Need help Please... Puter acting wierd

[jjtraxx]

I am having issues with my computer. I did a complete Vista re-install maybe 5 weeks ago. I did not format the hard drive before reinstalling. About 2-3 weeks ago, I installed an AFT XM-35U USB 2.0 card reader and a Koutech PCI to USB 2.0 model IO-PU520 add on USB card. I mention this because I'm not sure that my problem is a virus/trojan/spyware. I ran a Lavasoft scan and it only found 1 minor cookie. I did a smart scan in McAfee and found nothing.
When I start the computer from off, after login, some of my external hard drives disconnect and then reconnect themselves. I assume this is from being plugged into the USB card and having it take a little for the drivers for the card to load and run maybe. The computer takes a while to respond if it will respond without a restart. In task manager I see a bunch of svchost.exe's running. I know they are supposed to, but 3 in particular are using a lot of memory. One is using 93,000 K, 57,000 K, and 37,000 K. CPU usage fluctuates between 2%-4%. The machine is a Gateway core 2 quad @ 2.4 and I have 8 gigs of RAM installed. The motherboard is a Bigarm that can only support 4 gigs, but from my understanding, the extra RAM can be used in other ways.
Like I said, I don't know if this is a virus/trojan/spyware problem or a hardware problem, but I figured I would start with the virus idea since it seems more likely to me. Here is my DDS log:


DDS (Ver_09-07-30.01) - NTFSx86
Run by Jason at 12:16:27.29 on Wed 09/02/2009
Internet Explorer: 8.0.6001.18813 BrowserJavaVersion: 1.6.0_15
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3324.2001 [GMT -4:00]

SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Windows\system32\taskeng.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\Ati2evxx.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\WDBtnMgr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe
C:\Windows\System32\wpcumi.exe
C:\Windows\System32\UMonit.exe
C:\Program Files\My Book\WD Backup\uBBMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jason\Desktop\dds.pif

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Tunebite_WebRipPlugin Class: {aa102584-3b97-47e7-b9bc-75d54c110a7d} - c:\program files\rapidsolution\tunebite\plugins\ie\TB_WebRipIePlugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide
mRun: [WD Button Manager] WDBtnMgr.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [mxomssmenu] "c:\program files\maxtor\onetouch status\maxmenumgr.exe"
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [UMonit] c:\windows\system32\UMonit.exe
StartupFolder: c:\programdata\microsoft\windows\start menu\programs\startup\HP Digital Imaging Monitor.lnk.disabled
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdback~1.lnk - c:\program files\my book\wd backup\uBBMonitor.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download with ImTOO YouTube to iPod Converter - c:\program files\imtoo\youtube to ipod converter\upod_link.HTM
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
LSP: c:\windows\system32\wpclsp.dll
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://support.gateway.com/support/profiler/PCPitStop.CAB
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\jason\appdata\roaming\mozilla\firefox\profiles\8sfbd1wu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.rr.com/
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files\rapidsolution\tunebite\plugins\geckobased\tunebite-firefox-surf-and-catch-extension@audials.com\components\TB_WebRipFFPlugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\rapidsolution\tunebite\plugins\geckobased\tunebite-firefox-surf-and-catch-extension@audials.com\plugins\np_TB_OgloPlugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R0 amacpi;Microsoft Away Mode System;c:\windows\system32\drivers\null.sys [2009-8-13 4608]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-8-12 64160]
R2 Maxtor Sync Service;Maxtor Service;c:\program files\maxtor\sync\SyncServices.exe [2008-7-21 193888]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-8-12 210216]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-8-13 1153368]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
R3 FIXUSTOR;FIXUSTOR;c:\windows\system32\drivers\fixustor.sys [2009-1-21 12800]
R3 IAMTV;Driver for Intel(R) Active Management Technology - KCS;c:\windows\system32\drivers\IAMTV.sys [2006-10-18 38280]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2009-8-7 92008]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-8-19 55280]
S3 fsssvc;Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-7-3 1029456]
S3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2006-11-2 987648]
S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2006-11-2 251904]

=============== Created Last 30 ================

2009-09-02 12:00 <DIR> --d----- c:\program files\Trend Micro
2009-09-02 10:07 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-09-02 10:07 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-08-31 11:02 1,377 a------- c:\windows\system32\IconCfg2.ini
2009-08-31 11:02 1,376 a------- c:\windows\system32\IconCfg4.ini
2009-08-31 11:02 1,376 a------- c:\windows\system32\IconCfg3.ini
2009-08-31 11:02 5,492,736 a------- c:\windows\system32\GeneIcon.dll
2009-08-31 11:02 1,377 a------- c:\windows\system32\IconCfg1.ini
2009-08-31 11:02 1,377 a------- c:\windows\system32\IconCfg0.ini
2009-08-25 15:02 <DIR> --d----- c:\users\jason\appdata\roaming\Printer Info Cache
2009-08-25 14:36 <DIR> --d----- c:\programdata\Office Genuine Advantage
2009-08-25 13:58 2,048 a------- c:\windows\system32\tzres.dll
2009-08-19 14:11 15,688 a------- c:\windows\system32\lsdelete.exe
2009-08-19 14:04 <DIR> --d----- c:\windows\music
2009-08-19 12:25 55,280 a------- c:\windows\system32\drivers\fssfltr.sys
2009-08-19 12:24 3,426,072 a------- c:\windows\system32\d3dx9_32.dll
2009-08-19 12:23 <DIR> --d----- c:\program files\Microsoft SQL Server Compact Edition
2009-08-19 12:23 <DIR> --d----- c:\program files\Microsoft
2009-08-19 12:23 <DIR> --d----- c:\program files\Windows Live SkyDrive
2009-08-19 12:22 <DIR> --d----- c:\windows\PCHEALTH
2009-08-19 12:01 <DIR> --d----- c:\program files\common files\Windows Live
2009-08-18 13:07 <DIR> --d----- c:\program files\Atech Flash Card Reader Driver Ver.2500
2009-08-18 13:07 200,704 a------- c:\windows\system32\UMonit.exe
2009-08-18 13:07 167,936 a------- c:\windows\system32\ustor.dll
2009-08-18 13:04 309,760 a------- c:\windows\system32\DIFxAPI.dll
2009-08-15 15:24 <DIR> --d----- c:\program files\Free Fire Screensaver
2009-08-15 15:24 <DIR> --d----- c:\users\jason\appdata\roaming\Laconic Software
2009-08-14 18:20 <DIR> --d----- c:\program files\TomTom DesktopSuite
2009-08-14 17:22 <DIR> --d----- c:\users\jason\appdata\roaming\TomTom
2009-08-14 17:22 <DIR> --d----- c:\program files\TomTom International B.V
2009-08-14 17:22 <DIR> --d----- c:\program files\TomTom HOME 2
2009-08-14 13:55 20 a--sh--- C:\ArcDeviceInfo
2009-08-14 13:55 <DIR> --d----- c:\program files\My Book
2009-08-14 13:52 <DIR> --d----- c:\program files\Maxtor
2009-08-13 21:07 114,664 a---h--- c:\windows\system32\mlfcache.dat
2009-08-13 21:06 <DIR> --d----- c:\program files\common files\PX Storage Engine
2009-08-13 21:06 <DIR> --d----- c:\windows\system32\IOSUBSYS
2009-08-13 20:27 <DIR> --d----- c:\program files\MSECache
2009-08-13 20:08 <DIR> --d----- c:\users\jason\appdata\roaming\ZoomBrowser EX
2009-08-13 20:05 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-08-13 17:20 <DIR> --d----- c:\program files\Frameworkx
2009-08-13 17:14 <DIR> --d----- c:\users\jason\appdata\roaming\aicon
2009-08-13 17:08 <DIR> --d----- c:\users\jason\appdata\roaming\Auslogics
2009-08-13 17:08 <DIR> --d----- c:\program files\Auslogics
2009-08-13 15:22 <DIR> --d----- c:\program files\common files\xing shared
2009-08-13 15:22 <DIR> --d----- c:\program files\common files\Real
2009-08-13 15:16 107,368 a------- c:\windows\system32\GEARAspi.dll
2009-08-13 15:16 23,400 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-08-13 15:15 <DIR> --d----- c:\program files\iPod
2009-08-13 15:15 <DIR> --d----- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-08-13 15:15 <DIR> --d----- c:\program files\iTunes
2009-08-13 15:15 <DIR> --d----- c:\progra~2\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-08-13 15:15 <DIR> --d----- c:\program files\Bonjour
2009-08-13 15:14 <DIR> --d----- c:\programdata\Apple Computer
2009-08-13 15:12 <DIR> --d----- c:\programdata\Apple
2009-08-13 15:03 <DIR> --d----- c:\program files\WinAVI MP4 Converter
2009-08-13 15:01 <DIR> --d----- c:\program files\aicon
2009-08-13 14:54 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-08-13 14:54 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-08-13 14:54 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-08-13 14:52 258,352 a------- c:\windows\system32\unicows.dll
2009-08-13 14:52 92,250 a------- c:\windows\system32\HKCU_GNU.reg
2009-08-13 14:52 60,273 a------- c:\windows\system32\pthreadGC2.dll
2009-08-13 14:52 6,700 a------- c:\windows\system32\HKLM_GNU.reg
2009-08-13 14:52 6,144 a------- c:\windows\system32\ff_acm.acm
2009-08-13 14:52 547 a------- c:\windows\system32\ff_vfw.dll.manifest
2009-08-13 14:51 372,736 a------- c:\windows\system32\xvid.ax
2009-08-13 14:51 114,688 a------- c:\windows\system32\PropListCtrl.ocx
2009-08-13 14:51 98,304 a------- c:\windows\system32\L3CODECX.AX
2009-08-13 14:51 14,909 a------- c:\windows\system32\A_reg.reg
2009-08-13 14:51 <DIR> --d----- c:\program files\Cucusoft
2009-08-13 14:37 116,842 a------- c:\windows\hpqins00.dat
2009-08-13 14:35 <DIR> --d----- c:\programdata\WEBREG
2009-08-13 14:35 <DIR> --d----- c:\progra~2\WEBREG
2009-08-13 14:20 <DIR> --d----- c:\programdata\HPSSUPPLY
2009-08-13 14:18 <DIR> --d----- c:\program files\common files\Hewlett-Packard
2009-08-13 14:18 <DIR> --d----- c:\program files\common files\HP
2009-08-13 14:15 <DIR> --d----- c:\program files\HP
2009-08-13 14:14 148,935 a------- c:\windows\hpoins19.dat
2009-08-13 14:14 <DIR> --d----- c:\programdata\HP
2009-08-13 14:14 897,024 a------- c:\windows\system32\SET9058.tmp
2009-08-13 14:14 675,840 a------- c:\windows\system32\SET8F3B.tmp
2009-08-13 14:14 303,104 a------- c:\windows\system32\hpovst01.dll
2009-08-13 14:14 258,048 a------- c:\windows\system32\hpzids01.dll
2009-08-13 14:14 26,952 a------- c:\windows\hpomdl19.dat
2009-08-13 14:06 <DIR> --d----- c:\programdata\Adobe
2009-08-13 14:01 <DIR> --d----- c:\programdata\NOS
2009-08-13 13:58 411,368 a------- c:\windows\system32\deploytk.dll
2009-08-13 13:27 <DIR> --d----- c:\program files\PixiePack Codec Pack
2009-08-13 13:18 <DIR> --d----- c:\programdata\RapidSolution
2009-08-13 13:18 <DIR> --d----- c:\program files\RapidSolution
2009-08-13 13:18 <DIR> --d----- c:\progra~2\RapidSolution
2009-08-13 13:04 <DIR> --d----- c:\program files\MSXML 4.0
2009-08-13 12:53 <DIR> --d----- c:\windows\system32\eu-ES
2009-08-13 12:53 <DIR> --d----- c:\windows\system32\ca-ES
2009-08-13 12:53 <DIR> --d----- c:\windows\system32\vi-VN
2009-08-13 12:52 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-08-13 12:37 <DIR> --d----- c:\windows\system32\EventProviders
2009-08-13 12:35 1,544,704 a------- c:\windows\system32\MSVidCtl.dll
2009-08-13 12:32 <DIR> --d----- c:\programdata\ZoomBrowser
2009-08-13 12:32 <DIR> --d----- c:\progra~2\ZoomBrowser
2009-08-13 12:32 <DIR> --d----- c:\program files\Canon
2009-08-13 12:31 <DIR> --d----- c:\program files\common files\Canon
2009-08-13 12:30 <DIR> --d----- c:\programdata\CyberLink
2009-08-13 12:27 <DIR> --d----- c:\users\jason\appdata\roaming\ImTOO Software Studio
2009-08-13 12:26 <DIR> --d----- c:\program files\ImTOO
2009-08-13 12:18 0 -------- c:\users\jason\appdata\roaming\wklnhst.dat
2009-08-13 12:16 18,904 a------- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2009-08-13 12:16 11,967,524 a------- c:\windows\system32\korwbrkr.lex
2009-08-13 11:32 705,536 a------- c:\windows\system32\imagesp1.dll
2009-08-13 11:32 116,736 a------- c:\windows\system32\sstpsvc.dll
2009-08-13 11:32 175,104 a------- c:\windows\system32\winrscmd.dll
2009-08-13 11:30 394,240 a------- c:\windows\system32\dsquery.dll
2009-08-13 11:29 102,400 a------- c:\windows\system32\wbem\mofinstall.dll
2009-08-13 11:29 357,888 a------- c:\windows\system32\wbemcomn.dll
2009-08-13 11:29 139,264 a------- c:\windows\system32\SmiInstaller.dll
2009-08-13 11:29 129,536 a------- c:\windows\system32\sqmapi.dll
2009-08-13 11:29 305,152 a------- c:\windows\system32\msdelta.dll
2009-08-13 11:29 258,560 a------- c:\windows\system32\dpx.dll
2009-08-13 11:29 35,328 a------- c:\windows\system32\mspatcha.dll
2009-08-13 01:33 <DIR> --d----- c:\programdata\WinZip
2009-08-12 21:36 <DIR> --d----- c:\windows\Panther
2009-08-12 21:36 330,752 a----r-- c:\windows\system32\drivers\NETBIOS.PDB
2009-08-12 21:36 <DIR> --d----- c:\windows\system32\OEM
2009-08-12 21:31 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-08-12 21:30 <DIR> -cd-h--- c:\programdata\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-12 21:30 <DIR> -cd-h--- c:\progra~2\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-12 21:30 <DIR> --d----- c:\programdata\Lavasoft
2009-08-12 21:30 <DIR> --d----- c:\program files\Lavasoft
2009-08-12 20:44 <DIR> --d----- c:\program files\Lame for Audacity
2009-08-12 20:42 <DIR> --d----- c:\program files\Audacity
2009-08-12 20:41 6,656 a------- c:\windows\system32\kbd106n.dll
2009-08-12 20:41 <DIR> --d----- c:\program files\BitPim
2009-08-12 20:41 <DIR> --d----- c:\program files\CONEXANT
2009-08-12 20:41 0 a------- c:\windows\ativpsrm.bin
2009-08-12 20:37 <DIR> --d----- c:\program files\CCleaner
2009-08-12 20:34 <DIR> --d----- c:\windows\pss
2009-08-12 20:18 <DIR> --d----- c:\program files\CleanUp!
2009-08-12 20:18 272,896 a------- c:\windows\system32\polstore.dll
2009-08-12 20:18 61,440 a------- c:\windows\system32\winipsec.dll
2009-08-12 20:17 1,820 a------- c:\windows\system32\rasctrnm.h
2009-08-12 20:16 69,632 a------- c:\windows\system32\Mpeg2Data.ax
2009-08-12 20:15 12,880 a------- c:\windows\system32\wbem\wlan.mof
2009-08-12 20:15 <DIR> --d----- c:\program files\Belarc
2009-08-12 20:14 2,034,688 a------- c:\windows\system32\win32k.sys
2009-08-12 20:14 156,672 a------- c:\windows\system32\t2embed.dll
2009-08-12 20:14 289,792 a------- c:\windows\system32\atmfd.dll
2009-08-12 20:14 72,704 a------- c:\windows\system32\fontsub.dll
2009-08-12 20:14 34,304 a------- c:\windows\system32\atmlib.dll
2009-08-12 20:14 23,552 a------- c:\windows\system32\lpk.dll
2009-08-12 20:14 10,240 a------- c:\windows\system32\dciman32.dll
2009-08-12 20:12 15,872 a------- c:\windows\system32\hcrstco.dll
2009-08-12 20:12 8,704 a------- c:\windows\system32\hccoin.dll
2009-08-12 20:07 37,888 a------- c:\windows\system32\printcom.dll
2009-08-12 20:07 14,848 a------- c:\windows\system32\wshrm.dll
2009-08-12 19:55 <DIR> --d----- c:\programdata\Maxtor
2009-08-12 19:55 <DIR> --d----- c:\progra~2\Maxtor
2009-08-12 19:54 <DIR> --d----- c:\windows\Downloaded Installations
2009-08-12 19:25 18,350,080 a------- c:\windows\ocsetup_install_NetFx3.etl
2009-08-12 19:25 327,680 a------- c:\windows\ocsetup_cbs_install_NetFx3.perf
2009-08-12 19:25 65,536 a------- c:\windows\ocsetup_cbs_install_NetFx3.dpx
2009-08-12 19:02 <DIR> --d----- C:\Swsetup
2009-08-12 18:58 71,680 a------- c:\windows\system32\atl.dll
2009-08-12 18:56 160,256 a------- c:\windows\system32\wkssvc.dll
2009-08-12 18:55 2,066,432 a------- c:\windows\system32\mstscax.dll
2009-08-12 18:55 136,192 a------- c:\windows\system32\aaclient.dll
2009-08-12 18:55 53,248 a------- c:\windows\system32\tsgqec.dll
2009-08-12 18:53 2,048 a------- c:\windows\system32\msxml3r.dll
2009-08-12 18:49 623,616 a------- c:\windows\system32\localspl.dll
2009-08-12 18:48 123,904 a------- c:\windows\system32\msvfw32.dll
2009-08-12 18:48 91,136 a------- c:\windows\system32\avifil32.dll
2009-08-12 18:48 65,024 a------- c:\windows\system32\avicap32.dll
2009-08-12 18:48 82,944 a------- c:\windows\system32\mciavi32.dll
2009-08-12 18:48 31,232 a------- c:\windows\system32\msvidc32.dll
2009-08-12 18:48 12,800 a------- c:\windows\system32\msrle32.dll
2009-08-12 18:45 499,712 a------- c:\windows\system32\kerberos.dll
2009-08-12 18:45 175,104 a------- c:\windows\system32\wdigest.dll
2009-08-12 18:45 1,259,008 a------- c:\windows\system32\lsasrv.dll
2009-08-12 18:45 439,864 a------- c:\windows\system32\drivers\ksecdd.sys
2009-08-12 18:45 218,624 a------- c:\windows\system32\msv1_0.dll
2009-08-12 18:45 72,704 a------- c:\windows\system32\secur32.dll
2009-08-12 18:45 9,728 a------- c:\windows\system32\lsass.exe
2009-08-12 18:45 270,848 a------- c:\windows\system32\schannel.dll
2009-08-12 18:45 13,780 a------- c:\windows\system32\wbem\lsasrv.mof
2009-08-12 18:41 <DIR> --dsh--- c:\windows\Installer
2009-08-12 18:40 364,544 a------- c:\windows\system32\WDBtnMgr.exe
2009-08-12 18:37 313,344 a------- c:\windows\system32\wmpdxm.dll
2009-08-12 18:37 43,520 a------- c:\windows\system32\msdxm.tlb
2009-08-12 18:37 18,432 a------- c:\windows\system32\amcompat.tlb
2009-08-12 18:37 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-08-12 18:37 7,680 a------- c:\windows\system32\spwmp.dll
2009-08-12 18:37 4,096 a------- c:\windows\system32\dxmasf.dll
2009-08-12 18:37 4,096 a------- c:\windows\system32\msdxm.ocx
2009-08-12 18:32 41,984 a------- c:\windows\system32\netfxperf.dll
2009-08-12 18:28 15,089 a------- c:\windows\system32\Config.MPF
2009-08-12 18:28 <DIR> --d----- c:\programdata\SiteAdvisor
2009-08-12 17:08 <DIR> --d----- C:\EbuDllTmpDir
2009-08-12 15:26 79,816 a------- c:\windows\system32\drivers\mfeavfk.sys
2009-08-12 15:26 40,552 a------- c:\windows\system32\drivers\mfesmfk.sys
2009-08-12 15:26 35,272 a------- c:\windows\system32\drivers\mfebopk.sys
2009-08-12 15:26 130,424 a------- c:\windows\system32\drivers\Mpfp.sys
2009-08-12 15:25 84,480 a------- c:\windows\system32\INETRES.dll
2009-08-12 15:25 <DIR> --d----- c:\program files\common files\McAfee
2009-08-12 15:25 <DIR> --d----- c:\program files\McAfee.com
2009-08-12 15:25 <DIR> --d----- c:\program files\McAfee
2009-08-12 15:25 784,896 a------- c:\windows\system32\rpcrt4.dll
2009-08-12 15:24 2,048 a------- c:\windows\system32\msxml6r.dll
2009-08-12 15:21 34,248 a------- c:\windows\system32\drivers\mferkdk.sys
2009-08-12 15:18 <DIR> --d----- c:\programdata\McAfee
2009-08-12 15:01 <DIR> --d----- c:\users\Jason
2009-08-12 14:58 1,524,736 a------- c:\windows\system32\wucltux.dll
2009-08-12 14:58 83,456 a------- c:\windows\system32\wudriver.dll
2009-08-12 14:58 162,064 a------- c:\windows\system32\wuwebv.dll
2009-08-12 14:58 31,232 a------- c:\windows\system32\wuapp.exe
2009-08-03 15:07 403,816 a------- c:\windows\system32\OGACheckControl.dll
2009-08-03 15:07 322,928 a------- c:\windows\system32\OGAAddin.dll
2009-08-03 15:07 230,768 a------- c:\windows\system32\OGAEXEC.exe

==================== Find3M ====================

2009-08-31 11:01 143,360 a------- c:\windows\inf\infstrng.dat
2009-08-31 11:01 51,200 a------- c:\windows\inf\infpub.dat
2009-08-28 22:30 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-08-28 22:30 458,752 a------- c:\windows\apppatch\AcSpecfc.dll
2009-08-28 22:30 2,159,616 a------- c:\windows\apppatch\AcGenral.dll
2009-08-28 22:30 542,720 a------- c:\windows\apppatch\AcLayers.dll
2009-08-18 13:05 86,016 a------- c:\windows\inf\infstor.dat
2009-08-13 12:53 665,600 a------- c:\windows\inf\drvindex.dat
2009-08-13 12:08 174 a--sh--- c:\program files\desktop.ini
2009-08-13 11:44 101,888 a------- c:\windows\system32\ifxcardm.dll
2009-08-13 11:44 82,432 a------- c:\windows\system32\axaltocm.dll
2009-08-12 18:55 52,736 a------- c:\windows\apppatch\iebrshim.dll
2009-07-21 17:52 915,456 a------- c:\windows\system32\wininet.dll
2009-07-21 17:47 109,056 a------- c:\windows\system32\iesysprep.dll
2009-07-21 17:47 71,680 a------- c:\windows\system32\iesetup.dll
2009-07-21 16:13 133,632 a------- c:\windows\system32\ieUnatt.exe
2009-07-09 12:16 2,060,288 a------- c:\windows\system32\usbaaplrc.dll
2009-07-09 12:16 39,424 a------- c:\windows\system32\drivers\usbaapl.sys
2009-07-08 13:44 214,024 a------- c:\windows\system32\drivers\mfehidk.sys
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2006-09-18 17:43 10 a--sh--- c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\config.sys
2006-09-18 17:43 10 a--sh--- c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\config.sys
2006-09-18 17:43 10 a--sh--- c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\config.sys

============= FINISH: 12:17:07.04 ===============

[Ried]

Hello jjtraxx,

I'm not seeing any malware here. It's best you head over to the Hardware Support section of this forum, take a close look at your recent Events

Quote:

==== Event Viewer Messages From Past Week ========

9/2/2009 11:59:50 AM, Error: Service Control Manager [7034] - The TomTomHOMEService service terminated unexpectedly. It has done this 1 time(s).

9/2/2009 11:51:27 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Null

9/2/2009 11:51:22 AM, Error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.

8/30/2009 12:06:04 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume Music.

8/29/2009 10:00:00 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume P:.

[jjtraxx]

Thanks Ried.... I will head over there and post.

[Ried]

You're welcome. Best of luck to you.