lotso80
2010-08-06, 20:32
I woke up this morning to my computer having 144 Firefox windows open and the start menu flashing open constantly.
The computer is running really slow.
I am running Windows Vista
DDS (Ver_10-03-17.01) - NTFSx86
Run by Josh at 13:19:08.41 on Fri 08/06/2010
Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_21
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3070.1526 [GMT -4:00]
AV: Trend Micro OfficeScan Antivirus *On-access scanning disabled* (Updated) {4CA5B9AB-4295-4D4C-9664-0EBE85AE0525}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Trend Micro OfficeScan Anti-spyware *disabled* (Updated) {6D124117-24A2-4555-BD42-A763D52CFEB2}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe
C:\hp\support\hpsysdrv.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Windows\ehome\ehsched.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\ehome\ehRecvr.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccnt.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Josh\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: TTB000000 Class: {62960d20-6d0d-1ab4-4bf1-95b0b5b8783a} - c:\users\josh\appdata\local\temp\low\COUPON~1.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptsn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {5BED3930-2E9E-76D8-BACC-80DF2188D455} - No File
uRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe autoRun
uRun: [swg] c:\program files\google\googletoolbarnotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [igndlm.exe] c:\program files\download manager\DLM.exe /windowsstart /startifwork
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [CCUTRAYICON] FactoryMode
mRun: [<NO NAME>]
mRun: [SnapfishMediaDetector] c:\program files\snapfish media detector\SnapfishMediaDetector.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [OfficeScanNT Monitor] "c:\program files\trend micro\officescan client\pccntmon.exe" -HideWindow
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\snapfi~1.lnk - c:\program files\snapfish media detector\SnapfishMediaDetector.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
uPolicies-explorer: LegacyDrive = 813526581f65b0a7ad8d0680d638d5ea52ce2fc0680e30bcb1b8e2d51e8a5ecb3c6e3400b7f20d891df88f85e5af81adb0c2302dcecf11b2041aa7c58d83a7575eb55b9daea1441eb62a0309f0b62279cd38762ee498a5efefc477bb0841ebe1546f7162d70d599c8dff8c2ab64f7a06717353f08cce7a149b7836e74742ab52e9f50a1257db045efe8184cb32ba9d6ec1e7c140ce7635c6ddd7a9c1f12a99ac423f7ae733c52089d39bc27bb025ff75f9e71e29e4529abd4eddde7fa1584dd5fb7d85728dc9e5d040894cda9f3824e8f108a0f1a5bf41fcf4c49fd8c17a660dc4cc9f12e709af31c1f0f3a707611233e09c4ff3834bbd74d9ffba75341737ed3ee4544e2f0a300c442aff596cbe5d334444e1a1459ef63a3cb9e6e6fb6d38e94fa43c1d32bfe47e4135d5ec707dbe2dfc2fe99832a1660f9b0d68717c95892462284cad9181cccd90a05a9ee87a68df28f0a58d2cfe6ab39f355582bf6b33a460b124ce3485f9954949e182d3f445682c08f0f519c373884f9ac84236e33560bfecd273c88da610e1b22412a83745dd01422c574a805a4936b22508d9696656ff0d7383c2244dd75cd11a34399bd5f850704421b4ea2ab466d0be5f6ee05d5d2acc7c9ae582e018abb011915cc0880c5e00c038975ade9b7cc0b24e1329242e13882fd501592ec8997957f26f3a8552d6b73af00165e41568eb5fbb6d34bc4340c241660045b06e236ccca617fb1a0f291de554a7fc8400419097dfefb5b43002ac7f0717ded191397d2c1913d1c6cfab1fdcc94dd04847c4cf563bd033d409d51e688bd1e526589071624623e5c32d8e8099eec1c571b4cadae67a482fbace235f25d47a5b6c978dddc5b659bd9a1bbb2014ff5d99cf9e54782ae7a43ef08e0754385deafc89cab98742cf5cc839f601caa3b31dbe34f7ad378602c29abf793ccf6eb8d63db76963f6b056562e0a7b88f2f460fb36163ca64970b8dfdb43e4a2f6feccdf9f272d711392d7f250d655d3d701d0acb18b31d0b0898625f723a733bc48197a4da0320951c37e4c51a862267760ff3f950459a068ecb97d1e214f51d017151c30e9920f59a6f16f0b618c789bee7549c2ea69fe3bfbff198e592526268ecd9eaa79e40d8a998470d8886ae15ac6aa76ddb8a166ccf12c6d01af1772daa9d96790087e72c4b3e44a5beacf2ae38c86664d370896d979d0d97f7d29e07c95f09f3f899b48862e7a79c53b3db4c759b7119779e12fa16a227015abce668c7eec88ee3d3c2a93f178aca821dbf1d5e8e0121c4a4c5405c8fb6e58f832a692eabd24fc3b55f20cdf3535e3bdb4b0c7546289d3a45350ed4cbb3df9f0bbb94cdd7b2064f079c6d6b3213887ca9dc41f8eee3bbbf73cf5e2bf6a16bbc4ee107daee06926d350c4be7057dd090198831fe2c9b57c32dcac431ca6fe81063e72b20ba61386acad83e5c2139230b7ef0fcaf64eded7a01d4b4381499e064224f0a7e00b3dff5c45b940b52f68351396e9cc456592ecd16d80c2fcfaef732ed73f0ff8e225855da0659bd92ff286a17c57b82db555f9f402ceb97670e1a5802d5778acfb3e1427dfd3d1b719a615fc59f824f530683ac7c5ced7bac9685b85ad34d2f7cb129c11e5815802e25c913ccc1442d72d9de47ed21f4ac5cfefcabdc3bd9dc65e0e88a520edbcd763defb249b14fd76dde412ec9e78082bbdc84ff4c4c65bfc6bd94af85e8dc7f741892ef4e9f0c1f1ac0bed3aadb239d2b08d3e41281031371bfd5a2a312ac8410a844471d55483e51fc19fa4e896c86efc4637e6802d64f6cc197970780906f1ba35f60bef4ec2a37706e497c6d38fa4b8a3f09d8825a5c963b6c91e63f785afa0ad5a89456966e6f15de3a35d6ff0f53e8c94576d3f00c7458214314cd3252c168bfee4676c245798795ec53c0a7561021f394dddf5c4c563d7039a73379571e31bfd26efb91f117e607282307dbfeb3dba1ae767226f7b2d865e9c422049f23d77abdc9282abb4c110f054cd67b8d9f02c24a68d83d6ac6676bee90f9b312fa2f13c27b50c379589729d95de84441ac7e221e67fa74752e0d8fba0f2ea2b18b17b535810409dec3d3f4c1f273e5a103d7b6008799db70a9eebddacbebc1a26fe2e63a99d1b7ef23349671e37e1f3c0c423b3319d571b27b96e07e389556bae82a025ead4d82ef770ff118b4317575552e342e009f2bebbd0d894d7e0bfe130551fc6af84c9624f8e2afd7f35ce86c8ef2340b03980b8de2e65fa7f580404e7c6017b7c5fbf779dd0753b770d9d645896bf0b85eb694f2ecd699ca1a39a2dbe1dfed0ab170deac8c04dbae6fb23e2b305e9237959406809d1a806f10d4e42f6182413be49372acc683d30b1126e4f815f9695f385c167d22f30132953841a49932261531bda85408f106e24421a27b3a9eaed040fed86958a32d38f2dcfa94c7f81dd172c929e33fb00081e00dbf51613ef17dd80a344ba002110c0e9b7a1e552a17dbfe758392b0bf77f32a6531d8181a7b53b0641ac49477b43f143ed04ab64e160304b0796d3d06ad61445a3a773fb4d868208b9d03e47e2e29f9fa37e6e89277057cca1723f8b3e4ed7f9825842728deda8136a4fd6cbbf1d44425f71ec93c95bf75df18f9516445a2da3e6dbb6263e6f6418b46d8897b914b10108c118c12c653b694337c70101a6bb9ff892cb3816bb02b66f7aac4b953caf730424fac8a1bb2e85a44902d0a8cc0a42f440e648501db9ca1722dd0b8e51d6d1743a84c5db7d9c1c358b5877b2ac6e08ca463ff7155c52046355006d09ff711279d3c7d7167b984a46d491a285c8aaba564793069e30da6cf7c1904a9a634e687f3a762ac5fabb0b55fce446c391ccd67496aea106499ff1ec5a5c23594546a360e0ab18593047db86810baef6b61cabaadd1f7af706e9b4c72b5640f37357f00afd92fbf6596027f225fd8e40e9dea21f40456ff8391220d8fcdcc522b14053869d79ec2d8e3161367a97f66663b2651b7df525829313eb0aa7147119d9a977fd89bdbd0825c04cff91cc78c9872bda6d88ab16c982ceb21e477328cf3eb33965580a85d746b75908ea65c8920b0afdc24c10cfe35fb296c076aa3d64fa0999248066f9e0f93aff85288baed659c8c3af6d51f449fc810768d97e927ebab6a170bc5be542aba413e67d3587521fdb2dd5757da1ab9b5095cf7249731058d8446736d3d188c0b008b7f8f8a1ddf4f800dbe2ba5e1e4934247491be971ee6c6c9ba2699cf70f2a886e21aff592077de180b7cbcef72ca8d957bfe41c545ce8df2cb54ed370ca9ea8c68b698404e4764a314610c0326d6efdb63168746c44834ba3f9a3bf2ebd50e2c643495ce9571760e02e432dae0c26bf76ea4646d295db54388dd9f8aea559d9ccd9c3ba640d22b649b43962c6d8eb02eb6068ffa57583d42c66e0ce20694291dd7da742a29b98fefd7f9350c92d1ce951b1b514036b6fd07badbba884b2eefa219b1e48761396dca361ecdb88137d5ec47064c1e2a2f933c332f89bcce4aad3016c5821b53563803c1d988c79344e03338ddc0d2ddab6403332aa34fb7724217fa9e7a7ed809696062196ef2094ba13bca780a75035710b6854434d0ea40ff752938389f678a5b2e11c547d327b0372edb8ff3335aa147d2eaedb5d7353e670fe46d67ac70de12ea35af4dcaf3c9cbec008b0302c27fc2390059b71581d776632c54c3706e9a0e78dcf93a611a95a2a9fb045e9de919c2cd88fa28bc9679f0dc15a1c4b9ad8e21744c8213730f364057656e272e71d0e7aaeab1f6ca12dec2b3b813f2f8ab30f41fed81fb60689b52aadc87f0e71c234d817ac4752580205bc7e16c6fe6aec17311cdc48aaaa88692ea22a9b325cfc5384f64099ebf6c26eb343d6841f8162b26b3fefb5d57779a989d060f13df69af1f391d90c89a2240b61b02b651901088285dee5f948b52a8981c098d0c9b3c24fbf6f2e64990d66299933a326d835d2f8f19e9e1b04ec03950b6ecf883dd0f24961f1ad64ed3a9613c97fae49b06438486238ef869fbc74bb68614ddd9cf64ab6d544bd1b0b00d4d3477f806d862f80df7ac6522dfbb1f7a8503ddbf7628c259116231ecf426e3fc22b40337aad1c9c981e9f145702b397ed50f8fbaa7443050b5ea11762e027e546623015cd76e85de66c3bbd7e835bd0ae5bcf1539c2a3137476129bfa0c20087a3e83a129697dd6047efd2c3ff95e68fee31f5f34fa610719f97dc71b7481df3a5606d76ffee341877a9d4feb07c24f65042205b56cdde39ae2ec4b20330f9a1d526197ccbe72d7f4a16da0746a7d83c599ea6f2121a7dd18fa89382b44e603f50407c54161f896a5a021569b42f1deba730cff0802994d381684e7c3f3eded8490dea860aa3ddd4f1c62fe9ce10e64380fd5d65cd4344c99162e81c1b7bb4aad465f81721fed4ea518bbfeac21d940bca0eeace6ca009304848a4e8c90faeea9f38702f7023d9b8ca7115d15d696093679b1dac6fc3226236f057d6ebe57f869ebf5516f7d8db5028ecef69207a1f86016dbef17ed5fc37e27ccfa23be96395928eaf3d361508adb95142753c741877ec82cdf6cd0614f0b6032dae9d2d52991559514f15337af6fb2fbbd0d1c20a10ced103ed2069d3f4e8b254a2871e7932e718e6edb43db7f75f1fa8a128b070199333d657caff6800ec80708ba77e24a209a21dcb93360b47902ca63aa462e70da8247911b5f26a657f842719e50ca793c5bbe63215869532302a10d06d956e90aef6a8a278d882d8c856febe4783b80f15106b296c62b7bf80e722cea9ab5cd2c326c739d5583618f218f51d5daa0ac4f08fbbcebfa151eff85f1bc80d85b51416df892670609793ab6eb0722ca3818b2fececb2bd74fada8f633d1de54623ffc06dcaf75191162cb1ba007cd26031c2b6d1cf59dfd297dc06892c30109baec53d918f18a380a27ddbe9751bfadee138c266dfb61a239d95debc32d25d2e534e8cf34ad5f502842d1277fe76578963ba73bc74c5d457ad37691926d7ab28b72ade4a5f449457e7df74eec2aa396838e3fd0ac328b87fba8b04852ce423e60f6b42aa9a86beff8befdf2aa9fdbac87fa5855e161bb16c7890c137680ea1cb50a338417bc1403e84e556bc0f774d0db6f1c81c464408f72c77028a2a92b5ad4ebaba62259d1d572c116bb387f70c0ef666d399c10405d46181b976863381c8d1c99d192d10f6c2546aba47957b479fd5254acfd5b728beb2619d44b2eba2843da7957c2aa594da3c252911ed522dad6a2de6e3dec7736df3b36a9496bbbf8ffcfbd2e80be24a3e0b1847a7f2407472ded3f48238669baf892c5f6990bb099e911330deefdc68befdefb77a121848dedb1a6466f6f49da4bc634de25ea83f08338babc150a068da5ac95dea98dafc38384c4763d944113419aca2651c26e5c3c51c6d2ad755b7b05bc7af2141ad75ac4ad960db244a43c8d701f08e6111fbff9df6c1956a27a8aa08eea7ebc5780a0ada286fb3903115c2a764f856b3f746715958668dd3c0eefbbcab77bca3c02243bbb1e47bd363210c884f7ddab927eecf3bbd16dbce21d139500a0af33178d2a82797b38d23e541b28397f3878939319e0c96aeb26dd7f8e6e9cdef4d567d36b1c2b6533dac8b60ba8e1b496f620b75366534a9d51b98298c939b20ebec6f41e618d1af2be0f31ab328b92b9875272326ac1abf341c375eb5bf22658abdf0e39a32de71259531435c5509c30717c7c68a28fc289f73c032bf9af6ca88d3d2e662f5994662d2a8636ec8b8a3a39360cef365dbc513390c729464bffb4f6d323b071ed4724adb4c3b9833bdbfc7b54929a605ded459e12e0add253aa31d8400e5d51a3e6bc9f1e826b322bfa1813d2489bdeb2f6c4dd2fcc15cb9452998ed36f49ee37ce7b21ea03cb45393eb4fcc8928740a0b2d07ae4839d899add9d453b5c4667ca901cf979bab982475d823933b8c2f354ac29ef03dbd7b370e993b397d254359b6f5abdf2eb242edceb5d2b453d4a5e7f57c477046008e635e31d830352f941c507e04f2a05d40f5a753957f1adc0a92745160b1f093bc7a42d19e371f417b60adc0c76038b8539c2647d9b22d9ed5fec3a79763d6ea9748beb108e0706ab0aff44ef64a19403d5e67f870f35560def2bc3e49e58c1439b2ffbd44965c89787689d9413447fdfec28c9f0040cbfaeccd7547609dc078d94ba729d47132d43377f744e3a8e14cbc8b30b8a870c1840849904c53bb7b04007549e9a7c1eab76358001d7a7bc09f6e403f519938295e5b7dfa4ab360cc9e97535eebe505ad0d9ccfc4ad4c4fd409cb5287f82af89228e71289ab64cff8b29898af9805385d22ea406105b9aadca8cbbc0b2c532fd4a991919edbbb48e8663e71980f553187fab1097ed7104cd2bb03d74572f5fc271669bfc0e08345f33fca891b272c5139ac426051cfd6ee1198a355b4655b0d2681efda69f80a4437aade48e99f244d979ac15e5981f16085ad9b0eafd28b676e753cc34b528e582efdd00316c91e450de9ed8c5bd5e4b5fbefedce4b678d20075c706d78444976e98dd8c05b844c987a77cc55cf1651dd361fb66b933b12958fc1224575cb06d16b5f2feb9e7fe2d2247a8860401b0cdfe120851d6bed15c3ba8211e264ab62cf3f762b3124eaab58f2f665d1d5a87f37c89f694b58c3be47ab336f70c27f1eebfb18c8d1deda05a78508d757469cde37009a9d1268b97cff476abd851615b103cca62c4ff448369e027003a4e71e25fbe35f01c99b17809e6bfd069bfde7a8d91b489a08c1f7e65777326494dde2e69588c120b3d60cf937635a6ef8f94dbfcc687fea493b616e7e9b8b54e071507087cb96e59b81e4e70918bdc57ae62d268577a1922330fb356432e6e0618167517266b5b4a1124b695e833b0873acc5cfa33bd0284b0f2fb8d502e431ddce0e4b0c0d2e8f97add068089e6e7d41cd913ebe5639bd1af57fc0d5be7914540f5e2429c2eac995a704644b319f2b776fdec0ff3e7b0809be693abd02b836954c0cb91931f8640eb677f666bb7fdeecb341da72ef5c5eb01f50354f16356a40cdac6952ab1762040305ee97def0f568fc2bcf7d1516a95e64942b2666bf57d9e0dab5f81f86ad538339341fc53fedaa485a150308f9d526b9e17292e8380847aa8b7be43315af0da43ffc0f2563dcc734d5e7bf3c24029b6a9dd3b4bc1177025bd8783f2a16f9499f3d34c9d1d42712d376894b411d03d1189da09dd7cb7b764f93cfb90e06a9cc2beb87cba84d193454ce44e4ef3e6c42906cf3ba443cfd6df8fa772699ee5790793125a7f5beba6d54cc47def35c9a259f0e9d10433820c2c339d8a7270bc2a7adfc181db2f74f3f38dc7688609ec22e16c8a5a6891be76ade79f8fa250185218c7c4979d2f82631ffb2740e533a98b07cd1d9170b16706529e2dee68670834d93c16b41f13e6b18299f6de5e29d0d08a9be8354f7807afc990bc594a3b4ba2db42b92277bf612477a1e6b090a286038a046a6bb4ecf90b28dedebc2399527acddbdb82531c9bce1e146def290da7a501d7b02b925e0a0bb98c9351d0eb113012850affc0c6a528463d409c0cd7b9da579a8c55ef3839bf23ed54d212312158ec8966b24842f78b2f2dccfd845d45827dbca8c841470e8cd643a9bbfa7648218b53657f8379587268db98000efffa2f2499d0a383ac2f4af7b557f89c143af44e517b8dd42cb7a415edd4804cda6ed5553e7f13249a518d842382c7eed9efc423d15a564c8e810b26d89bc433ae0be688de3e606e07967e34b6b35c9e10d6152646ad784535337526102e36525fe551c133eb7d1ab91ad5ef03d75df1ce733ba92b386dd14ab5f47366513ca13e0af0f3eb08bdafb5b228fb00220f59644bd953bb45f4a390e9809f71add427373aa939fd12988aa399d6b8071005e94b7eba6ddb2b74a1ea9e2dd6bf3b498e9af22abd5b4f2d5c8cb2033391c815543e7a697a87503af174d5082aaaa303cddb32d119fb8d0539bbc1bac20c09acb308a8e3b38a5e38ba0a962aca1bc289a5759573e17500b93020f9009da1fd22615f1147330dbe596465e50bce1aa543a10649373baa64efc314891fe0a955eabdc2d01e1162853646dc8bd7f49eb7b1557905b4b7630c182d451ef885458830f349f415eecc7134659504e581a6637553afec6e61022aa8d64898cdcd36b98e575933af1bcb62574a003e79a41f9fbe7fb2c832ecc09386759f402a8f543eca414e8337203509c90d78a0b28a3ac5292ef73471965291902cccce4ca3b6c82b086d5a473fd6e225d56619080e7fc12401857711219386ef882d033567b1616d6c3228411c545dff093d86bb92b73b1e4f96022299e50fddef04c738042ee0890e5d03ca0ee456bad3a47f2afb0b1936fc6ae1a99477241125328d28ba72b0b571e784679c67863d9025b8a3c9a9708695caeeb89e794e7ccb1b34b999f3235e7d37702eac5eb09f396fd8991a069dffd52bafdb53b0d176664199f0fe36c7464adf75770accd9e7f12282c3becada015fafbf1cde7be3b6ad7d38b0b7e80dc50498da75d2055a88a461de45b81a4ebb27afb5b436697a549e6a514772c9d0b32601a8dfd42e9033510603afeaaf1ac7df4fe00477cefd41a5d83b9cb6263957f806ffdb31f1d8f6707a58231fdfffa76694babe9c26fee4e47021484f068fac2a43fdd21acfa705b68cc2cd240c8e8d4de46a91d9a88bb9d369e017ccc86895c049863de8a21b467c04f06d924af4de24b44aea1a4b90f7f4851f8f1a9480438d30a4237f2a3da821377f4b72f33d51165034b3a87054c61d8feda8d144d2931b11d040065de6d02e8f584e8fbb2a99ca983e51dcd68868ab3d4a70a7cc4c13f997da4a7673f22215d6da2c640911612ad9f2d44f17ec90721c4b35167c18d8c9bc009f413895940bb2be68468f8455669d0672f5fa310154f318a77f6149a595d01b3b0acec4b6a1043a82a84073829bdfac39a700f4224f93ca29444d0c4cfed07c80aa6dc8b3dda1e6ed48fc65aa89188002fcda866effb0f9f39809ed91392c29e769d4953bae574054e6d4d64ac183af4108c0fd3145862f1b0e1f2075c508eb6095f5c9baac97b6cf3fee643611c9c397a1bfe37564778095ef463b4546d2a0a932dac7b9952e22ec24ec25056e063acc642617d33a4838030da9b4df6c952aee6c4485591263d63e3f9a5c81e4de0b5bc7d6b014cb458cc7daffb6279c4e7627423181f845c7246b3216ac1524d03dc9126fda74ddf499b2961bf80e04b138dd93806d2fd40d9d3c5b2c10776975f331f5249601927be6038acd08fbc2b69c179408b7835a3dc5a524261e3ac938a58c5286ffc20835985ea2d84d1df0223d66ccfa5d7111f37de0a518a662eeed658173a1f398309e8b6a1fad404efb10c833bafae0d8c2e18594b441bc2f8c3514b1c5db1e17f0c60df9ab0cad84ffaf290d88a064bfe54374b8b48c794013264f28cdfb43d368131dc5a5437885b825b529544ffd1e8944b2314845e7e85e944ced290e46cbcc6ab23b3c72e429c7911f0d25b27c06bb8da85bc20ce681f18c138f311b600e59752df6ecb86149d136e59171079725cd1cb054c46dface9f77149ea5ef59b9940113e0d154da3d51390623d299e833c4446e44acbddda736bec1baa1a26dc5f569d3653ae35ceac8458b54411eb8d47a981eefd41cf07e42e6089022f8ac079aea1035c436a4fc1b67ad32f18d6e1dfbb16e9b0c5b603ae28b9bc81faa60b9110d1866dcedbd66e3d7c69975e8066c0bf10e6f44b336117669466cc3a8690954b45b53c527f6073481382b7c118647a7b21e08037cdbfd18ac748c83269d70016539495388f36f0a509c58655e7a5c25318d03f1d30633b4e735c497a2fa2455a4f458d292e086e4da91ddd3a782f6894bea56b93de2687ac9158506e35ee46aa68a7e107d6d6fdc2b34fa0ef2e1dbf3e849429cdaaea109dec49c547d423c3eb4dc6ef6a08301ed51f24d824f97d5b2c6dc3e3cb2afc296656c52a9575a1291c8d90f71e87e4728dd9504ce56242d90e1a95725ccedabb7ac8312a0fa2195529c1b0ef828a1b9901d328fa84983211ddf045ca1a3f83d00aacc7a3fcd687eacac2ff0a17188cf7d490564a09a73195d296c5f3a784ede3e1fb5e56f27a9989061508c20a3e2fa1a7f2aaa96a62782773f4f45d148b07e09b089b3f6b1053e552107941167f372351630b6a7f1775dc564bf255554c2e24a08676b20b476c6475c5fec3576399db9cfb3099e0b4b10518e4e079f4e07463809b6372fe5ea64cce173c8092f471bb8e31603e552eb78fa2c5ba6f84da8b0dbe34a8796d8bb55bebe27ce5f416320607b8fbe10f18b17d43a2e1be4b6ecf1794a4125c7245bbfc02837c8d1632e52ce20dd80a6957982736c3235e4c92c2a25ffbde8745cf1504a75d8d77fc9388e9b8673994c075d6a222eaef3803a0feb3d88a3f31d953c254b342bef7427e6128f1eede84a1cdb1fcaaa97faf77cabf4bd3661bde631819e9748ffab6f783e2eccaee3a613a78532fc5334c0a248835d18871746225e968b3eda14d1e9ef560fdfe1e437765a9a299a37d2817a946274bb75d625e747d348a474653039e3dbb218215e8c06f2c48e76259f0a933e58e4925d79fa1bc75e2c5cf070ce3dddebd6ea495b37bf0973d6bb2e1f3ca5109a57745809105e1da14d96270b934b68488e38e8b08e63aa3ad7173af9e9a41abbb541c3cdfa0528c6202a854e332443a4415cb5ef5ebc63076ca4a84174bd8e8028382357c354f646845e1a30d7055a8193b6b46c4e529e73efa313757d46f55b1e71aef56e0b6c5122d8b5384bf55b1760f3db76a5f086475428f81515e6f81ad00
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxps://evanstar2.notes.duke.edu/dwa7W.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
================= FIREFOX ===================
FF - ProfilePath - c:\users\josh\appdata\roaming\mozilla\firefox\profiles\wvbdtgi1.default\
FF - plugin: c:\program files\download manager\npfpdlm.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox 4.0 beta 2\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox 4.0 beta 2\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox 4.0 beta 2\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
============= SERVICES / DRIVERS ===============
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-8-6 343920]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2010-1-5 51216]
R2 TmFilter;Trend Micro Filter;c:\program files\trend micro\officescan client\TmXpflt.sys [2009-5-22 233488]
R2 TmPreFilter;Trend Micro PreFilter;c:\program files\trend micro\officescan client\TmPreflt.sys [2009-5-22 37904]
R3 hcw18bda;Hauppauge WinTV 418 Driver;c:\windows\system32\drivers\hcw18bda.sys [2009-3-19 391168]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-8-6 91832]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-8-6 43288]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\drivers\netr73.sys [2009-5-24 501248]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-8-6 66600]
============== File Associations ===============
.txt=
=============== Created Last 30 ================
2010-08-06 15:45:26 0 d-----w- c:\windows\147BCE03C0F14C9F81576A89B6D2D973.TMP
2010-08-06 15:28:28 66600 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2010-08-06 15:28:28 43288 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2010-08-06 15:28:27 91832 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2010-08-06 15:28:27 75704 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2010-08-06 15:28:27 70728 ----a-w- c:\windows\system32\mfevtps.exe
2010-08-06 15:28:27 64208 ----a-w- c:\windows\system32\drivers\mfetdik.sys
2010-08-06 15:28:27 343920 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2010-08-06 15:28:07 0 d-----w- c:\program files\common files\McAfee
2010-08-06 15:27:42 0 d-----w- c:\program files\common files\Cisco Systems
2010-08-06 15:27:39 0 d-----w- c:\program files\McAfee
2010-07-30 00:01:48 0 d-----w- c:\programdata\Sun
2010-07-29 23:52:30 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-29 20:29:42 0 d-----w- c:\program files\AutoPogo1
2010-07-29 19:26:05 0 d-----w- c:\program files\Mozilla Firefox 4.0 Beta 2
==================== Find3M ====================
2010-07-30 19:07:15 87608 ----a-w- c:\users\josh\appdata\roaming\inst.exe
2010-07-30 19:07:15 47360 ----a-w- c:\users\josh\appdata\roaming\pcouffin.sys
2010-07-29 21:21:46 51200 ----a-w- c:\windows\inf\infpub.dat
2010-07-29 21:21:46 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-07-29 21:21:43 86016 ----a-w- c:\windows\inf\infstor.dat
2010-07-02 19:25:13 410 ----a-w- c:\users\josh\appdata\roaming\wklnhst.dat
2010-05-26 16:16:50 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:25:15 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 18:14:28 221568 ------w- c:\windows\system32\MpSigStub.exe
2009-01-12 14:06:40 174 --sha-w- c:\program files\desktop.ini
2009-01-12 13:57:28 665600 ----a-w- c:\windows\inf\drvindex.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2010-04-19 15:42:59 16384 --sha-w- c:\windows\temp\cookies\index.dat
2010-04-19 15:42:59 16384 --sha-w- c:\windows\temp\history\history.ie5\index.dat
2010-04-19 15:42:59 16384 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat
============= FINISH: 13:21:23.44 ===============
The computer is running really slow.
I am running Windows Vista
DDS (Ver_10-03-17.01) - NTFSx86
Run by Josh at 13:19:08.41 on Fri 08/06/2010
Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_21
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3070.1526 [GMT -4:00]
AV: Trend Micro OfficeScan Antivirus *On-access scanning disabled* (Updated) {4CA5B9AB-4295-4D4C-9664-0EBE85AE0525}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Trend Micro OfficeScan Anti-spyware *disabled* (Updated) {6D124117-24A2-4555-BD42-A763D52CFEB2}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe
C:\hp\support\hpsysdrv.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Windows\ehome\ehsched.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\ehome\ehRecvr.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccnt.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Josh\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: TTB000000 Class: {62960d20-6d0d-1ab4-4bf1-95b0b5b8783a} - c:\users\josh\appdata\local\temp\low\COUPON~1.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptsn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {5BED3930-2E9E-76D8-BACC-80DF2188D455} - No File
uRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe autoRun
uRun: [swg] c:\program files\google\googletoolbarnotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [igndlm.exe] c:\program files\download manager\DLM.exe /windowsstart /startifwork
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [CCUTRAYICON] FactoryMode
mRun: [<NO NAME>]
mRun: [SnapfishMediaDetector] c:\program files\snapfish media detector\SnapfishMediaDetector.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [OfficeScanNT Monitor] "c:\program files\trend micro\officescan client\pccntmon.exe" -HideWindow
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\snapfi~1.lnk - c:\program files\snapfish media detector\SnapfishMediaDetector.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
uPolicies-explorer: LegacyDrive = 813526581f65b0a7ad8d0680d638d5ea52ce2fc0680e30bcb1b8e2d51e8a5ecb3c6e3400b7f20d891df88f85e5af81adb0c2302dcecf11b2041aa7c58d83a7575eb55b9daea1441eb62a0309f0b62279cd38762ee498a5efefc477bb0841ebe1546f7162d70d599c8dff8c2ab64f7a06717353f08cce7a149b7836e74742ab52e9f50a1257db045efe8184cb32ba9d6ec1e7c140ce7635c6ddd7a9c1f12a99ac423f7ae733c52089d39bc27bb025ff75f9e71e29e4529abd4eddde7fa1584dd5fb7d85728dc9e5d040894cda9f3824e8f108a0f1a5bf41fcf4c49fd8c17a660dc4cc9f12e709af31c1f0f3a707611233e09c4ff3834bbd74d9ffba75341737ed3ee4544e2f0a300c442aff596cbe5d334444e1a1459ef63a3cb9e6e6fb6d38e94fa43c1d32bfe47e4135d5ec707dbe2dfc2fe99832a1660f9b0d68717c95892462284cad9181cccd90a05a9ee87a68df28f0a58d2cfe6ab39f355582bf6b33a460b124ce3485f9954949e182d3f445682c08f0f519c373884f9ac84236e33560bfecd273c88da610e1b22412a83745dd01422c574a805a4936b22508d9696656ff0d7383c2244dd75cd11a34399bd5f850704421b4ea2ab466d0be5f6ee05d5d2acc7c9ae582e018abb011915cc0880c5e00c038975ade9b7cc0b24e1329242e13882fd501592ec8997957f26f3a8552d6b73af00165e41568eb5fbb6d34bc4340c241660045b06e236ccca617fb1a0f291de554a7fc8400419097dfefb5b43002ac7f0717ded191397d2c1913d1c6cfab1fdcc94dd04847c4cf563bd033d409d51e688bd1e526589071624623e5c32d8e8099eec1c571b4cadae67a482fbace235f25d47a5b6c978dddc5b659bd9a1bbb2014ff5d99cf9e54782ae7a43ef08e0754385deafc89cab98742cf5cc839f601caa3b31dbe34f7ad378602c29abf793ccf6eb8d63db76963f6b056562e0a7b88f2f460fb36163ca64970b8dfdb43e4a2f6feccdf9f272d711392d7f250d655d3d701d0acb18b31d0b0898625f723a733bc48197a4da0320951c37e4c51a862267760ff3f950459a068ecb97d1e214f51d017151c30e9920f59a6f16f0b618c789bee7549c2ea69fe3bfbff198e592526268ecd9eaa79e40d8a998470d8886ae15ac6aa76ddb8a166ccf12c6d01af1772daa9d96790087e72c4b3e44a5beacf2ae38c86664d370896d979d0d97f7d29e07c95f09f3f899b48862e7a79c53b3db4c759b7119779e12fa16a227015abce668c7eec88ee3d3c2a93f178aca821dbf1d5e8e0121c4a4c5405c8fb6e58f832a692eabd24fc3b55f20cdf3535e3bdb4b0c7546289d3a45350ed4cbb3df9f0bbb94cdd7b2064f079c6d6b3213887ca9dc41f8eee3bbbf73cf5e2bf6a16bbc4ee107daee06926d350c4be7057dd090198831fe2c9b57c32dcac431ca6fe81063e72b20ba61386acad83e5c2139230b7ef0fcaf64eded7a01d4b4381499e064224f0a7e00b3dff5c45b940b52f68351396e9cc456592ecd16d80c2fcfaef732ed73f0ff8e225855da0659bd92ff286a17c57b82db555f9f402ceb97670e1a5802d5778acfb3e1427dfd3d1b719a615fc59f824f530683ac7c5ced7bac9685b85ad34d2f7cb129c11e5815802e25c913ccc1442d72d9de47ed21f4ac5cfefcabdc3bd9dc65e0e88a520edbcd763defb249b14fd76dde412ec9e78082bbdc84ff4c4c65bfc6bd94af85e8dc7f741892ef4e9f0c1f1ac0bed3aadb239d2b08d3e41281031371bfd5a2a312ac8410a844471d55483e51fc19fa4e896c86efc4637e6802d64f6cc197970780906f1ba35f60bef4ec2a37706e497c6d38fa4b8a3f09d8825a5c963b6c91e63f785afa0ad5a89456966e6f15de3a35d6ff0f53e8c94576d3f00c7458214314cd3252c168bfee4676c245798795ec53c0a7561021f394dddf5c4c563d7039a73379571e31bfd26efb91f117e607282307dbfeb3dba1ae767226f7b2d865e9c422049f23d77abdc9282abb4c110f054cd67b8d9f02c24a68d83d6ac6676bee90f9b312fa2f13c27b50c379589729d95de84441ac7e221e67fa74752e0d8fba0f2ea2b18b17b535810409dec3d3f4c1f273e5a103d7b6008799db70a9eebddacbebc1a26fe2e63a99d1b7ef23349671e37e1f3c0c423b3319d571b27b96e07e389556bae82a025ead4d82ef770ff118b4317575552e342e009f2bebbd0d894d7e0bfe130551fc6af84c9624f8e2afd7f35ce86c8ef2340b03980b8de2e65fa7f580404e7c6017b7c5fbf779dd0753b770d9d645896bf0b85eb694f2ecd699ca1a39a2dbe1dfed0ab170deac8c04dbae6fb23e2b305e9237959406809d1a806f10d4e42f6182413be49372acc683d30b1126e4f815f9695f385c167d22f30132953841a49932261531bda85408f106e24421a27b3a9eaed040fed86958a32d38f2dcfa94c7f81dd172c929e33fb00081e00dbf51613ef17dd80a344ba002110c0e9b7a1e552a17dbfe758392b0bf77f32a6531d8181a7b53b0641ac49477b43f143ed04ab64e160304b0796d3d06ad61445a3a773fb4d868208b9d03e47e2e29f9fa37e6e89277057cca1723f8b3e4ed7f9825842728deda8136a4fd6cbbf1d44425f71ec93c95bf75df18f9516445a2da3e6dbb6263e6f6418b46d8897b914b10108c118c12c653b694337c70101a6bb9ff892cb3816bb02b66f7aac4b953caf730424fac8a1bb2e85a44902d0a8cc0a42f440e648501db9ca1722dd0b8e51d6d1743a84c5db7d9c1c358b5877b2ac6e08ca463ff7155c52046355006d09ff711279d3c7d7167b984a46d491a285c8aaba564793069e30da6cf7c1904a9a634e687f3a762ac5fabb0b55fce446c391ccd67496aea106499ff1ec5a5c23594546a360e0ab18593047db86810baef6b61cabaadd1f7af706e9b4c72b5640f37357f00afd92fbf6596027f225fd8e40e9dea21f40456ff8391220d8fcdcc522b14053869d79ec2d8e3161367a97f66663b2651b7df525829313eb0aa7147119d9a977fd89bdbd0825c04cff91cc78c9872bda6d88ab16c982ceb21e477328cf3eb33965580a85d746b75908ea65c8920b0afdc24c10cfe35fb296c076aa3d64fa0999248066f9e0f93aff85288baed659c8c3af6d51f449fc810768d97e927ebab6a170bc5be542aba413e67d3587521fdb2dd5757da1ab9b5095cf7249731058d8446736d3d188c0b008b7f8f8a1ddf4f800dbe2ba5e1e4934247491be971ee6c6c9ba2699cf70f2a886e21aff592077de180b7cbcef72ca8d957bfe41c545ce8df2cb54ed370ca9ea8c68b698404e4764a314610c0326d6efdb63168746c44834ba3f9a3bf2ebd50e2c643495ce9571760e02e432dae0c26bf76ea4646d295db54388dd9f8aea559d9ccd9c3ba640d22b649b43962c6d8eb02eb6068ffa57583d42c66e0ce20694291dd7da742a29b98fefd7f9350c92d1ce951b1b514036b6fd07badbba884b2eefa219b1e48761396dca361ecdb88137d5ec47064c1e2a2f933c332f89bcce4aad3016c5821b53563803c1d988c79344e03338ddc0d2ddab6403332aa34fb7724217fa9e7a7ed809696062196ef2094ba13bca780a75035710b6854434d0ea40ff752938389f678a5b2e11c547d327b0372edb8ff3335aa147d2eaedb5d7353e670fe46d67ac70de12ea35af4dcaf3c9cbec008b0302c27fc2390059b71581d776632c54c3706e9a0e78dcf93a611a95a2a9fb045e9de919c2cd88fa28bc9679f0dc15a1c4b9ad8e21744c8213730f364057656e272e71d0e7aaeab1f6ca12dec2b3b813f2f8ab30f41fed81fb60689b52aadc87f0e71c234d817ac4752580205bc7e16c6fe6aec17311cdc48aaaa88692ea22a9b325cfc5384f64099ebf6c26eb343d6841f8162b26b3fefb5d57779a989d060f13df69af1f391d90c89a2240b61b02b651901088285dee5f948b52a8981c098d0c9b3c24fbf6f2e64990d66299933a326d835d2f8f19e9e1b04ec03950b6ecf883dd0f24961f1ad64ed3a9613c97fae49b06438486238ef869fbc74bb68614ddd9cf64ab6d544bd1b0b00d4d3477f806d862f80df7ac6522dfbb1f7a8503ddbf7628c259116231ecf426e3fc22b40337aad1c9c981e9f145702b397ed50f8fbaa7443050b5ea11762e027e546623015cd76e85de66c3bbd7e835bd0ae5bcf1539c2a3137476129bfa0c20087a3e83a129697dd6047efd2c3ff95e68fee31f5f34fa610719f97dc71b7481df3a5606d76ffee341877a9d4feb07c24f65042205b56cdde39ae2ec4b20330f9a1d526197ccbe72d7f4a16da0746a7d83c599ea6f2121a7dd18fa89382b44e603f50407c54161f896a5a021569b42f1deba730cff0802994d381684e7c3f3eded8490dea860aa3ddd4f1c62fe9ce10e64380fd5d65cd4344c99162e81c1b7bb4aad465f81721fed4ea518bbfeac21d940bca0eeace6ca009304848a4e8c90faeea9f38702f7023d9b8ca7115d15d696093679b1dac6fc3226236f057d6ebe57f869ebf5516f7d8db5028ecef69207a1f86016dbef17ed5fc37e27ccfa23be96395928eaf3d361508adb95142753c741877ec82cdf6cd0614f0b6032dae9d2d52991559514f15337af6fb2fbbd0d1c20a10ced103ed2069d3f4e8b254a2871e7932e718e6edb43db7f75f1fa8a128b070199333d657caff6800ec80708ba77e24a209a21dcb93360b47902ca63aa462e70da8247911b5f26a657f842719e50ca793c5bbe63215869532302a10d06d956e90aef6a8a278d882d8c856febe4783b80f15106b296c62b7bf80e722cea9ab5cd2c326c739d5583618f218f51d5daa0ac4f08fbbcebfa151eff85f1bc80d85b51416df892670609793ab6eb0722ca3818b2fececb2bd74fada8f633d1de54623ffc06dcaf75191162cb1ba007cd26031c2b6d1cf59dfd297dc06892c30109baec53d918f18a380a27ddbe9751bfadee138c266dfb61a239d95debc32d25d2e534e8cf34ad5f502842d1277fe76578963ba73bc74c5d457ad37691926d7ab28b72ade4a5f449457e7df74eec2aa396838e3fd0ac328b87fba8b04852ce423e60f6b42aa9a86beff8befdf2aa9fdbac87fa5855e161bb16c7890c137680ea1cb50a338417bc1403e84e556bc0f774d0db6f1c81c464408f72c77028a2a92b5ad4ebaba62259d1d572c116bb387f70c0ef666d399c10405d46181b976863381c8d1c99d192d10f6c2546aba47957b479fd5254acfd5b728beb2619d44b2eba2843da7957c2aa594da3c252911ed522dad6a2de6e3dec7736df3b36a9496bbbf8ffcfbd2e80be24a3e0b1847a7f2407472ded3f48238669baf892c5f6990bb099e911330deefdc68befdefb77a121848dedb1a6466f6f49da4bc634de25ea83f08338babc150a068da5ac95dea98dafc38384c4763d944113419aca2651c26e5c3c51c6d2ad755b7b05bc7af2141ad75ac4ad960db244a43c8d701f08e6111fbff9df6c1956a27a8aa08eea7ebc5780a0ada286fb3903115c2a764f856b3f746715958668dd3c0eefbbcab77bca3c02243bbb1e47bd363210c884f7ddab927eecf3bbd16dbce21d139500a0af33178d2a82797b38d23e541b28397f3878939319e0c96aeb26dd7f8e6e9cdef4d567d36b1c2b6533dac8b60ba8e1b496f620b75366534a9d51b98298c939b20ebec6f41e618d1af2be0f31ab328b92b9875272326ac1abf341c375eb5bf22658abdf0e39a32de71259531435c5509c30717c7c68a28fc289f73c032bf9af6ca88d3d2e662f5994662d2a8636ec8b8a3a39360cef365dbc513390c729464bffb4f6d323b071ed4724adb4c3b9833bdbfc7b54929a605ded459e12e0add253aa31d8400e5d51a3e6bc9f1e826b322bfa1813d2489bdeb2f6c4dd2fcc15cb9452998ed36f49ee37ce7b21ea03cb45393eb4fcc8928740a0b2d07ae4839d899add9d453b5c4667ca901cf979bab982475d823933b8c2f354ac29ef03dbd7b370e993b397d254359b6f5abdf2eb242edceb5d2b453d4a5e7f57c477046008e635e31d830352f941c507e04f2a05d40f5a753957f1adc0a92745160b1f093bc7a42d19e371f417b60adc0c76038b8539c2647d9b22d9ed5fec3a79763d6ea9748beb108e0706ab0aff44ef64a19403d5e67f870f35560def2bc3e49e58c1439b2ffbd44965c89787689d9413447fdfec28c9f0040cbfaeccd7547609dc078d94ba729d47132d43377f744e3a8e14cbc8b30b8a870c1840849904c53bb7b04007549e9a7c1eab76358001d7a7bc09f6e403f519938295e5b7dfa4ab360cc9e97535eebe505ad0d9ccfc4ad4c4fd409cb5287f82af89228e71289ab64cff8b29898af9805385d22ea406105b9aadca8cbbc0b2c532fd4a991919edbbb48e8663e71980f553187fab1097ed7104cd2bb03d74572f5fc271669bfc0e08345f33fca891b272c5139ac426051cfd6ee1198a355b4655b0d2681efda69f80a4437aade48e99f244d979ac15e5981f16085ad9b0eafd28b676e753cc34b528e582efdd00316c91e450de9ed8c5bd5e4b5fbefedce4b678d20075c706d78444976e98dd8c05b844c987a77cc55cf1651dd361fb66b933b12958fc1224575cb06d16b5f2feb9e7fe2d2247a8860401b0cdfe120851d6bed15c3ba8211e264ab62cf3f762b3124eaab58f2f665d1d5a87f37c89f694b58c3be47ab336f70c27f1eebfb18c8d1deda05a78508d757469cde37009a9d1268b97cff476abd851615b103cca62c4ff448369e027003a4e71e25fbe35f01c99b17809e6bfd069bfde7a8d91b489a08c1f7e65777326494dde2e69588c120b3d60cf937635a6ef8f94dbfcc687fea493b616e7e9b8b54e071507087cb96e59b81e4e70918bdc57ae62d268577a1922330fb356432e6e0618167517266b5b4a1124b695e833b0873acc5cfa33bd0284b0f2fb8d502e431ddce0e4b0c0d2e8f97add068089e6e7d41cd913ebe5639bd1af57fc0d5be7914540f5e2429c2eac995a704644b319f2b776fdec0ff3e7b0809be693abd02b836954c0cb91931f8640eb677f666bb7fdeecb341da72ef5c5eb01f50354f16356a40cdac6952ab1762040305ee97def0f568fc2bcf7d1516a95e64942b2666bf57d9e0dab5f81f86ad538339341fc53fedaa485a150308f9d526b9e17292e8380847aa8b7be43315af0da43ffc0f2563dcc734d5e7bf3c24029b6a9dd3b4bc1177025bd8783f2a16f9499f3d34c9d1d42712d376894b411d03d1189da09dd7cb7b764f93cfb90e06a9cc2beb87cba84d193454ce44e4ef3e6c42906cf3ba443cfd6df8fa772699ee5790793125a7f5beba6d54cc47def35c9a259f0e9d10433820c2c339d8a7270bc2a7adfc181db2f74f3f38dc7688609ec22e16c8a5a6891be76ade79f8fa250185218c7c4979d2f82631ffb2740e533a98b07cd1d9170b16706529e2dee68670834d93c16b41f13e6b18299f6de5e29d0d08a9be8354f7807afc990bc594a3b4ba2db42b92277bf612477a1e6b090a286038a046a6bb4ecf90b28dedebc2399527acddbdb82531c9bce1e146def290da7a501d7b02b925e0a0bb98c9351d0eb113012850affc0c6a528463d409c0cd7b9da579a8c55ef3839bf23ed54d212312158ec8966b24842f78b2f2dccfd845d45827dbca8c841470e8cd643a9bbfa7648218b53657f8379587268db98000efffa2f2499d0a383ac2f4af7b557f89c143af44e517b8dd42cb7a415edd4804cda6ed5553e7f13249a518d842382c7eed9efc423d15a564c8e810b26d89bc433ae0be688de3e606e07967e34b6b35c9e10d6152646ad784535337526102e36525fe551c133eb7d1ab91ad5ef03d75df1ce733ba92b386dd14ab5f47366513ca13e0af0f3eb08bdafb5b228fb00220f59644bd953bb45f4a390e9809f71add427373aa939fd12988aa399d6b8071005e94b7eba6ddb2b74a1ea9e2dd6bf3b498e9af22abd5b4f2d5c8cb2033391c815543e7a697a87503af174d5082aaaa303cddb32d119fb8d0539bbc1bac20c09acb308a8e3b38a5e38ba0a962aca1bc289a5759573e17500b93020f9009da1fd22615f1147330dbe596465e50bce1aa543a10649373baa64efc314891fe0a955eabdc2d01e1162853646dc8bd7f49eb7b1557905b4b7630c182d451ef885458830f349f415eecc7134659504e581a6637553afec6e61022aa8d64898cdcd36b98e575933af1bcb62574a003e79a41f9fbe7fb2c832ecc09386759f402a8f543eca414e8337203509c90d78a0b28a3ac5292ef73471965291902cccce4ca3b6c82b086d5a473fd6e225d56619080e7fc12401857711219386ef882d033567b1616d6c3228411c545dff093d86bb92b73b1e4f96022299e50fddef04c738042ee0890e5d03ca0ee456bad3a47f2afb0b1936fc6ae1a99477241125328d28ba72b0b571e784679c67863d9025b8a3c9a9708695caeeb89e794e7ccb1b34b999f3235e7d37702eac5eb09f396fd8991a069dffd52bafdb53b0d176664199f0fe36c7464adf75770accd9e7f12282c3becada015fafbf1cde7be3b6ad7d38b0b7e80dc50498da75d2055a88a461de45b81a4ebb27afb5b436697a549e6a514772c9d0b32601a8dfd42e9033510603afeaaf1ac7df4fe00477cefd41a5d83b9cb6263957f806ffdb31f1d8f6707a58231fdfffa76694babe9c26fee4e47021484f068fac2a43fdd21acfa705b68cc2cd240c8e8d4de46a91d9a88bb9d369e017ccc86895c049863de8a21b467c04f06d924af4de24b44aea1a4b90f7f4851f8f1a9480438d30a4237f2a3da821377f4b72f33d51165034b3a87054c61d8feda8d144d2931b11d040065de6d02e8f584e8fbb2a99ca983e51dcd68868ab3d4a70a7cc4c13f997da4a7673f22215d6da2c640911612ad9f2d44f17ec90721c4b35167c18d8c9bc009f413895940bb2be68468f8455669d0672f5fa310154f318a77f6149a595d01b3b0acec4b6a1043a82a84073829bdfac39a700f4224f93ca29444d0c4cfed07c80aa6dc8b3dda1e6ed48fc65aa89188002fcda866effb0f9f39809ed91392c29e769d4953bae574054e6d4d64ac183af4108c0fd3145862f1b0e1f2075c508eb6095f5c9baac97b6cf3fee643611c9c397a1bfe37564778095ef463b4546d2a0a932dac7b9952e22ec24ec25056e063acc642617d33a4838030da9b4df6c952aee6c4485591263d63e3f9a5c81e4de0b5bc7d6b014cb458cc7daffb6279c4e7627423181f845c7246b3216ac1524d03dc9126fda74ddf499b2961bf80e04b138dd93806d2fd40d9d3c5b2c10776975f331f5249601927be6038acd08fbc2b69c179408b7835a3dc5a524261e3ac938a58c5286ffc20835985ea2d84d1df0223d66ccfa5d7111f37de0a518a662eeed658173a1f398309e8b6a1fad404efb10c833bafae0d8c2e18594b441bc2f8c3514b1c5db1e17f0c60df9ab0cad84ffaf290d88a064bfe54374b8b48c794013264f28cdfb43d368131dc5a5437885b825b529544ffd1e8944b2314845e7e85e944ced290e46cbcc6ab23b3c72e429c7911f0d25b27c06bb8da85bc20ce681f18c138f311b600e59752df6ecb86149d136e59171079725cd1cb054c46dface9f77149ea5ef59b9940113e0d154da3d51390623d299e833c4446e44acbddda736bec1baa1a26dc5f569d3653ae35ceac8458b54411eb8d47a981eefd41cf07e42e6089022f8ac079aea1035c436a4fc1b67ad32f18d6e1dfbb16e9b0c5b603ae28b9bc81faa60b9110d1866dcedbd66e3d7c69975e8066c0bf10e6f44b336117669466cc3a8690954b45b53c527f6073481382b7c118647a7b21e08037cdbfd18ac748c83269d70016539495388f36f0a509c58655e7a5c25318d03f1d30633b4e735c497a2fa2455a4f458d292e086e4da91ddd3a782f6894bea56b93de2687ac9158506e35ee46aa68a7e107d6d6fdc2b34fa0ef2e1dbf3e849429cdaaea109dec49c547d423c3eb4dc6ef6a08301ed51f24d824f97d5b2c6dc3e3cb2afc296656c52a9575a1291c8d90f71e87e4728dd9504ce56242d90e1a95725ccedabb7ac8312a0fa2195529c1b0ef828a1b9901d328fa84983211ddf045ca1a3f83d00aacc7a3fcd687eacac2ff0a17188cf7d490564a09a73195d296c5f3a784ede3e1fb5e56f27a9989061508c20a3e2fa1a7f2aaa96a62782773f4f45d148b07e09b089b3f6b1053e552107941167f372351630b6a7f1775dc564bf255554c2e24a08676b20b476c6475c5fec3576399db9cfb3099e0b4b10518e4e079f4e07463809b6372fe5ea64cce173c8092f471bb8e31603e552eb78fa2c5ba6f84da8b0dbe34a8796d8bb55bebe27ce5f416320607b8fbe10f18b17d43a2e1be4b6ecf1794a4125c7245bbfc02837c8d1632e52ce20dd80a6957982736c3235e4c92c2a25ffbde8745cf1504a75d8d77fc9388e9b8673994c075d6a222eaef3803a0feb3d88a3f31d953c254b342bef7427e6128f1eede84a1cdb1fcaaa97faf77cabf4bd3661bde631819e9748ffab6f783e2eccaee3a613a78532fc5334c0a248835d18871746225e968b3eda14d1e9ef560fdfe1e437765a9a299a37d2817a946274bb75d625e747d348a474653039e3dbb218215e8c06f2c48e76259f0a933e58e4925d79fa1bc75e2c5cf070ce3dddebd6ea495b37bf0973d6bb2e1f3ca5109a57745809105e1da14d96270b934b68488e38e8b08e63aa3ad7173af9e9a41abbb541c3cdfa0528c6202a854e332443a4415cb5ef5ebc63076ca4a84174bd8e8028382357c354f646845e1a30d7055a8193b6b46c4e529e73efa313757d46f55b1e71aef56e0b6c5122d8b5384bf55b1760f3db76a5f086475428f81515e6f81ad00
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxps://evanstar2.notes.duke.edu/dwa7W.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
================= FIREFOX ===================
FF - ProfilePath - c:\users\josh\appdata\roaming\mozilla\firefox\profiles\wvbdtgi1.default\
FF - plugin: c:\program files\download manager\npfpdlm.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox 4.0 beta 2\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox 4.0 beta 2\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox 4.0 beta 2\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
============= SERVICES / DRIVERS ===============
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-8-6 343920]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2010-1-5 51216]
R2 TmFilter;Trend Micro Filter;c:\program files\trend micro\officescan client\TmXpflt.sys [2009-5-22 233488]
R2 TmPreFilter;Trend Micro PreFilter;c:\program files\trend micro\officescan client\TmPreflt.sys [2009-5-22 37904]
R3 hcw18bda;Hauppauge WinTV 418 Driver;c:\windows\system32\drivers\hcw18bda.sys [2009-3-19 391168]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-8-6 91832]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-8-6 43288]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\drivers\netr73.sys [2009-5-24 501248]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-8-6 66600]
============== File Associations ===============
.txt=
=============== Created Last 30 ================
2010-08-06 15:45:26 0 d-----w- c:\windows\147BCE03C0F14C9F81576A89B6D2D973.TMP
2010-08-06 15:28:28 66600 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2010-08-06 15:28:28 43288 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2010-08-06 15:28:27 91832 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2010-08-06 15:28:27 75704 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2010-08-06 15:28:27 70728 ----a-w- c:\windows\system32\mfevtps.exe
2010-08-06 15:28:27 64208 ----a-w- c:\windows\system32\drivers\mfetdik.sys
2010-08-06 15:28:27 343920 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2010-08-06 15:28:07 0 d-----w- c:\program files\common files\McAfee
2010-08-06 15:27:42 0 d-----w- c:\program files\common files\Cisco Systems
2010-08-06 15:27:39 0 d-----w- c:\program files\McAfee
2010-07-30 00:01:48 0 d-----w- c:\programdata\Sun
2010-07-29 23:52:30 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-29 20:29:42 0 d-----w- c:\program files\AutoPogo1
2010-07-29 19:26:05 0 d-----w- c:\program files\Mozilla Firefox 4.0 Beta 2
==================== Find3M ====================
2010-07-30 19:07:15 87608 ----a-w- c:\users\josh\appdata\roaming\inst.exe
2010-07-30 19:07:15 47360 ----a-w- c:\users\josh\appdata\roaming\pcouffin.sys
2010-07-29 21:21:46 51200 ----a-w- c:\windows\inf\infpub.dat
2010-07-29 21:21:46 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-07-29 21:21:43 86016 ----a-w- c:\windows\inf\infstor.dat
2010-07-02 19:25:13 410 ----a-w- c:\users\josh\appdata\roaming\wklnhst.dat
2010-05-26 16:16:50 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:25:15 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 18:14:28 221568 ------w- c:\windows\system32\MpSigStub.exe
2009-01-12 14:06:40 174 --sha-w- c:\program files\desktop.ini
2009-01-12 13:57:28 665600 ----a-w- c:\windows\inf\drvindex.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2010-04-19 15:42:59 16384 --sha-w- c:\windows\temp\cookies\index.dat
2010-04-19 15:42:59 16384 --sha-w- c:\windows\temp\history\history.ie5\index.dat
2010-04-19 15:42:59 16384 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat
============= FINISH: 13:21:23.44 ===============