I had a bunch of viruses, removed most, i just want to ensure i got all of them.

[Calbini]

Hi,

Last night while searching for some screen capture software (similar to FRAPS) i downloaded something which filled my computer with rubbish (toolbars, redirects etc). I immediately started MBAM and did a full scan removing everything i found but i am paranoid of there being more.

Here are the results from DDS:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1

Run by Callum at 13:10:55 on 2012-08-16

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.8169.5994 [GMT 1:00]

.

AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\WUDFHost.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\Dwm.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

C:\Fraps\fraps.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Connectify\ConnectifyService.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

C:\Program Files (x86)\Connectify\ConnectifyD.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\IProsetMonitor.exe

C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\engineserver.exe

C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe

C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe

C:\Windows\system32\mfevtps.exe

C:\Program Files (x86)\Edimax\PCIE Wireless LAN\RtlService.exe

C:\Program Files (x86)\Edimax\PCIE Wireless LAN\RtWlan.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mcshield.exe

C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mfeann.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Logitech Gaming Software\LCore.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\Callum\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Users\Callum\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchIndexer.exe

C:\Users\Callum\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Callum\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\wbem\wmiprvse.exe

C:\Users\Callum\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Callum\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Fraps\fraps64.dat

C:\Windows\system32\taskhost.exe

C:\Users\Callum\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\sysWOW64\wbem\wmiprvse.exe

C:\Users\Callum\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\DllHost.exe

C:\Users\Callum\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Callum\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Callum\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\WmiApSrv.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3227982

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: H - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\scriptsn.dll

BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

TB: {0cc09160-108c-4759-bab1-5c12c216e005} - No File

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Google Update] "C:\Users\Callum\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\Users\Callum\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Callum\AppData\Roaming\Dropbox\bin\Dropbox.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

TCP: Interfaces\{4EB94EFC-8887-4BFD-AAFE-906C935DFA99} : DhcpNameServer = 131.111.12.20 131.111.8.42

TCP: Interfaces\{4EB94EFC-8887-4BFD-AAFE-906C935DFA99}\14E64627F696461405 : DhcpNameServer = 192.168.43.1

TCP: Interfaces\{4EB94EFC-8887-4BFD-AAFE-906C935DFA99}\36F6D60757D236162756 : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{4EB94EFC-8887-4BFD-AAFE-906C935DFA99}\7416C61687970235F553134363 : DhcpNameServer = 192.168.16.1

TCP: Interfaces\{4EB94EFC-8887-4BFD-AAFE-906C935DFA99}\E456477656162723 : DhcpNameServer = 192.168.206.1

TCP: Interfaces\{59FC2B64-175F-4F34-BDD6-E2D1D395D5A7} : DhcpNameServer = 192.168.42.129

TCP: Interfaces\{A98CACF6-56A1-4526-9DDA-D86BB9C539BB} : DhcpNameServer = 172.21.225.254

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\scriptsn.dll

BHO-X64: scriptproxy - No File

BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

BHO-X64: IESpeakDoc - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

TB-X64: {0cc09160-108c-4759-bab1-5c12c216e005} - No File

mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]

R0 mv91xx;mv91xx;C:\Windows\system32\DRIVERS\mv91xx.sys --> C:\Windows\system32\DRIVERS\mv91xx.sys [?]

R1 cnnctfy2;Connectify LightWeight Filter;C:\Windows\system32\DRIVERS\cnnctfy2.sys --> C:\Windows\system32\DRIVERS\cnnctfy2.sys [?]

R1 networx;networx;C:\Windows\system32\drivers\networx.sys --> C:\Windows\system32\drivers\networx.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]

R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-10-27 52896]

R2 Connectify;Connectify;C:\Program Files (x86)\Connectify\ConnectifyService.exe [2011-8-20 13312]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-6-27 2369960]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-9-7 13336]

R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe --> C:\Windows\system32\IProsetMonitor.exe [?]

R2 McAfeeEngineService;McAfee Engine Service;C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\engineserver.exe [2010-3-25 20792]

R2 McAfeeFramework;McAfee Framework Service;C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [2009-8-25 103744]

R2 McShield;McAfee McShield;C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mcshield.exe [2010-3-25 180968]

R2 McTaskManager;McAfee Task Manager;C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe [2010-3-25 66880]

R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\system32\mfevtps.exe --> C:\Windows\system32\mfevtps.exe [?]

R2 RealtekSE;RealtekSE;C:\Program Files (x86)\Edimax\PCIE Wireless LAN\RtlService.exe [2011-9-7 45056]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]

R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys --> C:\Windows\system32\drivers\LGVirHid.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-2-22 1262400]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-4 250056]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?]

S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]

S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\system32\Drivers\AthDfu.sys --> C:\Windows\system32\Drivers\AthDfu.sys [?]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?]

S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?]

S3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?]

S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;D:\Games\Origin Games\Dragon Age\bin_ship\daupdatersvc.service.exe [2012-5-17 25832]

S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]

S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]

S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\system32\DRIVERS\rtl8192se.sys --> C:\Windows\system32\DRIVERS\rtl8192se.sys [?]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]

S3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys --> C:\Windows\system32\drivers\synth3dvsc.sys [?]

S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

S3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-08-15 23:19:07 -------- d-----w- C:\ProgramData\IBUpdaterService

2012-08-15 23:17:24 -------- d-----w- C:\Users\Callum\AppData\Local\CRE

2012-08-15 23:17:19 -------- d-----w- C:\Program Files (x86)\Conduit

2012-08-15 23:17:17 -------- d-----w- C:\Users\Callum\AppData\Local\Conduit

2012-08-15 23:17:07 -------- d-----w- C:\Windows\SysWow64\searchplugins

2012-08-15 23:17:07 -------- d-----w- C:\Windows\SysWow64\Extensions

2012-08-15 23:16:41 -------- d-----w- C:\Users\Callum\AppData\Roaming\BANDISOFT

2012-08-15 15:15:41 503808 ----a-w- C:\Windows\System32\srcore.dll

2012-08-15 15:15:41 43008 ----a-w- C:\Windows\SysWow64\srclient.dll

2012-08-15 15:15:39 751104 ----a-w- C:\Windows\System32\win32spl.dll

2012-08-15 15:15:39 67072 ----a-w- C:\Windows\splwow64.exe

2012-08-15 15:15:39 559104 ----a-w- C:\Windows\System32\spoolsv.exe

2012-08-15 15:15:39 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll

2012-08-15 15:15:38 59392 ----a-w- C:\Windows\System32\browcli.dll

2012-08-15 15:15:38 41984 ----a-w- C:\Windows\SysWow64\browcli.dll

2012-08-15 15:15:38 136704 ----a-w- C:\Windows\System32\browser.dll

2012-08-15 15:15:37 956928 ----a-w- C:\Windows\System32\localspl.dll

2012-08-15 15:15:37 3148800 ----a-w- C:\Windows\System32\win32k.sys

2012-08-14 19:25:00 -------- d-----w- C:\Users\Callum\AppData\Local\DayZCommander

2012-08-14 19:24:46 -------- d-----w- C:\Program Files (x86)\Dotjosh Studios

2012-08-14 15:16:06 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DF93842C-04CD-45BC-9C3E-8FF93A9338E5}\mpengine.dll

2012-07-21 17:56:32 -------- d-sh--w- C:\Windows\System32\%APPDATA%

2012-07-21 16:54:35 -------- d-----w- C:\Users\Callum\AppData\Local\FalloutNV

2012-07-21 14:42:33 -------- d-----w- C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP

2012-07-21 10:58:06 -------- d-----w- C:\Users\Callum\AppData\Roaming\Unity

2012-07-21 10:57:47 -------- d-----w- C:\Users\Callum\AppData\Local\Unity

2012-07-17 15:25:32 -------- d-----w- C:\Users\Callum\AppData\Roaming\Mount&Blade With Fire and Sword

.

==================== Find3M ====================

.

2012-08-14 21:37:18 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-14 21:37:18 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-07-22 19:02:04 298016 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2012-07-22 16:15:54 298016 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2012-07-06 20:07:42 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys

2012-07-03 12:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-06-11 18:17:46 71680 ----a-w- C:\Windows\System32\frapsv64.dll

2012-06-11 18:17:42 65536 ----a-w- C:\Windows\SysWow64\frapsvid.dll

2012-06-06 07:49:52 1070152 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX

2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll

2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll

2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll

2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll

2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll

2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-02 14:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-02 14:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys

2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll

2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll

2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2012-05-31 11:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe

.

============= FINISH: 13:11:25.78 ===============

And here is attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 07/09/2011 13:02:11

System Uptime: 16/08/2012 13:08:09 (0 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P8P67 PRO

Processor: Intel® Core i5-2500K CPU @ 3.30GHz | LGA1155 | 3301/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 60 GiB total, 10.402 GiB free.

D: is FIXED (NTFS) - 932 GiB total, 564.212 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Intel® 82579V Gigabit Network Connection

Device ID: PCI\VEN_8086&DEV_1503&SUBSYS_849C1043&REV_05\3&11583659&0&C8

Manufacturer: Intel

Name: Intel® 82579V Gigabit Network Connection

PNP Device ID: PCI\VEN_8086&DEV_1503&SUBSYS_849C1043&REV_05\3&11583659&0&C8

Service: e1cexpress

.

Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Description: ASUS Bluetooth

Device ID: USB\VID_0B05&PID_179C\6&DF2EE03&0&7

Manufacturer: Atheros Communications

Name: ASUS Bluetooth

PNP Device ID: USB\VID_0B05&PID_179C\6&DF2EE03&0&7

Service: BTHUSB

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Edimax EW-7612PIn Wireless PCI-Express Adapter

Device ID: PCI\VEN_10EC&DEV_8172&SUBSYS_76121432&REV_10\4&1D7623A1&0&00E2

Manufacturer: Edimax Technology Co., Ltd.

Name: Edimax EW-7612PIn Wireless PCI-Express Adapter

PNP Device ID: PCI\VEN_10EC&DEV_8172&SUBSYS_76121432&REV_10\4&1D7623A1&0&00E2

Service: rtl8192se

.

==== System Restore Points ===================

.

RP207: 15/08/2012 18:15:23 - Windows Update

.

==== Installed Programs ======================

.

ACD/Labs Software in C:\Program Files (x86)\ACDFREE11\

Adobe AIR

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.1)

Age of Empires Online

Amnesia: The Dark Descent

Anno 2070

Apple Application Support

Apple Software Update

ARMA 2

ARMA 2: Operation Arrowhead

Assassin's Creed Revelations

Audacity 2.0

Bastion

Battlefield 3™

Battlelog Web Plugins

BattlEye for OA Uninstall

BattlEye Uninstall

Blacklight: Retribution

Braid

CD Art Display 2.0.1

CES EduPack 2011

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Creation Kit

Curse Client

D3DX10

Day of Defeat: Source

DayZ Commander

Dead Space

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dragon Age II

Dragon Age: Origins

Dropbox

dtella-cambridge

Dungeon Defenders

Edimax EW-7612PIn Wireless LAN Driver and Utility

Empire Earth Gold Edition

ESET Online Scanner v3

ESN Sonar

Eufloria

F.lux

Fallout: New Vegas

FFmpeg v0.6.2 for Audacity

Flac to MP3 Converter

Flotilla

Folding@home-gpu

Foldit

Fraps

Free Audio Converter version 5.0.13.608

FreeDNS Update 1.8.4

GameSpy Arcade

Garry's Mod

Geeks3D.com FurMark 1.9.1

Google Chrome

Google Gmail Notifier

Google Talk Plugin

Gratuitous Tank Battles

Guns of Icarus

Half-Life 2

HD Tune Pro 4.61

Intel® Management Engine Components

Intel® Rapid Storage Technology

Java Auto Updater

Java 7 Update 5

JavaFX 2.1.1

JMicron JMB36X Driver

LIMBO

LogMeIn Hamachi

Lone Survivor

Malwarebytes Anti-Malware version 1.62.0.1300

marvell 91xx driver

Mass Effect™ 3

McAfee Agent

McAfee VirusScan Enterprise

Medieval II: Total War

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft XNA Framework Redistributable 3.1

Microsoft XNA Framework Redistributable 4.0

Monday Night Combat

Mount & Blade

Mount & Blade: Warband

Mount & Blade: With Fire and Sword

MSI Afterburner 2.2.0

MSVCRT

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

Origin

QuickTime

Realistic Colors and Real Nights 2.0 - HDR Edition -

Realtek High Definition Audio Driver

Renesas Electronics USB 3.0 Host Controller Driver

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Serious Sam HD: The First Encounter

Serious Sam HD: The Second Encounter

Shattered Union

Sins of a Solar Empire: Trinity

Skype™ 5.5

Songbird 1.9.3 (Build 1959)

Spybot - Search & Destroy

StrongDC

Stronghold

Stronghold 2

Super Meat Boy

Super Meat Boy Editor

Super Monday Night Combat

Superbrothers: Sword & Sworcery EP

Swords and Soldiers HD

System Requirements Lab CYRI

Team Fortress 2

The Elder Scrolls V: Skyrim

The Lord of the Rings Online™

Toy Soldiers

Tropico 4

TrueCrypt

Ubisoft Game Launcher

Unity Web Player

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

VLC media player 1.1.11

Warhammer 40,000 Space Marine

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

WinSCP 5.0.5 beta

World of Goo

World of Warcraft

xuggle-xuggler

YouTube Downloader 3.5

YouTube Downloader Toolbar v6.0

.

==== Event Viewer Messages From Past Week ========

.

16/08/2012 13:10:25, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

16/08/2012 13:10:25, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.

15/08/2012 21:43:01, Error: bowser [8003] - The master browser has received a server announcement from the computer DAVID-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{F943BC25-DAC4-4166-B2A4-15404A34324D}. The master browser is stopping or an election is being forced.

13/08/2012 13:25:36, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR3.

13/08/2012 13:25:13, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.

12/08/2012 19:49:06, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 5.115.95.233. The computer with the IP address 5.171.57.157 did not allow the name to be claimed by this computer.

10/08/2012 00:00:05, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

.

==== End Of File ===========================

Thanks

Callum

[MrCharlie]

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!