.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.6001.19088 BrowserJavaVersion: 1.6.0_26
Run by Mr Roboto at 22:16:02 on 2011-11-22
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.5886.3748 [GMT -8:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\nvraidservice.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Windows\system32\wuauclt.exe
C:\Users\MRROBO~1\AppData\Local\Temp\dwme.exe
C:\Users\Mr Roboto\AppData\Roaming\74E7E\4B666.exe
C:\Users\Mr Roboto\AppData\Roaming\7E23F\lvvm.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Users\Mr Roboto\Downloads\rcug054q.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\msiexec.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
mURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
uWinlogon: Shell=explorer.exe,C:\Users\Mr Roboto\AppData\Roaming\74E7E\4B666.exe
BHO: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - C:\Program Files (x86)\WOT\WOT.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - C:\Program Files (x86)\WOT\WOT.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
uRun: [Z444ammH5sWJdE8] C:\Users\Mr Roboto\AppData\Roaming\dwme.exe
uRun: [48C.exe] C:\Users\Mr Roboto\AppData\Roaming\Microsoft\6627\48C.exe
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_Plugin.exe -update plugin
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
mRun: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
mRun: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [GFFF4ppmG5sQ6dK8234A] C:\Windows\system32\AV Protection 2011v121.exe
mRun: [H11uuvS2obF] C:\Users\Mr Roboto\AppData\Roaming\dwme.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{7147E6F5-DD4B-48C7-8EB0-3D54C2A9CE6F} : DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2
BHO-X64: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
BHO-X64: BitTorrentBar - No File
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO-X64: Vuze Remote - No File
BHO-X64: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
BHO-X64: Yontoo Layers - No File
TB-X64: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
TB-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun-x64: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun-x64: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun-x64: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun-x64: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
mRun-x64: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
mRun-x64: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [GFFF4ppmG5sQ6dK8234A] C:\Windows\system32\AV Protection 2011v121.exe
mRun-x64: [H11uuvS2obF] C:\Users\Mr Roboto\AppData\Roaming\dwme.exe
IE-X64: {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Mr Roboto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\Spyware Doctor\BDT\FireFox\platform\WINNT_x86-msvc\components\libheuristic.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko5.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko6.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko7.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko8.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCoreGecko5.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCoreGecko6.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCoreGecko7.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCoreGecko8.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Browser Defender Toolbar: {cb84136f-9c44-433a-9048-c5cd9df1dc16} - C:\Program Files (x86)\Spyware Doctor\BDT\FireFox
FF - Ext: avast! WebRep: wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: Google Docs Viewer: adonis.cuhk@gmail.com - %profile%\extensions\adonis.cuhk@gmail.com
FF - Ext: PDF Download: {37E4D8EA-8BDA-4831-8EA1-89053939A250} - %profile%\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
FF - Ext: BitTorrentBar Community Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - %profile%\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
FF - Ext: Vuze Remote Community Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
FF - Ext: Yontoo Layers: plugin@yontoo.com - %profile%\extensions\plugin@yontoo.com
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
FF - user.js: extentions.y2layers.installId - 08d81979-37dc-415e-b795-3d28230348b0
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,BestVideoDownloader,
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-9-26 27632]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-7-27 42184]
R3 netr7364;USB Wireless 802.11 b/g Adaptor Driver for Vista;C:\Windows\system32\DRIVERS\netr7364.sys --> C:\Windows\system32\DRIVERS\netr7364.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RpcLocator32;Remote Procedure Call (RPC) Locator ;C:\Windows\system32\avifil3232.exe --> C:\Windows\system32\avifil3232.exe [?]
S3 FlyUsb;FLY Fusion;C:\Windows\system32\DRIVERS\FlyUsb.sys --> C:\Windows\system32\DRIVERS\FlyUsb.sys [?]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\system32\DRIVERS\motccgp.sys --> C:\Windows\system32\DRIVERS\motccgp.sys [?]
S3 motccgpfl;MotCcgpFlService;C:\Windows\system32\DRIVERS\motccgpfl.sys --> C:\Windows\system32\DRIVERS\motccgpfl.sys [?]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2010-2-27 93184]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2011-11-23 04:45:31 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\TTTXXwjjUClIBzP
2011-11-23 04:45:30 2840064 ----a-w- C:\Windows\SysWow64\AV Protection 2011v121.exe
2011-11-23 04:45:29 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\WddEEL88gRZhYwk
2011-11-23 04:45:29 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\k11iivD33nF4aHs
2011-11-23 04:44:35 2840064 ----a-w- C:\Users\Mr Roboto\AppData\Roaming\firefox.exe
2011-11-23 04:43:55 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\7E23F
2011-11-23 04:43:33 101888 ----a-w- C:\Users\Mr Roboto\AppData\Roaming\Microsoft\6627\716A.tmp
2011-11-23 04:43:27 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\QiiibDD3onGamH
2011-11-23 04:43:27 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\GJJ77fELL8TZqYw
2011-11-23 04:43:25 -------- d-----we C:\Windows\system64
2011-11-23 04:43:23 286208 ----a-w- C:\Users\Mr Roboto\AppData\Roaming\Microsoft\6627\48C.exe
2011-11-23 04:43:23 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\74E7E
2011-11-23 04:42:58 286208 ----a-w- C:\Users\Mr Roboto\AppData\Roaming\dwme.exe
2011-11-23 04:42:58 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\iS11iivD3o
2011-11-23 04:42:57 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\r000uccS1ib3
2011-11-23 04:42:57 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\cWKK77fEL9gT
2011-11-19 01:25:55 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-12 04:17:40 -------- d-----w- C:\Program Files (x86)\Yontoo Layers Runtime
2011-11-12 04:17:39 -------- d-----w- C:\ProgramData\Tarma Installer
2011-11-12 04:17:38 -------- d-----w- C:\Users\Mr Roboto\.swt
2011-11-12 04:16:44 -------- d-----w- C:\Program Files (x86)\Vuze_Remote
2011-11-12 04:08:21 -------- d-----w- C:\Users\Mr Roboto\AppData\Local\Google
2011-11-12 04:08:20 -------- d-----w- C:\Program Files (x86)\Conduit
2011-11-12 04:08:19 -------- d-----w- C:\Users\Mr Roboto\AppData\Local\Conduit
2011-11-12 04:08:18 -------- d-----w- C:\Program Files (x86)\BitTorrentBar
.
==================== Find3M ====================
.
.
============= FINISH: 22:16:38.36 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/25/2010 10:03:05 PM
System Uptime: 11/20/2011 8:59:14 PM (50 hours ago)
.
Motherboard: PEGATRON CORPORATION | | VIOLET
Processor: AMD Phenom(tm) 9550 Quad-Core Processor | CPU 1 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 583 GiB total, 445.568 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 1.801 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP455: 9/14/2011 3:00:12 AM - Windows Update
RP456: 9/15/2011 6:55:19 PM - Scheduled Checkpoint
RP457: 9/21/2011 6:22:32 PM - Scheduled Checkpoint
RP458: 9/28/2011 3:01:15 AM - Windows Update
RP459: 10/1/2011 12:31:12 PM - Scheduled Checkpoint
RP460: 10/10/2011 10:11:09 PM - Scheduled Checkpoint
RP461: 10/13/2011 3:00:10 AM - Windows Update
RP462: 10/16/2011 5:39:01 AM - Scheduled Checkpoint
RP463: 10/17/2011 - Scheduled Checkpoint
RP464: 10/20/2011 11:59:49 AM - Scheduled Checkpoint
RP465: 10/27/2011 7:39:27 PM - Scheduled Checkpoint
RP466: 10/31/2011 6:51:01 PM - Scheduled Checkpoint
RP467: 11/2/2011 8:14:07 AM - Scheduled Checkpoint
RP468: 11/3/2011 12:18:31 AM - Scheduled Checkpoint
RP469: 11/4/2011 12:04:23 PM - Scheduled Checkpoint
RP470: 11/5/2011 10:25:37 AM - Scheduled Checkpoint
RP471: 11/6/2011 12:02:49 AM - Scheduled Checkpoint
RP472: 11/7/2011 - Scheduled Checkpoint
RP473: 11/8/2011 12:46:55 PM - Scheduled Checkpoint
RP474: 11/9/2011 3:00:10 AM - Windows Update
RP475: 11/10/2011 8:53:35 AM - Scheduled Checkpoint
RP476: 11/11/2011 12:09:34 AM - Scheduled Checkpoint
RP477: 11/12/2011 - Scheduled Checkpoint
RP478: 11/13/2011 3:16:24 AM - Scheduled Checkpoint
RP479: 11/14/2011 9:40:58 AM - Scheduled Checkpoint
RP480: 11/15/2011 12:40:46 PM - Scheduled Checkpoint
RP481: 11/16/2011 8:50:15 AM - Scheduled Checkpoint
RP482: 11/17/2011 8:36:54 AM - Scheduled Checkpoint
RP483: 11/18/2011 3:17:02 AM - Scheduled Checkpoint
RP484: 11/20/2011 9:52:58 AM - Scheduled Checkpoint
RP485: 11/21/2011 7:03:32 AM - Scheduled Checkpoint
RP486: 11/22/2011 6:45:07 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Absolute Poker
ActiveCheck component for HP Active Support Library
Adobe Flash Player 10 Plugin
AIM 7
AIO_CDB_ProductContext
AIO_CDB_Software
AIO_Scan
Apple Application Support
Apple Software Update
avast! Free Antivirus
BitTorrentBar Toolbar
BufferChm
CCleaner
Compatibility Pack for the 2007 Office system
Copy
Coupon Printer for Windows
CustomerResearchQFolder
CyberLink DVD Suite Deluxe
Destinations
DeviceManagementQFolder
DivX Setup
DocProc
DocProcQFolder
Download Updater (AOL LLC)
Enhanced Multimedia Keyboard Solution
ESET Online Scanner v3
eSupportQFolder
F300
F300_Help
F300Trb
Fax
Foxit Reader 5.0
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Demo
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP Photosmart Essential
HP Picasso Media Center Add-In
HP Recovery Manager RSS
HP Total Care Setup
HP Update
HPAsset component for HP Active Support Library
HPProductAssistant
HPSSupply
Java Auto Updater
Java(TM) 6 Update 26
Juno Preloader
LabelPrint
LeapFrog Connect
LeapFrog Tag Junior Plugin
LeapFrog Tag Plugin
LightScribe System Software 1.14.25.1
LightScribe Template Labeler
Malwarebytes' Anti-Malware
MarketResearch
Microsoft Digital Image Pro 9
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox (3.6.24)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NetZero Preloader
Norton Security Scan
Power2Go
PowerDirector
Python 2.5.2
QuickTime
Realtek High Definition Audio Driver
Safari
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
SolutionCenter
Status
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
VC80CRTRedist - 8.0.50727.4053
VSO Image Resizer 4.0.1.5
Vuze
Vuze Remote Toolbar
WebReg
WOT for Internet Explorer
.
==== Event Viewer Messages From Past Week ========
.
11/21/2011 9:59:03 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 76.175.217.121 for the Network Card with network address 00248C4B6662 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
11/21/2011 7:07:52 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.100.10 for the Network Card with network address 00248C4B6662 has been denied by the DHCP server 76.85.238.38 (The DHCP Server sent a DHCPNACK message).
11/20/2011 9:08:47 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Beep
11/20/2011 9:08:47 AM, Error: Service Control Manager [7024] - The SL UI Notification Service service terminated with service-specific error 3221541889 (0xC004D401).
11/20/2011 9:07:31 AM, Error: EventLog [6008] - The previous system shutdown at 6:29:58 AM on 11/19/2011 was unexpected.
11/20/2011 10:10:18 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
.
==== End Of File ===========================
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-22 22:15:22
Windows 6.0.6001 Service Pack 1
Running: rcug054q.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
---- EOF - GMER 1.0.15 ----
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.6001.19088 BrowserJavaVersion: 1.6.0_26
Run by Mr Roboto at 22:16:02 on 2011-11-22
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.5886.3748 [GMT -8:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\nvraidservice.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Windows\system32\wuauclt.exe
C:\Users\MRROBO~1\AppData\Local\Temp\dwme.exe
C:\Users\Mr Roboto\AppData\Roaming\74E7E\4B666.exe
C:\Users\Mr Roboto\AppData\Roaming\7E23F\lvvm.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Users\Mr Roboto\Downloads\rcug054q.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\msiexec.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
mURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
uWinlogon: Shell=explorer.exe,C:\Users\Mr Roboto\AppData\Roaming\74E7E\4B666.exe
BHO: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - C:\Program Files (x86)\WOT\WOT.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - C:\Program Files (x86)\WOT\WOT.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
uRun: [Z444ammH5sWJdE8] C:\Users\Mr Roboto\AppData\Roaming\dwme.exe
uRun: [48C.exe] C:\Users\Mr Roboto\AppData\Roaming\Microsoft\6627\48C.exe
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_Plugin.exe -update plugin
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
mRun: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
mRun: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [GFFF4ppmG5sQ6dK8234A] C:\Windows\system32\AV Protection 2011v121.exe
mRun: [H11uuvS2obF] C:\Users\Mr Roboto\AppData\Roaming\dwme.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{7147E6F5-DD4B-48C7-8EB0-3D54C2A9CE6F} : DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2
BHO-X64: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
BHO-X64: BitTorrentBar - No File
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO-X64: Vuze Remote - No File
BHO-X64: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
BHO-X64: Yontoo Layers - No File
TB-X64: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
TB-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun-x64: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun-x64: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun-x64: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun-x64: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
mRun-x64: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
mRun-x64: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [GFFF4ppmG5sQ6dK8234A] C:\Windows\system32\AV Protection 2011v121.exe
mRun-x64: [H11uuvS2obF] C:\Users\Mr Roboto\AppData\Roaming\dwme.exe
IE-X64: {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Mr Roboto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\Spyware Doctor\BDT\FireFox\platform\WINNT_x86-msvc\components\libheuristic.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko5.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko6.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko7.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko8.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCoreGecko5.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCoreGecko6.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCoreGecko7.dll
FF - component: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCoreGecko8.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Users\Mr Roboto\AppData\Roaming\Mozilla\Firefox\Profiles\pr4hinkn.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Browser Defender Toolbar: {cb84136f-9c44-433a-9048-c5cd9df1dc16} - C:\Program Files (x86)\Spyware Doctor\BDT\FireFox
FF - Ext: avast! WebRep: wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: Google Docs Viewer: adonis.cuhk@gmail.com - %profile%\extensions\adonis.cuhk@gmail.com
FF - Ext: PDF Download: {37E4D8EA-8BDA-4831-8EA1-89053939A250} - %profile%\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
FF - Ext: BitTorrentBar Community Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - %profile%\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
FF - Ext: Vuze Remote Community Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
FF - Ext: Yontoo Layers: plugin@yontoo.com - %profile%\extensions\plugin@yontoo.com
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
FF - user.js: extentions.y2layers.installId - 08d81979-37dc-415e-b795-3d28230348b0
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,BestVideoDownloader,
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-9-26 27632]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-7-27 42184]
R3 netr7364;USB Wireless 802.11 b/g Adaptor Driver for Vista;C:\Windows\system32\DRIVERS\netr7364.sys --> C:\Windows\system32\DRIVERS\netr7364.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RpcLocator32;Remote Procedure Call (RPC) Locator ;C:\Windows\system32\avifil3232.exe --> C:\Windows\system32\avifil3232.exe [?]
S3 FlyUsb;FLY Fusion;C:\Windows\system32\DRIVERS\FlyUsb.sys --> C:\Windows\system32\DRIVERS\FlyUsb.sys [?]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\system32\DRIVERS\motccgp.sys --> C:\Windows\system32\DRIVERS\motccgp.sys [?]
S3 motccgpfl;MotCcgpFlService;C:\Windows\system32\DRIVERS\motccgpfl.sys --> C:\Windows\system32\DRIVERS\motccgpfl.sys [?]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2010-2-27 93184]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2011-11-23 04:45:31 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\TTTXXwjjUClIBzP
2011-11-23 04:45:30 2840064 ----a-w- C:\Windows\SysWow64\AV Protection 2011v121.exe
2011-11-23 04:45:29 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\WddEEL88gRZhYwk
2011-11-23 04:45:29 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\k11iivD33nF4aHs
2011-11-23 04:44:35 2840064 ----a-w- C:\Users\Mr Roboto\AppData\Roaming\firefox.exe
2011-11-23 04:43:55 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\7E23F
2011-11-23 04:43:33 101888 ----a-w- C:\Users\Mr Roboto\AppData\Roaming\Microsoft\6627\716A.tmp
2011-11-23 04:43:27 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\QiiibDD3onGamH
2011-11-23 04:43:27 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\GJJ77fELL8TZqYw
2011-11-23 04:43:25 -------- d-----we C:\Windows\system64
2011-11-23 04:43:23 286208 ----a-w- C:\Users\Mr Roboto\AppData\Roaming\Microsoft\6627\48C.exe
2011-11-23 04:43:23 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\74E7E
2011-11-23 04:42:58 286208 ----a-w- C:\Users\Mr Roboto\AppData\Roaming\dwme.exe
2011-11-23 04:42:58 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\iS11iivD3o
2011-11-23 04:42:57 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\r000uccS1ib3
2011-11-23 04:42:57 -------- d-----w- C:\Users\Mr Roboto\AppData\Roaming\cWKK77fEL9gT
2011-11-19 01:25:55 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-12 04:17:40 -------- d-----w- C:\Program Files (x86)\Yontoo Layers Runtime
2011-11-12 04:17:39 -------- d-----w- C:\ProgramData\Tarma Installer
2011-11-12 04:17:38 -------- d-----w- C:\Users\Mr Roboto\.swt
2011-11-12 04:16:44 -------- d-----w- C:\Program Files (x86)\Vuze_Remote
2011-11-12 04:08:21 -------- d-----w- C:\Users\Mr Roboto\AppData\Local\Google
2011-11-12 04:08:20 -------- d-----w- C:\Program Files (x86)\Conduit
2011-11-12 04:08:19 -------- d-----w- C:\Users\Mr Roboto\AppData\Local\Conduit
2011-11-12 04:08:18 -------- d-----w- C:\Program Files (x86)\BitTorrentBar
.
==================== Find3M ====================
.
.
============= FINISH: 22:16:38.36 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/25/2010 10:03:05 PM
System Uptime: 11/20/2011 8:59:14 PM (50 hours ago)
.
Motherboard: PEGATRON CORPORATION | | VIOLET
Processor: AMD Phenom(tm) 9550 Quad-Core Processor | CPU 1 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 583 GiB total, 445.568 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 1.801 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP455: 9/14/2011 3:00:12 AM - Windows Update
RP456: 9/15/2011 6:55:19 PM - Scheduled Checkpoint
RP457: 9/21/2011 6:22:32 PM - Scheduled Checkpoint
RP458: 9/28/2011 3:01:15 AM - Windows Update
RP459: 10/1/2011 12:31:12 PM - Scheduled Checkpoint
RP460: 10/10/2011 10:11:09 PM - Scheduled Checkpoint
RP461: 10/13/2011 3:00:10 AM - Windows Update
RP462: 10/16/2011 5:39:01 AM - Scheduled Checkpoint
RP463: 10/17/2011 - Scheduled Checkpoint
RP464: 10/20/2011 11:59:49 AM - Scheduled Checkpoint
RP465: 10/27/2011 7:39:27 PM - Scheduled Checkpoint
RP466: 10/31/2011 6:51:01 PM - Scheduled Checkpoint
RP467: 11/2/2011 8:14:07 AM - Scheduled Checkpoint
RP468: 11/3/2011 12:18:31 AM - Scheduled Checkpoint
RP469: 11/4/2011 12:04:23 PM - Scheduled Checkpoint
RP470: 11/5/2011 10:25:37 AM - Scheduled Checkpoint
RP471: 11/6/2011 12:02:49 AM - Scheduled Checkpoint
RP472: 11/7/2011 - Scheduled Checkpoint
RP473: 11/8/2011 12:46:55 PM - Scheduled Checkpoint
RP474: 11/9/2011 3:00:10 AM - Windows Update
RP475: 11/10/2011 8:53:35 AM - Scheduled Checkpoint
RP476: 11/11/2011 12:09:34 AM - Scheduled Checkpoint
RP477: 11/12/2011 - Scheduled Checkpoint
RP478: 11/13/2011 3:16:24 AM - Scheduled Checkpoint
RP479: 11/14/2011 9:40:58 AM - Scheduled Checkpoint
RP480: 11/15/2011 12:40:46 PM - Scheduled Checkpoint
RP481: 11/16/2011 8:50:15 AM - Scheduled Checkpoint
RP482: 11/17/2011 8:36:54 AM - Scheduled Checkpoint
RP483: 11/18/2011 3:17:02 AM - Scheduled Checkpoint
RP484: 11/20/2011 9:52:58 AM - Scheduled Checkpoint
RP485: 11/21/2011 7:03:32 AM - Scheduled Checkpoint
RP486: 11/22/2011 6:45:07 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Absolute Poker
ActiveCheck component for HP Active Support Library
Adobe Flash Player 10 Plugin
AIM 7
AIO_CDB_ProductContext
AIO_CDB_Software
AIO_Scan
Apple Application Support
Apple Software Update
avast! Free Antivirus
BitTorrentBar Toolbar
BufferChm
CCleaner
Compatibility Pack for the 2007 Office system
Copy
Coupon Printer for Windows
CustomerResearchQFolder
CyberLink DVD Suite Deluxe
Destinations
DeviceManagementQFolder
DivX Setup
DocProc
DocProcQFolder
Download Updater (AOL LLC)
Enhanced Multimedia Keyboard Solution
ESET Online Scanner v3
eSupportQFolder
F300
F300_Help
F300Trb
Fax
Foxit Reader 5.0
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Demo
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP Photosmart Essential
HP Picasso Media Center Add-In
HP Recovery Manager RSS
HP Total Care Setup
HP Update
HPAsset component for HP Active Support Library
HPProductAssistant
HPSSupply
Java Auto Updater
Java(TM) 6 Update 26
Juno Preloader
LabelPrint
LeapFrog Connect
LeapFrog Tag Junior Plugin
LeapFrog Tag Plugin
LightScribe System Software 1.14.25.1
LightScribe Template Labeler
Malwarebytes' Anti-Malware
MarketResearch
Microsoft Digital Image Pro 9
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox (3.6.24)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NetZero Preloader
Norton Security Scan
Power2Go
PowerDirector
Python 2.5.2
QuickTime
Realtek High Definition Audio Driver
Safari
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
SolutionCenter
Status
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
VC80CRTRedist - 8.0.50727.4053
VSO Image Resizer 4.0.1.5
Vuze
Vuze Remote Toolbar
WebReg
WOT for Internet Explorer
.
==== Event Viewer Messages From Past Week ========
.
11/21/2011 9:59:03 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 76.175.217.121 for the Network Card with network address 00248C4B6662 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
11/21/2011 7:07:52 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.100.10 for the Network Card with network address 00248C4B6662 has been denied by the DHCP server 76.85.238.38 (The DHCP Server sent a DHCPNACK message).
11/20/2011 9:08:47 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Beep
11/20/2011 9:08:47 AM, Error: Service Control Manager [7024] - The SL UI Notification Service service terminated with service-specific error 3221541889 (0xC004D401).
11/20/2011 9:07:31 AM, Error: EventLog [6008] - The previous system shutdown at 6:29:58 AM on 11/19/2011 was unexpected.
11/20/2011 10:10:18 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
.
==== End Of File ===========================
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-22 22:15:22
Windows 6.0.6001 Service Pack 1
Running: rcug054q.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
---- EOF - GMER 1.0.15 ----