian
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B79920F8-AB6E-45B2-B257-900BBA969FF7}" = Presto! Forms 3.50.02
"{BE24AB71-85E9-45D8-8F5D-661430182197}" = DirectShow .SHN FIlter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3F60651-C064-7F17-7B53-E1961E1C9B67}" = CCC Help Swedish
"{C84A5779-1256-C412-FE41-7205707E0428}" = ccc-core-preinstall
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB34075E-E49E-72D1-85CB-48CFC4472237}" = Catalyst Control Center Localization Danish
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype 4.2
"{D6A7DC97-21DB-4FA3-F7FA-FE25EB37771F}" = CCC Help Greek
"{D77D3FFE-1043-DD49-EC63-5CD26C4C4696}" = Catalyst Control Center Localization Swedish
"{D9822F4E-E6BC-1584-4AF1-1282C9936112}" = Catalyst Control Center Localization Greek
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E18A9394-0A78-9137-E0EA-FB56099585EA}" = ccc-core-static
"{E4756E2A-44C9-9465-9D16-B0A551955E66}" = Catalyst Control Center Localization German
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E9F2484E-96F1-C893-75A8-A94FD383D409}" = Catalyst Control Center Localization Norwegian
"{F0A8A5B6-68F1-50E2-0490-7ED4626F49CA}" = CCC Help Portuguese
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7057594-7179-CBC6-D4E4-292FBAED6DED}" = CCC Help Spanish
"{F87FD07A-47A6-1227-0233-8BDCC6332D27}" = Catalyst Control Center Graphics Light
"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition
"{FA053842-7714-0D6D-49A2-DF3BA4F5519E}" = Catalyst Control Center Localization Turkish
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4Musics FLAC to MP3 Converter 5.2_is1" = 4Musics FLAC to MP3 Converter 5.2
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agent" = Microsoft Agent 1.5
"All ATI Software" = ATI - Software Uninstall Utility
"AviInfo" = AviInfo 3.3.0
"AVS Audio Converter 6.1_is1" = AVS Audio Converter version 6.1
"AVS Audio Converter 6.2_is1" = AVS Audio Converter version 6.2
"AVS Screen Capture_is1" = AVS Screen Capture version 1.1.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 5
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"CoreFLAC Audio Decoder+Source Filter" = CoreFLAC Audio Decoder+Source Filter (remove only)
"Creative Live! Cam Center" = Creative Live! Cam Center
"Creative VF0260" = Creative Live! Cam Vista IM Driver (1.01.03.1104)
"DCoder Image Source" = DCoder Image Source (remove only)
"DirectVobSub" = DirectVobSub (remove only)
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow [rev 3124] [2009-11-03]
"FFMPEG Core Files" = FFMPEG Core Files (remove only)
"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)
"GOM Player" = GOM Player
"InstallShield_{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"InstallShield_{9D7F058F-C711-412B-A2D3-ECE86215D675}" = ASUS Smart Doctor
"Internet Download Manager" = Internet Download Manager
"Lexmark 9300 Series" = Lexmark 9300 Series
"llyrteuodvnvmmjdn" = Advanced Performance Platform Cashtitan
"MG_0001" = Magic Gooddy
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSCnC" = Microsoft Command & Control Engine
"MSLex" = Microsoft Speech Lexicon
"Nero Micro" = Nero Micro XCV edition
"NeroVision!UninstallKey" = Ahead NeroVision Express
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"OpenSource AVI Splitter" = OpenSource AVI Splitter (remove only)
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"RadialpointClientGateway_is1" = TELUS security advisor 3.7.31
"RadLight APE DirectShow filter" = RadLight APE DirectShow filter (remove only)
"RadLight MPC DirectShow Filter" = RadLight MPC DirectShow Filter (remove only)
"RadLight Ogg Media DirectShow filter" = RadLight Ogg Media DirectShow filter (remove only)
"RadLight OptimFROG DirectShow Filter" = RadLight OptimFROG DirectShow Filter (remove only)
"RadLight PVA DirectShow filter" = RadLight PVA DirectShow filter (remove only)
"RadLight TTA DirectShow filter" = RadLight TTA DirectShow filter (remove only)
"SpeechAPI" = Microsoft Speech API 3.0
"SysTools DBX Converter v3.2 DEMO Version_is1" = SysTools DBX Converter
"Total Video Converter 3.11_is1" = Total Video Converter 3.11 070908
"TruVoice" = Lernout & Hauspie TruVoice for Microsoft Agent
"uTorrent" = µTorrent
"VLC media player" = VideoLAN VLC media player 0.8.5
"Website Ripper Copier" = Website Ripper Copier
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"WinWatermark_is1" = WinWatermark 2.2
"xvid" = XviD MPEG-4 Video Codec
"XviD_is1" = XviD 1.1 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"8b6d6e25abc302bd" = IPTV Diagnostic Utility
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10/1/2010 8:08:05 PM | Computer Name = SERGEY-CEAC4837 | Source = MsiInstaller | ID = 10005
Description = ???????: Magic Gooddy 2 -- ????????????? ?????????. ??? ?????????
Magic Gooddy 2 ????????? ????????? MINSTALL.EXE ? ???????? ???????? ???????????????
CD.
Error - 10/5/2010 3:02:21 PM | Computer Name = SERGEY-CEAC4837 | Source = Windows Search Service | ID = 3024
Description =
[ OSession Events ]
Error - 10/19/2010 5:06:00 AM | Computer Name = SERGEY-CEAC4837 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 32
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 12/10/2010 11:00:00 PM | Computer Name = SERGEY-CEAC4837 | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error: %%2147942402
Error - 12/11/2010 12:49:43 PM | Computer Name = SERGEY-CEAC4837 | Source = SRService | ID = 104
Description = The System Restore initialization process failed.
Error - 12/11/2010 5:13:57 PM | Computer Name = SERGEY-CEAC4837 | Source = SRService | ID = 104
Description = The System Restore initialization process failed.
Error - 12/11/2010 11:00:00 PM | Computer Name = SERGEY-CEAC4837 | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error: %%2147942402
Error - 12/12/2010 2:08:16 PM | Computer Name = SERGEY-CEAC4837 | Source = SRService | ID = 104
Description = The System Restore initialization process failed.
Error - 12/12/2010 11:00:00 PM | Computer Name = SERGEY-CEAC4837 | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error: %%2147942402
Error - 12/13/2010 1:12:35 PM | Computer Name = SERGEY-CEAC4837 | Source = SRService | ID = 104
Description = The System Restore initialization process failed.
Error - 12/13/2010 11:00:00 PM | Computer Name = SERGEY-CEAC4837 | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error: %%2147942402
Error - 12/14/2010 3:29:26 AM | Computer Name = SERGEY-CEAC4837 | Source = SRService | ID = 104
Description = The System Restore initialization process failed.
Error - 12/14/2010 5:55:35 AM | Computer Name = SERGEY-CEAC4837 | Source = SRService | ID = 104
Description = The System Restore initialization process failed.
[ Windows PowerShel Events ]
Error - 10/1/2010 8:08:05 PM | Computer Name = SERGEY-CEAC4837 | Source = MsiInstaller | ID = 10005
Description =
Error - 10/5/2010 3:02:21 PM | Computer Name = SERGEY-CEAC4837 | Source = Windows Search Service | ID = 3024
Description =
< End of report >
OTL logfile created on: 12/14/2010 3:26:30 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,023.00 Mb Total Physical Memory | 129.00 Mb Available Physical Memory | 13.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 319.92 Gb Free Space | 68.69% Space Free | Partition Type: NTFS
Computer Name: SERGEY-CEAC4837 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/12/14 02:33:39 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
PRC - [2010/12/10 15:56:42 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/10 15:56:40 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/08 13:11:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2010/12/08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/06/02 17:05:48 | 000,166,944 | ---- | M] (TELUS) -- C:\Program Files\TELUS\TELUS security services\RpsSecurityAwareR.exe
PRC - [2010/06/02 17:05:46 | 000,650,008 | ---- | M] (TELUS) -- C:\Program Files\TELUS\TELUS security services\RPS.exe
PRC - [2010/06/02 17:04:48 | 000,382,208 | ---- | M] (TELUS) -- C:\Program Files\TELUS\TELUS security services\Fws.exe
PRC - [2010/05/31 10:31:10 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2010/05/28 13:23:38 | 000,689,392 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\TELUS\TELUS security advisor\ServicepointService.exe
PRC - [2010/05/28 13:23:34 | 004,314,352 | ---- | M] (TELUS) -- C:\Program Files\TELUS\TELUS security advisor\Tsa.exe
PRC - [2010/05/28 13:23:34 | 000,488,688 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\TELUS\TELUS security advisor\TsaComHandler.exe
PRC - [2009/11/02 15:26:48 | 005,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\TELUS\TELUS security services\AVG\Identity Protection\agent\bin\AVGIDSAgent.exe
PRC - [2008/07/03 03:38:24 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/12/06 11:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
PRC - [2006/12/05 01:36:10 | 000,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxcqcoms.exe
========== Modules (SafeList) ==========
MOD - [2010/12/14 02:33:39 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 08:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/07/12 00:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009/07/11 18:41:02 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
MOD - [2008/04/14 04:00:00 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/12/08 13:11:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010/12/08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/09/24 08:07:05 | 000,315,392 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\TELUS\TELUS security services\BitDefender\scan.dll -- (scan)
SRV - [2010/06/02 17:05:48 | 000,166,944 | ---- | M] (TELUS) [Auto | Running] -- C:\Program Files\TELUS\TELUS security services\RpsSecurityAwareR.exe -- (Radialpoint Security Services)
SRV - [2010/06/02 17:04:48 | 000,382,208 | ---- | M] (TELUS) [Auto | Running] -- C:\Program Files\TELUS\TELUS security services\Fws.exe -- (RP_FWS)
SRV - [2010/05/28 13:23:38 | 000,689,392 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files\TELUS\TELUS security advisor\ServicepointService.exe -- (ServicepointService)
SRV - [2010/03/18 05:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 02:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 02:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 02:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009/11/02 15:26:48 | 005,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\TELUS\TELUS security services\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe -- (RadialpointIDSAgent)
SRV - [2009/06/08 11:07:50 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)
SRV - [2009/06/08 11:07:48 | 000,931,080 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)
SRV - [2007/12/06 11:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)
SRV - [2006/12/05 01:36:10 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxcqcoms.exe -- (lxcq_device)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\Video3D32.sys -- (Video3D)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jkwsusoo.sys -- (jkwsusoo)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\FXDrv32.sys -- (FXDrv32)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\FoxG1Driver.sys -- (__FOX__UNI_DRIVER__)
DRV - [2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/10/18 20:17:29 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2010/09/24 07:51:16 | 000,053,192 | ---- | M] (Radialpoint Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rp_skt32.sys -- (RPSKT) Security Services Driver (x86)
DRV - [2010/09/21 14:27:07 | 000,697,328 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/08/04 01:20:14 | 005,243,392 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/07/17 03:08:32 | 004,003,008 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtKHDMI.sys -- (RTHDMIAzAudService)
DRV - [2010/07/17 03:08:09 | 000,074,280 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2010/05/31 10:31:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2010/05/31 10:31:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2010/05/31 10:30:44 | 000,013,408 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\radpms.sys -- (radpms)
DRV - [2010/03/08 09:41:48 | 000,220,112 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/11/26 09:50:32 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\TELUS\TELUS security services\BitDefender\trufos.sys -- (Trufos)
DRV - [2009/11/26 09:50:32 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\TELUS\TELUS security services\BitDefender\profos.sys -- (Profos)
DRV - [2009/11/02 15:27:02 | 000,122,376 | ---- | M] (AVG Technologies ) [Kernel | On_Demand | Running] -- C:\Program Files\TELUS\TELUS security services\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys -- (RadialpointIDSDriver)
DRV - [2009/11/02 15:27:02 | 000,030,216 | ---- | M] (AVG Technologies ) [Kernel | On_Demand | Running] -- C:\Program Files\TELUS\TELUS security services\AVG\Identity Protection\agent\drivers\AVGIDSfilter.sys -- (RadialpointIDSFilter)
DRV - [2009/11/02 15:27:02 | 000,025,736 | ---- | M] (AVG Technologies ) [Kernel | On_Demand | Running] -- C:\Program Files\TELUS\TELUS security services\AVG\Identity Protection\agent\drivers\AVGIDSShim.sys -- (RadialpointIDSShim)
DRV - [2009/11/02 15:27:02 | 000,025,608 | ---- | M] (AVG Technologies ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (RadialpointIDSEH)
DRV - [2009/10/23 13:25:54 | 000,285,704 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2009/06/08 09:00:56 | 000,071,696 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009/03/04 01:58:34 | 005,045,760 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/10/30 21:52:16 | 000,093,184 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008/08/29 13:26:24 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb)
DRV - [2008/08/05 04:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/04/14 04:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/11/01 18:53:20 | 000,042,880 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vacs2xkd.sys -- (EuMusDesignVirtualAudioCableWdm_s2x) Sound2x Audio Cable (WDM)
DRV - [2007/01/29 16:12:52 | 000,018,432 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AsusVRC.sys -- (ASUSVRC)
DRV - [2006/11/04 03:45:48 | 000,178,913 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0260Vid.sys -- (V0260VID)
DRV - [2006/06/14 12:44:30 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO_XP.sys -- (EIO_XP)
DRV - [2006/01/03 23:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2004/07/14 11:54:42 | 000,676,864 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2002/07/17 09:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2002/07/17 09:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI)
DRV - [2001/08/17 05:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenta.ru/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "lenta.ru"
FF - prefs.js..extensions.enabledItems: firefox@ghostery.com:2.4.2
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.7
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {f36c6cd1-da73-491d-b290-8fc9115bfa55}:2.1.3
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.1.3
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.2.1.3
FF - prefs.js..keyword.URL: "http://utils.babylon.com/abt/index.php?url="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 50370
FF - prefs.js..network.proxy.type: 4
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/14 01:15:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/10 15:56:44 | 000,000,000 | ---D | M]
[2010/09/22 10:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/12/13 10:37:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\havrz5d2.default\extensions
[2010/10/19 00:32:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\havrz5d2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/11/23 23:21:12 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\havrz5d2.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2010/11/26 18:19:51 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\havrz5d2.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/09/22 01:38:15 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\havrz5d2.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/11/03 22:50:58 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\havrz5d2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/10/27 11:49:40 | 000,000,000 | ---D | M] (WorldIP) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\havrz5d2.default\extensions\{f36c6cd1-da73-491d-b290-8fc9115bfa55}
[2010/11/23 23:21:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\havrz5d2.default\extensions\engine@conduit.com
[2010/11/26 18:19:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\havrz5d2.default\extensions\firefox@ghostery.com
[2010/12/13 10:37:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/30 12:13:13 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/07/12 08:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010/11/24 16:07:59 | 000,002,226 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
O1 HOSTS File: ([2008/04/14 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 9300 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [Lexmark 9300 Series Fax Server] C:\Program Files\Lexmark 9300 Series\fm3032.exe ()
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [LXCQCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCQtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcqmon.exe] C:\Program Files\Lexmark 9300 Series\lxcqmon.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Tsa.exe] C:\Program Files\TELUS\TELUS security advisor\Tsa.exe (TELUS)
O4 - HKLM..\Run: [uqkyeopenpmh] C:\WINDOWS\System32\zpspeoabgasf.dll File not found
O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe (ASUSTeK Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe File not found
F3 - HKCU WinNT: Load - (C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\dwm.exe) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\dwm.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {63F5866B-A7C5-40B4-9A89-0CCA99726C8D} https://secure.logmeinrescue.com/Customer/x...eDownloader.cab (LogMeIn Rescue Applet Downloader)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Documents and Settings\Administrator\Application Data\Microsoft\Windows\shell.exe) - C:\Documents and Settings\Administrator\Application Data\Microsoft\Windows\shell.exe File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/09/21 14:26:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (PDBoot.exe) - C:\WINDOWS\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/12/13 18:53:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2010/12/10 22:16:15 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/12/08 16:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\WinWatermark 2.2
[2010/12/08 13:05:50 | 000,000,000 | ---D | C] -- C:\Program Files\WinWatermark Pro
[2010/12/03 11:32:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Apple Computer
[2010/12/03 11:17:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\New Folder
[2010/11/29 12:06:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2010/11/24 20:43:51 | 000,042,880 | ---- | C] (Eugene V. Muzychenko) -- C:\WINDOWS\System32\drivers\vacs2xkd.sys
[2010/11/24 20:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\4Musics FLAC to MP3 Converter
[2010/11/24 16:00:46 | 000,000,000 | ---D | C] -- C:\Program Files\DirectShow .SHN FIlter
[2010/11/24 16:00:31 | 000,049,079 | ---- | C] (RadLight, LLC.) -- C:\WINDOWS\System32\RadLightAPEUninstall.exe
[2010/11/24 16:00:23 | 000,051,600 | ---- | C] (RadLight, LLC.) -- C:\WINDOWS\System32\RadLightMPCUninstall.exe
[2010/11/24 16:00:16 | 000,052,338 | ---- | C] (RadLight, LLC.) -- C:\WINDOWS\System32\RadLightOggUninstall.exe
[2010/11/24 16:00:05 | 000,049,604 | ---- | C] (RadLight, LLC.) -- C:\WINDOWS\System32\RadLightOFRUninstall.exe
[2010/11/24 15:59:49 | 000,052,799 | ---- | C] (RadLight, LLC.) -- C:\WINDOWS\System32\RadLightPVAUninstall.exe
[2010/11/24 15:59:22 | 000,049,079 | ---- | C] (RadLight, LLC.) -- C:\WINDOWS\System32\RadLightTTAUninstall.exe
[2010/11/24 15:56:05 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/11/24 15:56:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/11/24 15:55:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/11/24 15:55:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple
[2010/11/24 15:55:32 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/11/24 15:55:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/11/24 15:55:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple Computer
[2010/11/24 15:53:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\River Past
[2010/11/24 15:11:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\River Past G5
[2010/11/24 15:11:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\River Past G5
[2010/11/24 12:26:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\PriceGong
[2010/11/23 23:22:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\GRETECH
[2010/11/23 23:21:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit
[2010/11/23 23:20:26 | 000,000,000 | ---D | C] -- C:\Program Files\GRETECH
[2010/11/23 23:15:40 | 000,000,000 | ---D | C] -- C:\Program Files\AviInfo
[2010/11/21 19:39:42 | 000,000,000 | ---D | C] -- C:\Foto_home
[2010/11/17 13:38:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\ROYAL BAY ALEKSEY
[2010/11/16 21:30:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Agent
[2010/11/16 21:05:23 | 000,000,000 | ---D | C] -- C:\CONTEXT3
[2010/09/22 08:49:41 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqinpa.dll
[2010/09/22 08:49:41 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqiesc.dll
[2010/09/22 08:49:41 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\LXCQhcp.dll
[2010/09/22 08:49:40 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqserv.dll
[2010/09/22 08:49:40 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqusb1.dll
[2010/09/22 08:49:39 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqpmui.dll
[2010/09/22 08:49:39 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqprox.dll
[2010/09/22 08:49:39 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqpplc.dll
[2010/09/22 08:49:38 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqlmpm.dll
[2010/09/22 08:49:37 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqhbn3.dll
[2010/09/22 08:49:35 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqcomm.dll
[2010/09/22 08:49:34 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqcomc.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/12/14 03:00:01 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/14 01:55:11 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/14 01:55:11 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1004336348-1606980848-1801674531-500.job
[2010/12/14 01:54:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/13 23:30:56 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Outlook 2007 (2).lnk
[2010/12/13 21:11:36 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/12/13 19:35:02 | 000,137,216 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/13 19:00:00 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/12/13 12:45:03 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Word 2007.lnk
[2010/12/13 12:30:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\RegistryConvoy.job
[2010/12/13 12:06:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/11 22:03:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1004336348-1606980848-1801674531-500.job
[2010/12/10 22:14:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/09 18:00:49 | 000,005,962 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ParcelMailViewLabelServlet.pdf
[2010/12/09 13:16:43 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Excel 2007.lnk
[2010/12/08 16:57:19 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\WinWatermark.lnk
[2010/12/08 16:57:19 | 000,000,692 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\WinWatermark.lnk
[2010/12/08 13:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2010/12/08 13:11:46 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2010/12/08 13:11:44 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2010/12/08 13:08:41 | 000,275,760 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/05 13:45:53 | 075,813,417 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MVI_1821.MOV
[2010/12/05 13:37:56 | 031,135,325 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MVI_1820.MOV
[2010/12/03 18:08:40 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache
[2010/11/26 10:12:14 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\2010 Caviar Inventory.xls
[2010/11/25 11:25:13 | 002,199,803 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\DSC01421.jpg
[2010/11/24 20:43:51 | 000,000,844 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\4Musics FLAC to MP3 Converter.lnk
[2010/11/24 20:33:00 | 000,000,946 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\AVS4YOU Software Navigator.lnk
[2010/11/24 20:32:48 | 000,000,902 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\AVS Audio Converter6.lnk
[2010/11/24 16:00:58 | 000,037,270 | ---- | M] () -- C:\WINDOWS\System32\OggDSUninst.exe
[2010/11/24 16:00:31 | 000,049,079 | ---- | M] (RadLight, LLC.) -- C:\WINDOWS\System32\RadLightAPEUninstall.exe
[2010/11/24 16:00:23 | 000,051,600 | ---- | M] (RadLight, LLC.) -- C:\WINDOWS\System32\RadLightMPCUninstall.exe
[2010/11/24 16:00:16 | 000,052,338 | ---- | M] (RadLight, LLC.) -- C:\WINDOWS\System32\RadLightOggUninstall.exe
[2010/11/24 16:00:05 | 000,049,604 | ---- | M] (RadLight, LLC.) -- C:\WINDOWS\System32\RadLightOFRUninstall.exe
[2010/11/24 15:59:49 | 000,052,799 | ---- | M] (RadLight, LLC.) -- C:\WINDOWS\System32\RadLightPVAUninstall.exe
[2010/11/24 15:59:22 | 000,049,079 | ---- | M] (RadLight, LLC.) -- C:\WINDOWS\System32\RadLightTTAUninstall.exe
[2010/11/24 15:56:24 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/11/24 15:46:10 | 000,064,201 | ---- | M] () -- C:\WINDOWS\System32\llyrteuodvnvmmjdn.exe
[2010/11/24 15:05:50 | 000,033,540 | ---- | M] () -- C:\WINDOWS\System32\CoreFLACDecoder-uninstall.exe
[2010/11/23 23:34:02 | 000,000,639 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\VirtualDub.exe.lnk
[2010/11/23 23:20:51 | 000,000,780 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2010/11/23 23:15:42 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\AviInfo.lnk
[2010/11/19 19:39:04 | 000,000,038 | ---- | M] () -- C:\WINDOWS\osAviSplitter.INI
[2010/11/16 21:30:09 | 000,000,681 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Magic Gooddy.lnk
[2010/11/16 21:07:07 | 000,000,534 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Context 3.51.lnk
[2010/11/16 21:05:47 | 000,000,208 | ---- | M] () -- C:\WINDOWS\ContWin.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/12/09 18:00:49 | 000,005,962 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ParcelMailViewLabelServlet.pdf
[2010/12/08 16:57:19 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\WinWatermark.lnk
[2010/12/08 16:57:19 | 000,000,692 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\WinWatermark.lnk
[2010/12/05 13:45:53 | 075,813,417 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\MVI_1821.MOV
[2010/12/05 13:37:56 | 031,135,325 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\MVI_1820.MOV
[2010/12/03 18:08:40 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache
[2010/11/26 10:12:13 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\2010 Caviar Inventory.xls
[2010/11/25 11:25:10 | 002,199,803 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\DSC01421.jpg
[2010/11/24 20:43:51 | 000,000,844 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\4Musics FLAC to MP3 Converter.lnk
[2010/11/24 20:20:01 | 000,000,902 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\AVS Audio Converter6.lnk
[2010/11/24 16:00:57 | 000,037,270 | ---- | C] () -- C:\WINDOWS\System32\OggDSUninst.exe
[2010/11/24 15:56:24 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/11/24 15:55:38 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/24 15:46:10 | 000,064,201 | ---- | C] () -- C:\WINDOWS\System32\llyrteuodvnvmmjdn.exe
[2010/11/24 15:05:21 | 000,033,540 | ---- | C] () -- C:\WINDOWS\System32\CoreFLACDecoder-uninstall.exe
[2010/11/23 23:34:02 | 000,000,639 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\VirtualDub.exe.lnk
[2010/11/23 23:20:51 | 000,000,780 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2010/11/23 23:15:42 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\AviInfo.lnk
[2010/11/19 19:39:04 | 000,000,038 | ---- | C] () -- C:\WINDOWS\osAviSplitter.INI
[2010/11/16 21:07:07 | 000,000,534 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Context 3.51.lnk
[2010/11/16 21:05:47 | 000,000,208 | ---- | C] () -- C:\WINDOWS\ContWin.ini
[2010/11/04 13:35:34 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/10/29 21:30:10 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/10/18 20:17:29 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2010/10/04 12:45:44 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\DELPHIMM.DLL
[2010/10/01 21:30:07 | 000,000,298 | ---- | C] () -- C:\WINDOWS\LMWORD7.INI
[2010/09/22 17:29:20 | 000,137,216 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/22 09:07:36 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/09/22 08:53:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcqvs.dll
[2010/09/22 08:53:44 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxcqcoin.dll
[2010/09/22 08:53:25 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxcqdrs.dll
[2010/09/22 08:53:25 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxcqcaps.dll
[2010/09/22 08:53:24 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxcqcnv4.dll
[2010/09/22 08:53:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2010/09/22 08:52:03 | 000,028,672 | ---- | C] () -- C:\WINDOWS\hookdllX.dll
[2010/09/22 08:51:53 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2010/09/22 08:50:39 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lxcqpmon.dll
[2010/09/22 08:50:39 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXCQFXPU.DLL
[2010/09/22 08:49:54 | 000,000,031 | ---- | C] () -- C:\WINDOWS\System32\lxcqrwrd.ini
[2010/09/22 08:49:42 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\LXCQinst.dll
[2010/09/22 08:49:36 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\lxcqgrd.dll
[2010/09/22 00:08:24 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2010/09/21 23:45:03 | 000,000,730 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/09/21 16:58:01 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/09/21 15:13:02 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010/09/21 14:27:06 | 000,697,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/10/21 13:20:08 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen_x86.sys
[2004/10/11 10:19:00 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\ASUSASV2.DLL
[2003/09/16 07:52:28 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2003/09/16 07:43:31 | 000,884,736 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2003/09/16 07:41:43 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[1993/07/23 17:31:02 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\msvcrt10.dll
========== Files - Unicode (All) ==========
[2010/09/24 16:51:55 | 000,000,000 | ---D | M](C:\Dreamweaver old(???????)) -- C:\Dreamweaver old(???????)
[2010/09/24 16:51:38 | 000,000,000 | ---D | C](C:\Dreamweaver old(???????)) -- C:\Dreamweaver old(???????)
< End of report >
Problem with my laptop
Started by aleshkacccp, Dec 14 2010 06:54 AM
1 reply to this topic
#2
prairie dog
-
- Malware Hunters
-
- 1,549 posts
Forum Deity
Posted 14 December 2010 - 02:34 PM
Hello, and welcome to Malwarebytes.org
We don't work on Malware removal in the general forums.
Please print out, read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.
One of the expert helpers there will give you one-on-one assistance when one becomes available.
After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someone has replied to your post.
Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org
We don't work on Malware removal in the general forums.
Please print out, read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.
One of the expert helpers there will give you one-on-one assistance when one becomes available.
After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someone has replied to your post.
Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org
Avira Antivir Personal and MBAM Pro
On demand: SAS and Hitman Pro
Firewall-Online Armor Premium
FF3-adblock plus, noscript, betterprivacy, WOT, Keyscrambler, TrackMeNot
Sandboxie
ONE DAY AT A TIME!
On demand: SAS and Hitman Pro
Firewall-Online Armor Premium
FF3-adblock plus, noscript, betterprivacy, WOT, Keyscrambler, TrackMeNot
Sandboxie
ONE DAY AT A TIME!
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
