My computer is behaving in an odd way for the last couple of days. The most obvious problem is that Google Chrome, my default web browser, keeps shutting down even when I only have my email open.
That could be a malware, right?
Help!!!
DDS log:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Karen at 12:47:20 on 2012-03-06
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3894.2973 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\cmpe.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Program Files (x86)\VMware\VMware Server\tomcat\bin\Tomcat6.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
C:\Program Files (x86)\VMware\VMware Server\vmware-authd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\spool\drivers\x64\3\E_IATIGCA.EXE
C:\Windows\System32\spool\drivers\x64\3\E_IATIGCA.EXE
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Windows\System32\spool\drivers\x64\3\E_IATIGGB.EXE
C:\Program Files (x86)\DeskPins\DeskPins.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Users\Karen\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Karen\Downloads\setup_11.0.0.1245.x01_2012_03_06_07_07.exe
C:\Users\Karen\AppData\Local\Temp\RarSFX0\3402613.exe
C:\Users\Karen\AppData\Local\Temp\4046163\3402613.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.facebook.com/
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Google Update] "C:\Users\Karen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [EPSON NX420 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE /FU "C:\Windows\TEMP\E_SF9E8.tmp" /EF "HKCU"
uRun: [EPSON NX420 Series (Wi Fi)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE /FU "C:\Windows\TEMP\E_SB885.tmp" /EF "HKCU"
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [<NO NAME>]
uRun: [EPSON TX125 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGB.EXE /FU "C:\Windows\TEMP\E_S958F.tmp" /EF "HKCU"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe /startup
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [NSU_agent] "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRunOnce: [GrpConv] grpconv -o
StartupFolder: C:\Users\Karen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DeskPins.lnk - C:\Program Files (x86)\DeskPins\DeskPins.exe
StartupFolder: C:\Users\Karen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DISNEY~1.LNK - C:\Program Files (x86)\Disney Vacation Connection\Disney Vacation Connection.exe
StartupFolder: C:\Users\Karen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Karen\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Karen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\Users\Karen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\Users\Karen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\_UNINS~1.LNK - C:\Users\Karen\AppData\Local\Temp\_uninst_79247491.bat
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
LSP: C:\Program Files (x86)\VMware\VMware Server\vsocklib.dll
Trusted Zone: bancobrasil.com.br\www
Trusted Zone: bancobrasil.com.br\www14
Trusted Zone: bancobrasil.com.br\www2
Trusted Zone: bb.com.br\www
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/i ... ction2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {B94C2238-346E-4C5E-9B36-8CC627F35574}
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {DBDC1CDA-B64B-49F7-9535-6317AA416E51} - hxxps://vdibroker1.w2k.geneseo.edu/down ... client.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 137.238.1.16 137.238.1.14 137.238.1.15
TCP: Interfaces\{23E92F40-51C1-4C9D-8505-295B76AB6499} : DhcpNameServer = 137.238.1.15 137.238.1.14
TCP: Interfaces\{3949CAA4-FAC7-41EA-A871-60B333F86E28} : DhcpNameServer = 137.238.1.16 137.238.1.14 137.238.1.15
TCP: Interfaces\{3949CAA4-FAC7-41EA-A871-60B333F86E28}\255646567596649694E66627165627F6 : DhcpNameServer = 192.168.120.1
TCP: Interfaces\{3949CAA4-FAC7-41EA-A871-60B333F86E28}\3555E495027456E6563756F6 : DhcpNameServer = 137.238.1.16 137.238.1.14 137.238.1.15
TCP: Interfaces\{3949CAA4-FAC7-41EA-A871-60B333F86E28}\4527F607963616E6160233133343 : DhcpNameServer = 66.156.216.122 207.59.153.242 4.2.2.2
TCP: Interfaces\{3949CAA4-FAC7-41EA-A871-60B333F86E28}\665627D656E647F6 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{3949CAA4-FAC7-41EA-A871-60B333F86E28}\7456E6563756F6027457563747 : DhcpNameServer = 137.238.1.16 137.238.1.14 137.238.1.15
TCP: Interfaces\{3949CAA4-FAC7-41EA-A871-60B333F86E28}\A616E657772323D27657563747 : DhcpNameServer = 72.45.32.34 72.45.32.37
TCP: Interfaces\{3949CAA4-FAC7-41EA-A871-60B333F86E28}\C696E6B6379737 : DhcpNameServer = 205.152.144.23 205.152.132.23
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399f83} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
BHO-X64: G-Buster Browser Defense - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun-x64: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe /startup
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [NSU_agent] "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRunOnce-x64: [GrpConv] grpconv -o
SEH-X64: GbPluginObj Class: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\qe6altcq.default\
FF - component: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Karen\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Users\Karen\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Karen\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 79247491;79247491;C:\Windows\system32\DRIVERS\79247491.sys --> C:\Windows\system32\DRIVERS\79247491.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 vmwvusb;VMware View Generic USB Driver;C:\Windows\system32\Drivers\vmwvusb.sys --> C:\Windows\system32\Drivers\vmwvusb.sys [?]
RUnknown 3402613drv;3402613drv; [x]
S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
.
=============== Created Last 30 ================
.
2012-03-06 06:15:31 -------- d-----w- C:\ProgramData\Kaspersky Lab
2012-03-06 06:10:25 460888 ----a-w- C:\Windows\System32\drivers\79247491.sys
2012-03-05 20:44:36 8643640 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{057E487D-756C-4010-BBF1-6EDC3E0C76E9}\mpengine.dll
2012-02-28 04:48:18 -------- d-----w- C:\Program Files (x86)\bfgclient
2012-02-28 00:40:10 -------- d-----w- C:\Program Files\SmartFTP Client
2012-02-28 00:39:32 -------- d-----w- C:\Program Files (x86)\SmartFTP Client 4.0 (x64) Setup Files
2012-02-27 22:57:15 -------- d-----w- C:\ProgramData\Big Fish Games
2012-02-27 22:45:07 -------- d-----w- C:\BigFishGamesCache
2012-02-22 23:15:43 -------- d-----w- C:\Users\Karen\AppData\Local\OSP
2012-02-22 15:39:10 -------- d-----w- C:\Program Files (x86)\Tracker
2012-02-22 15:38:55 -------- d-----w- C:\Program Files (x86)\Xuggle
2012-02-15 21:23:34 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-02-15 21:23:34 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-02-15 21:23:33 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-02-15 21:23:32 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-15 21:23:31 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-02-15 21:23:30 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-02-15 21:23:25 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-02-15 21:23:25 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-02-10 11:13:42 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{13FAB4D1-FB15-4FE6-8065-4C9DFB905BDD}\gapaengine.dll
2012-02-07 03:23:49 -------- d-----w- C:\Users\Karen\AppData\Local\MiTAC_International_Corpo
2012-02-07 03:15:31 -------- d-----w- C:\Program Files (x86)\Mio Technology
.
==================== Find3M ====================
.
2012-03-06 03:32:56 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-01-07 14:50:24 72080 ----a-w- C:\Users\Karen\g2mdlhlpx.exe
2011-12-21 18:32:06 45896 ----a-w- C:\Windows\SysWow64\drivers\GbpKm.sys
2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 12:52:54.26 ===============
Attach log:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/30/2010 10:43:06 PM
System Uptime: 3/5/2012 10:04:02 PM (14 hours ago)
.
Motherboard: Hewlett-Packard | | 146A
Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz | CPU | 2244/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 384.99 GiB free.
D: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
Class GUID:
Description:
Device ID: USB\VID_138A&PID_0005\39118B629900
Manufacturer:
Name:
PNP Device ID: USB\VID_138A&PID_0005\39118B629900
Service:
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&F4CC96&0&01
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&F4CC96&0&01
Service: vwifimp
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_146A103C&REV_03\4&3B77DEA&0&00E0
Manufacturer: Realtek
Name: Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_146A103C&REV_03\4&3B77DEA&0&00E0
Service: RTL8167
.
==== System Restore Points ===================
.
RP405: 2/14/2012 8:35:13 PM - Installed HTC Sync.
RP406: 2/16/2012 7:04:56 AM - Windows Update
RP407: 2/16/2012 10:15:55 PM - Windows Update
RP408: 2/20/2012 11:41:46 PM - Windows Update
RP409: 2/24/2012 5:42:19 PM - Windows Update
RP410: 2/27/2012 5:44:21 PM - Windows Update
RP411: 2/27/2012 7:39:47 PM - Installed SmartFTP Client
RP412: 3/1/2012 10:40:52 PM - Windows Backup
RP413: 3/2/2012 10:28:54 AM - Windows Update
RP414: 3/5/2012 3:42:57 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Connect Add-in
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.2)
Adobe Shockwave Player 11.5
Amazon Kindle
Apple Application Support
Apple Software Update
Atheros Driver Installation Program
Bear Access Spring 2010
Big Fish Games: Game Manager
Camtasia Studio 7
Competition Arena
Controle ActiveX do Windows Live Mesh para Conexões Remotas
D3DX10
DAEMON Tools Lite
DeskPins (remove only)
Dropbox
Epson CreativeZone
Epson Easy Photo Print 2
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
Epson Event Manager
EPSON Scan
EpsonNet Print
EpsonNet Setup 3.2
FileZilla Client 3.3.4.1
FitLive 1.1.15
Google Chrome
Google Talk Plugin
GoToMeeting 4.8.0.723
HP Product Detection
HTC BMP USB Driver
HTC Driver Installer
HTC Sync
InkReset version 2.12
Java Auto Updater
Java(TM) 6 Update 29
Junk Mail filter update
KODAK Share Button App
LTCM Client
Mesh Runtime
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft_VC100_CRT_SP1_x86
MiKTeX 2.9
MioMore Desktop
Mozilla Firefox 10.0.2 (x86 en-US)
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia Software Updater
Nokia Suite
OpenOffice.org 3.2
PC Connectivity Solution
Picasa 3
PNY Movie Player
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Skype Click to Call
Skype™ 5.5
SmartFTP Client Setup Files 4.0 (x64) (remove only)
Spybot - Search & Destroy
TC Web Conferencing
The Weather Channel Desktop 6
Tracker
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
VLC media player 1.1.9
VMware Remote Console Plug-in
VMware Server
Windows Live Communications Platform
Windows Live Essentials
Windows Live Galeria de Fotos
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series SDK
Windows Media Player Firefox Plugin
.
==== Event Viewer Messages From Past Week ========
.
3/5/2012 5:12:00 PM, Error: Service Control Manager [7024] - The VMware Host Agent service terminated with service-specific error %%-1.
3/5/2012 5:11:57 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the EpsonBidirectionalService service to connect.
3/5/2012 5:11:57 PM, Error: Service Control Manager [7000] - The EpsonBidirectionalService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================