1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer bogged down -- virus (Relevant Knowledge?)

Discussion in 'Virus & Other Malware Removal' started by emuck, Aug 25, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. emuck

    emuck Thread Starter

    Joined:
    Aug 25, 2011
    Messages:
    9
    Hey everyone,

    I've been having issues for about a week now with my laptop, started out completely slowed down so I dumped Symantec and put on AVG. AVG didn't do it, so upon a suggestion, put Spybot S&D and Ad-Aware on and computer started speeding up again, cleaned off useless files, etc. However, every now and then my browsing speed lags and opening files takes much more time. I've noticed Relevant Knowledge is on my computer and I know it has been infecting my system to some degree. Uninstalled the program, deleted shortcuts, etc. but it is still present. Any help to get rid of these viruses, please respond! I need this computer up and running ASAP, I will soon be heading back to college and into a network that does not allow use of any anti-virus software other than what is approved (which happens to be Symantec on top of the network's firewalls).

    Thank you very much! Here are the logs:


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:15:50 PM, on 8/24/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v8.00 (8.00.7601.17514)
    Boot mode: Normal

    Running processes:
    c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender_gui.exe
    c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender_gui.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Windows\snuvcdsm.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
    C:\Users\Eric\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\windows\SysWOW64\rundll32.exe
    C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Eric\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/1
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.usd.edu/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/1
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCOM/1
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
    O4 - HKLM\..\Run: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: Dropbox.lnk = C:\Users\Eric\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O16 - DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} (Cisco NAC Web Agent Control) - https://usd-cas.usd.edu/auth/taweb.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_2223a6b19a4f4233\AESTSr64.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
    O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: HP Power Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
    O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    O23 - Service: HP SkyRoom (Hp.Skyroom.Windows.Service) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe
    O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files (x86)\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
    O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
    O23 - Service: Cisco NAC Agent (NACAgent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: Remote Graphics Sender Service (rgsender) - Hewlett-Packard, Inc. - c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe
    O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
    O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_2223a6b19a4f4233\STacSV64.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: WTouch Service (WTouchService) - Wacom Technology, Corp. - C:\Program Files\WTouch\WTouchService.exe

    --
    End of file - 14744 bytes



    .
    DDS (Ver_2011-06-23.01) - NTFSAMD64
    Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_26
    Run by Eric at 22:16:49 on 2011-08-24
    Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3890.1855 [GMT -5:00]
    .
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_2223a6b19a4f4233\STacSV64.exe
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\Hpservice.exe
    C:\Program Files\WTouch\WTouchService.exe
    C:\windows\system32\vcsFPService.exe
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\system32\WLANExt.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    C:\windows\SYSTEM32\WISPTIS.EXE
    C:\windows\system32\conhost.exe
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_2223a6b19a4f4233\AESTSr64.exe
    C:\Program Files\LSI SoftModem\agr64svc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
    C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe
    c:\Program Files (x86)\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
    C:\windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    C:\windows\System32\svchost.exe -k HPZ12
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\windows\system32\taskhost.exe
    C:\windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Program Files\WTouch\WTouchUser.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\windows\system32\wbem\unsecapp.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\windows\system32\svchost.exe -k bthsvcs
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender_gui.exe
    c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender_gui.exe
    c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\plugins\ice\Hp.SkyRoom.Windows.RgsPlugin.Authentication\Hp.SkyRoom.Windows.RgsPlugin.Authentication.exe
    C:\windows\system32\conhost.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\plugins\ice\Hp.SkyRoom.Windows.RgsPlugin.Lens\Hp.SkyRoom.Windows.RgsPlugin.Lens.exe
    C:\windows\system32\conhost.exe
    c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\plugins\ice\Hp.SkyRoom.Windows.RgsPlugin.Licensing\Hp.SkyRoom.Windows.RgsPlugin.Licensing.exe
    C:\windows\system32\conhost.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Windows\snuvcdsm.exe
    C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
    C:\Users\Eric\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    C:\windows\System32\svchost.exe -k secsvcs
    C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    C:\windows\system32\wuauclt.exe
    C:\windows\system32\svchost.exe -k SDRSVC
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\windows\SysWOW64\rundll32.exe
    C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\windows\System32\svchost.exe -k WerSvcGroup
    C:\windows\system32\taskeng.exe
    C:\windows\system32\SearchProtocolHost.exe
    C:\windows\system32\SearchFilterHost.exe
    C:\windows\SysWOW64\cmd.exe
    C:\windows\system32\conhost.exe
    C:\windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.usd.edu/
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    {555d4d79-4bd2-4094-a395-cfc534424a05}
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
    mRun: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    StartupFolder: C:\Users\Eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Eric\AppData\Roaming\Dropbox\bin\Dropbox.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: SoftwareSASGeneration = 3 (0x3)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} - hxxps://usd-cas.usd.edu/auth/taweb.cab
    DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.35.1
    TCP: Interfaces\{8A0B3FC3-8B12-4E21-9AAF-33CFBCF655F0} : DhcpNameServer = 192.168.35.1
    TCP: Interfaces\{8A0B3FC3-8B12-4E21-9AAF-33CFBCF655F0}\57E69667562737964797 : DhcpNameServer = 192.236.37.71 192.236.37.72 192.236.36.91 192.236.36.156
    TCP: Interfaces\{8A0B3FC3-8B12-4E21-9AAF-33CFBCF655F0}\D43694E647972756F523E2437484A7 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{8A0B3FC3-8B12-4E21-9AAF-33CFBCF655F0}\D43694E647972756F5537484A7 : DhcpNameServer = 192.168.2.1
    mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO-X64: Search Helper - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
    mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    mRun-x64: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
    mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun-x64: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
    mRun-x64: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\9872qe8f.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.usd.edu/
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Users\Eric\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Users\Eric\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll
    FF - plugin: C:\Users\Eric\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
    FF - plugin: C:\Users\Eric\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 Lbd;Lbd;C:\windows\system32\DRIVERS\Lbd.sys --> C:\windows\system32\DRIVERS\Lbd.sys [?]
    R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
    R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_2223a6b19a4f4233\AESTSr64.exe [2010-7-12 89600]
    R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-9-26 189736]
    R2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2009-12-16 102968]
    R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-1-27 102968]
    R2 Hp.Skyroom.Windows.Service;HP SkyRoom;C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe [2009-11-20 124984]
    R2 HPDayStarterService;HP DayStarter Service;C:\Program Files (x86)\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [2010-1-28 86016]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-1-25 92216]
    R2 hpsrv;HP Service;C:\windows\system32\Hpservice.exe --> C:\windows\system32\Hpservice.exe [?]
    R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe [2010-9-13 308656]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-7-21 2151640]
    R2 NACAgent;Cisco NAC Agent;C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe [2010-7-9 1053440]
    R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-8-6 1128952]
    R2 rgsender;Remote Graphics Sender Service;C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe [2010-7-12 379904]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-8-22 1153368]
    R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\system32\DRIVERS\btwl2cap.sys --> C:\windows\system32\DRIVERS\btwl2cap.sys [?]
    R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-3-18 227896]
    R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\windows\system32\DRIVERS\e1k62x64.sys --> C:\windows\system32\DRIVERS\e1k62x64.sys [?]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
    R3 Impcd;Impcd;C:\windows\system32\DRIVERS\Impcd.sys --> C:\windows\system32\DRIVERS\Impcd.sys [?]
    R3 IntcDAud;Intel(R) Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
    R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-8-22 17152]
    R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\NETwNs64.sys --> C:\windows\system32\DRIVERS\NETwNs64.sys [?]
    R3 rismcx64;RICOH Smart Card Reader;C:\windows\system32\DRIVERS\rismcx64.sys --> C:\windows\system32\DRIVERS\rismcx64.sys [?]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
    R3 wacomvthid;Virtual Touch Driver;C:\windows\system32\DRIVERS\WacomVTHid.sys --> C:\windows\system32\DRIVERS\WacomVTHid.sys [?]
    R3 wisdpen;Wacom Penabled MiniDriver;C:\windows\system32\DRIVERS\wisdpen.sys --> C:\windows\system32\DRIVERS\wisdpen.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-6 135664]
    S2 rimspci;rimspci;C:\windows\system32\DRIVERS\rimspe64.sys --> C:\windows\system32\DRIVERS\rimspe64.sys [?]
    S2 risdpcie;risdpcie;C:\windows\system32\DRIVERS\risdpe64.sys --> C:\windows\system32\DRIVERS\risdpe64.sys [?]
    S2 rixdpcie;rixdpcie;C:\windows\system32\DRIVERS\rixdpe64.sys --> C:\windows\system32\DRIVERS\rixdpe64.sys [?]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-6 135664]
    S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\windows\system32\DRIVERS\ManyCam_x64.sys --> C:\windows\system32\DRIVERS\ManyCam_x64.sys [?]
    S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\NETw5s64.sys --> C:\windows\system32\DRIVERS\NETw5s64.sys [?]
    S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
    S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
    S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]
    S4 RelevantKnowledge;RelevantKnowledge;C:\Program Files (x86)\RelevantKnowledge\rlservice.exe /service --> C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [?]
    .
    =============== Created Last 30 ================
    .
    2011-08-23 22:03:56 2048 ----a-w- C:\windows\SysWow64\tzres.dll
    2011-08-23 22:03:56 2048 ----a-w- C:\windows\System32\tzres.dll
    2011-08-23 22:01:50 8862544 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ACD39DB1-2844-4A05-A66B-A1896E6BA5F9}\mpengine.dll
    2011-08-23 08:19:54 16432 ----a-w- C:\windows\System32\lsdelete.exe
    2011-08-23 04:54:07 55384 ----a-w- C:\windows\System32\drivers\SBREDrv.sys
    2011-08-23 04:50:41 69376 ----a-w- C:\windows\System32\drivers\Lbd.sys
    2011-08-23 04:50:38 -------- d-----w- C:\Program Files (x86)\Lavasoft
    2011-08-23 04:44:08 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2011-08-23 04:44:08 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2011-08-17 18:49:01 8862544 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
    2011-08-17 18:48:52 270720 ------w- C:\windows\System32\MpSigStub.exe
    2011-08-17 06:04:23 -------- d-----w- C:\Users\Eric\AppData\Roaming\AVG
    2011-08-17 05:59:23 -------- d-----w- C:\Users\Eric\AppData\Roaming\AVG10
    2011-08-17 05:58:45 -------- d--h--w- C:\ProgramData\Common Files
    2011-08-17 05:57:25 -------- d-----w- C:\windows\System32\drivers\AVG
    2011-08-17 05:57:25 -------- d-----w- C:\ProgramData\AVG10
    2011-08-17 05:48:11 -------- d-----w- C:\ProgramData\MFAData
    2011-08-17 02:39:18 -------- d-----w- C:\windows\pss
    2011-08-14 06:24:51 -------- d-----r- C:\Program Files (x86)\Skype
    2011-08-11 18:24:46 338432 ----a-w- C:\windows\System32\conhost.exe
    2011-08-11 18:21:55 3912576 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
    2011-08-11 18:21:50 5561216 ----a-w- C:\windows\System32\ntoskrnl.exe
    2011-08-11 18:21:48 3967872 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
    2011-08-10 02:30:29 -------- d-----w- C:\Users\Eric\AppData\Roaming\MusicNet
    2011-08-10 02:27:52 -------- d-----w- C:\Users\Eric\AppData\Local\PackageAware
    2011-08-05 03:59:18 1110528 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
    2011-08-05 03:59:17 759296 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
    2011-08-05 03:58:18 244736 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
    2011-08-05 03:58:18 189952 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
    2011-07-27 00:38:28 17720 ----a-w- C:\windows\System32\drivers\CPQBttn.sys
    .
    ==================== Find3M ====================
    .
    2011-08-12 23:17:05 404640 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-07-22 05:22:26 1638912 ----a-w- C:\windows\System32\mshtml.tlb
    2011-07-22 04:54:18 1638912 ----a-w- C:\windows\SysWow64\mshtml.tlb
    2011-07-16 05:41:50 362496 ----a-w- C:\windows\System32\wow64win.dll
    2011-07-16 05:41:49 243200 ----a-w- C:\windows\System32\wow64.dll
    2011-07-16 05:41:49 13312 ----a-w- C:\windows\System32\wow64cpu.dll
    2011-07-16 05:39:10 16384 ----a-w- C:\windows\System32\ntvdm64.dll
    2011-07-16 05:37:12 421888 ----a-w- C:\windows\System32\KernelBase.dll
    2011-07-16 04:29:19 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
    2011-07-16 04:26:00 44032 ----a-w- C:\windows\apppatch\acwow64.dll
    2011-07-16 04:25:37 25600 ----a-w- C:\windows\SysWow64\setup16.exe
    2011-07-16 04:24:23 5120 ----a-w- C:\windows\SysWow64\wow32.dll
    2011-07-16 04:24:22 272384 ----a-w- C:\windows\SysWow64\KernelBase.dll
    2011-07-16 02:21:44 7680 ----a-w- C:\windows\SysWow64\instnm.exe
    2011-07-16 02:21:41 2048 ----a-w- C:\windows\SysWow64\user.exe
    2011-07-16 02:17:19 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2011-07-16 02:17:19 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 02:17:19 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 02:17:19 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2011-07-12 16:34:00 96104 ----a-w- C:\windows\System32\dns-sd.exe
    2011-07-12 16:34:00 85864 ----a-w- C:\windows\System32\dnssd.dll
    2011-07-12 16:34:00 61288 ----a-w- C:\windows\System32\jdns_sd.dll
    2011-07-12 16:34:00 212840 ----a-w- C:\windows\System32\dnssdX.dll
    2011-07-12 16:20:54 83816 ----a-w- C:\windows\SysWow64\dns-sd.exe
    2011-07-12 16:20:54 73064 ----a-w- C:\windows\SysWow64\dnssd.dll
    2011-07-12 16:20:54 50536 ----a-w- C:\windows\SysWow64\jdns_sd.dll
    2011-07-12 16:20:54 178536 ----a-w- C:\windows\SysWow64\dnssdX.dll
    2011-07-09 02:46:28 288768 ----a-w- C:\windows\System32\drivers\mrxsmb10.sys
    2011-06-24 05:34:53 214528 ----a-w- C:\windows\System32\winsrv.dll
    2011-06-21 06:34:00 1923968 ----a-w- C:\windows\System32\drivers\tcpip.sys
    2011-06-21 06:20:53 1188864 ----a-w- C:\windows\System32\wininet.dll
    2011-06-21 05:28:33 981504 ----a-w- C:\windows\SysWow64\wininet.dll
    2011-06-15 10:02:23 212992 ----a-w- C:\windows\System32\odbctrac.dll
    2011-06-15 10:02:23 163840 ----a-w- C:\windows\System32\odbccp32.dll
    2011-06-15 10:02:23 106496 ----a-w- C:\windows\System32\odbccu32.dll
    2011-06-15 10:02:23 106496 ----a-w- C:\windows\System32\odbccr32.dll
    2011-06-15 08:55:19 86016 ----a-w- C:\windows\SysWow64\odbccu32.dll
    2011-06-15 08:55:19 81920 ----a-w- C:\windows\SysWow64\odbccr32.dll
    2011-06-15 08:55:19 319488 ----a-w- C:\windows\SysWow64\odbcjt32.dll
    2011-06-15 08:55:19 163840 ----a-w- C:\windows\SysWow64\odbctrac.dll
    2011-06-15 08:55:19 122880 ----a-w- C:\windows\SysWow64\odbccp32.dll
    2011-06-11 03:07:25 3137536 ----a-w- C:\windows\System32\win32k.sys
    .
    ============= FINISH: 22:26:18.20 ===============




    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2011-08-25 00:11:44
    Windows 6.1.7601 Service Pack 1
    Running: rd0oqsvf.exe


    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002713bbbb35
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002713bbbb35
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002713bbbb35 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002713bbbb35 (not active ControlSet)

    ---- EOF - GMER 1.0.15 ----
     

    Attached Files:

  2. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    10,163
    Do the following :-

    Step 1

    I need you to shut off Spybots Teatimer as it will interfere with any tools we try to run:

    1) Open Spybot-S&D
    2) Go to the Mode menu, and make sure "Advanced Mode" is selected
    3) On the left hand side, choose Tools -> Resident
    4) Uncheck "Resident TeaTimer" and OK any prompts
    5) Restart your computer.

    Step 2

    Please download OTM by OldTimer.
    Alternative Mirror 1
    Alternative Mirror 2
    Save it to your desktop.
    Double click OTM.exe to start the tool. Vista or Windows 7 users right click and select Run as Administrator
    • Copy the text between the dotted lines below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

      -------------------------------------------------------------------

      :Services
      RelevantKnowledge
      :Files
      C:\Program Files (x86)\RelevantKnowledge
      ipconfig /flushdns /c
      C:\Users\Eric\AppData\Roaming\AVG
      C:\Users\Eric\AppData\Roaming\AVG10
      C:\windows\System32\drivers\AVG
      C:\ProgramData\AVG10
      :Commands
      [ResetHosts]
      [EmptyTemp]
      [Reboot]

      ---------------------------------------------------------------------
    • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
    • Click the red [​IMG] button.
    • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
    • Close OTM
    Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

    If the machine reboots, the Results log can be found here:

    c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

    Where mmddyyyy_hhmmss is the date of the tool run.

    Let me see the log from OTM, give update on issues/concerns

    Kevin
     
  3. emuck

    emuck Thread Starter

    Joined:
    Aug 25, 2011
    Messages:
    9
    Here's the log from OTM. So far computer running smoothly (it has been running well but with the occasional glitch as I said in the original post). Fairly positive killing RelevantKnowledge should solve the problem as I can't see any other issues.

    All processes killed
    ========== SERVICES/DRIVERS ==========
    Service RelevantKnowledge stopped successfully!
    Service RelevantKnowledge deleted successfully!
    ========== FILES ==========
    File/Folder C:\Program Files (x86)\RelevantKnowledge not found.
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Users\Eric\Downloads\cmd.bat deleted successfully.
    C:\Users\Eric\Downloads\cmd.txt deleted successfully.
    C:\Users\Eric\AppData\Roaming\AVG\Track Eraser folder moved successfully.
    C:\Users\Eric\AppData\Roaming\AVG\Rescue\PC Tuneup 2011 folder moved successfully.
    C:\Users\Eric\AppData\Roaming\AVG\Rescue folder moved successfully.
    C:\Users\Eric\AppData\Roaming\AVG\PC Tuneup 2011\User Reports folder moved successfully.
    C:\Users\Eric\AppData\Roaming\AVG\PC Tuneup 2011\Logs folder moved successfully.
    C:\Users\Eric\AppData\Roaming\AVG\PC Tuneup 2011 folder moved successfully.
    C:\Users\Eric\AppData\Roaming\AVG\BoostSpeed folder moved successfully.
    C:\Users\Eric\AppData\Roaming\AVG folder moved successfully.
    C:\Users\Eric\AppData\Roaming\AVG10\cfgall folder moved successfully.
    C:\Users\Eric\AppData\Roaming\AVG10 folder moved successfully.
    File/Folder C:\windows\System32\drivers\AVG not found.
    C:\ProgramData\AVG10 folder moved successfully.
    ========== COMMANDS ==========
    C:\windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Eric
    ->Temp folder emptied: 14094259 bytes
    ->Temporary Internet Files folder emptied: 219961540 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 95597913 bytes
    ->Google Chrome cache emptied: 92755372 bytes
    ->Flash cache emptied: 4535 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 496955 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67362 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 403.00 mb


    OTM by OldTimer - Version 3.1.18.0 log created on 08252011_094828

    Files moved on Reboot...
    C:\Users\Eric\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

    Registry entries deleted on Reboot...
     
  4. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    10,163
    Your Hosts file was infected, this has been reset. We`ve removed some leftovers from AVG and the remnant drivers from the application you mentioned.
    What issues or concerns remain? if none, run the following:

    You will have several programs installed, these maybe outdated and vulnerable to exploits also. To be certain, please run the free online scan by Secunia, available Here Before clicking the Start scan button, please check the box for the option Enable thorough system inspection. Just below the "Scan Options:" section, you'll see the status of what's currently processing.... [​IMG]
    ...when the scan completes, the message "Detection completed successfully" will appear in the Programs/Result section. For each problem detected, Secunia will offer a "Solution" option. Please follow those instructions to download updated versions of the programs as recommended by Secunia.

    If Secunia recommends an update for Adobe or Java, ensure old versions are removed ....

    Kevin
     
  5. emuck

    emuck Thread Starter

    Joined:
    Aug 25, 2011
    Messages:
    9
    Ran the scan and everything appears to be up and running, I owe you big time Kevin! Thank you very much :) If we still have issues, I'll just reply back here on the thread.
     
  6. emuck

    emuck Thread Starter

    Joined:
    Aug 25, 2011
    Messages:
    9
    I stand corrected :/ back to the same bogged down system I had before, always seems to hit my computer around midnight or so (sensing a pattern here). Very slow browsing and computer usage is at max, Skype seems to be a trigger to the problems but I'm not for sure what exactly is bogging me down now. Back to square one...
     
  7. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    10,163
    OK, as follows please :-

    Step 1

    Change your passwords for Skype

    Step 2

    Please read carefully and follow these steps.
    • Download TDSSKiller and save it to your Desktop.
    • Extract its contents to your desktop.
    • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.


      [​IMG]

    • If an infected file is detected, the default action will be Cure, click on Continue.


      [​IMG]

    • If a suspicious file is detected, the default action will be Skip, click on Continue.


      [​IMG]

    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


      [​IMG]

    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Step 3

    Post fresh set of DDS logs, instructions follow if required:

    • Download DDS by sUBs from one of the following links.* Save it to your desktop.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explanation about the tool.* *
    • When done, DDS will open two (2) logs
      * * * * *1. DDS.txt
      * * * * *2. Attach.txt
    • Save both reports to your desktop.
    • The instructions here ask you to attach the Attach.txt.
      [​IMG]
      *
    • Instead of attaching, please copy/past both logs into your next reply.
    • Close the program window, and delete the program from your desktop.
    Please note:* You may have to disable any script protection running if the scan fails to run.
    After downloading the tool, disconnect from the internet and disable all antivirus protection.
    Run the scan, enable your A/V and reconnect to the internet.*
    Information on A/V control HERE

    Kevin
     
  8. emuck

    emuck Thread Starter

    Joined:
    Aug 25, 2011
    Messages:
    9
    Worked with a local IT guy, ran a very thorough AVG scan and couldn't find anything, here's the logs you requested. I've entered my new network at the university I attend and so far I have not had any issues. Behavior is strange...don't understand where those moments of being completely bogged down were coming from, especially considering how well my computer is running right now.

    2011/08/27 00:10:56.0979 4600 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
    2011/08/27 00:10:57.0525 4600 ================================================================================
    2011/08/27 00:10:57.0525 4600 SystemInfo:
    2011/08/27 00:10:57.0525 4600
    2011/08/27 00:10:57.0525 4600 OS Version: 6.1.7601 ServicePack: 1.0
    2011/08/27 00:10:57.0525 4600 Product type: Workstation
    2011/08/27 00:10:57.0525 4600 ComputerName: ERIK-HP
    2011/08/27 00:10:57.0525 4600 UserName: Eric
    2011/08/27 00:10:57.0525 4600 Windows directory: C:\windows
    2011/08/27 00:10:57.0525 4600 System windows directory: C:\windows
    2011/08/27 00:10:57.0525 4600 Running under WOW64
    2011/08/27 00:10:57.0525 4600 Processor architecture: Intel x64
    2011/08/27 00:10:57.0525 4600 Number of processors: 4
    2011/08/27 00:10:57.0525 4600 Page size: 0x1000
    2011/08/27 00:10:57.0525 4600 Boot type: Normal boot
    2011/08/27 00:10:57.0525 4600 ================================================================================
    2011/08/27 00:10:58.0321 4600 Initialize success
    2011/08/27 00:11:04.0919 5696 ================================================================================
    2011/08/27 00:11:04.0919 5696 Scan started
    2011/08/27 00:11:04.0919 5696 Mode: Manual;
    2011/08/27 00:11:04.0919 5696 ================================================================================
    2011/08/27 00:11:06.0401 5696 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
    2011/08/27 00:11:06.0573 5696 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\windows\system32\DRIVERS\Accelerometer.sys
    2011/08/27 00:11:06.0713 5696 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
    2011/08/27 00:11:06.0854 5696 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
    2011/08/27 00:11:07.0041 5696 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
    2011/08/27 00:11:07.0181 5696 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
    2011/08/27 00:11:07.0306 5696 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
    2011/08/27 00:11:07.0509 5696 AFD (d5b031c308a409a0a576bff4cf083d30) C:\windows\system32\drivers\afd.sys
    2011/08/27 00:11:07.0696 5696 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\windows\system32\DRIVERS\agrsm64.sys
    2011/08/27 00:11:07.0821 5696 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
    2011/08/27 00:11:07.0946 5696 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
    2011/08/27 00:11:07.0977 5696 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
    2011/08/27 00:11:08.0102 5696 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
    2011/08/27 00:11:08.0227 5696 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
    2011/08/27 00:11:08.0367 5696 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
    2011/08/27 00:11:08.0492 5696 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
    2011/08/27 00:11:08.0617 5696 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
    2011/08/27 00:11:08.0741 5696 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
    2011/08/27 00:11:08.0913 5696 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
    2011/08/27 00:11:09.0038 5696 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
    2011/08/27 00:11:09.0178 5696 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
    2011/08/27 00:11:09.0397 5696 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
    2011/08/27 00:11:09.0584 5696 AVGIDSDriver (eee718457f24f2154f23a7fad1a0cea3) C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
    2011/08/27 00:11:09.0740 5696 AVGIDSEH (1553b388e0f0462c25ad8f30c3c29e83) C:\windows\system32\DRIVERS\AVGIDSEH.Sys
    2011/08/27 00:11:09.0865 5696 AVGIDSFilter (dca426a66739e75f51a72160dfb945ad) C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
    2011/08/27 00:11:10.0036 5696 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\windows\system32\DRIVERS\avgldx64.sys
    2011/08/27 00:11:10.0177 5696 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\windows\system32\DRIVERS\avgmfx64.sys
    2011/08/27 00:11:10.0333 5696 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\windows\system32\DRIVERS\avgrkx64.sys
    2011/08/27 00:11:10.0489 5696 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\windows\system32\DRIVERS\avgtdia.sys
    2011/08/27 00:11:10.0676 5696 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
    2011/08/27 00:11:10.0832 5696 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
    2011/08/27 00:11:10.0972 5696 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
    2011/08/27 00:11:11.0113 5696 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
    2011/08/27 00:11:11.0284 5696 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
    2011/08/27 00:11:11.0425 5696 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
    2011/08/27 00:11:11.0534 5696 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
    2011/08/27 00:11:11.0674 5696 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
    2011/08/27 00:11:11.0815 5696 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
    2011/08/27 00:11:11.0939 5696 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
    2011/08/27 00:11:12.0049 5696 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
    2011/08/27 00:11:12.0189 5696 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
    2011/08/27 00:11:12.0298 5696 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
    2011/08/27 00:11:12.0423 5696 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
    2011/08/27 00:11:12.0579 5696 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
    2011/08/27 00:11:12.0735 5696 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
    2011/08/27 00:11:12.0860 5696 btwaudio (af838d8029ae7c27470862d63fa54d24) C:\windows\system32\drivers\btwaudio.sys
    2011/08/27 00:11:12.0985 5696 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\windows\system32\DRIVERS\btwavdt.sys
    2011/08/27 00:11:13.0156 5696 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\windows\system32\DRIVERS\btwl2cap.sys
    2011/08/27 00:11:13.0265 5696 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\windows\system32\DRIVERS\btwrchid.sys
    2011/08/27 00:11:13.0390 5696 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
    2011/08/27 00:11:13.0531 5696 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
    2011/08/27 00:11:13.0671 5696 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
    2011/08/27 00:11:13.0796 5696 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
    2011/08/27 00:11:13.0952 5696 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
    2011/08/27 00:11:14.0061 5696 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
    2011/08/27 00:11:14.0123 5696 CNG (d5fea92400f12412b3922087c09da6a5) C:\windows\system32\Drivers\cng.sys
    2011/08/27 00:11:14.0279 5696 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
    2011/08/27 00:11:14.0420 5696 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
    2011/08/27 00:11:14.0545 5696 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
    2011/08/27 00:11:14.0701 5696 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\windows\system32\drivers\csc.sys
    2011/08/27 00:11:14.0857 5696 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
    2011/08/27 00:11:14.0997 5696 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
    2011/08/27 00:11:15.0122 5696 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
    2011/08/27 00:11:15.0278 5696 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\windows\system32\DRIVERS\Dot4.sys
    2011/08/27 00:11:15.0418 5696 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\windows\system32\drivers\Dot4Prt.sys
    2011/08/27 00:11:15.0543 5696 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\windows\system32\DRIVERS\dot4usb.sys
    2011/08/27 00:11:15.0683 5696 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
    2011/08/27 00:11:15.0777 5696 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
    2011/08/27 00:11:15.0933 5696 e1kexpress (14f16f95c1347bd50ca4fa4dfda7e806) C:\windows\system32\DRIVERS\e1k62x64.sys
    2011/08/27 00:11:16.0151 5696 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
    2011/08/27 00:11:16.0354 5696 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
    2011/08/27 00:11:16.0479 5696 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
    2011/08/27 00:11:16.0651 5696 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
    2011/08/27 00:11:16.0760 5696 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
    2011/08/27 00:11:16.0885 5696 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
    2011/08/27 00:11:17.0025 5696 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
    2011/08/27 00:11:17.0056 5696 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
    2011/08/27 00:11:17.0181 5696 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
    2011/08/27 00:11:17.0321 5696 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
    2011/08/27 00:11:17.0477 5696 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
    2011/08/27 00:11:17.0587 5696 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
    2011/08/27 00:11:17.0758 5696 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
    2011/08/27 00:11:17.0883 5696 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
    2011/08/27 00:11:18.0008 5696 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
    2011/08/27 00:11:18.0179 5696 HBtnKey (b958f58f24ed2cdc296e42d0cc590025) C:\windows\system32\DRIVERS\cpqbttn.sys
    2011/08/27 00:11:18.0226 5696 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
    2011/08/27 00:11:18.0367 5696 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
    2011/08/27 00:11:18.0507 5696 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
    2011/08/27 00:11:18.0632 5696 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
    2011/08/27 00:11:18.0757 5696 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
    2011/08/27 00:11:18.0866 5696 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
    2011/08/27 00:11:18.0991 5696 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
    2011/08/27 00:11:19.0162 5696 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
    2011/08/27 00:11:19.0396 5696 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\windows\system32\DRIVERS\hpdskflt.sys
    2011/08/27 00:11:19.0521 5696 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
    2011/08/27 00:11:19.0693 5696 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
    2011/08/27 00:11:19.0849 5696 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
    2011/08/27 00:11:19.0973 5696 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
    2011/08/27 00:11:20.0098 5696 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
    2011/08/27 00:11:20.0254 5696 iaStor (c50107c730c9a955f6fd7376733f2d68) C:\windows\system32\DRIVERS\iaStor.sys
    2011/08/27 00:11:20.0379 5696 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
    2011/08/27 00:11:20.0831 5696 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\windows\system32\DRIVERS\igdkmd64.sys
    2011/08/27 00:11:21.0268 5696 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
    2011/08/27 00:11:21.0409 5696 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys
    2011/08/27 00:11:21.0533 5696 IntcDAud (4429b91b0fe91f9be8e24e93cc960368) C:\windows\system32\DRIVERS\IntcDAud.sys
    2011/08/27 00:11:21.0674 5696 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
    2011/08/27 00:11:21.0752 5696 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
    2011/08/27 00:11:21.0861 5696 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
    2011/08/27 00:11:22.0001 5696 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
    2011/08/27 00:11:22.0142 5696 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
    2011/08/27 00:11:22.0282 5696 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
    2011/08/27 00:11:22.0329 5696 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
    2011/08/27 00:11:22.0469 5696 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
    2011/08/27 00:11:22.0594 5696 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
    2011/08/27 00:11:22.0735 5696 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
    2011/08/27 00:11:22.0875 5696 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\windows\system32\Drivers\ksecdd.sys
    2011/08/27 00:11:22.0922 5696 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\windows\system32\Drivers\ksecpkg.sys
    2011/08/27 00:11:23.0062 5696 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
    2011/08/27 00:11:23.0218 5696 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
    2011/08/27 00:11:23.0405 5696 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
    2011/08/27 00:11:23.0530 5696 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
    2011/08/27 00:11:23.0561 5696 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
    2011/08/27 00:11:23.0608 5696 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
    2011/08/27 00:11:23.0749 5696 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
    2011/08/27 00:11:23.0889 5696 ManyCam (d33e2b74cf8b3a652bf0a9fbd068e87a) C:\windows\system32\DRIVERS\ManyCam_x64.sys
    2011/08/27 00:11:24.0029 5696 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
    2011/08/27 00:11:24.0154 5696 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
    2011/08/27 00:11:24.0279 5696 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
    2011/08/27 00:11:24.0404 5696 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
    2011/08/27 00:11:24.0529 5696 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
    2011/08/27 00:11:24.0653 5696 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
    2011/08/27 00:11:24.0700 5696 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
    2011/08/27 00:11:24.0825 5696 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
    2011/08/27 00:11:24.0934 5696 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
    2011/08/27 00:11:25.0059 5696 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
    2011/08/27 00:11:25.0184 5696 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
    2011/08/27 00:11:25.0309 5696 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
    2011/08/27 00:11:25.0433 5696 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
    2011/08/27 00:11:25.0574 5696 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
    2011/08/27 00:11:25.0652 5696 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
    2011/08/27 00:11:25.0792 5696 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
    2011/08/27 00:11:25.0901 5696 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
    2011/08/27 00:11:26.0011 5696 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
    2011/08/27 00:11:26.0151 5696 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
    2011/08/27 00:11:26.0182 5696 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
    2011/08/27 00:11:26.0307 5696 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
    2011/08/27 00:11:26.0354 5696 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
    2011/08/27 00:11:26.0479 5696 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
    2011/08/27 00:11:26.0588 5696 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
    2011/08/27 00:11:26.0635 5696 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
    2011/08/27 00:11:26.0759 5696 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
    2011/08/27 00:11:26.0931 5696 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
    2011/08/27 00:11:27.0087 5696 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
    2011/08/27 00:11:27.0227 5696 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
    2011/08/27 00:11:27.0368 5696 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
    2011/08/27 00:11:27.0493 5696 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
    2011/08/27 00:11:27.0555 5696 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
    2011/08/27 00:11:27.0664 5696 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
    2011/08/27 00:11:27.0805 5696 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
    2011/08/27 00:11:27.0867 5696 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
    2011/08/27 00:11:28.0257 5696 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\windows\system32\DRIVERS\NETw5s64.sys
    2011/08/27 00:11:28.0819 5696 NETwNs64 (b9c587bdaa61a689883439d5ae6fe7f3) C:\windows\system32\DRIVERS\NETwNs64.sys
    2011/08/27 00:11:29.0162 5696 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
    2011/08/27 00:11:29.0287 5696 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
    2011/08/27 00:11:29.0411 5696 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
    2011/08/27 00:11:29.0505 5696 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
    2011/08/27 00:11:29.0645 5696 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
    2011/08/27 00:11:29.0801 5696 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
    2011/08/27 00:11:29.0942 5696 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
    2011/08/27 00:11:30.0051 5696 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
    2011/08/27 00:11:30.0113 5696 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
    2011/08/27 00:11:30.0269 5696 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
    2011/08/27 00:11:30.0379 5696 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
    2011/08/27 00:11:30.0503 5696 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
    2011/08/27 00:11:30.0628 5696 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
    2011/08/27 00:11:30.0675 5696 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
    2011/08/27 00:11:30.0800 5696 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
    2011/08/27 00:11:30.0925 5696 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
    2011/08/27 00:11:31.0159 5696 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
    2011/08/27 00:11:31.0268 5696 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
    2011/08/27 00:11:31.0408 5696 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
    2011/08/27 00:11:31.0517 5696 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\windows\system32\Drivers\PxHlpa64.sys
    2011/08/27 00:11:31.0720 5696 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
    2011/08/27 00:11:31.0861 5696 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
    2011/08/27 00:11:31.0985 5696 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
    2011/08/27 00:11:32.0126 5696 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
    2011/08/27 00:11:32.0235 5696 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
    2011/08/27 00:11:32.0375 5696 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
    2011/08/27 00:11:32.0500 5696 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
    2011/08/27 00:11:32.0609 5696 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
    2011/08/27 00:11:32.0672 5696 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
    2011/08/27 00:11:32.0797 5696 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
    2011/08/27 00:11:32.0906 5696 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
    2011/08/27 00:11:32.0968 5696 RDPDR (1b6163c503398b23ff8b939c67747683) C:\windows\system32\drivers\rdpdr.sys
    2011/08/27 00:11:33.0093 5696 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
    2011/08/27 00:11:33.0202 5696 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
    2011/08/27 00:11:33.0249 5696 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\windows\system32\drivers\RDPWD.sys
    2011/08/27 00:11:33.0389 5696 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
    2011/08/27 00:11:33.0561 5696 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
    2011/08/27 00:11:33.0655 5696 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\windows\system32\DRIVERS\rimmpx64.sys
    2011/08/27 00:11:33.0795 5696 rimspci (3dca561aaf776aa2e356fb5b142aa5f8) C:\windows\system32\DRIVERS\rimspe64.sys
    2011/08/27 00:11:33.0904 5696 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\windows\system32\DRIVERS\rimspx64.sys
    2011/08/27 00:11:34.0045 5696 risdpcie (c4581f04aa130892555b821f1fbaa151) C:\windows\system32\DRIVERS\risdpe64.sys
    2011/08/27 00:11:34.0169 5696 rismcx64 (d018844dc53d8428410a2feeeee9373e) C:\windows\system32\DRIVERS\rismcx64.sys
    2011/08/27 00:11:34.0279 5696 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\windows\system32\DRIVERS\rixdpx64.sys
    2011/08/27 00:11:34.0403 5696 rixdpcie (a4579105a3c5b6290701ead0c153e07a) C:\windows\system32\DRIVERS\rixdpe64.sys
    2011/08/27 00:11:34.0544 5696 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
    2011/08/27 00:11:34.0606 5696 s3cap (e60c0a09f997826c7627b244195ab581) C:\windows\system32\drivers\vms3cap.sys
    2011/08/27 00:11:34.0731 5696 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
    2011/08/27 00:11:34.0887 5696 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
    2011/08/27 00:11:35.0043 5696 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
    2011/08/27 00:11:35.0199 5696 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
    2011/08/27 00:11:35.0339 5696 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
    2011/08/27 00:11:35.0464 5696 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
    2011/08/27 00:11:35.0589 5696 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
    2011/08/27 00:11:35.0667 5696 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
    2011/08/27 00:11:35.0792 5696 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
    2011/08/27 00:11:35.0917 5696 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
    2011/08/27 00:11:36.0026 5696 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
    2011/08/27 00:11:36.0166 5696 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
    2011/08/27 00:11:36.0197 5696 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
    2011/08/27 00:11:36.0307 5696 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
    2011/08/27 00:11:36.0494 5696 SNP2UVC (84e347359a28e9e544ff169fbdea5f59) C:\windows\system32\DRIVERS\snp2uvc.sys
    2011/08/27 00:11:36.0634 5696 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
    2011/08/27 00:11:36.0697 5696 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
    2011/08/27 00:11:36.0837 5696 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
    2011/08/27 00:11:36.0962 5696 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
    2011/08/27 00:11:37.0102 5696 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
    2011/08/27 00:11:37.0243 5696 STHDA (caf5a9708671b14b9670260735b22c4e) C:\windows\system32\DRIVERS\stwrt64.sys
    2011/08/27 00:11:37.0383 5696 storflt (7785dc213270d2fc066538daf94087e7) C:\windows\system32\drivers\vmstorfl.sys
    2011/08/27 00:11:37.0508 5696 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\windows\system32\drivers\storvsc.sys
    2011/08/27 00:11:37.0570 5696 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
    2011/08/27 00:11:37.0726 5696 SynTP (d268d2a0db2a2bbe963e688d0b039267) C:\windows\system32\DRIVERS\SynTP.sys
    2011/08/27 00:11:37.0960 5696 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\windows\system32\drivers\tcpip.sys
    2011/08/27 00:11:38.0147 5696 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\windows\system32\DRIVERS\tcpip.sys
    2011/08/27 00:11:38.0288 5696 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
    2011/08/27 00:11:38.0335 5696 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
    2011/08/27 00:11:38.0428 5696 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
    2011/08/27 00:11:38.0569 5696 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
    2011/08/27 00:11:38.0615 5696 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
    2011/08/27 00:11:38.0756 5696 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\windows\system32\drivers\tpm.sys
    2011/08/27 00:11:38.0896 5696 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
    2011/08/27 00:11:39.0037 5696 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
    2011/08/27 00:11:39.0161 5696 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
    2011/08/27 00:11:39.0208 5696 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
    2011/08/27 00:11:39.0333 5696 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
    2011/08/27 00:11:39.0489 5696 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
    2011/08/27 00:11:39.0551 5696 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
    2011/08/27 00:11:39.0661 5696 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
    2011/08/27 00:11:39.0818 5696 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\windows\system32\Drivers\usbaapl64.sys
    2011/08/27 00:11:39.0958 5696 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
    2011/08/27 00:11:40.0083 5696 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
    2011/08/27 00:11:40.0208 5696 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
    2011/08/27 00:11:40.0254 5696 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
    2011/08/27 00:11:40.0379 5696 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
    2011/08/27 00:11:40.0520 5696 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
    2011/08/27 00:11:40.0644 5696 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
    2011/08/27 00:11:40.0691 5696 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
    2011/08/27 00:11:40.0832 5696 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
    2011/08/27 00:11:40.0956 5696 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
    2011/08/27 00:11:41.0128 5696 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
    2011/08/27 00:11:41.0237 5696 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
    2011/08/27 00:11:41.0268 5696 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
    2011/08/27 00:11:41.0393 5696 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
    2011/08/27 00:11:41.0518 5696 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
    2011/08/27 00:11:41.0565 5696 vmbus (86ea3e79ae350fea5331a1303054005f) C:\windows\system32\drivers\vmbus.sys
    2011/08/27 00:11:41.0705 5696 VMBusHID (7de90b48f210d29649380545db45a187) C:\windows\system32\drivers\VMBusHID.sys
    2011/08/27 00:11:41.0814 5696 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
    2011/08/27 00:11:41.0892 5696 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
    2011/08/27 00:11:42.0017 5696 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
    2011/08/27 00:11:42.0204 5696 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\windows\system32\DRIVERS\vpchbus.sys
    2011/08/27 00:11:42.0267 5696 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\windows\system32\DRIVERS\vpcnfltr.sys
    2011/08/27 00:11:42.0392 5696 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\windows\system32\DRIVERS\vpcusb.sys
    2011/08/27 00:11:42.0532 5696 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\windows\system32\drivers\vpcvmm.sys
    2011/08/27 00:11:42.0672 5696 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
    2011/08/27 00:11:42.0782 5696 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
    2011/08/27 00:11:42.0891 5696 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
    2011/08/27 00:11:43.0031 5696 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
    2011/08/27 00:11:43.0156 5696 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\windows\system32\DRIVERS\wacommousefilter.sys
    2011/08/27 00:11:43.0281 5696 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
    2011/08/27 00:11:43.0406 5696 wacomvhid (ec1ceb237e365330c1fcfc4876aa0ac0) C:\windows\system32\DRIVERS\wacomvhid.sys
    2011/08/27 00:11:43.0437 5696 wacomvthid (5e4ace4f81c4a000a117b8307812455c) C:\windows\system32\DRIVERS\WacomVTHid.sys
    2011/08/27 00:11:43.0577 5696 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
    2011/08/27 00:11:43.0593 5696 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
    2011/08/27 00:11:43.0749 5696 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
    2011/08/27 00:11:43.0827 5696 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
    2011/08/27 00:11:43.0998 5696 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
    2011/08/27 00:11:44.0030 5696 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
    2011/08/27 00:11:44.0217 5696 WinUSB (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUSB.sys
    2011/08/27 00:11:44.0342 5696 wisdpen (d6e2aaf792ab7b94a9fcf33fe135f43e) C:\windows\system32\DRIVERS\wisdpen.sys
    2011/08/27 00:11:44.0482 5696 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
    2011/08/27 00:11:44.0576 5696 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
    2011/08/27 00:11:44.0716 5696 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
    2011/08/27 00:11:44.0856 5696 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
    2011/08/27 00:11:44.0966 5696 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
    2011/08/27 00:11:44.0981 5696 Boot (0x1200) (0d0ff3f869a5e68bdf8f488677d0bd5e) \Device\Harddisk0\DR0\Partition0
    2011/08/27 00:11:45.0012 5696 Boot (0x1200) (bf7568658cc7561ef52c9c85a3f266cf) \Device\Harddisk0\DR0\Partition1
    2011/08/27 00:11:45.0059 5696 Boot (0x1200) (321a3f3fb5a5b5c9b4b1edde269beefa) \Device\Harddisk0\DR0\Partition2
    2011/08/27 00:11:45.0075 5696 Boot (0x1200) (860231f0ccc6667ff669b71d04153953) \Device\Harddisk0\DR0\Partition3
    2011/08/27 00:11:45.0075 5696 ================================================================================
    2011/08/27 00:11:45.0075 5696 Scan finished
    2011/08/27 00:11:45.0075 5696 ================================================================================
    2011/08/27 00:11:45.0090 5036 Detected object count: 0
    2011/08/27 00:11:45.0090 5036 Actual detected object count: 0



    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_26
    Run by Eric at 0:13:53 on 2011-08-27
    Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3890.1780 [GMT -5:00]
    .
    AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~2\AVG\AVG10\avgchsva.exe
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_2223a6b19a4f4233\STacSV64.exe
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\Hpservice.exe
    C:\Program Files\WTouch\WTouchService.exe
    C:\windows\SYSTEM32\WISPTIS.EXE
    C:\windows\system32\vcsFPService.exe
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\system32\WLANExt.exe
    C:\windows\system32\conhost.exe
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_2223a6b19a4f4233\AESTSr64.exe
    C:\Program Files\LSI SoftModem\agr64svc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
    C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
    C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe
    c:\Program Files (x86)\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    C:\windows\System32\svchost.exe -k HPZ12
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\windows\system32\wbem\unsecapp.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    C:\windows\system32\taskhost.exe
    C:\windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files\WTouch\WTouchUser.exe
    C:\windows\system32\Dwm.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\windows\Explorer.EXE
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Windows\snuvcdsm.exe
    C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\AVG\AVG10\avgtray.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
    C:\Users\Eric\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\windows\system32\svchost.exe -k bthsvcs
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
    C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
    C:\windows\system32\svchost.exe -k SDRSVC
    C:\windows\system32\wuauclt.exe
    C:\PROGRA~2\AVG\AVG10\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
    C:\windows\system32\msiexec.exe
    C:\windows\System32\svchost.exe -k swprv
    C:\windows\SysWOW64\NOTEPAD.EXE
    C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\windows\SysWOW64\rundll32.exe
    C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\windows\system32\SearchProtocolHost.exe
    C:\windows\system32\SearchFilterHost.exe
    C:\windows\SysWOW64\NOTEPAD.EXE
    C:\windows\system32\DllHost.exe
    C:\windows\system32\DllHost.exe
    C:\windows\SysWOW64\cmd.exe
    C:\windows\system32\conhost.exe
    C:\windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.usd.edu/
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    {555d4d79-4bd2-4094-a395-cfc534424a05}
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [Google Update] "C:\Users\Eric\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
    mRun: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
    StartupFolder: C:\Users\Eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Eric\AppData\Roaming\Dropbox\bin\Dropbox.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: SoftwareSASGeneration = 3 (0x3)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} - hxxps://usd-cas.usd.edu/auth/taweb.cab
    DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.55.228.1 192.55.228.3
    TCP: Interfaces\{76CEA51D-2A94-4875-B16D-D09FAFBFB77F} : DhcpNameServer = 192.0.1.49 192.0.1.43
    TCP: Interfaces\{8A0B3FC3-8B12-4E21-9AAF-33CFBCF655F0} : DhcpNameServer = 192.55.228.1 192.55.228.3
    TCP: Interfaces\{8A0B3FC3-8B12-4E21-9AAF-33CFBCF655F0}\D43694E647972756F523E2437484A7 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{8A0B3FC3-8B12-4E21-9AAF-33CFBCF655F0}\D43694E647972756F5537484A7 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{8A0B3FC3-8B12-4E21-9AAF-33CFBCF655F0}\D65736B65697 : DhcpNameServer = 192.168.35.1
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
    mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO-X64: Search Helper - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
    mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    mRun-x64: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
    mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun-x64: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
    mRun-x64: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
    IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\9872qe8f.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.usd.edu/
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Users\Eric\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Users\Eric\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll
    FF - plugin: C:\Users\Eric\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
    FF - plugin: C:\Users\Eric\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;C:\windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\windows\system32\DRIVERS\AVGIDSEH.Sys [?]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\system32\DRIVERS\avgrkx64.sys --> C:\windows\system32\DRIVERS\avgrkx64.sys [?]
    R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?]
    R1 Avgldx64;AVG AVI Loader Driver;C:\windows\system32\DRIVERS\avgldx64.sys --> C:\windows\system32\DRIVERS\avgldx64.sys [?]
    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\system32\DRIVERS\avgmfx64.sys --> C:\windows\system32\DRIVERS\avgmfx64.sys [?]
    R1 Avgtdia;AVG TDI Driver;C:\windows\system32\DRIVERS\avgtdia.sys --> C:\windows\system32\DRIVERS\avgtdia.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
    R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_2223a6b19a4f4233\AESTSr64.exe [2010-7-12 89600]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-4-18 7398752]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520]
    R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-9-26 189736]
    R2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2009-12-16 102968]
    R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-1-27 102968]
    R2 Hp.Skyroom.Windows.Service;HP SkyRoom;C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe [2009-11-20 124984]
    R2 HPDayStarterService;HP DayStarter Service;C:\Program Files (x86)\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [2010-1-28 86016]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-1-25 92216]
    R2 hpsrv;HP Service;C:\windows\system32\Hpservice.exe --> C:\windows\system32\Hpservice.exe [?]
    R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe [2010-9-13 308656]
    R2 NACAgent;Cisco NAC Agent;C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe [2011-3-9 1104608]
    R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-8-6 1128952]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-8-22 1153368]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-7-12 2320920]
    R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-2-18 1664304]
    R2 WTouchService;WTouch Service;C:\Program Files\WTouch\WTouchService.exe [2010-7-12 114544]
    R3 AVGIDSDriver;AVGIDSDriver;C:\windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
    R3 AVGIDSFilter;AVGIDSFilter;C:\windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
    R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\system32\DRIVERS\btwl2cap.sys --> C:\windows\system32\DRIVERS\btwl2cap.sys [?]
    R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-3-18 227896]
    R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\windows\system32\DRIVERS\e1k62x64.sys --> C:\windows\system32\DRIVERS\e1k62x64.sys [?]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
    R3 Impcd;Impcd;C:\windows\system32\DRIVERS\Impcd.sys --> C:\windows\system32\DRIVERS\Impcd.sys [?]
    R3 IntcDAud;Intel(R) Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
    R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\NETwNs64.sys --> C:\windows\system32\DRIVERS\NETwNs64.sys [?]
    R3 rismcx64;RICOH Smart Card Reader;C:\windows\system32\DRIVERS\rismcx64.sys --> C:\windows\system32\DRIVERS\rismcx64.sys [?]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
    R3 wacomvthid;Virtual Touch Driver;C:\windows\system32\DRIVERS\WacomVTHid.sys --> C:\windows\system32\DRIVERS\WacomVTHid.sys [?]
    R3 wisdpen;Wacom Penabled MiniDriver;C:\windows\system32\DRIVERS\wisdpen.sys --> C:\windows\system32\DRIVERS\wisdpen.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-6 135664]
    S2 rgsender;Remote Graphics Sender Service;C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe [2010-7-12 379904]
    S2 rimspci;rimspci;C:\windows\system32\DRIVERS\rimspe64.sys --> C:\windows\system32\DRIVERS\rimspe64.sys [?]
    S2 risdpcie;risdpcie;C:\windows\system32\DRIVERS\risdpe64.sys --> C:\windows\system32\DRIVERS\risdpe64.sys [?]
    S2 rixdpcie;rixdpcie;C:\windows\system32\DRIVERS\rixdpe64.sys --> C:\windows\system32\DRIVERS\rixdpe64.sys [?]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-6 135664]
    S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\windows\system32\DRIVERS\ManyCam_x64.sys --> C:\windows\system32\DRIVERS\ManyCam_x64.sys [?]
    S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\NETw5s64.sys --> C:\windows\system32\DRIVERS\NETw5s64.sys [?]
    S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
    S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
    S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2011-08-27 04:52:13 -------- d-----w- C:\Program Files (x86)\Common Files\Cisco
    2011-08-26 15:45:14 -------- d-----w- C:\Users\Eric\AppData\Roaming\AVG10
    2011-08-26 15:44:16 -------- d-----w- C:\windows\SysWow64\drivers\AVG
    2011-08-26 15:43:37 -------- d-----w- C:\ProgramData\AVG10
    2011-08-26 14:19:33 8862544 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EF6C3FD6-8D02-4D4A-AC81-2D63EBE24894}\mpengine.dll
    2011-08-26 14:11:38 -------- d-----r- C:\Program Files (x86)\Skype
    2011-08-26 03:59:48 89048 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
    2011-08-26 03:59:48 785368 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
    2011-08-26 03:59:48 478168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
    2011-08-26 03:59:48 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
    2011-08-26 03:59:48 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll
    2011-08-26 03:59:48 1846232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    2011-08-26 03:59:48 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
    2011-08-26 03:59:48 134104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
    2011-08-23 22:03:56 2048 ----a-w- C:\windows\SysWow64\tzres.dll
    2011-08-23 22:03:56 2048 ----a-w- C:\windows\System32\tzres.dll
    2011-08-23 04:54:07 55384 ----a-w- C:\windows\System32\drivers\SBREDrv.sys
    2011-08-23 04:44:08 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2011-08-23 04:44:08 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2011-08-17 18:49:01 8862544 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
    2011-08-17 18:48:52 270720 ------w- C:\windows\System32\MpSigStub.exe
    2011-08-17 05:58:45 -------- d--h--w- C:\ProgramData\Common Files
    2011-08-17 05:57:25 -------- d-----w- C:\windows\System32\drivers\AVG
    2011-08-17 05:48:11 -------- d-----w- C:\ProgramData\MFAData
    2011-08-17 02:39:18 -------- d-----w- C:\windows\pss
    2011-08-11 18:24:46 338432 ----a-w- C:\windows\System32\conhost.exe
    2011-08-11 18:21:55 3912576 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
    2011-08-11 18:21:50 5561216 ----a-w- C:\windows\System32\ntoskrnl.exe
    2011-08-11 18:21:48 3967872 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
    2011-08-10 02:30:29 -------- d-----w- C:\Users\Eric\AppData\Roaming\MusicNet
    2011-08-10 02:27:52 -------- d-----w- C:\Users\Eric\AppData\Local\PackageAware
    2011-08-05 03:59:18 1110528 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
    2011-08-05 03:59:17 759296 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
    2011-08-05 03:58:18 244736 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
    2011-08-05 03:58:18 189952 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
    .
    ==================== Find3M ====================
    .
    2011-08-26 04:00:20 404640 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-07-27 00:38:28 17720 ----a-w- C:\windows\System32\drivers\CPQBttn.sys
    2011-07-22 05:22:26 1638912 ----a-w- C:\windows\System32\mshtml.tlb
    2011-07-22 04:54:18 1638912 ----a-w- C:\windows\SysWow64\mshtml.tlb
    2011-07-16 05:41:50 362496 ----a-w- C:\windows\System32\wow64win.dll
    2011-07-16 05:41:49 243200 ----a-w- C:\windows\System32\wow64.dll
    2011-07-16 05:41:49 13312 ----a-w- C:\windows\System32\wow64cpu.dll
    2011-07-16 05:39:10 16384 ----a-w- C:\windows\System32\ntvdm64.dll
    2011-07-16 05:37:12 421888 ----a-w- C:\windows\System32\KernelBase.dll
    2011-07-16 04:29:19 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
    2011-07-16 04:26:00 44032 ----a-w- C:\windows\apppatch\acwow64.dll
    2011-07-16 04:25:37 25600 ----a-w- C:\windows\SysWow64\setup16.exe
    2011-07-16 04:24:23 5120 ----a-w- C:\windows\SysWow64\wow32.dll
    2011-07-16 04:24:22 272384 ----a-w- C:\windows\SysWow64\KernelBase.dll
    2011-07-16 02:21:44 7680 ----a-w- C:\windows\SysWow64\instnm.exe
    2011-07-16 02:21:41 2048 ----a-w- C:\windows\SysWow64\user.exe
    2011-07-16 02:17:19 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2011-07-16 02:17:19 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 02:17:19 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 02:17:19 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2011-07-12 16:34:00 96104 ----a-w- C:\windows\System32\dns-sd.exe
    2011-07-12 16:34:00 85864 ----a-w- C:\windows\System32\dnssd.dll
    2011-07-12 16:34:00 61288 ----a-w- C:\windows\System32\jdns_sd.dll
    2011-07-12 16:34:00 212840 ----a-w- C:\windows\System32\dnssdX.dll
    2011-07-12 16:20:54 83816 ----a-w- C:\windows\SysWow64\dns-sd.exe
    2011-07-12 16:20:54 73064 ----a-w- C:\windows\SysWow64\dnssd.dll
    2011-07-12 16:20:54 50536 ----a-w- C:\windows\SysWow64\jdns_sd.dll
    2011-07-12 16:20:54 178536 ----a-w- C:\windows\SysWow64\dnssdX.dll
    2011-07-09 02:46:28 288768 ----a-w- C:\windows\System32\drivers\mrxsmb10.sys
    2011-07-05 23:37:00 94208 ----a-w- C:\windows\SysWow64\QuickTimeVR.qtx
    2011-07-05 23:37:00 69632 ----a-w- C:\windows\SysWow64\QuickTime.qts
    2011-06-24 05:34:53 214528 ----a-w- C:\windows\System32\winsrv.dll
    2011-06-21 06:34:00 1923968 ----a-w- C:\windows\System32\drivers\tcpip.sys
    2011-06-21 06:20:53 1188864 ----a-w- C:\windows\System32\wininet.dll
    2011-06-21 05:28:33 981504 ----a-w- C:\windows\SysWow64\wininet.dll
    2011-06-15 10:02:23 212992 ----a-w- C:\windows\System32\odbctrac.dll
    2011-06-15 10:02:23 163840 ----a-w- C:\windows\System32\odbccp32.dll
    2011-06-15 10:02:23 106496 ----a-w- C:\windows\System32\odbccu32.dll
    2011-06-15 10:02:23 106496 ----a-w- C:\windows\System32\odbccr32.dll
    2011-06-15 08:55:19 86016 ----a-w- C:\windows\SysWow64\odbccu32.dll
    2011-06-15 08:55:19 81920 ----a-w- C:\windows\SysWow64\odbccr32.dll
    2011-06-15 08:55:19 319488 ----a-w- C:\windows\SysWow64\odbcjt32.dll
    2011-06-15 08:55:19 163840 ----a-w- C:\windows\SysWow64\odbctrac.dll
    2011-06-15 08:55:19 122880 ----a-w- C:\windows\SysWow64\odbccp32.dll
    2011-06-11 03:07:25 3137536 ----a-w- C:\windows\System32\win32k.sys
    .
    ============= FINISH: 0:14:54.58 ===============



    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 8/6/2010 8:26:22 PM
    System Uptime: 8/26/2011 11:46:57 PM (1 hours ago)
    .
    Motherboard: Hewlett-Packard | | 7007
    Processor: Intel(R) Core(TM) i5 CPU M 540 @ 2.53GHz | CPU 1 | 1596/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 216 GiB total, 159.967 GiB free.
    F: is FIXED (FAT32) - 2 GiB total, 1.405 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP147: 8/22/2011 11:42:16 PM - Removed AVG 2011
    RP148: 8/22/2011 11:48:37 PM - Removed AVG 2011
    RP149: 8/22/2011 11:49:43 PM - Installed Ad-Aware
    RP150: 8/22/2011 11:50:05 PM - Installed Ad-Aware
    RP151: 8/23/2011 5:00:50 PM - Windows Update
    RP152: 8/24/2011 3:01:23 AM - Windows Update
    RP153: 8/24/2011 4:18:14 PM - Windows Backup
    RP154: 8/25/2011 10:56:20 PM - Installed QuickTime
    RP155: 8/26/2011 12:27:59 AM - Removed Skype&#8482; 5.5
    RP156: 8/26/2011 12:34:50 AM - Removed Skype&#8482; 5.5
    RP157: 8/26/2011 10:42:23 AM - Installed AVG 2011
    RP158: 8/26/2011 10:43:02 AM - Installed AVG 2011
    RP159: 8/26/2011 11:50:33 PM - Installed Cisco NAC Agent .
    RP160: 8/27/2011 12:09:35 AM - Removed Ad-Aware
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    ActiveCheck component for HP Active Support Library
    Adobe Flash Player 10 ActiveX
    Adobe Reader X (10.1.0)
    Adobe Shockwave Player 11.6
    aiofw
    aioscnnr
    Apple Application Support
    Apple Software Update
    C4USelfUpdater
    center
    Cisco NAC Agent
    Coupon Printer for Windows
    D3DX10
    DirectX 9 Runtime
    Dropbox
    Facebook Video Calling 1.0.0.7930
    Google Chrome
    Google Earth Plug-in
    Google Talk Plugin
    Google Toolbar for Internet Explorer
    Google Update Helper
    HP Business Card Reader
    HP Common Access Service Library
    HP Customer Experience Enhancements
    hp deskjet 5550 series (Remove only)
    HP ESU for Microsoft Windows 7
    HP Photo Creations
    hp print screen utility
    HP Quick Launch Buttons
    HP QuickLook
    HP QuickWeb
    HP Setup
    HP SkyRoom
    HP SoftPaq Download Manager
    HP Software Setup
    HP Support Assistant
    HP Update
    HP User Guides 0170
    HP Wallpaper
    HP Webcam
    HP Webcam Driver
    HPAsset component for HP Active Support Library
    IDT Audio
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) Management Engine Components
    Java Auto Updater
    Java(TM) 6 Update 26
    KODAK AiO Home Center
    ksDIP
    Microsoft Age of Empires II
    Microsoft Age of Empires II: The Conquerors Expansion
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office FrontPage 2003
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office OneNote MUI (French) 2007
    Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007
    Microsoft Office OneNote MUI (Spanish) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional Plus 2007
    Microsoft Office Proof (Arabic) 2007
    Microsoft Office Proof (Basque) 2007
    Microsoft Office Proof (Catalan) 2007
    Microsoft Office Proof (Dutch) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Galician) 2007
    Microsoft Office Proof (German) 2007
    Microsoft Office Proof (Portuguese (Brazil)) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing (French) 2007
    Microsoft Office Proofing (Portuguese (Brazil)) 2007
    Microsoft Office Proofing (Spanish) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared MUI (French) 2007
    Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
    Microsoft Office Shared MUI (Spanish) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft Touch Pack for Windows 7
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft XNA Framework Redistributable 3.0
    Mozilla Firefox 6.0 (x86 en-US)
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    PDF Complete Special Edition
    PreReq
    QLBCASL
    QuickTime
    Remote Graphics Receiver
    Remote Graphics Sender
    Respondus LockDown Browser
    RICOH Media Driver
    Roxio Activation Module
    Roxio Creator Audio
    Roxio Creator Business
    Roxio Creator Business v10
    Roxio Creator Copy
    Roxio Creator Data
    Roxio Creator Tools
    Roxio Express Labeler 3
    Roxio MyDVD
    Seagate Manager Installer
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB2509488)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft Office 2007 System (KB2541012)
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Excel 2007 (KB2541007)
    Security Update for Microsoft Office InfoPath 2007 (KB2510061)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
    Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
    Security Update for Microsoft Office Publisher 2007 (KB2284697)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Skype&#8482; 5.5
    Sonic CinePlayer Decoder Pack
    Spybot - Search & Destroy
    Touch Driver
    Update for 2007 Microsoft Office System (KB2284654)
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 System (KB2539530)
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Infopath 2007 Help (KB963662)
    Update for Microsoft Office OneNote 2007 (KB980729)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Outlook 2007 (KB2509470)
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Update for Outlook 2007 Junk Email Filter (KB2586924)
    Visual C++ 8.0 Runtime Setup Package (x64)
    Visual Studio 2008 x64 Redistributables
    VoiceOver Kit
    Windows 7 Default Setting
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    .
    ==== Event Viewer Messages From Past Week ========
    .
    8/26/2011 9:14:07 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
    8/26/2011 11:52:19 PM, Error: Service Control Manager [7030] - The Cisco NAC Agent service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    8/26/2011 11:49:27 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
    8/26/2011 11:48:10 PM, Error: Service Control Manager [7024] - The Remote Graphics Sender Service service terminated with service-specific error Incorrect function..
    8/26/2011 11:48:02 PM, Error: Service Control Manager [7000] - The rixdpcie service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    8/26/2011 11:48:02 PM, Error: Service Control Manager [7000] - The risdpcie service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    8/26/2011 11:48:02 PM, Error: Service Control Manager [7000] - The rimsptsk service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    8/26/2011 11:48:02 PM, Error: Service Control Manager [7000] - The rimspci service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    8/26/2011 11:48:02 PM, Error: Service Control Manager [7000] - The Ricoh xD-Picture Card Driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    8/26/2011 11:43:10 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.
    8/26/2011 11:43:10 AM, Error: Service Control Manager [7000] - The SBSD Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/25/2011 9:48:28 AM, Error: Service Control Manager [7034] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s).
    8/25/2011 4:59:33 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR5.
    8/25/2011 4:06:00 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR4.
    8/25/2011 12:26:25 PM, Error: volsnap [27] - The shadow copies of volume I: were aborted during detection because a critical control file could not be opened.
    8/25/2011 12:24:36 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
    8/25/2011 10:24:19 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Power Assistant Service service.
    8/24/2011 9:23:30 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR22.
    8/24/2011 9:03:02 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xffffffffc0000005, 0xfffff80002ee6ba0, 0xfffff88003dc3f08, 0xfffff88003dc3760). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 082411-24694-01.
    8/24/2011 6:30:19 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR28.
    8/24/2011 6:26:23 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR27.
    8/24/2011 12:56:18 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR25.
    8/24/2011 12:55:58 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR24.
    8/24/2011 12:51:57 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR23.
    8/24/2011 1:22:12 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR26.
    8/23/2011 2:19:16 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR12.
    8/23/2011 2:19:10 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR10.
    8/23/2011 2:19:02 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR9.
    8/23/2011 2:18:32 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR7.
    8/23/2011 2:07:42 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR6.
    8/23/2011 12:59:45 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3.
    8/23/2011 12:51:20 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
    8/23/2011 11:21:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    8/23/2011 11:21:12 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.
    8/23/2011 11:19:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Wireless Assistant Service service.
    8/23/2011 11:14:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AeLookupSvc service.
    8/23/2011 11:14:07 PM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/23/2011 11:13:05 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR16.
    8/22/2011 12:45:29 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
    8/21/2011 6:09:30 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR11.
    .
    ==== End Of File ===========================
     
  9. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    10,163
    Your logs are not showing any obvious malware, Did you connect through a router when at home? it is possible the router may have been hacked.

    Run the following :-

    Step 1

    • Download OTC by OldTimer and save it to your desktop. Alternative mirror
    • Double click [​IMG] icon to start the program.
      If you are using Vista or Windows 7, please right-click and choose run as administrator
    • Then Click the big [​IMG] button.
    • You will get a prompt saying "Begining Cleanup Process". Please select Yes.
    • Restart your computer when prompted.
    • This will remove tools we have used and itself. Any tools/logs remaining on the Desktop can be deleted.

    Also check root of C:\ drive, there will be a log from TDSSKiller with a .txt extension, you can delete that also.

    Step 2

    You will have several programs installed, these maybe outdated and vulnerable to exploits also. To be certain, please run the free online scan by Secunia, available Here Before clicking the Start scan button, please check the box for the option Enable thorough system inspection. Just below the "Scan Options:" section, you'll see the status of what's currently processing.... [​IMG]
    ...when the scan completes, the message "Detection completed successfully" will appear in the Programs/Result section. For each problem detected, Secunia will offer a "Solution" option. Please follow those instructions to download updated versions of the programs as recommended by Secunia.

    If Secunia recommends updates for Java or Adobe reader ensure old versions are uninstalled when finished...

    If you have no other issues hit the "Mark Solved" tab at the top of the thread....

    Kevin
     
  10. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1014239