1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer crashes after few minutes of use (logs inside)

Discussion in 'Virus & Other Malware Removal' started by keeks, Sep 14, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. keeks

    keeks Thread Starter

    Joined:
    Oct 21, 2007
    Messages:
    23
    Hi,

    I am wondering if someone wouldn't mind reviewing the logs below to see if there any viruses or any other issues.
    Our computer crashes after a few minutes of use and runs quite slow for having 8GB of RAM.

    I've run spybot and NOD32 scans but have not found anything.

    Any help you can provide would be greatly appreciated.

    Thanks in advance,
    Keeks and Mrs. Keeks

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 7:45:27 PM, on 9/14/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe
    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
    C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Users\Laura\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [WLSync] "C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe" /background
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
    O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
    O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: Zune Wireless Configuration Service (ZuneWlanCfgSvc) - Unknown owner - C:\windows\system32\ZuneWlanCfgSvc.exe (file missing)

    --
    End of file - 8756 bytes

    We have a 64-bit operating system, so both the DDS and Attach logs are below.

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Laura at 19:46:40 on 2011-09-14
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8106.6003 [GMT -5:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
    SP: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
    SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\nvvsvc.exe
    C:\windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    C:\windows\system32\svchost.exe -k bthsvcs
    C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\Program Files\Elantech\ETDCtrl.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe
    C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    C:\Program Files\Elantech\ETDCtrlHelper.exe
    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
    C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\windows\system32\taskeng.exe
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\windows\system32\taskeng.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe
    C:\windows\system32\DllHost.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe
    C:\Program Files (x86)\Samsung\Eco Mode\SmartEco.exe
    C:\windows\system32\igfxext.exe
    C:\windows\system32\igfxsrvc.exe
    C:\windows\servicing\TrustedInstaller.exe
    C:\windows\system32\hkcmd.exe
    C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\windows\system32\igfxpers.exe
    C:\Program Files\Zune\ZuneLauncher.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\EasySpeedUpManager.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\windows\system32\sppsvc.exe
    C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\windows\system32\taskmgr.exe
    C:\windows\system32\SearchProtocolHost.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\windows\system32\SearchFilterHost.exe
    C:\windows\system32\DllHost.exe
    C:\windows\system32\DllHost.exe
    C:\windows\SysWOW64\cmd.exe
    C:\windows\system32\conhost.exe
    C:\windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://samsung.msn.com
    mStart Page = hxxp://samsung.msn.com
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    uRun: [WLSync] "C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe" /background
    uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.1 68.87.77.134 68.87.72.134
    TCP: Interfaces\{039C4871-F6EE-4B93-9D99-BD5483DE608D} : DhcpNameServer = 192.168.1.1 68.87.77.134 68.87.72.134
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    AppInit_DLLs-X64: C:\windows\SysWOW64\nvinit.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\vo7ugqcv.default\
    FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 nvpciflt;nvpciflt;C:\windows\system32\DRIVERS\nvpciflt.sys --> C:\windows\system32\DRIVERS\nvpciflt.sys [?]
    R1 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?]
    R1 SABI;SAMSUNG Kernel Driver For Windows 7;\??\C:\windows\system32\Drivers\SABI.sys --> C:\windows\system32\Drivers\SABI.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-4-21 1136640]
    R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-3-30 923984]
    R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-3-30 1001808]
    R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-4-21 134928]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
    R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-9-29 735960]
    R2 epfwwfpr;epfwwfpr;C:\windows\system32\DRIVERS\epfwwfpr.sys --> C:\windows\system32\DRIVERS\epfwwfpr.sys [?]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-5-23 2009704]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-7-28 1153368]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-4-24 483688]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-5-23 2656536]
    R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;C:\windows\system32\DRIVERS\AMPPAL.sys --> C:\windows\system32\DRIVERS\AMPPAL.sys [?]
    R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-3-30 1321296]
    R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\system32\DRIVERS\btmaux.sys --> C:\windows\system32\DRIVERS\btmaux.sys [?]
    R3 btmhsf;btmhsf;C:\windows\system32\DRIVERS\btmhsf.sys --> C:\windows\system32\DRIVERS\btmhsf.sys [?]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\system32\DRIVERS\clwvd.sys --> C:\windows\system32\DRIVERS\clwvd.sys [?]
    R3 ETD;ELAN PS/2 Port Input Device;C:\windows\system32\DRIVERS\ETD.sys --> C:\windows\system32\DRIVERS\ETD.sys [?]
    R3 iBtFltCoex;iBtFltCoex;C:\windows\system32\DRIVERS\iBtFltCoex.sys --> C:\windows\system32\DRIVERS\iBtFltCoex.sys [?]
    R3 IntcDAud;Intel(R) Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
    R3 MEIx64;Intel(R) Management Engine Interface;C:\windows\system32\drivers\HECIx64.sys --> C:\windows\system32\drivers\HECIx64.sys [?]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\windows\system32\DRIVERS\MpNWMon.sys --> C:\windows\system32\DRIVERS\MpNWMon.sys [?]
    R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\NETwNs64.sys --> C:\windows\system32\DRIVERS\NETwNs64.sys [?]
    R3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?]
    R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
    R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 Sftfs;Sftfs;C:\windows\system32\DRIVERS\Sftfslh.sys --> C:\windows\system32\DRIVERS\Sftfslh.sys [?]
    R3 Sftplay;Sftplay;C:\windows\system32\DRIVERS\Sftplaylh.sys --> C:\windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftredir;Sftredir;C:\windows\system32\DRIVERS\Sftredirlh.sys --> C:\windows\system32\DRIVERS\Sftredirlh.sys [?]
    R3 Sftvol;Sftvol;C:\windows\system32\DRIVERS\Sftvollh.sys --> C:\windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-4-24 209768]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;C:\windows\system32\DRIVERS\amppal.sys --> C:\windows\system32\DRIVERS\amppal.sys [?]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
    S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2010-9-23 306416]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2011-09-15 00:42:57 8862544 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D705E44B-30CD-4718-BC2F-76214055D453}\mpengine.dll
    2011-09-15 00:33:08 -------- d-----w- C:\Users\Laura\AppData\Local\{10589177-827B-482E-8B08-847FA6FEEBA7}
    2011-09-15 00:32:57 -------- d-----w- C:\Users\Laura\AppData\Local\{54ABE3E5-1BE1-41E4-98B1-F99C5542D924}
    2011-09-11 23:46:08 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AEBE4C9D-EDD8-4B23-BD1D-99EBCCD4DC19}\gapaengine.dll
    2011-09-11 23:42:30 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\78a876031cc70dc01\MeshBetaRemover.exe
    2011-09-11 23:34:40 -------- d-----w- C:\Users\Laura\AppData\Local\{3FBD6AA8-276A-4A61-99DF-1CF751142B36}
    2011-09-11 23:34:25 -------- d-----w- C:\Users\Laura\AppData\Local\{297471F0-DBD6-431F-9DC8-3EF0CEE545E3}
    2011-09-11 23:16:32 -------- d-----w- C:\Users\Laura\AppData\Local\{59E0F19C-9D6F-4BDB-8C0B-6FCEB9407E12}
    2011-09-11 23:12:53 -------- d-----w- C:\Users\Laura\AppData\Local\{0B1D4E60-3D54-47CF-91BB-032111CF7B65}
    2011-09-11 23:08:45 -------- d-----w- C:\Users\Laura\AppData\Local\{14BB8B13-4F28-425A-8595-03407DA3361F}
    2011-09-03 00:45:17 -------- d-----w- C:\Users\Laura\AppData\Local\{B965EF15-BE21-4291-AFDE-4B904EDFDF94}
    2011-09-01 03:51:31 -------- d-----w- C:\Users\Laura\AppData\Local\{3D8DA693-6CB9-4C6C-BAF5-295953A72562}
    2011-09-01 03:51:07 -------- d-----w- C:\Users\Laura\AppData\Local\{11E5D553-61C9-4BB8-ACD9-ED54525CD625}
    2011-09-01 03:46:50 -------- d-----w- C:\Users\Laura\AppData\Local\{18347FCF-822B-409C-BD69-A4FE6067430E}
    2011-09-01 03:46:38 -------- d-----w- C:\Users\Laura\AppData\Local\{22700393-6F56-4B98-9969-FDEE21E552E9}
    2011-09-01 03:13:27 -------- d-----w- C:\Users\Laura\AppData\Local\{5607E589-447C-41B1-925D-23DF23DC48F5}
    2011-09-01 03:13:14 -------- d-----w- C:\Users\Laura\AppData\Local\{7E4CD783-297F-4F9F-9BA2-6E9B918FA42B}
    2011-09-01 02:45:42 -------- d-----w- C:\Program Files (x86)\uTorrent
    2011-09-01 02:42:58 -------- d-----w- C:\Users\Laura\AppData\Roaming\uTorrent
    2011-09-01 02:42:58 -------- d-----w- C:\Users\Laura\AppData\Local\uTorrent
    2011-09-01 02:40:18 134104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
    2011-09-01 02:35:53 -------- d-----w- C:\Users\Laura\AppData\Local\{18AF65CD-B07A-484D-A5BB-372417CF6E6B}
    2011-09-01 02:35:41 -------- d-----w- C:\Users\Laura\AppData\Local\{FFF61901-0B9B-44A8-86C9-F25DF6E8B265}
    2011-08-28 23:04:42 2048 ----a-w- C:\windows\SysWow64\tzres.dll
    2011-08-28 23:04:42 2048 ----a-w- C:\windows\System32\tzres.dll
    2011-08-28 22:59:14 -------- d-----w- C:\Users\Laura\AppData\Local\{EFAF9E15-F4DD-4D3B-A711-E05E95E781FB}
    2011-08-28 22:59:00 -------- d-----w- C:\Users\Laura\AppData\Local\{FE35F245-9C62-4B62-9729-AC8639BFD99A}
    2011-08-20 02:08:11 -------- d-----w- C:\Users\Laura\AppData\Local\{50741FA8-F80E-4B94-A26C-E75DF3A63633}
    2011-08-20 02:07:51 -------- d-----w- C:\Users\Laura\AppData\Local\{CC4822BD-8FD8-487F-BB23-F1A326533D82}
    2011-08-19 16:02:49 -------- d-----w- C:\Pictures
    2011-08-16 12:13:41 -------- d-----w- C:\Users\Laura\AppData\Local\{A212699B-0BCA-430F-A209-FA7D9F343421}
    2011-08-16 12:07:25 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
    2011-08-16 12:07:14 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
    2011-08-16 12:07:13 8578896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
    .
    ==================== Find3M ====================
    .
    2011-08-16 12:14:27 404640 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-07-22 05:42:23 2303488 ----a-w- C:\windows\System32\jscript9.dll
    2011-07-22 05:36:16 1389056 ----a-w- C:\windows\System32\wininet.dll
    2011-07-22 05:32:40 2382848 ----a-w- C:\windows\System32\mshtml.tlb
    2011-07-22 02:54:43 1797632 ----a-w- C:\windows\SysWow64\jscript9.dll
    2011-07-22 02:48:26 1126912 ----a-w- C:\windows\SysWow64\wininet.dll
    2011-07-22 02:44:36 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
    2011-07-16 05:41:50 362496 ----a-w- C:\windows\System32\wow64win.dll
    2011-07-16 05:41:49 243200 ----a-w- C:\windows\System32\wow64.dll
    2011-07-16 05:41:49 13312 ----a-w- C:\windows\System32\wow64cpu.dll
    2011-07-16 05:39:10 16384 ----a-w- C:\windows\System32\ntvdm64.dll
    2011-07-16 05:37:12 421888 ----a-w- C:\windows\System32\KernelBase.dll
    2011-07-16 04:29:19 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
    2011-07-16 04:26:00 44032 ----a-w- C:\windows\apppatch\acwow64.dll
    2011-07-16 04:25:37 25600 ----a-w- C:\windows\SysWow64\setup16.exe
    2011-07-16 04:24:23 5120 ----a-w- C:\windows\SysWow64\wow32.dll
    2011-07-16 04:24:22 272384 ----a-w- C:\windows\SysWow64\KernelBase.dll
    2011-07-16 02:21:44 7680 ----a-w- C:\windows\SysWow64\instnm.exe
    2011-07-16 02:21:41 2048 ----a-w- C:\windows\SysWow64\user.exe
    2011-07-16 02:17:19 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2011-07-16 02:17:19 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 02:17:19 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 02:17:19 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2011-07-09 02:46:28 288768 ----a-w- C:\windows\System32\drivers\mrxsmb10.sys
    2011-06-24 05:34:53 214528 ----a-w- C:\windows\System32\winsrv.dll
    2011-06-24 05:25:49 338432 ----a-w- C:\windows\System32\conhost.exe
    2011-06-23 05:43:12 5561216 ----a-w- C:\windows\System32\ntoskrnl.exe
    2011-06-23 04:33:57 3967872 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
    2011-06-23 04:33:57 3912576 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
    2011-06-21 06:34:00 1923968 ----a-w- C:\windows\System32\drivers\tcpip.sys
    2011-06-18 23:55:04 15144 ----a-w- C:\windows\SysWow64\drivers\rtport.sys
    .
    ============= FINISH: 19:47:22.38 ===============

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Laura at 19:46:40 on 2011-09-14
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8106.6003 [GMT -5:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
    SP: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
    SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\nvvsvc.exe
    C:\windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    C:\windows\system32\svchost.exe -k bthsvcs
    C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\Program Files\Elantech\ETDCtrl.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe
    C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    C:\Program Files\Elantech\ETDCtrlHelper.exe
    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
    C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\windows\system32\taskeng.exe
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\windows\system32\taskeng.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe
    C:\windows\system32\DllHost.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe
    C:\Program Files (x86)\Samsung\Eco Mode\SmartEco.exe
    C:\windows\system32\igfxext.exe
    C:\windows\system32\igfxsrvc.exe
    C:\windows\servicing\TrustedInstaller.exe
    C:\windows\system32\hkcmd.exe
    C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\windows\system32\igfxpers.exe
    C:\Program Files\Zune\ZuneLauncher.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\EasySpeedUpManager.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\windows\system32\sppsvc.exe
    C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\windows\system32\taskmgr.exe
    C:\windows\system32\SearchProtocolHost.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\windows\system32\SearchFilterHost.exe
    C:\windows\system32\DllHost.exe
    C:\windows\system32\DllHost.exe
    C:\windows\SysWOW64\cmd.exe
    C:\windows\system32\conhost.exe
    C:\windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://samsung.msn.com
    mStart Page = hxxp://samsung.msn.com
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    uRun: [WLSync] "C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe" /background
    uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.1 68.87.77.134 68.87.72.134
    TCP: Interfaces\{039C4871-F6EE-4B93-9D99-BD5483DE608D} : DhcpNameServer = 192.168.1.1 68.87.77.134 68.87.72.134
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    AppInit_DLLs-X64: C:\windows\SysWOW64\nvinit.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\vo7ugqcv.default\
    FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 nvpciflt;nvpciflt;C:\windows\system32\DRIVERS\nvpciflt.sys --> C:\windows\system32\DRIVERS\nvpciflt.sys [?]
    R1 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?]
    R1 SABI;SAMSUNG Kernel Driver For Windows 7;\??\C:\windows\system32\Drivers\SABI.sys --> C:\windows\system32\Drivers\SABI.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-4-21 1136640]
    R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-3-30 923984]
    R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-3-30 1001808]
    R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-4-21 134928]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
    R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-9-29 735960]
    R2 epfwwfpr;epfwwfpr;C:\windows\system32\DRIVERS\epfwwfpr.sys --> C:\windows\system32\DRIVERS\epfwwfpr.sys [?]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-5-23 2009704]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-7-28 1153368]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-4-24 483688]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-5-23 2656536]
    R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;C:\windows\system32\DRIVERS\AMPPAL.sys --> C:\windows\system32\DRIVERS\AMPPAL.sys [?]
    R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-3-30 1321296]
    R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\system32\DRIVERS\btmaux.sys --> C:\windows\system32\DRIVERS\btmaux.sys [?]
    R3 btmhsf;btmhsf;C:\windows\system32\DRIVERS\btmhsf.sys --> C:\windows\system32\DRIVERS\btmhsf.sys [?]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\system32\DRIVERS\clwvd.sys --> C:\windows\system32\DRIVERS\clwvd.sys [?]
    R3 ETD;ELAN PS/2 Port Input Device;C:\windows\system32\DRIVERS\ETD.sys --> C:\windows\system32\DRIVERS\ETD.sys [?]
    R3 iBtFltCoex;iBtFltCoex;C:\windows\system32\DRIVERS\iBtFltCoex.sys --> C:\windows\system32\DRIVERS\iBtFltCoex.sys [?]
    R3 IntcDAud;Intel(R) Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
    R3 MEIx64;Intel(R) Management Engine Interface;C:\windows\system32\drivers\HECIx64.sys --> C:\windows\system32\drivers\HECIx64.sys [?]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\windows\system32\DRIVERS\MpNWMon.sys --> C:\windows\system32\DRIVERS\MpNWMon.sys [?]
    R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\NETwNs64.sys --> C:\windows\system32\DRIVERS\NETwNs64.sys [?]
    R3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?]
    R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
    R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 Sftfs;Sftfs;C:\windows\system32\DRIVERS\Sftfslh.sys --> C:\windows\system32\DRIVERS\Sftfslh.sys [?]
    R3 Sftplay;Sftplay;C:\windows\system32\DRIVERS\Sftplaylh.sys --> C:\windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftredir;Sftredir;C:\windows\system32\DRIVERS\Sftredirlh.sys --> C:\windows\system32\DRIVERS\Sftredirlh.sys [?]
    R3 Sftvol;Sftvol;C:\windows\system32\DRIVERS\Sftvollh.sys --> C:\windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-4-24 209768]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;C:\windows\system32\DRIVERS\amppal.sys --> C:\windows\system32\DRIVERS\amppal.sys [?]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
    S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2010-9-23 306416]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2011-09-15 00:42:57 8862544 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D705E44B-30CD-4718-BC2F-76214055D453}\mpengine.dll
    2011-09-15 00:33:08 -------- d-----w- C:\Users\Laura\AppData\Local\{10589177-827B-482E-8B08-847FA6FEEBA7}
    2011-09-15 00:32:57 -------- d-----w- C:\Users\Laura\AppData\Local\{54ABE3E5-1BE1-41E4-98B1-F99C5542D924}
    2011-09-11 23:46:08 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AEBE4C9D-EDD8-4B23-BD1D-99EBCCD4DC19}\gapaengine.dll
    2011-09-11 23:42:30 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\78a876031cc70dc01\MeshBetaRemover.exe
    2011-09-11 23:34:40 -------- d-----w- C:\Users\Laura\AppData\Local\{3FBD6AA8-276A-4A61-99DF-1CF751142B36}
    2011-09-11 23:34:25 -------- d-----w- C:\Users\Laura\AppData\Local\{297471F0-DBD6-431F-9DC8-3EF0CEE545E3}
    2011-09-11 23:16:32 -------- d-----w- C:\Users\Laura\AppData\Local\{59E0F19C-9D6F-4BDB-8C0B-6FCEB9407E12}
    2011-09-11 23:12:53 -------- d-----w- C:\Users\Laura\AppData\Local\{0B1D4E60-3D54-47CF-91BB-032111CF7B65}
    2011-09-11 23:08:45 -------- d-----w- C:\Users\Laura\AppData\Local\{14BB8B13-4F28-425A-8595-03407DA3361F}
    2011-09-03 00:45:17 -------- d-----w- C:\Users\Laura\AppData\Local\{B965EF15-BE21-4291-AFDE-4B904EDFDF94}
    2011-09-01 03:51:31 -------- d-----w- C:\Users\Laura\AppData\Local\{3D8DA693-6CB9-4C6C-BAF5-295953A72562}
    2011-09-01 03:51:07 -------- d-----w- C:\Users\Laura\AppData\Local\{11E5D553-61C9-4BB8-ACD9-ED54525CD625}
    2011-09-01 03:46:50 -------- d-----w- C:\Users\Laura\AppData\Local\{18347FCF-822B-409C-BD69-A4FE6067430E}
    2011-09-01 03:46:38 -------- d-----w- C:\Users\Laura\AppData\Local\{22700393-6F56-4B98-9969-FDEE21E552E9}
    2011-09-01 03:13:27 -------- d-----w- C:\Users\Laura\AppData\Local\{5607E589-447C-41B1-925D-23DF23DC48F5}
    2011-09-01 03:13:14 -------- d-----w- C:\Users\Laura\AppData\Local\{7E4CD783-297F-4F9F-9BA2-6E9B918FA42B}
    2011-09-01 02:45:42 -------- d-----w- C:\Program Files (x86)\uTorrent
    2011-09-01 02:42:58 -------- d-----w- C:\Users\Laura\AppData\Roaming\uTorrent
    2011-09-01 02:42:58 -------- d-----w- C:\Users\Laura\AppData\Local\uTorrent
    2011-09-01 02:40:18 134104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
    2011-09-01 02:35:53 -------- d-----w- C:\Users\Laura\AppData\Local\{18AF65CD-B07A-484D-A5BB-372417CF6E6B}
    2011-09-01 02:35:41 -------- d-----w- C:\Users\Laura\AppData\Local\{FFF61901-0B9B-44A8-86C9-F25DF6E8B265}
    2011-08-28 23:04:42 2048 ----a-w- C:\windows\SysWow64\tzres.dll
    2011-08-28 23:04:42 2048 ----a-w- C:\windows\System32\tzres.dll
    2011-08-28 22:59:14 -------- d-----w- C:\Users\Laura\AppData\Local\{EFAF9E15-F4DD-4D3B-A711-E05E95E781FB}
    2011-08-28 22:59:00 -------- d-----w- C:\Users\Laura\AppData\Local\{FE35F245-9C62-4B62-9729-AC8639BFD99A}
    2011-08-20 02:08:11 -------- d-----w- C:\Users\Laura\AppData\Local\{50741FA8-F80E-4B94-A26C-E75DF3A63633}
    2011-08-20 02:07:51 -------- d-----w- C:\Users\Laura\AppData\Local\{CC4822BD-8FD8-487F-BB23-F1A326533D82}
    2011-08-19 16:02:49 -------- d-----w- C:\Pictures
    2011-08-16 12:13:41 -------- d-----w- C:\Users\Laura\AppData\Local\{A212699B-0BCA-430F-A209-FA7D9F343421}
    2011-08-16 12:07:25 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
    2011-08-16 12:07:14 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
    2011-08-16 12:07:13 8578896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
    .
    ==================== Find3M ====================
    .
    2011-08-16 12:14:27 404640 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-07-22 05:42:23 2303488 ----a-w- C:\windows\System32\jscript9.dll
    2011-07-22 05:36:16 1389056 ----a-w- C:\windows\System32\wininet.dll
    2011-07-22 05:32:40 2382848 ----a-w- C:\windows\System32\mshtml.tlb
    2011-07-22 02:54:43 1797632 ----a-w- C:\windows\SysWow64\jscript9.dll
    2011-07-22 02:48:26 1126912 ----a-w- C:\windows\SysWow64\wininet.dll
    2011-07-22 02:44:36 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
    2011-07-16 05:41:50 362496 ----a-w- C:\windows\System32\wow64win.dll
    2011-07-16 05:41:49 243200 ----a-w- C:\windows\System32\wow64.dll
    2011-07-16 05:41:49 13312 ----a-w- C:\windows\System32\wow64cpu.dll
    2011-07-16 05:39:10 16384 ----a-w- C:\windows\System32\ntvdm64.dll
    2011-07-16 05:37:12 421888 ----a-w- C:\windows\System32\KernelBase.dll
    2011-07-16 04:29:19 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
    2011-07-16 04:26:00 44032 ----a-w- C:\windows\apppatch\acwow64.dll
    2011-07-16 04:25:37 25600 ----a-w- C:\windows\SysWow64\setup16.exe
    2011-07-16 04:24:23 5120 ----a-w- C:\windows\SysWow64\wow32.dll
    2011-07-16 04:24:22 272384 ----a-w- C:\windows\SysWow64\KernelBase.dll
    2011-07-16 02:21:44 7680 ----a-w- C:\windows\SysWow64\instnm.exe
    2011-07-16 02:21:41 2048 ----a-w- C:\windows\SysWow64\user.exe
    2011-07-16 02:17:19 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2011-07-16 02:17:19 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 02:17:19 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 02:17:19 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2011-07-09 02:46:28 288768 ----a-w- C:\windows\System32\drivers\mrxsmb10.sys
    2011-06-24 05:34:53 214528 ----a-w- C:\windows\System32\winsrv.dll
    2011-06-24 05:25:49 338432 ----a-w- C:\windows\System32\conhost.exe
    2011-06-23 05:43:12 5561216 ----a-w- C:\windows\System32\ntoskrnl.exe
    2011-06-23 04:33:57 3967872 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
    2011-06-23 04:33:57 3912576 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
    2011-06-21 06:34:00 1923968 ----a-w- C:\windows\System32\drivers\tcpip.sys
    2011-06-18 23:55:04 15144 ----a-w- C:\windows\SysWow64\drivers\rtport.sys
    .
    ============= FINISH: 19:47:22.38 ===============
     
  2. keeks

    keeks Thread Starter

    Joined:
    Oct 21, 2007
    Messages:
    23
    bumping my post in the hopes that someone can help
     
  3. keeks

    keeks Thread Starter

    Joined:
    Oct 21, 2007
    Messages:
    23
    been a week now, please help if you can. it would be greatly appreciated :)
     
  4. keeks

    keeks Thread Starter

    Joined:
    Oct 21, 2007
    Messages:
    23
    This is a desperate plea for help. Two weeks later and the problem persists.

    If someone can review this post, it would be sincerely appreciated. Thank you!!!!
     
  5. keeks

    keeks Thread Starter

    Joined:
    Oct 21, 2007
    Messages:
    23
    bump
     
  6. keeks

    keeks Thread Starter

    Joined:
    Oct 21, 2007
    Messages:
    23
    Still hoping for some help. Please please please help if you can :)
     
  7. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,361
    First Name:
    Kevin
    You are running two Anti-virus programs together, Nod32 and Microsoft Security Essentials, two AV`s will clash and cause the symptoms you describe....
     
  8. keeks

    keeks Thread Starter

    Joined:
    Oct 21, 2007
    Messages:
    23
    Kevin, thank you very much for your reply. I took your advice and turned off Microsoft Security Essentials.
    It run just fine for a few days, then crashed again. I figured this was a fluke and had it run just fine for several days and now it recently just crashed again.

    Any suggestions on next steps? Is there something else that could be causing the issue.

    Thanks again for your help!
     
  9. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,361
    First Name:
    Kevin
    Do the following:

    Download this program Blue Screen Viewer and unzip "Bluescreen View.exe" to your desktop.
    Next, Select Start > Right click on "Computer" and select "Properties" select "Advanced System Settings" then "Advanced" tab. From the "Start up and Recovery" section select "settings" make sure the default folder is "%SystemRoot%\Minidump".
    Go back to your desktop and double click on Bluescreen Viewer to run it, if there is any info available the program will grab the most recent. Choose save from the Toolbar and copy paste to your next reply. If there is no information available try and re-create the BSOD and try again with the tool to collect the information.

    Let me see that log if possible, also fresh set of DDS logs:

    • Download DDS by sUBs from one of the following links.* Save it to your desktop.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explanation about the tool.* *
    • When done, DDS will open two (2) logs
      * * * * *1. DDS.txt
      * * * * *2. Attach.txt
    • Save both reports to your desktop.
    • The instructions here ask you to attach the Attach.txt.
      [​IMG]
      *
    • Instead of attaching, please copy/past both logs into your next reply.
    • Close the program window, and delete the program from your desktop.
    Please note:* You may have to disable any script protection running if the scan fails to run.
    After downloading the tool, disconnect from the internet and disable all antivirus protection.
    Run the scan, enable your A/V and reconnect to the internet.*
    Information on A/V control HERE

    Kevin...
     
  10. keeks

    keeks Thread Starter

    Joined:
    Oct 21, 2007
    Messages:
    23
    Thanks again for your help. I've attached the logs below.

    ==================================================
    Dump File : 100711-25896-01.dmp
    Crash Time : 10/7/2011 5:39:41 PM
    Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
    Bug Check Code : 0x000000d1
    Parameter 1 : fffffa84`0a3dd40b
    Parameter 2 : 00000000`00000002
    Parameter 3 : 00000000`00000000
    Parameter 4 : fffff880`06149980
    Caused By Driver : ETD.sys
    Caused By Address : ETD.sys+6980
    File Description :
    Product Name :
    Company :
    File Version :
    Processor : x64
    Crash Address : ntoskrnl.exe+7cc40
    Stack Address 1 :
    Stack Address 2 :
    Stack Address 3 :
    Computer Name :
    Full Path : C:\windows\Minidump\100711-25896-01.dmp
    Processors Count : 4
    Major Version : 15
    Minor Version : 7601
    Dump File Size : 262,144
    ==================================================

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Laura at 22:04:06 on 2011-10-25
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8106.6166 [GMT -5:00]
    .
    AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
    SP: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
    SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\nvvsvc.exe
    C:\windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\servicing\TrustedInstaller.exe
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    C:\windows\system32\svchost.exe -k bthsvcs
    C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\Program Files\Elantech\ETDCtrl.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe
    C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    C:\Program Files\Elantech\ETDCtrlHelper.exe
    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    C:\windows\system32\taskeng.exe
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\windows\system32\taskeng.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\Samsung\Eco Mode\SmartEco.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\windows\system32\DllHost.exe
    C:\windows\system32\igfxext.exe
    C:\windows\system32\igfxsrvc.exe
    C:\windows\system32\hkcmd.exe
    C:\windows\system32\igfxpers.exe
    C:\Program Files\Zune\ZuneLauncher.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\EasySpeedUpManager.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
    C:\windows\explorer.exe
    C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
    C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
    C:\windows\system32\SearchProtocolHost.exe
    C:\windows\system32\SearchFilterHost.exe
    C:\windows\system32\DllHost.exe
    C:\windows\system32\DllHost.exe
    C:\windows\SysWOW64\cmd.exe
    C:\windows\system32\conhost.exe
    C:\windows\SysWOW64\cscript.exe
    C:\windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://samsung.msn.com
    mStart Page = hxxp://samsung.msn.com
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    uRun: [WLSync] "C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe" /background
    uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
    uRunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil10x_Plugin.exe -update plugin
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.1 68.87.77.134 68.87.72.134
    TCP: Interfaces\{039C4871-F6EE-4B93-9D99-BD5483DE608D} : DhcpNameServer = 192.168.1.1 68.87.77.134 68.87.72.134
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    AppInit_DLLs-X64: C:\windows\SysWOW64\nvinit.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\vo7ugqcv.default\
    FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 nvpciflt;nvpciflt;C:\windows\system32\DRIVERS\nvpciflt.sys --> C:\windows\system32\DRIVERS\nvpciflt.sys [?]
    R1 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?]
    R1 SABI;SAMSUNG Kernel Driver For Windows 7;\??\C:\windows\system32\Drivers\SABI.sys --> C:\windows\system32\Drivers\SABI.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-4-21 1136640]
    R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-3-30 923984]
    R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-3-30 1001808]
    R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-4-21 134928]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
    R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-9-29 735960]
    R2 epfwwfpr;epfwwfpr;C:\windows\system32\DRIVERS\epfwwfpr.sys --> C:\windows\system32\DRIVERS\epfwwfpr.sys [?]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-5-23 2009704]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-7-28 1153368]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-5-23 2656536]
    R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;C:\windows\system32\DRIVERS\AMPPAL.sys --> C:\windows\system32\DRIVERS\AMPPAL.sys [?]
    R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-3-30 1321296]
    R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\system32\DRIVERS\btmaux.sys --> C:\windows\system32\DRIVERS\btmaux.sys [?]
    R3 btmhsf;btmhsf;C:\windows\system32\DRIVERS\btmhsf.sys --> C:\windows\system32\DRIVERS\btmhsf.sys [?]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\system32\DRIVERS\clwvd.sys --> C:\windows\system32\DRIVERS\clwvd.sys [?]
    R3 ETD;ELAN PS/2 Port Input Device;C:\windows\system32\DRIVERS\ETD.sys --> C:\windows\system32\DRIVERS\ETD.sys [?]
    R3 iBtFltCoex;iBtFltCoex;C:\windows\system32\DRIVERS\iBtFltCoex.sys --> C:\windows\system32\DRIVERS\iBtFltCoex.sys [?]
    R3 IntcDAud;Intel(R) Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
    R3 MEIx64;Intel(R) Management Engine Interface;C:\windows\system32\drivers\HECIx64.sys --> C:\windows\system32\drivers\HECIx64.sys [?]
    R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\NETwNs64.sys --> C:\windows\system32\DRIVERS\NETwNs64.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 Sftfs;Sftfs;C:\windows\system32\DRIVERS\Sftfslh.sys --> C:\windows\system32\DRIVERS\Sftfslh.sys [?]
    R3 Sftplay;Sftplay;C:\windows\system32\DRIVERS\Sftplaylh.sys --> C:\windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftredir;Sftredir;C:\windows\system32\DRIVERS\Sftredirlh.sys --> C:\windows\system32\DRIVERS\Sftredirlh.sys [?]
    R3 Sftvol;Sftvol;C:\windows\system32\DRIVERS\Sftvollh.sys --> C:\windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
    S3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;C:\windows\system32\DRIVERS\amppal.sys --> C:\windows\system32\DRIVERS\amppal.sys [?]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
    S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\windows\system32\DRIVERS\MpNWMon.sys --> C:\windows\system32\DRIVERS\MpNWMon.sys [?]
    S3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?]
    S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
    S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2010-9-23 306416]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2011-10-26 02:52:23 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9748B71A-ACB4-4826-AE7C-3E26677CB871}\offreg.dll
    2011-10-26 02:48:00 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9748B71A-ACB4-4826-AE7C-3E26677CB871}\mpengine.dll
    2011-10-26 02:41:07 75776 ----a-w- C:\windows\SysWow64\psisrndr.ax
    2011-10-26 02:41:07 613888 ----a-w- C:\windows\System32\psisdecd.dll
    2011-10-26 02:41:07 465408 ----a-w- C:\windows\SysWow64\psisdecd.dll
    2011-10-26 02:41:07 108032 ----a-w- C:\windows\System32\psisrndr.ax
    2011-10-26 02:40:57 3138048 ----a-w- C:\windows\System32\win32k.sys
    2011-10-26 02:40:56 861696 ----a-w- C:\windows\System32\oleaut32.dll
    2011-10-26 02:40:56 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
    2011-10-26 02:40:56 331776 ----a-w- C:\windows\System32\oleacc.dll
    2011-10-26 02:40:56 233472 ----a-w- C:\windows\SysWow64\oleacc.dll
    2011-10-26 02:38:11 -------- d-----w- C:\Users\Laura\AppData\Local\{2E02A54D-B157-4726-A29F-4C2C14BB8289}
    2011-10-26 02:37:59 -------- d-----w- C:\Users\Laura\AppData\Local\{050F2C06-F206-44D0-90C6-FFD98A1B494A}
    2011-10-07 21:47:49 -------- d-----w- C:\Users\Laura\AppData\Local\{9BD6E742-33B4-448A-8A22-E85892D7FDA0}
    2011-10-07 21:47:36 -------- d-----w- C:\Users\Laura\AppData\Local\{445D6523-BF41-405B-BDFF-526E6AB3990D}
    2011-10-06 16:30:13 -------- d-----w- C:\Users\Laura\AppData\Local\{B5516725-47DE-4709-AE4F-606AB6D5D5F1}
    2011-10-06 16:29:51 -------- d-----w- C:\Users\Laura\AppData\Local\{96830256-4713-48B7-B33C-5B1CDA44E861}
    2011-10-06 15:51:44 -------- d-----w- C:\windows\en
    2011-10-06 15:48:37 -------- d-----w- C:\windows\ar
    2011-10-06 15:48:32 -------- d-----w- C:\windows\bg
    2011-10-06 15:48:27 -------- d-----w- C:\windows\cs
    2011-10-06 15:48:22 -------- d-----w- C:\windows\da
    2011-10-06 15:48:18 -------- d-----w- C:\windows\de
    2011-10-06 15:48:13 -------- d-----w- C:\windows\el
    2011-10-06 15:48:08 -------- d-----w- C:\windows\es
    2011-10-06 15:48:04 -------- d-----w- C:\windows\fi
    2011-10-06 15:46:55 -------- d-----w- C:\windows\ru
    2011-10-06 15:46:51 -------- d-----w- C:\windows\sk
    2011-10-06 15:46:45 -------- d-----w- C:\windows\sl
    2011-10-06 15:46:40 -------- d-----w- C:\windows\sr-latn-cs
    2011-10-06 15:46:36 -------- d-----w- C:\windows\sv
    2011-10-06 15:46:31 -------- d-----w- C:\windows\th
    2011-10-06 15:46:25 -------- d-----w- C:\windows\tr
    2011-10-06 15:46:22 -------- d-----w- C:\windows\zh-cn
    2011-10-06 15:46:18 -------- d-----w- C:\windows\zh-tw
    2011-10-06 15:23:13 -------- d-----w- C:\Users\Laura\AppData\Local\{BF2969AF-99F4-4777-8D4A-EF20D81159CE}
    2011-10-06 15:23:02 -------- d-----w- C:\Users\Laura\AppData\Local\{B531E5DC-A26D-4005-83A2-D0EFC03E699F}
    2011-10-03 00:51:50 -------- d-----w- C:\Users\Laura\AppData\Local\{FC82F796-2DE0-4ABE-B1CB-6C0B8054517D}
    2011-10-03 00:51:38 -------- d-----w- C:\Users\Laura\AppData\Local\{ED48C931-DB8E-45BD-A1D8-5B4977D36CBF}
    2011-10-03 00:46:15 -------- d-----w- C:\Users\Laura\AppData\Local\{23024E27-9031-4B99-9A51-F32E1C7A6FFC}
    2011-10-03 00:46:02 -------- d-----w- C:\Users\Laura\AppData\Local\{470FD714-3912-4564-A3D2-F22FA71EF17B}
    2011-10-03 00:42:25 -------- d-----w- C:\Program Files (x86)\Synaptics
    2011-10-03 00:42:18 -------- d-----w- C:\Program Files (x86)\Elan
    2011-10-03 00:30:23 -------- d-----w- C:\Users\Laura\AppData\Local\{A294D129-7355-4634-BA43-D8F2720CA4F6}
    2011-10-03 00:30:02 -------- d-----w- C:\Users\Laura\AppData\Local\{2B9AE6E8-4DA5-438E-95C9-8473E483DEB6}
    2011-10-03 00:07:39 -------- d-----w- C:\Users\Laura\AppData\Local\{173FB3B6-97A2-4D12-8128-7EFF495ED4D2}
    2011-10-03 00:07:25 -------- d-----w- C:\Users\Laura\AppData\Local\{191A1C6D-EE02-40FC-9731-E852E5E139C7}
    2011-09-28 16:27:33 -------- d-----w- C:\Users\Laura\AppData\Local\Diagnostics
    2011-09-28 16:23:43 -------- d-----w- C:\Users\Laura\AppData\Local\{52E7166B-C8C3-43DD-983D-36DEB0B5B98E}
    2011-09-28 16:23:30 -------- d-----w- C:\Users\Laura\AppData\Local\{66CBD37C-5F60-414E-8F9E-916773CBF3AC}
    2011-09-28 16:09:51 -------- d-----w- C:\Users\Laura\AppData\Local\{B9FB1917-EDAE-4BB4-BF39-D0AFD4EB0952}
    2011-09-28 16:09:08 -------- d-----w- C:\Users\Laura\AppData\Local\{F6101EA8-5FDF-4A66-ADD5-A621E2A8E6D6}
    2011-09-28 16:00:46 -------- d-----w- C:\Users\Laura\AppData\Local\{33893E9A-BFC4-4E9D-B407-E64FFFE32698}
    2011-09-28 16:00:34 -------- d-----w- C:\Users\Laura\AppData\Local\{25672964-8F72-41B8-AC9F-C75A3F781E94}
    .
    ==================== Find3M ====================
    .
    2011-10-03 00:42:34 365224 ----a-w- C:\Program Files (x86)\TouchpadSetup.exe
    2011-10-03 00:30:07 404640 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-09-01 05:24:07 2309120 ----a-w- C:\windows\System32\jscript9.dll
    2011-09-01 05:17:57 1389056 ----a-w- C:\windows\System32\wininet.dll
    2011-09-01 05:12:04 2382848 ----a-w- C:\windows\System32\mshtml.tlb
    2011-09-01 02:35:59 1798144 ----a-w- C:\windows\SysWow64\jscript9.dll
    2011-09-01 02:28:15 1126912 ----a-w- C:\windows\SysWow64\wininet.dll
    2011-09-01 02:22:54 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
    .
    ============= FINISH: 22:04:34.25 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 7/28/2011 10:57:33 PM
    System Uptime: 10/25/2011 9:52:04 PM (1 hours ago)
    .
    Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | 300V3A/300V4A/300V5A
    Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz | CPU | 2301/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 576 GiB total, 528.335 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP28: 8/31/2011 9:47:18 PM - Windows Update
    RP29: 9/2/2011 1:11:53 AM - Windows Update
    RP30: 9/11/2011 6:41:04 PM - CheckIfInstallerIsBusy
    RP31: 9/11/2011 6:42:25 PM - Windows Live Essentials
    RP32: 9/11/2011 6:43:20 PM - Installed DirectX
    RP33: 9/11/2011 6:43:57 PM - Installed DirectX
    RP34: 9/11/2011 6:44:18 PM - Windows Update
    RP35: 9/14/2011 7:35:08 PM - Windows Update
    RP36: 10/2/2011 7:09:44 PM - Windows Update
    RP37: 10/6/2011 10:23:50 AM - Windows Update
    RP38: 10/25/2011 9:41:14 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    ?? ??? ?? Windows Live Mesh ActiveX ???
    ??? ActiveX ?? Windows Live Mesh ???? ??????? ???????
    ???? ??? Windows Live
    ???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ???????
    ???? Windows Live
    ????? Windows Live
    ?????? ??????? ?? Windows Live
    ??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ???????????
    ??????? Windows Live Mesh ActiveX ??(????)
    ??????? Windows Live Mesh ActiveX ???
    ???????? ?????????? Windows Live
    ????????? ActiveX ?? Windows Live Mesh ????????????????????????? (???)
    ?????????? Windows Live
    ??????????? ?? Windows Live
    ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
    ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ??????
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader X (10.0.1)
    „Windows Live Essentials“
    „Windows Live Mail“
    „Windows Live Mesh ActiveX“ nuotoliniu ryšiu valdiklis
    „Windows Live Messenger“
    „Windows Live“ fotogalerija
    Bing Bar
    Contrôle ActiveX Windows Live Mesh pour connexions à distance
    Control ActiveX de Windows Live Mesh para conexiones remotas
    Control ActiveX Windows Live Mesh pentru conexiuni la distan?a
    Controle ActiveX do Windows Live Mesh para Conexões Remotas
    Controlo ActiveX do Windows Live Mesh para Ligações Remotas
    CyberLink YouCam
    D3DX10
    Eco Mode
    Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych
    Fotogalerija Windows Live
    Galeria de Fotografias do Windows Live
    Galeria fotografii uslugi Windows Live
    Galerie de photos Windows Live
    Galerie foto Windows Live
    Galería fotográfica de Windows Live
    Intel PROSet Wireless
    Intel(R) Control Center
    Intel(R) Management Engine Components
    Intel(R) Processor Graphics
    Intel(R) Rapid Storage Technology
    Interactive Guide
    Junk Mail filter update
    Kontrola Windows Live Mesh ActiveX za daljinske veze
    Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
    Mesh Runtime
    Microsoft Office 2010
    Microsoft Office Click-to-Run 2010
    Microsoft Office Starter 2010 - English
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Mozilla Firefox 6.0.2 (x86 en-US)
    MSVCRT
    MSVCRT_amd64
    Multimedia POP
    Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojení
    Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
    PlayReady PC Runtime x86
    Poczta uslugi Windows Live
    Podstawowe programy Windows Live
    Pošta Windows Live
    Raccolta foto di Windows Live
    Realtek Ethernet Controller Driver
    Realtek High Definition Audio Driver
    S?????? f?t???af??? t?? Windows Live
    Samsung Control Center
    Samsung Recovery Solution 5
    Samsung Support Center
    Samsung Update Plus
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Skype™ 4.2
    Spybot - Search & Destroy
    St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    User Guide
    Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi
    VLC media player 1.1.11
    Windows Live
    Windows Live ??
    Windows Live ?? ???
    Windows Live ???
    Windows Live ????
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Fotótár
    Windows Live Foto-galerija
    Windows Live fotoattelu galerija
    Windows Live Fotogalerie
    Windows Live Fotogalleri
    Windows Live Fotogaléria
    Windows Live Fotograf Galerisi
    Windows Live Galeria de Fotos
    Windows Live Galerija fotografija
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
    Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
    Windows Live Mesh ActiveX-objekt til fjernforbindelser
    Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Mesh ActiveX kontrola za daljinske veze
    Windows Live Mesh ActiveX vadikla attalajiem savienojumiem
    Windows Live Meshin etäyhteyksien ActiveX-komponentti
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Pošta
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Temel Parçalar
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Liven asennustyökalu
    Windows Liven sähköposti
    Windows Liven valokuvavalikoima
    .
    ==== Event Viewer Messages From Past Week ========
    .
    10/25/2011 9:47:03 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.113.1195.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7702.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    10/25/2011 9:47:03 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.113.1195.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7702.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    10/25/2011 9:47:03 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.113.1195.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7702.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    10/25/2011 9:35:14 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{039C4871-F6EE-4B93-9D99-BD5483DE608D} because another computer on the network has the same name. The server could not start.
    .
    ==== End Of File ===========================
     
  11. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,361
    First Name:
    Kevin
    You still have Microsoft Security Essentials installed, you need to uninstall it altogether. Go Here scroll to the relevant tool and use that to remove it.

    You also need to turn off Spybots teatimer, it will conflict with your security:

    1) Open Spybot-S&D
    2) Go to the Mode menu, and make sure "Advanced Mode" is selected
    3) On the left hand side, choose Tools -> Resident
    4) Uncheck "Resident TeaTimer" and OK any prompts
    5) Restart your computer.

    The driver causing the crash is ETD.sys, as far as i`m aware that is related to your touch pad, re-install that software and see if that helps.

    Also do the following:

    [​IMG] Please download Malwarebytes Anti-Malware and save it to your desktop.
    Alernative D/L mirror
    Alternative D/L mirror

    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
    • Please save the log to a location you will remember.
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy and paste the entire report in your next reply.

    Extra Note:

    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

    Let me see that log please...

    Kevin
     
  12. keeks

    keeks Thread Starter

    Joined:
    Oct 21, 2007
    Messages:
    23
    I successfully uninstalled Microsoft Security Essentials, but when I restart the computer it attempts to launch it and produces the following error:

    An error has occurred in the program. Try to open it again. If this problem continues, you'll need to reinstall Microsoft Security Client. Error code: 0x8007064e

    Any idea how to get rid of this?

    Also, I turned off the Resident TeaTimer and reinstalled the touch pad driver. No issues with it thus far.

    MBAM log is below.

    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Database version: 8027

    Windows 6.1.7601 Service Pack 1
    Internet Explorer 9.0.8112.16421

    10/26/2011 10:20:08 PM
    mbam-log-2011-10-26 (22-20-08).txt

    Scan type: Quick scan
    Objects scanned: 202525
    Time elapsed: 2 minute(s), 5 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
     
  13. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,361
    First Name:
    Kevin
    It would seem that MSE has not uninstalled correctly. Re-install again, boot into Safe Mode then uninstall. When complete reboot to normal mode post fresh DDS.txt log....
     
  14. keeks

    keeks Thread Starter

    Joined:
    Oct 21, 2007
    Messages:
    23
    Looks like it uninstalled correctly. DDS log below...

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Laura at 8:42:16 on 2011-10-27
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8106.6679 [GMT -5:00]
    .
    AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
    SP: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\nvvsvc.exe
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    C:\windows\system32\svchost.exe -k bthsvcs
    C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\Program Files\Elantech\ETDCtrl.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
    C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
    C:\Program Files\Elantech\ETDCtrlHelper.exe
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\windows\system32\SearchProtocolHost.exe
    C:\windows\system32\SearchFilterHost.exe
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\windows\system32\taskeng.exe
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\windows\system32\taskeng.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\SCCSpeedBoot.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe
    C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe
    C:\windows\system32\igfxext.exe
    C:\Program Files\Zune\ZuneLauncher.exe
    C:\windows\system32\DllHost.exe
    C:\windows\system32\igfxsrvc.exe
    C:\Program Files (x86)\Samsung\Eco Mode\SmartEco.exe
    C:\windows\system32\DllHost.exe
    C:\windows\system32\DllHost.exe
    C:\windows\SysWOW64\cmd.exe
    C:\windows\system32\conhost.exe
    C:\windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://samsung.msn.com
    mStart Page = hxxp://samsung.msn.com
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    uRun: [WLSync] "C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe" /background
    uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.1 68.87.77.134 68.87.72.134
    TCP: Interfaces\{039C4871-F6EE-4B93-9D99-BD5483DE608D} : DhcpNameServer = 192.168.1.1 68.87.77.134 68.87.72.134
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    AppInit_DLLs-X64: C:\windows\SysWOW64\nvinit.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\vo7ugqcv.default\
    FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 nvpciflt;nvpciflt;C:\windows\system32\DRIVERS\nvpciflt.sys --> C:\windows\system32\DRIVERS\nvpciflt.sys [?]
    R1 SABI;SAMSUNG Kernel Driver For Windows 7;\??\C:\windows\system32\Drivers\SABI.sys --> C:\windows\system32\Drivers\SABI.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-4-21 1136640]
    R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-3-30 923984]
    R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-3-30 1001808]
    R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-4-21 134928]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
    R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-9-29 735960]
    R2 epfwwfpr;epfwwfpr;C:\windows\system32\DRIVERS\epfwwfpr.sys --> C:\windows\system32\DRIVERS\epfwwfpr.sys [?]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-7-28 1153368]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
    R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;C:\windows\system32\DRIVERS\AMPPAL.sys --> C:\windows\system32\DRIVERS\AMPPAL.sys [?]
    R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-3-30 1321296]
    R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\system32\DRIVERS\btmaux.sys --> C:\windows\system32\DRIVERS\btmaux.sys [?]
    R3 btmhsf;btmhsf;C:\windows\system32\DRIVERS\btmhsf.sys --> C:\windows\system32\DRIVERS\btmhsf.sys [?]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\system32\DRIVERS\clwvd.sys --> C:\windows\system32\DRIVERS\clwvd.sys [?]
    R3 ETD;ELAN PS/2 Port Input Device;C:\windows\system32\DRIVERS\ETD.sys --> C:\windows\system32\DRIVERS\ETD.sys [?]
    R3 iBtFltCoex;iBtFltCoex;C:\windows\system32\DRIVERS\iBtFltCoex.sys --> C:\windows\system32\DRIVERS\iBtFltCoex.sys [?]
    R3 IntcDAud;Intel(R) Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
    R3 MEIx64;Intel(R) Management Engine Interface;C:\windows\system32\drivers\HECIx64.sys --> C:\windows\system32\drivers\HECIx64.sys [?]
    R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\NETwNs64.sys --> C:\windows\system32\DRIVERS\NETwNs64.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 Sftfs;Sftfs;C:\windows\system32\DRIVERS\Sftfslh.sys --> C:\windows\system32\DRIVERS\Sftfslh.sys [?]
    R3 Sftplay;Sftplay;C:\windows\system32\DRIVERS\Sftplaylh.sys --> C:\windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftredir;Sftredir;C:\windows\system32\DRIVERS\Sftredirlh.sys --> C:\windows\system32\DRIVERS\Sftredirlh.sys [?]
    R3 Sftvol;Sftvol;C:\windows\system32\DRIVERS\Sftvollh.sys --> C:\windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-5-23 2009704]
    S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-5-23 2656536]
    S3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;C:\windows\system32\DRIVERS\amppal.sys --> C:\windows\system32\DRIVERS\amppal.sys [?]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
    S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2010-9-23 306416]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2011-10-27 03:17:33 -------- d-----w- C:\Users\Laura\AppData\Roaming\Malwarebytes
    2011-10-27 03:17:17 -------- d-----w- C:\ProgramData\Malwarebytes
    2011-10-27 03:17:14 25416 ----a-w- C:\windows\System32\drivers\mbam.sys
    2011-10-27 03:17:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-10-27 02:46:59 1760 ----a-w- C:\FixitRegBackup.reg
    2011-10-27 02:43:24 -------- d-----w- C:\Users\Laura\AppData\Local\{5DF78B54-32E7-43C6-A3A3-3256312F26DC}
    2011-10-27 02:43:12 -------- d-----w- C:\Users\Laura\AppData\Local\{4306AA9F-D0F5-4FD4-BBA8-DE2C9B6898DD}
    2011-10-26 02:41:07 75776 ----a-w- C:\windows\SysWow64\psisrndr.ax
    2011-10-26 02:41:07 613888 ----a-w- C:\windows\System32\psisdecd.dll
    2011-10-26 02:41:07 465408 ----a-w- C:\windows\SysWow64\psisdecd.dll
    2011-10-26 02:41:07 108032 ----a-w- C:\windows\System32\psisrndr.ax
    2011-10-26 02:40:57 3138048 ----a-w- C:\windows\System32\win32k.sys
    2011-10-26 02:40:56 861696 ----a-w- C:\windows\System32\oleaut32.dll
    2011-10-26 02:40:56 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
    2011-10-26 02:40:56 331776 ----a-w- C:\windows\System32\oleacc.dll
    2011-10-26 02:40:56 233472 ----a-w- C:\windows\SysWow64\oleacc.dll
    2011-10-26 02:38:11 -------- d-----w- C:\Users\Laura\AppData\Local\{2E02A54D-B157-4726-A29F-4C2C14BB8289}
    2011-10-26 02:37:59 -------- d-----w- C:\Users\Laura\AppData\Local\{050F2C06-F206-44D0-90C6-FFD98A1B494A}
    2011-10-07 21:47:49 -------- d-----w- C:\Users\Laura\AppData\Local\{9BD6E742-33B4-448A-8A22-E85892D7FDA0}
    2011-10-07 21:47:36 -------- d-----w- C:\Users\Laura\AppData\Local\{445D6523-BF41-405B-BDFF-526E6AB3990D}
    2011-10-06 16:30:13 -------- d-----w- C:\Users\Laura\AppData\Local\{B5516725-47DE-4709-AE4F-606AB6D5D5F1}
    2011-10-06 16:29:51 -------- d-----w- C:\Users\Laura\AppData\Local\{96830256-4713-48B7-B33C-5B1CDA44E861}
    2011-10-06 15:51:44 -------- d-----w- C:\windows\en
    2011-10-06 15:48:37 -------- d-----w- C:\windows\ar
    2011-10-06 15:48:32 -------- d-----w- C:\windows\bg
    2011-10-06 15:48:27 -------- d-----w- C:\windows\cs
    2011-10-06 15:48:22 -------- d-----w- C:\windows\da
    2011-10-06 15:48:18 -------- d-----w- C:\windows\de
    2011-10-06 15:48:13 -------- d-----w- C:\windows\el
    2011-10-06 15:48:08 -------- d-----w- C:\windows\es
    2011-10-06 15:48:04 -------- d-----w- C:\windows\fi
    2011-10-06 15:46:55 -------- d-----w- C:\windows\ru
    2011-10-06 15:46:51 -------- d-----w- C:\windows\sk
    2011-10-06 15:46:45 -------- d-----w- C:\windows\sl
    2011-10-06 15:46:40 -------- d-----w- C:\windows\sr-latn-cs
    2011-10-06 15:46:36 -------- d-----w- C:\windows\sv
    2011-10-06 15:46:31 -------- d-----w- C:\windows\th
    2011-10-06 15:46:25 -------- d-----w- C:\windows\tr
    2011-10-06 15:46:22 -------- d-----w- C:\windows\zh-cn
    2011-10-06 15:46:18 -------- d-----w- C:\windows\zh-tw
    2011-10-06 15:23:13 -------- d-----w- C:\Users\Laura\AppData\Local\{BF2969AF-99F4-4777-8D4A-EF20D81159CE}
    2011-10-06 15:23:02 -------- d-----w- C:\Users\Laura\AppData\Local\{B531E5DC-A26D-4005-83A2-D0EFC03E699F}
    2011-10-03 00:51:50 -------- d-----w- C:\Users\Laura\AppData\Local\{FC82F796-2DE0-4ABE-B1CB-6C0B8054517D}
    2011-10-03 00:51:38 -------- d-----w- C:\Users\Laura\AppData\Local\{ED48C931-DB8E-45BD-A1D8-5B4977D36CBF}
    2011-10-03 00:46:15 -------- d-----w- C:\Users\Laura\AppData\Local\{23024E27-9031-4B99-9A51-F32E1C7A6FFC}
    2011-10-03 00:46:02 -------- d-----w- C:\Users\Laura\AppData\Local\{470FD714-3912-4564-A3D2-F22FA71EF17B}
    2011-10-03 00:42:25 -------- d-----w- C:\Program Files (x86)\Synaptics
    2011-10-03 00:42:18 -------- d-----w- C:\Program Files (x86)\Elan
    2011-10-03 00:30:23 -------- d-----w- C:\Users\Laura\AppData\Local\{A294D129-7355-4634-BA43-D8F2720CA4F6}
    2011-10-03 00:30:02 -------- d-----w- C:\Users\Laura\AppData\Local\{2B9AE6E8-4DA5-438E-95C9-8473E483DEB6}
    2011-10-03 00:07:39 -------- d-----w- C:\Users\Laura\AppData\Local\{173FB3B6-97A2-4D12-8128-7EFF495ED4D2}
    2011-10-03 00:07:25 -------- d-----w- C:\Users\Laura\AppData\Local\{191A1C6D-EE02-40FC-9731-E852E5E139C7}
    2011-09-28 16:27:33 -------- d-----w- C:\Users\Laura\AppData\Local\Diagnostics
    2011-09-28 16:23:43 -------- d-----w- C:\Users\Laura\AppData\Local\{52E7166B-C8C3-43DD-983D-36DEB0B5B98E}
    2011-09-28 16:23:30 -------- d-----w- C:\Users\Laura\AppData\Local\{66CBD37C-5F60-414E-8F9E-916773CBF3AC}
    2011-09-28 16:09:51 -------- d-----w- C:\Users\Laura\AppData\Local\{B9FB1917-EDAE-4BB4-BF39-D0AFD4EB0952}
    2011-09-28 16:09:08 -------- d-----w- C:\Users\Laura\AppData\Local\{F6101EA8-5FDF-4A66-ADD5-A621E2A8E6D6}
    2011-09-28 16:00:46 -------- d-----w- C:\Users\Laura\AppData\Local\{33893E9A-BFC4-4E9D-B407-E64FFFE32698}
    2011-09-28 16:00:34 -------- d-----w- C:\Users\Laura\AppData\Local\{25672964-8F72-41B8-AC9F-C75A3F781E94}
    .
    ==================== Find3M ====================
    .
    2011-10-27 02:43:16 414368 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-10-03 00:42:34 365224 ----a-w- C:\Program Files (x86)\TouchpadSetup.exe
    2011-09-06 00:52:56 167704 ----a-w- C:\windows\System32\igfxtray.exe
    2011-09-06 00:52:52 510232 ----a-w- C:\windows\System32\igfxsrvc.exe
    2011-09-06 00:52:50 416024 ----a-w- C:\windows\System32\igfxpers.exe
    2011-09-06 00:52:44 239896 ----a-w- C:\windows\System32\igfxext.exe
    2011-09-06 00:52:42 392472 ----a-w- C:\windows\System32\hkcmd.exe
    2011-09-06 00:52:38 4378392 ----a-w- C:\windows\System32\GfxUI.exe
    2011-09-06 00:52:36 179992 ----a-w- C:\windows\System32\difx64.exe
    2011-09-04 17:45:28 103760 ----a-w- C:\windows\SysWow64\mfcm100d.dll
    2011-09-04 17:45:24 743760 ----a-w- C:\windows\SysWow64\msvcp100d.dll
    2011-09-04 17:45:20 7124304 ----a-w- C:\windows\SysWow64\mfc100ud.dll
    2011-09-04 17:45:16 7055696 ----a-w- C:\windows\SysWow64\mfc100d.dll
    2011-09-04 17:45:16 105296 ----a-w- C:\windows\SysWow64\mfcm100ud.dll
    2011-09-01 05:24:07 2309120 ----a-w- C:\windows\System32\jscript9.dll
    2011-09-01 05:17:57 1389056 ----a-w- C:\windows\System32\wininet.dll
    2011-09-01 05:12:04 2382848 ----a-w- C:\windows\System32\mshtml.tlb
    2011-09-01 02:35:59 1798144 ----a-w- C:\windows\SysWow64\jscript9.dll
    2011-09-01 02:28:15 1126912 ----a-w- C:\windows\SysWow64\wininet.dll
    2011-09-01 02:22:54 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
    .
    ============= FINISH: 8:43:11.02 ===============
     
  15. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,361
    First Name:
    Kevin
    Log is OK, how is your system responding, any issues or concerns?
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1017722

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice