DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_29
Run by v icky at 10:57:13 on 2012-05-30
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.91.1033.18.2038.718 [GMT 5.5:30]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
FW: COMODO Defense+ *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Comodo\COMODO Internet Security\cfp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\iMesh Applications\iMesh\iMesh.exe
C:\Windows\system32\WerFault.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=111434 ... 1644763332
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Wincore Mediabar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\progra~1\imesha~1\mediabar\datamngr\toolbar\wincoreimdtx.dll
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.5.3.17\bh\BabylonToolbar.dll
BHO: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: Wincore Mediabar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\progra~1\imesha~1\mediabar\datamngr\toolbar\wincoreimdtx.dll
TB: {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.5.3.17\BabylonToolbarTlbr.dll
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [CPA] c:\program files\comodo\comodo geekbuddy\VALA.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [COMODO] c:\program files\comodo\comodo geekbuddy\CLPSLA.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{245E6FCB-7E4C-4A66-BACF-BFC8178B4820} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{58841B97-BB84-436F-A8E8-15F1E8F1AF92} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{58841B97-BB84-436F-A8E8-15F1E8F1AF92} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\9.0.1\ViProtocol.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\imesha~1\mediabar\datamngr\datamngr.dll c:\progra~1\imesha~1\mediabar\datamngr\iebho.dll c:\windows\system32\guard32.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\v icky\appdata\roaming\mozilla\firefox\profiles\8yw39bvl.default\
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-12-8 15672]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-25 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-25 314456]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2011-5-23 47968]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2011-12-19 491816]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2011-12-19 38616]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2011-10-26 101112]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-25 20568]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-12-25 55128]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-12-25 44768]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\comodo\comodo geekbuddy\CLPSLS.exe [2011-11-23 1052472]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-24 652872]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2011-9-9 77816]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-24 20464]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\drivers\netr73.sys [2009-5-24 501248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-11-14 136176]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-11-14 136176]
S3 HPBtnSrv;HP Chasis Button Service;c:\hp\hpezbtn\HPBtnSrv.exe [2009-8-10 198240]
S3 sbwtis;sbwtis;c:\windows\system32\drivers\sbwtis.sys [2011-11-1 72312]
S3 vToolbarUpdater;vToolbarUpdater;c:\program files\common files\avg secure search\vtoolbarupdater\9.0.1\ToolbarUpdater.exe [2011-12-24 869216]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-05-30 05:18:42 -------- d-----w- c:\programdata\2A3DD
2012-05-29 19:01:06 475648 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.scr
2012-05-29 19:01:06 1061888 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.exe
2012-05-29 19:01:05 -------- d-----w- c:\program files\MyDefrag v4.3.1
2012-05-29 06:13:32 6737808 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{3fa76d68-c73c-4bc7-b0c7-47c29105a920}\mpengine.dll
2012-05-28 05:56:02 -------- d-----w- c:\program files\CCleaner
2012-05-27 06:45:53 -------- d-----w- c:\program files\VS Revo Group
2012-05-27 06:45:13 -------- d-----w- c:\users\v icky\appdata\roaming\BabylonToolbar
2012-05-27 06:45:11 -------- d-----w- c:\users\v icky\appdata\local\Mozilla
2012-05-27 06:45:02 -------- d-----w- c:\program files\BabylonToolbar
2012-05-27 06:44:12 -------- d-----w- c:\users\v icky\appdata\roaming\Babylon
2012-05-25 11:04:30 -------- d-----w- C:\Cricket 2008
2012-05-25 10:50:04 -------- d-----w- c:\users\v icky\appdata\local\Adobe
2012-05-25 10:42:50 -------- d-----w- C:\Cricket 2011
2012-05-18 06:53:58 -------- d-----w- c:\programdata\iolo
2012-05-17 02:56:59 -------- d-----w- c:\users\v icky\appdata\local\Google
2012-05-17 02:36:09 -------- d-----w- c:\users\v icky\appdata\roaming\Malwarebytes
2012-05-17 02:02:47 -------- d-----w- c:\programdata\2FC8
.
==================== Find3M ====================
.
.
============= FINISH: 10:58:46.77 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10-08-2009 16:33:36
System Uptime: 30-05-2012 10:12:27 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | Benicia
Processor: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz | CPU 1 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 289 GiB total, 182.009 GiB free.
D: is FIXED (NTFS) - 9 GiB total, 1.292 GiB free.
E: is CDROM (CDFS)
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
µTorrent
32 Bit HP CIO Components Installer
A² Studios' ICC Cricket World Cup 2011 Patch
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 8.1.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
AVG 2012
Babylon toolbar on IE
BabylonObjectInstaller
Bonjour
BufferChm
Cards_Calendar_OrderGift_DoMorePlugout
CCleaner
Comodo Dragon
COMODO GeekBuddy
COMODO Internet Security
Conduit Engine
Copy
CustomerResearchQFolder
CyberLink DVD Suite Deluxe
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DJ_AIO_03_F4200_Software
DJ_AIO_03_F4200_Software_Min
Enhanced Multimedia Keyboard Solution
ESET Online Scanner v3
eSupportQFolder
FVDIEPlugin
Google Chrome
Google Update Helper
GPBaseService
Hardware Diagnostic Tools
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Customer Feedback
HP Customer Participation Program 11.0
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3
HP Easy Setup - Frontend
HP Imaging Device Functions 11.0
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.5
HP Photosmart Essential 3.0
HP Picasso Media Center Add-In
HP Smart Web Printing
HP Solution Center 11.0
HP Update
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
iMesh
Intel(R) Graphics Media Accelerator Driver
Intel(R) Matrix Storage Manager
Java Auto Updater
Java(TM) 6 Update 29
Java(TM) SE Runtime Environment 6 Update 1
LabelPrint
LightScribe System Software 1.10.16.1
Malwarebytes Anti-Malware version 1.60.0.1800
MarketResearch
MediaRing Talk
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Mozilla Firefox 8.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.1
MyDefrag v4.3.1
Power2Go
PowerDirector
PSSWCORE
Python 2.5
Realtek High Definition Audio Driver
Revo Uninstaller 1.93
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Shop for HP Supplies
Smart Defrag 2
SmartWebPrinting
SolutionCenter
Status
Toolbox
TrayApp
TuneUp Utilities Language Pack (en-US)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VideoToolkit01
VIPRE Antivirus
VLC media player 1.0.5
WebReg
Wincore MediaBar
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
28-05-2012 19:46:00, Error: EventLog [6008] - The previous system shutdown at 19:22:01 on 28-05-2012 was unexpected.
25-05-2012 22:36:33, Error: EventLog [6008] - The previous system shutdown at 22:34:11 on 25-05-2012 was unexpected.
25-05-2012 19:50:16, Error: Microsoft Antimalware [2001] -
25-05-2012 16:17:40, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {C2BFE331-6739-4270-86C9-493D9A04CD38}. The error: "5" Happened while starting this command: C:\Windows\system32\igfxsrvc.exe -Embedding
24-05-2012 23:40:33, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "109" attempting to start the service stisvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
23-05-2012 10:23:37, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: The HP Health Check Service application cannot be run in Win32 mode.
23-05-2012 10:22:32, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 001644763332 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
23-05-2012 10:21:36, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
23-05-2012 10:21:35, Error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
.
==== End Of File ===========================