Jump to content

Infected with adware and can't get rid of it


Recommended Posts

dds.txt:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16660  BrowserJavaVersion: 10.25.2
Run by Sean at 0:20:30 on 2013-08-29
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.8073.3786 [GMT 1:00]
.
AV: Kaspersky Anti-Virus *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Anti-Virus *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Prey\platform\windows\cronsvc.exe
D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
C:\Windows\system32\svchost.exe -k imgsvc
D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Linksys\Linksys Wireless Manager\LinksysWirelessManager64.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Users\Sean\Local Settings\Apps\F.lux\flux.exe
D:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Windows\Explorer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SndVol.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\wmi64.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
uRun: [F.lux] "C:\Users\Sean\Local Settings\Apps\F.lux\flux.exe" /noshow
uRun: [Dxtory Update Checker 2.0] D:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe
uRun: [WordExpander] C:\Program Files (x86)\WordExpander\WordExpander.exe
uRun: [steam] "D:\Program Files (x86)\Steam\Steam.exe" -silent
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"
mRun: [LogMeIn Hamachi Ui] "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Sean\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GOOGLE~1.LNK - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StartupFolder: C:\Users\Sean\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ITUNES~1.LNK - C:\Program Files (x86)\iTunes\iTunes.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{053D93A0-39E9-4D16-9394-0E0F41AFBB77} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{0E0B4D1F-8E6F-4121-9087-247647FEDFB1} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{53AAFEED-61AB-4CCF-A6DF-C1A00F596775} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{550B4CA2-B6CC-4BCE-AFAA-08416AAF6545} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{751CB936-AC24-4682-AC78-8BD445DE5709} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{751CB936-AC24-4682-AC78-8BD445DE5709}\375616E6 : DHCPNameServer = 8.8.8.8
TCP: Interfaces\{799E8A13-4B80-41E6-ADFB-2749E3677DA9} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{B6EF24A9-99A1-4305-9B17-755EFDDC2A1E} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C4D67905-6234-49F0-853A-7F7C7C7B3F23} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C67C606A-3641-400F-9FF8-76F86D2DE70E} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{FF641A7D-53CA-4DA2-B8C0-0F6C675DD964} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll, C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Run: [Linksys Wireless Manager] "C:\Program Files (x86)\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" /cm /min /lcid 1033
x64-Run: [MouseDriver] TiltWheelMouse.exe
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 74.208.10.249 gs.apple.com
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-2-2 283200]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2013-1-14 54368]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [2013-1-14 356376]
R2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2013-3-26 23552]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-5-15 2467664]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-14 418376]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-8-4 14984480]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-8-14 3291008]
R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2013-4-3 551264]
R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2013-5-8 583968]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-8-18 414496]
R2 TeamViewer8;TeamViewer 8;D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-5-19 3574624]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2013-7-25 108960]
R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-1-19 46568]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2013-1-14 29016]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2013-1-14 29528]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-14 25928]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-8-28 39712]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-7-5 769168]
R3 t_mouse.sys;HID-compliand device;C:\Windows\System32\drivers\t_mouse.sys [2012-12-19 6144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-9 123856]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-14 701512]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-7-27 49152]
S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]
S3 libusb0;libusb-win32 - Kernel Driver 07/03/2013 0.0.0.0;C:\Windows\System32\drivers\libusb0.sys [2013-7-3 52320]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2012-3-26 22528]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-5 19456]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-5 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-2 1255736]
.
=============== Created Last 30 ================
.
2013-08-28 20:15:35 -------- d-----w- C:\Users\Sean\AppData\Roaming\Neverball
2013-08-28 17:37:03 -------- d-----w- C:\Windows\SysWow64\NV
2013-08-28 17:37:03 -------- d-----w- C:\Windows\System32\NV
2013-08-28 17:34:50 -------- d-----w- C:\NVIDIA
2013-08-27 14:19:52 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{79F8C95D-3E02-445F-B506-BBF259046D91}\mpengine.dll
2013-08-18 13:58:20 571168 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-08-15 01:56:48 -------- d-----w- C:\Users\Sean\AppData\Local\EMU
2013-08-15 01:55:34 -------- d-----w- C:\Users\Sean\AppData\Local\PAYDAY 2
2013-08-14 21:19:00 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2013-08-14 04:28:24 -------- d-----w- C:\Users\Sean\AppData\Local\Wondershare
2013-08-14 04:28:24 -------- d-----w- C:\Program Files (x86)\Common Files\Wondershare
2013-08-14 04:28:23 52832 ----a-w- C:\Windows\SysWow64\drivers\libusb0.sys
2013-08-14 04:28:22 -------- d--h--w- C:\Program Files (x86)\Dr.Fone_Temp
2013-08-14 04:28:22 -------- d-----w- C:\ProgramData\Wondershare
2013-08-14 04:01:40 -------- d-----w- C:\ProgramData\TenorShare
2013-08-14 03:58:52 -------- d-----w- C:\Users\Sean\.shsh
2013-08-12 01:51:33 -------- d-----w- C:\Users\Sean\AppData\Roaming\OBS
2013-08-11 12:35:36 -------- d-----w- C:\Users\Sean\AppData\Roaming\Movdap
2013-08-11 12:35:36 -------- d-----w- C:\Program Files (x86)\Movdap
2013-08-09 22:37:42 -------- d-----w- C:\Users\Sean\AppData\Roaming\Web Cake
2013-08-09 03:36:21 -------- d-----w- C:\Games
2013-08-07 14:25:05 -------- d-----w- C:\Program Files\Strogino CS Portal
2013-08-06 15:26:29 -------- d-----w- C:\Users\Sean\AppData\Local\Arma 3 Alpha
2013-08-06 13:46:57 -------- d-----w- C:\Users\Sean\AppData\Roaming\FEZ
2013-08-06 13:23:38 -------- d-----w- C:\Users\Sean\AppData\Local\storage
2013-08-06 12:41:37 -------- d-----w- C:\Windows\SysWow64\xlive
2013-08-06 12:41:35 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-08-04 17:13:19 -------- d-----w- C:\Users\Sean\AppData\Roaming\Image-Line
2013-08-04 17:13:08 -------- d-----w- C:\Users\Sean\AppData\Roaming\SongManager
2013-08-04 17:12:54 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll
2013-08-04 17:06:43 225280 ----a-w- C:\Windows\SysWow64\rewire.dll
2013-08-04 17:06:42 -------- d-----w- C:\Program Files (x86)\Image-Line
2013-08-04 17:06:38 1554944 ----a-w- C:\Windows\SysWow64\vorbis.acm
2013-08-04 17:06:37 -------- d-----w- C:\Program Files (x86)\Outsim
2013-08-04 16:06:25 1884448 ----a-w- C:\Windows\System32\nvdispco6432641.dll
2013-08-04 16:06:25 1511712 ----a-w- C:\Windows\System32\nvdispgenco6432641.dll
2013-08-04 16:01:22 -------- d-----w- C:\NvidiaLogging
2013-08-04 16:00:49 29984 ----a-w- C:\Windows\System32\nvaudcap64v.dll
.
==================== Find3M  ====================
.
2013-08-28 22:44:20 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat
2013-08-22 18:54:18 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-22 18:54:18 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-08-18 19:34:11 6599968 ----a-w- C:\Windows\System32\nvcpl.dll
2013-08-18 19:34:10 3452192 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-08-18 19:34:08 920864 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-08-18 19:34:08 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-08-18 19:34:07 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2013-08-17 05:30:06 3319709 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-08-08 18:33:22 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-08-08 18:33:22 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-08-08 18:33:03 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-07-26 16:12:11 3885 ----a-w- C:\STFF08D.tmp
2013-07-26 16:10:08 3885 ----a-w- C:\STFD8E.tmp
2013-07-26 16:08:25 3885 ----a-w- C:\STF7E49.tmp
2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-25 02:27:52 108960 ----a-w- C:\Windows\System32\drivers\vrtaucbl.sys
2013-07-24 18:05:12 972712 ----a-w- C:\Windows\System32\deployJava1.dll
2013-07-24 18:05:12 1093032 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-07-24 18:05:12 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-18 17:15:12 39712 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-07-18 17:15:06 28448 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-07-15 15:48:09 715038 ----a-w- C:\Windows\unins000.exe
2013-07-14 01:17:55 1882912 ----a-w- C:\Windows\System32\nvdispco6432619.dll
2013-07-14 01:17:55 1511712 ----a-w- C:\Windows\System32\nvdispgenco6432619.dll
2013-07-11 20:42:52 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-07-05 02:31:24 0 ----a-w- C:\Windows\SysWow64\TiltWheelMouse.exe
2013-07-03 18:55:54 76384 ----a-w- C:\Windows\System32\libusb0.dll
2013-07-03 18:55:54 52320 ----a-w- C:\Windows\System32\drivers\libusb0.sys
2013-07-01 20:02:53 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-01 20:02:53 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-07-01 20:02:53 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-26 00:13:08 54368 ----a-w- C:\Windows\System32\drivers\kltdi.sys
2013-06-26 00:13:08 178448 ----a-w- C:\Windows\System32\drivers\kneps.sys
2013-06-26 00:04:19 90208 ----a-w- C:\Windows\System32\drivers\klflt.sys
2013-06-25 23:42:01 17848 ----a-w- C:\Program Files (x86)\cbi.dll
2013-06-21 12:06:36 1832224 ----a-w- C:\Windows\System32\nvdispco6432049.dll
2013-06-21 12:06:36 1511712 ----a-w- C:\Windows\System32\nvdispgenco6432049.dll
2013-06-21 10:23:10 2555680 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-06-16 12:38:18 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2013-06-16 12:38:15 196384 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
.
============= FINISH:  0:20:37.16 ===============
 
 
 
 
 
 
 
 
Attach:
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 01/02/2013 08:35:06
System Uptime: 28/08/2013 18:43:26 (6 hours ago)
.
Motherboard: ASRock |  | Z77 Pro4
Processor: Intel® Core i5-2500K CPU @ 3.30GHz | CPUSocket | 3301/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 3.523 GiB free.
D: is FIXED (NTFS) - 932 GiB total, 71.773 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: 
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_1E22&SUBSYS_1E221849&REV_04\3&11583659&0&FB
Manufacturer: 
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_1E22&SUBSYS_1E221849&REV_04\3&11583659&0&FB
Service: 
.
Class GUID: 
Description: Universal Serial Bus (USB) Controller
Device ID: PCI\VEN_8086&DEV_1E31&SUBSYS_1E311849&REV_04\3&11583659&0&A0
Manufacturer: 
Name: Universal Serial Bus (USB) Controller
PNP Device ID: PCI\VEN_8086&DEV_1E31&SUBSYS_1E311849&REV_04\3&11583659&0&A0
Service: 
.
==== System Restore Points ===================
.
RP229: 28/08/2013 19:22:34 - Scheduled Checkpoint
RP230: 28/08/2013 22:44:08 - Installed Tom Clancy's Splinter Cell® Blacklist™
RP231: 28/08/2013 23:03:38 - Configured Tom Clancy's Splinter Cell® Blacklist™
.
==== Installed Programs ======================
.
7-Zip 9.22beta
Adobe Flash Media Live Encoder 3.2
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS6
Adobe Reader XI (11.0.03)
Amnesia - The Dark Descent 
AngryBirdsStarWars 1.00
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Arma 2
Arma 2: DayZ Mod
Arma 2: Operation Arrowhead
Arma 2: Operation Arrowhead Beta
ASIO4ALL
Assassin's Creed® III v1.03
µTorrent
AVS Audio Editor 7.1
Battlefield 3™
BattlEye for OA Uninstall
Bonjour
Borderlands 2
Camtasia Studio 8
CCleaner
Command & Conquer 3
Command & Conquer Red Alert 2
Counter-Strike: Global Offensive
CPUID CPU-Z 1.64.0
Crysis®3
DAEMON Tools Pro
DayZ Commander
Dead Island Riptide © Deep Silver version 1
Dead Space 3
Deckadance 2
Defense Grid the Awakening
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Defraggler
Diablo III
DiRT 3
Dishonored
Documents To Go Desktop for iOS
Don't Starve
Dropbox
Dxtory version 2.0.122
Eleusis version 1
ESET Online Scanner v3
ESN Sonar
F.lux
Fallout New Vegas Ultimate Edition
FEZ v1.04
Firefall
FL Studio 10
Flvto Youtube Downloader
Fraps
GameRanger
Garrys Mod version 13.07.05
Google Chrome
Google Earth Plug-in
Google Update Helper
GRID 2 © Codemasters version 1
Halo Combat Evolved
Haunt 1.1 64bit
iCloud
iFunbox (v2.6.2375.747), iFunbox DevTeam
IL Download Manager
IL Shared Libraries
Intel® Processor Graphics
iTunes
Java 7 Update 25
Java 7 Update 25 (64-bit)
Java Auto Updater
Kaspersky Anti-Virus 2013
KeyTweak - Keyboard Remapper (remove only)
Kraven Manor
Lagarith Lossless Codec (1.3.27)
League of Legends
LG MC USB Modem driver
LG PC Suite II
LG USB Modem Driver
Linksys Wireless Manager
Little Inferno 1.00
LogMeIn Hamachi
LOST PLANET 2
Malwarebytes Anti-Malware version 1.75.0.1300
Metro: Last Light © Deep Silver version 1
Microsoft .NET Framework 4.5
Microsoft Access MUI (English) 2013
Microsoft Access Setup Metadata MUI (English) 2013
Microsoft DCF MUI (English) 2013
Microsoft Excel MUI (English) 2013
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Groove MUI (English) 2013
Microsoft InfoPath MUI (English) 2013
Microsoft Lync MUI (English) 2013
Microsoft Office 32-bit Components 2013
Microsoft Office OSM MUI (English) 2013
Microsoft Office OSM UX MUI (English) 2013
Microsoft Office Professional Plus 2013
Microsoft Office Proofing (English) 2013
Microsoft Office Proofing Tools 2013 - English
Microsoft Office Proofing Tools 2013 - Español
Microsoft Office Shared 32-bit MUI (English) 2013
Microsoft Office Shared MUI (English) 2013
Microsoft Office Shared Setup Metadata MUI (English) 2013
Microsoft OneNote MUI (English) 2013
Microsoft Outlook MUI (English) 2013
Microsoft PowerPoint MUI (English) 2013
Microsoft Publisher MUI (English) 2013
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Word MUI (English) 2013
Microsoft WSE 3.0 Runtime
Microsoft Xbox 360 Accessories 1.1
Microsoft XNA Framework Redistributable 4.0 Refresh
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Minecraft1.6.2
Mortal Kombat Komplete Edition
MSI Afterburner 2.3.1
MSVCRT Redists
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Game Long Name
Need for Speed Most Wanted
Need for Speed Underground 2
Need for Speed™ The Run
Neverball 1.5.4
Nexus Mod Manager
No Time To Explain
NVIDIA 3D Vision Controller Driver 326.80
NVIDIA 3D Vision Driver 326.80
NVIDIA Control Panel 326.80
NVIDIA GeForce Experience 1.6
NVIDIA Graphics Driver 326.80
NVIDIA HD Audio Driver 1.3.26.4
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 7.2.17
NVIDIA Update Components
NVIDIA Virtual Audio 1.2.2
OnLive
Open Broadcaster Software
OpenAL
Origin
Outils de vérification linguistique 2013 de Microsoft Office - Français
PAYDAY 2
PCSX2 - Playstation 2 Emulator
PDF Settings CS6
PixelJunk Monsters Ultimate HD 1.0
PopCap - Insaniquarium Deluxe v1.1
Portal 2
Pure Networks Platform
QuickTime
Rapture3D 2.4.8 Game
Realtek Ethernet Controller Driver
Recuva
Resident Evil 6 version 1
Resident Evil Revelations version 1.0.0.1
Reus
Saints Row IV
Saints Row The Third
Sanctum 2 © CoffeeStainStudios version 1
Security Update for Microsoft .NET Framework 4.5 (KB2737083)
Security Update for Microsoft .NET Framework 4.5 (KB2742613)
Security Update for Microsoft .NET Framework 4.5 (KB2789648)
Security Update for Microsoft .NET Framework 4.5 (KB2804582)
Security Update for Microsoft .NET Framework 4.5 (KB2833957)
Security Update for Microsoft .NET Framework 4.5 (KB2840642)
Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)
Shared C Run-time for x64
SHIELD Streaming
Skype Click to Call
Skype™ 6.6
Slendytubbies
Small Soldiers
Sniper Elite V2
Sniper Elite: Nazi Zombie Army
Sniper Ghost Warrior 2
Speccy
SpeedFan (remove only)
Splashtop Software Updater
Splashtop Streamer
StarCraft II
Steam
System Requirements Lab for Intel
TeamViewer 8
Tenorshare iPhone 5 Data Recovery 
The Sims™ 3
The Swapper
Tom Clancy's Rainbow Six Vegas 2
Tom Clancy's Splinter Cell® Blacklist™
Tombraider
Unreal Development Kit: 2012-10
Update for Microsoft .NET Framework 4.5 (KB2750147)
Update for Microsoft .NET Framework 4.5 (KB2805221)
Update for Microsoft .NET Framework 4.5 (KB2805226)
Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2817621) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2727096) 64-Bit Edition
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760538) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767851) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817320) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817482) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817489) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817491) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817492) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2817467) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2817629) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2810006) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2817622) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2013 (KB2767863) 64-Bit Edition
Update for Microsoft Word 2013 (KB2810086) 64-Bit Edition
Update for Zip Opener
Uplay
Vegas Pro 12.0 (64-bit)
Virtual Audio Cable 4.13
Virtual DJ Pro Full - Atomix Productions
Viscera Cleanup Detail - ALPHA
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.5
Web Cake 3.00
Windows Live ID Sign-in Assistant
WinRAR 4.20 (64-bit)
Wondershare Dr.Fone for iOS(Build 3.1.0.111)
WordExpander
World of Tanks
Worms Clan Wars
Xiph.Org Open Codecs 0.85.17777
XSplit Broadcaster
.
==== Event Viewer Messages From Past Week ========
.
28/08/2013 18:43:47, Error: volsnap [25]  - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
27/08/2013 19:49:59, Error: bowser [8003]  - The master browser has received a server announcement from the computer SAPHIRAII that believes that it is the master browser for the domain on transport NetBT_Tcpip_{799E8A13-4B80-41E6-ADFB-2749E3677DA9}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

Hello SeanAffleck! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Why do you think so? What exactly is your problem?

P2P/Piracy Warning:

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Link to post
Share on other sites

Or if you were asking for what I think the problem is, It's that my browser (Chrome) will randomly open a new tab and it will always be labelled 'sponsorship' and contains loads of shopping adverts etc. I've tried kaspersky full virus scan and also malware byte scans to get rid of them but it never works.

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 10.0.9200.16660  BrowserJavaVersion: 10.25.2

Run by Sean at 15:06:53 on 2013-08-29

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.8073.4667 [GMT 1:00]

.

AV: Kaspersky Anti-Virus *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}

SP: Kaspersky Anti-Virus *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Prey\platform\windows\cronsvc.exe

D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe

C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe

C:\Windows\system32\svchost.exe -k imgsvc

D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Windows\System32\TiltWheelMouse.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\Linksys\Linksys Wireless Manager\LinksysWirelessManager64.exe

C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Users\Sean\Local Settings\Apps\F.lux\flux.exe

C:\Program Files (x86)\WordExpander\WordExpander.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\iTunes\iTunes.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe

D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

D:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL

BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll

uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun

uRun: [F.lux] "C:\Users\Sean\Local Settings\Apps\F.lux\flux.exe" /noshow

uRun: [Dxtory Update Checker 2.0] D:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe

uRun: [WordExpander] C:\Program Files (x86)\WordExpander\WordExpander.exe

uRun: [steam] "D:\Program Files (x86)\Steam\Steam.exe" -silent

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"

mRun: [LogMeIn Hamachi Ui] "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

StartupFolder: C:\Users\Sean\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GOOGLE~1.LNK - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

StartupFolder: C:\Users\Sean\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ITUNES~1.LNK - C:\Program Files (x86)\iTunes\iTunes.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: HideSCAHealth = dword:1

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105

IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll

TCP: NameServer = 192.168.0.1

TCP: Interfaces\{053D93A0-39E9-4D16-9394-0E0F41AFBB77} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{0E0B4D1F-8E6F-4121-9087-247647FEDFB1} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{53AAFEED-61AB-4CCF-A6DF-C1A00F596775} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{550B4CA2-B6CC-4BCE-AFAA-08416AAF6545} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{751CB936-AC24-4682-AC78-8BD445DE5709} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{751CB936-AC24-4682-AC78-8BD445DE5709}\375616E6 : DHCPNameServer = 8.8.8.8

TCP: Interfaces\{799E8A13-4B80-41E6-ADFB-2749E3677DA9} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{B6EF24A9-99A1-4305-9B17-755EFDDC2A1E} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{C4D67905-6234-49F0-853A-7F7C7C7B3F23} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{C67C606A-3641-400F-9FF8-76F86D2DE70E} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{FF641A7D-53CA-4DA2-B8C0-0F6C675DD964} : DHCPNameServer = 192.168.0.1

Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL

Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll, C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL

x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll

x64-Run: [Linksys Wireless Manager] "C:\Program Files (x86)\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" /cm /min /lcid 1033

x64-Run: [MouseDriver] TiltWheelMouse.exe

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll

x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll

x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL

x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

Hosts: 74.208.10.249 gs.apple.com

.

============= SERVICES / DRIVERS ===============

.

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-2-2 283200]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504]

R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2013-1-14 54368]

R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]

R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [2013-1-14 356376]

R2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2013-3-26 23552]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-5-15 2467664]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-14 418376]

R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-8-4 14984480]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-8-14 3291008]

R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2013-4-3 551264]

R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2013-5-8 583968]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-8-18 414496]

R2 TeamViewer8;TeamViewer 8;D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-5-19 3574624]

R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2013-7-25 108960]

R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-1-19 46568]

R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2013-1-14 29016]

R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2013-1-14 29528]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-14 25928]

R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-8-28 39712]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-7-5 769168]

R3 t_mouse.sys;HID-compliand device;C:\Windows\System32\drivers\t_mouse.sys [2012-12-19 6144]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-9 123856]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-14 701512]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]

S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-7-27 49152]

S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]

S3 libusb0;libusb-win32 - Kernel Driver 07/03/2013 0.0.0.0;C:\Windows\System32\drivers\libusb0.sys [2013-7-3 52320]

S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2012-3-26 22528]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-5 19456]

S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-5 57856]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-2 1255736]

.

=============== Created Last 30 ================

.

2013-08-28 20:15:35 -------- d-----w- C:\Users\Sean\AppData\Roaming\Neverball

2013-08-28 17:37:03 -------- d-----w- C:\Windows\SysWow64\NV

2013-08-28 17:37:03 -------- d-----w- C:\Windows\System32\NV

2013-08-28 17:34:50 -------- d-----w- C:\NVIDIA

2013-08-27 14:19:52 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{79F8C95D-3E02-445F-B506-BBF259046D91}\mpengine.dll

2013-08-18 13:58:20 571168 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

2013-08-15 01:56:48 -------- d-----w- C:\Users\Sean\AppData\Local\EMU

2013-08-15 01:55:34 -------- d-----w- C:\Users\Sean\AppData\Local\PAYDAY 2

2013-08-14 21:19:00 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys

2013-08-14 04:28:24 -------- d-----w- C:\Users\Sean\AppData\Local\Wondershare

2013-08-14 04:28:24 -------- d-----w- C:\Program Files (x86)\Common Files\Wondershare

2013-08-14 04:28:23 52832 ----a-w- C:\Windows\SysWow64\drivers\libusb0.sys

2013-08-14 04:28:22 -------- d--h--w- C:\Program Files (x86)\Dr.Fone_Temp

2013-08-14 04:28:22 -------- d-----w- C:\ProgramData\Wondershare

2013-08-14 04:01:40 -------- d-----w- C:\ProgramData\TenorShare

2013-08-14 03:58:52 -------- d-----w- C:\Users\Sean\.shsh

2013-08-12 01:51:33 -------- d-----w- C:\Users\Sean\AppData\Roaming\OBS

2013-08-11 12:35:36 -------- d-----w- C:\Users\Sean\AppData\Roaming\Movdap

2013-08-11 12:35:36 -------- d-----w- C:\Program Files (x86)\Movdap

2013-08-09 22:37:42 -------- d-----w- C:\Users\Sean\AppData\Roaming\Web Cake

2013-08-09 03:36:21 -------- d-----w- C:\Games

2013-08-07 14:25:05 -------- d-----w- C:\Program Files\Strogino CS Portal

2013-08-06 15:26:29 -------- d-----w- C:\Users\Sean\AppData\Local\Arma 3 Alpha

2013-08-06 13:46:57 -------- d-----w- C:\Users\Sean\AppData\Roaming\FEZ

2013-08-06 13:23:38 -------- d-----w- C:\Users\Sean\AppData\Local\storage

2013-08-06 12:41:37 -------- d-----w- C:\Windows\SysWow64\xlive

2013-08-06 12:41:35 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2013-08-04 17:13:19 -------- d-----w- C:\Users\Sean\AppData\Roaming\Image-Line

2013-08-04 17:13:08 -------- d-----w- C:\Users\Sean\AppData\Roaming\SongManager

2013-08-04 17:12:54 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll

2013-08-04 17:06:43 225280 ----a-w- C:\Windows\SysWow64\rewire.dll

2013-08-04 17:06:42 -------- d-----w- C:\Program Files (x86)\Image-Line

2013-08-04 17:06:38 1554944 ----a-w- C:\Windows\SysWow64\vorbis.acm

2013-08-04 17:06:37 -------- d-----w- C:\Program Files (x86)\Outsim

2013-08-04 16:06:25 1884448 ----a-w- C:\Windows\System32\nvdispco6432641.dll

2013-08-04 16:06:25 1511712 ----a-w- C:\Windows\System32\nvdispgenco6432641.dll

2013-08-04 16:01:22 -------- d-----w- C:\NvidiaLogging

2013-08-04 16:00:49 29984 ----a-w- C:\Windows\System32\nvaudcap64v.dll

.

==================== Find3M  ====================

.

2013-08-29 13:46:46 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat

2013-08-22 18:54:18 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-08-22 18:54:18 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-08-18 19:34:11 6599968 ----a-w- C:\Windows\System32\nvcpl.dll

2013-08-18 19:34:10 3452192 ----a-w- C:\Windows\System32\nvsvc64.dll

2013-08-18 19:34:08 920864 ----a-w- C:\Windows\System32\nvvsvc.exe

2013-08-18 19:34:08 63776 ----a-w- C:\Windows\System32\nvshext.dll

2013-08-18 19:34:07 219424 ----a-w- C:\Windows\System32\nvmctray.dll

2013-08-17 05:30:06 3319709 ----a-w- C:\Windows\System32\nvcoproc.bin

2013-08-08 18:33:22 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2013-08-08 18:33:22 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2013-08-08 18:33:03 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2013-07-26 16:12:11 3885 ----a-w- C:\STFF08D.tmp

2013-07-26 16:10:08 3885 ----a-w- C:\STFD8E.tmp

2013-07-26 16:08:25 3885 ----a-w- C:\STF7E49.tmp

2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll

2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL

2013-07-25 02:27:52 108960 ----a-w- C:\Windows\System32\drivers\vrtaucbl.sys

2013-07-24 18:05:12 972712 ----a-w- C:\Windows\System32\deployJava1.dll

2013-07-24 18:05:12 1093032 ----a-w- C:\Windows\System32\npDeployJava1.dll

2013-07-24 18:05:12 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll

2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll

2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2013-07-18 17:15:12 39712 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys

2013-07-18 17:15:06 28448 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll

2013-07-15 15:48:09 715038 ----a-w- C:\Windows\unins000.exe

2013-07-14 01:17:55 1882912 ----a-w- C:\Windows\System32\nvdispco6432619.dll

2013-07-14 01:17:55 1511712 ----a-w- C:\Windows\System32\nvdispgenco6432619.dll

2013-07-11 20:42:52 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll

2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll

2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll

2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll

2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll

2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll

2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll

2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll

2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe

2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-07-05 02:31:24 0 ----a-w- C:\Windows\SysWow64\TiltWheelMouse.exe

2013-07-03 18:55:54 76384 ----a-w- C:\Windows\System32\libusb0.dll

2013-07-03 18:55:54 52320 ----a-w- C:\Windows\System32\drivers\libusb0.sys

2013-07-01 20:02:53 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-07-01 20:02:53 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-07-01 20:02:53 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-06-26 00:13:08 54368 ----a-w- C:\Windows\System32\drivers\kltdi.sys

2013-06-26 00:13:08 178448 ----a-w- C:\Windows\System32\drivers\kneps.sys

2013-06-26 00:04:19 90208 ----a-w- C:\Windows\System32\drivers\klflt.sys

2013-06-25 23:42:01 17848 ----a-w- C:\Program Files (x86)\cbi.dll

2013-06-21 12:06:36 1832224 ----a-w- C:\Windows\System32\nvdispco6432049.dll

2013-06-21 12:06:36 1511712 ----a-w- C:\Windows\System32\nvdispgenco6432049.dll

2013-06-21 10:23:10 2555680 ----a-w- C:\Windows\System32\nvsvcr.dll

2013-06-16 12:38:18 31520 ----a-w- C:\Windows\System32\nvhdap64.dll

2013-06-16 12:38:15 196384 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys

2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll

2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll

.

============= FINISH: 15:07:04.05 ===============

 

 

 

 

 

 

 

 

 

 

 


.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume1

Install Date: 01/02/2013 08:35:06

System Uptime: 29/08/2013 10:14:42 (5 hours ago)

.

Motherboard: ASRock |  | Z77 Pro4

Processor: Intel® Core i5-2500K CPU @ 3.30GHz | CPUSocket | 3301/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 112 GiB total, 3.209 GiB free.

D: is FIXED (NTFS) - 932 GiB total, 63.94 GiB free.

E: is CDROM ()

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: 

Description: SM Bus Controller

Device ID: PCI\VEN_8086&DEV_1E22&SUBSYS_1E221849&REV_04\3&11583659&0&FB

Manufacturer: 

Name: SM Bus Controller

PNP Device ID: PCI\VEN_8086&DEV_1E22&SUBSYS_1E221849&REV_04\3&11583659&0&FB

Service: 

.

Class GUID: 

Description: Universal Serial Bus (USB) Controller

Device ID: PCI\VEN_8086&DEV_1E31&SUBSYS_1E311849&REV_04\3&11583659&0&A0

Manufacturer: 

Name: Universal Serial Bus (USB) Controller

PNP Device ID: PCI\VEN_8086&DEV_1E31&SUBSYS_1E311849&REV_04\3&11583659&0&A0

Service: 

.

==== System Restore Points ===================

.

RP229: 28/08/2013 19:22:34 - Scheduled Checkpoint

RP230: 28/08/2013 22:44:08 - Installed Tom Clancy's Splinter Cell® Blacklist™

RP231: 28/08/2013 23:03:38 - Configured Tom Clancy's Splinter Cell® Blacklist™

.

==== Installed Programs ======================

.

7-Zip 9.22beta

Adobe Flash Media Live Encoder 3.2

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Photoshop CS6

Adobe Reader XI (11.0.03)

Amnesia - The Dark Descent 

AngryBirdsStarWars 1.00

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Arma 2

Arma 2: DayZ Mod

Arma 2: Operation Arrowhead

Arma 2: Operation Arrowhead Beta

ASIO4ALL

Assassin's Creed® III v1.03

AVS Audio Editor 7.1

Battlefield 3™

BattlEye for OA Uninstall

Bonjour

Borderlands 2

Camtasia Studio 8

CCleaner

Command & Conquer 3

Command & Conquer Red Alert 2

Counter-Strike: Global Offensive

CPUID CPU-Z 1.64.0

Crysis®3

DAEMON Tools Pro

DayZ Commander

Dead Island Riptide © Deep Silver version 1

Dead Space 3

Deckadance 2

Defense Grid the Awakening

Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition

Defraggler

Diablo III

DiRT 3

Dishonored

Documents To Go Desktop for iOS

Don't Starve

Dropbox

Dxtory version 2.0.122

Eleusis version 1

ESET Online Scanner v3

ESN Sonar

F.lux

Fallout New Vegas Ultimate Edition

FEZ v1.04

Firefall

FL Studio 10

Flvto Youtube Downloader

Fraps

GameRanger

Garrys Mod version 13.07.05

Google Chrome

Google Earth Plug-in

Google Update Helper

GRID 2 © Codemasters version 1

Halo Combat Evolved

Haunt 1.1 64bit

iCloud

iFunbox (v2.6.2375.747), iFunbox DevTeam

IL Download Manager

IL Shared Libraries

Intel® Processor Graphics

iTunes

Java 7 Update 25

Java 7 Update 25 (64-bit)

Java Auto Updater

Kaspersky Anti-Virus 2013

KeyTweak - Keyboard Remapper (remove only)

Kraven Manor

Lagarith Lossless Codec (1.3.27)

League of Legends

LG MC USB Modem driver

LG PC Suite II

LG USB Modem Driver

Linksys Wireless Manager

Little Inferno 1.00

LogMeIn Hamachi

LOST PLANET 2

Malwarebytes Anti-Malware version 1.75.0.1300

Metro: Last Light © Deep Silver version 1

Microsoft .NET Framework 4.5

Microsoft Access MUI (English) 2013

Microsoft Access Setup Metadata MUI (English) 2013

Microsoft DCF MUI (English) 2013

Microsoft Excel MUI (English) 2013

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Groove MUI (English) 2013

Microsoft InfoPath MUI (English) 2013

Microsoft Lync MUI (English) 2013

Microsoft Office 32-bit Components 2013

Microsoft Office OSM MUI (English) 2013

Microsoft Office OSM UX MUI (English) 2013

Microsoft Office Professional Plus 2013

Microsoft Office Proofing (English) 2013

Microsoft Office Proofing Tools 2013 - English

Microsoft Office Proofing Tools 2013 - Español

Microsoft Office Shared 32-bit MUI (English) 2013

Microsoft Office Shared MUI (English) 2013

Microsoft Office Shared Setup Metadata MUI (English) 2013

Microsoft OneNote MUI (English) 2013

Microsoft Outlook MUI (English) 2013

Microsoft PowerPoint MUI (English) 2013

Microsoft Publisher MUI (English) 2013

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Word MUI (English) 2013

Microsoft WSE 3.0 Runtime

Microsoft Xbox 360 Accessories 1.1

Microsoft XNA Framework Redistributable 4.0 Refresh

Microsoft_VC80_CRT_x86

Microsoft_VC90_CRT_x86

Minecraft1.6.2

Mortal Kombat Komplete Edition

MSI Afterburner 2.3.1

MSVCRT Redists

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

My Game Long Name

Need for Speed Most Wanted

Need for Speed Underground 2

Need for Speed™ The Run

Neverball 1.5.4

Nexus Mod Manager

No Time To Explain

NVIDIA 3D Vision Controller Driver 326.80

NVIDIA 3D Vision Driver 326.80

NVIDIA Control Panel 326.80

NVIDIA GeForce Experience 1.6

NVIDIA Graphics Driver 326.80

NVIDIA HD Audio Driver 1.3.26.4

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX System Software 9.13.0725

NVIDIA Stereoscopic 3D Driver

NVIDIA Update 7.2.17

NVIDIA Update Components

NVIDIA Virtual Audio 1.2.2

OnLive

Open Broadcaster Software

OpenAL

Origin

Outils de vérification linguistique 2013 de Microsoft Office - Français

PAYDAY 2

PCSX2 - Playstation 2 Emulator

PDF Settings CS6

PixelJunk Monsters Ultimate HD 1.0

PopCap - Insaniquarium Deluxe v1.1

Portal 2

Pure Networks Platform

QuickTime

Rapture3D 2.4.8 Game

Realtek Ethernet Controller Driver

Recuva

Resident Evil 6 version 1

Resident Evil Revelations version 1.0.0.1

Reus

Saints Row IV

Saints Row The Third

Sanctum 2 © CoffeeStainStudios version 1

Security Update for Microsoft .NET Framework 4.5 (KB2737083)

Security Update for Microsoft .NET Framework 4.5 (KB2742613)

Security Update for Microsoft .NET Framework 4.5 (KB2789648)

Security Update for Microsoft .NET Framework 4.5 (KB2804582)

Security Update for Microsoft .NET Framework 4.5 (KB2833957)

Security Update for Microsoft .NET Framework 4.5 (KB2840642)

Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)

Shared C Run-time for x64

SHIELD Streaming

Skype Click to Call

Skype™ 6.6

Slendytubbies

Small Soldiers

Sniper Elite V2

Sniper Elite: Nazi Zombie Army

Sniper Ghost Warrior 2

Speccy

SpeedFan (remove only)

Splashtop Software Updater

Splashtop Streamer

StarCraft II

Steam

System Requirements Lab for Intel

TeamViewer 8

Tenorshare iPhone 5 Data Recovery 

The Sims™ 3

The Swapper

Tom Clancy's Rainbow Six Vegas 2

Tom Clancy's Splinter Cell® Blacklist™

Tombraider

Unreal Development Kit: 2012-10

Update for Microsoft .NET Framework 4.5 (KB2750147)

Update for Microsoft .NET Framework 4.5 (KB2805221)

Update for Microsoft .NET Framework 4.5 (KB2805226)

Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition

Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition

Update for Microsoft Lync 2013 (KB2817621) 64-Bit Edition

Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition

Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition

Update for Microsoft Office 2013 (KB2727096) 64-Bit Edition

Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition

Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition

Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition

Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition

Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition

Update for Microsoft Office 2013 (KB2760538) 64-Bit Edition

Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition

Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition

Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition

Update for Microsoft Office 2013 (KB2767851) 64-Bit Edition

Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition

Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition

Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition

Update for Microsoft Office 2013 (KB2817320) 64-Bit Edition

Update for Microsoft Office 2013 (KB2817482) 64-Bit Edition

Update for Microsoft Office 2013 (KB2817489) 64-Bit Edition

Update for Microsoft Office 2013 (KB2817491) 64-Bit Edition

Update for Microsoft Office 2013 (KB2817492) 64-Bit Edition

Update for Microsoft OneNote 2013 (KB2817467) 64-Bit Edition

Update for Microsoft Outlook 2013 (KB2817629) 64-Bit Edition

Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition

Update for Microsoft PowerPoint 2013 (KB2810006) 64-Bit Edition

Update for Microsoft SkyDrive Pro (KB2817622) 64-Bit Edition

Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition

Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition

Update for Microsoft Word 2013 (KB2767863) 64-Bit Edition

Update for Microsoft Word 2013 (KB2810086) 64-Bit Edition

Update for Zip Opener

Uplay

Vegas Pro 12.0 (64-bit)

Virtual Audio Cable 4.13

Virtual DJ Pro Full - Atomix Productions

Viscera Cleanup Detail - ALPHA

Visual Studio 2010 x64 Redistributables

VLC media player 2.0.5

Web Cake 3.00

Windows Live ID Sign-in Assistant

WinRAR 4.20 (64-bit)

Wondershare Dr.Fone for iOS(Build 3.1.0.111)

WordExpander

World of Tanks

Worms Clan Wars

Xiph.Org Open Codecs 0.85.17777

XSplit Broadcaster

.

==== Event Viewer Messages From Past Week ========

.

28/08/2013 18:43:47, Error: volsnap [25]  - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.

27/08/2013 19:49:59, Error: bowser [8003]  - The master browser has received a server announcement from the computer SAPHIRAII that believes that it is the master browser for the domain on transport NetBT_Tcpip_{799E8A13-4B80-41E6-ADFB-2749E3677DA9}. The master browser is stopping or an election is being forced.

.

==== End Of File ===========================

 

Link to post
Share on other sites

Step 1

Please uninstall this application: Web Cake 3.00

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
Step 4
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 5.5.5 (08.28.2013:1)

OS: Windows 7 Home Premium x64

Ran by Sean on 29/08/2013 at 16:03:09.19

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

Successfully stopped: [service] splashtopremoteservice 

Successfully deleted: [service] splashtopremoteservice 

Successfully stopped: [service] ssuservice 

Successfully deleted: [service] ssuservice 

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wondershare

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wondershare

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasmancs

Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"

Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"

 

 

 

~~~ Files

 

Successfully deleted: [File] C:\Windows\Tasks\dsite.job

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\splashtop"

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"

Successfully deleted: [Folder] "C:\Users\Sean\AppData\Roaming\dsite"

Successfully deleted: [Folder] "C:\Users\Sean\AppData\Roaming\movdap"

Successfully deleted: [Folder] "C:\Users\Sean\AppData\Roaming\web cake"

Successfully deleted: [Folder] "C:\Users\Sean\appdata\local\splashtop"

Successfully deleted: [Folder] "C:\Program Files (x86)\movdap"

Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"

Failed to delete: [Folder] "C:\Program Files (x86)\splashtop"

Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\wondershare"

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

 

 

 

~~~ Chrome

 

Successfully deleted: [Folder] C:\Users\Sean\appdata\local\Google\Chrome\User Data\Default\Extensions\aoiidodopnnhiflaflbfeblnojefhigh

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 29/08/2013 at 16:07:27.81

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

More to come
Link to post
Share on other sites

# AdwCleaner v3.001 - Report created 29/08/2013 at 16:11:24

# Updated 24/08/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Sean - SEAN-PC

# Running from : D:\Downloads\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\Wondershare

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare

Folder Deleted : C:\Users\Sean\AppData\Local\Wondershare

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16660

 

 

-\\ Google Chrome v28.0.1500.95

 

[ File : C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\smoo\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [2210 octets] - [29/08/2013 16:10:13]

AdwCleaner[s0].txt - [2151 octets] - [29/08/2013 16:11:24]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2211 octets] ##########

 

 

 

 

 


Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.08.29.06

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16660

Sean :: SEAN-PC [administrator]

 

29/08/2013 16:13:21

mbam-log-2013-08-29 (16-13-21).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 292984

Time elapsed: 1 minute(s), 20 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

 

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.