Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with minimizing bug!


  • This topic is locked This topic is locked
2 replies to this topic

#1 Choober

Choober

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 27 April 2012 - 05:12 PM

DDS Log:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by St0rM at 14:49:20 on 2012-04-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8125.5159 [GMT -7:00]
.
AV: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 7\WVSScheduler7.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\ProgramData\TVersity\Media Server\MediaServer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\ScreenSnapr\ScreenSnapr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\St0rM\Downloads\Defogger.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.expatshield.com/g/?c=h
uDefault_Page_URL = hxxp://www.msn.com
mDefault_Page_URL = hxxp://www.msn.com
mStart Page = hxxp://www.msn.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
uURLSearchHooks: H - No File
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: KeyScramblerBHO Class: {2b9f5787-88a5-4945-90e7-c4b18563bc5e} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
BHO: MegaIeHelperBHO Class: {77f4e711-789b-447f-9614-96759b2f83c6} - C:\Users\St0rM\AppData\Local\Megamedia\Megakey\MegaIeHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {66BD2442-241B-44CD-8C7A-B51037053CDB} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_228_Plugin.exe -update plugin
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
mRun: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe
mRun: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Capture Web Page - C:\Users\St0rM\AppData\Local\Megamedia\Megakey\CaptureWebPage.htm
IE: Fetch to Megaupload - C:\Users\St0rM\AppData\Local\Megamedia\Megakey\MegaUpload.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll
LSP: C:\ProgramData\Megamedia\Megakey\msadm.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{394CA7C5-8278-4806-9D42-4BCB9B4D782F} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{7D733E28-4EAB-46DB-B3B0-FBC538325F43} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{7D733E28-4EAB-46DB-B3B0-FBC538325F43} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{DE868892-EA11-4FA6-B88D-B3204278E4E5} : NameServer = 8.26.56.26,156.154.70.22
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: KeyScramblerBHO Class: {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll
BHO-X64: QFX Software KeyScrambler - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
BHO-X64: AMD SteadyVideo BHO - No File
BHO-X64: MegaIeHelperBHO Class: {77F4E711-789B-447F-9614-96759B2F83C6} - C:\Users\St0rM\AppData\Local\Megamedia\Megakey\MegaIeHelper.dll
BHO-X64: MegaIeHelperBHO - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO-X64: Vuze Remote - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {66BD2442-241B-44CD-8C7A-B51037053CDB} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
mRun-x64: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe
mRun-x64: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\St0rM\AppData\Roaming\Mozilla\Firefox\Profiles\1g8upm5a.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com
FF - prefs.js: network.proxy.ftp - 195.137.162.147
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.http - 195.137.162.147
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - 195.137.162.147
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - 195.137.162.147
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\St0rM\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\St0rM\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
============= SERVICES / DRIVERS ===============
.
R0 ahcix64s;ahcix64s;C:\Windows\system32\drivers\ahcix64s.sys --> C:\Windows\system32\drivers\ahcix64s.sys [?]
R1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys --> C:\Windows\system32\DRIVERS\AppleCharger.sys [?]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?]
R1 TsVp;TsVp;C:\Windows\system32\DRIVERS\tsvp.sys --> C:\Windows\system32\DRIVERS\tsvp.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AcuWVSSchedulerv7;Acunetix WVS Scheduler v7;C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 7\WVSScheduler7.exe [2010-9-21 674104]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-2-14 361984]
R2 AMD_RAIDXpert;AMD RAIDXpert;C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2011-2-16 128904]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-1-3 55936]
R2 CLPSLS;COMODO livePCsupport Service;C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2012-4-13 409232]
R2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-9-22 974944]
R2 epfwwfpr;epfwwfpr;C:\Windows\system32\DRIVERS\epfwwfpr.sys --> C:\Windows\system32\DRIVERS\epfwwfpr.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-18 654408]
R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Edimax\Common\RaRegistry.exe [2011-10-5 185632]
R2 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe [2011-10-5 212256]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-1-19 3027840]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\system32\Drivers\EtronHub3.sys --> C:\Windows\system32\Drivers\EtronHub3.sys [?]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\system32\Drivers\EtronXHCI.sys --> C:\Windows\system32\Drivers\EtronXHCI.sys [?]
R3 KeyScrambler;KeyScrambler;C:\Windows\system32\drivers\keyscrambler.sys --> C:\Windows\system32\drivers\keyscrambler.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-2-7 161432]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-1-3 55936]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-6 136176]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-2 253600]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 CGVPNCliSrvc;CyberGhost VPN Client;C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2012-2-6 2430128]
S3 CV2K1;CommView Network Monitor;C:\Windows\system32\DRIVERS\cv2k1.sys --> C:\Windows\system32\DRIVERS\cv2k1.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-6 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-24 129976]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys --> C:\Windows\system32\DRIVERS\netaapl64.sys [?]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 TsVlb;TsVlb;C:\Windows\system32\DRIVERS\tsvlb.sys --> C:\Windows\system32\DRIVERS\tsvlb.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
.
=============== Created Last 30 ================
.
2012-04-27 13:19:53 -------- d-----w- C:\Users\St0rM\AppData\Local\{71607286-9F4B-415E-A7F9-8DCA8F0CAB07}
2012-04-27 13:19:41 -------- d-----w- C:\Users\St0rM\AppData\Local\{20E41AF8-CDE1-474A-8582-802045842841}
2012-04-27 10:49:40 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D5543681-F684-4717-9E1F-4F7E96FEBC3F}\offreg.dll
2012-04-27 10:41:09 -------- d-----w- C:\Program Files\CCleaner
2012-04-27 09:36:46 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D5543681-F684-4717-9E1F-4F7E96FEBC3F}\mpengine.dll
2012-04-27 01:19:14 -------- d-----w- C:\Users\St0rM\AppData\Local\{7E1A110B-8BE3-4604-8AE2-3B1758677CBA}
2012-04-27 01:19:03 -------- d-----w- C:\Users\St0rM\AppData\Local\{E60214C3-31A4-4E6F-9C57-6FBC53FBDDA1}
2012-04-26 19:35:37 -------- d-----w- C:\Windows\KLNOPQRSUVWXYZ12
2012-04-26 15:19:13 -------- d-----w- C:\Program Files (x86)\ESET
2012-04-26 13:18:47 -------- d-----w- C:\Users\St0rM\AppData\Local\{CBE33A29-CACC-4B57-9C49-5075DB81A477}
2012-04-26 13:18:35 -------- d-----w- C:\Users\St0rM\AppData\Local\{6BA7B30C-CB15-4EF3-92F9-1FAD3FD8DB4A}
2012-04-26 01:18:08 -------- d-----w- C:\Users\St0rM\AppData\Local\{6A46AB5F-B35C-4741-91B3-05DDA5E73BD9}
2012-04-25 13:17:40 -------- d-----w- C:\Users\St0rM\AppData\Local\{B9080CF6-1D24-4342-84DD-A27A6EF8AE26}
2012-04-25 13:17:27 -------- d-----w- C:\Users\St0rM\AppData\Local\{76B31D89-48F1-49C7-84CE-A8959BE85859}
2012-04-24 23:49:52 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-04-24 23:49:49 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-24 23:49:49 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-04-24 15:53:53 -------- d-----w- C:\Users\St0rM\AppData\Local\{E60C0008-E6CA-4D50-AB7B-6EFA9B10B57A}
2012-04-24 15:53:41 -------- d-----w- C:\Users\St0rM\AppData\Local\{3C6FBDE5-331B-4D6F-96F4-37F089954316}
2012-04-23 22:52:51 -------- d-----w- C:\Users\St0rM\AppData\Local\{2E200CAD-7697-4FBD-A1B8-0827ADC3EDBD}
2012-04-23 10:52:24 -------- d-----w- C:\Users\St0rM\AppData\Local\{5056017A-F44D-4A24-B8EA-7F935B0A4F6A}
2012-04-23 10:52:12 -------- d-----w- C:\Users\St0rM\AppData\Local\{68B77893-6E6B-4E70-B1F3-AEC6001FC68B}
2012-04-22 16:12:48 -------- d-----w- C:\Users\St0rM\AppData\Local\{D4CAB109-2EAC-49C4-958B-0BB3457A388F}
2012-04-22 16:12:35 -------- d-----w- C:\Users\St0rM\AppData\Local\{88468869-1E61-43A6-92CF-283C65BBE223}
2012-04-22 01:44:35 -------- d-----w- C:\Users\St0rM\AppData\Local\{27DC7BF7-6426-42FB-BB0E-4A59875A2042}
2012-04-21 13:44:08 -------- d-----w- C:\Users\St0rM\AppData\Local\{0846B500-DA7E-4A39-860E-4E8C26D778DF}
2012-04-21 13:43:52 -------- d-----w- C:\Users\St0rM\AppData\Local\{044F4DD0-9611-498F-A0A2-88EE95A8E47E}
2012-04-21 01:18:38 -------- d-----w- C:\Users\St0rM\AppData\Local\{EA3FA811-E2F9-4845-BD78-3F9E9F811B7F}
2012-04-21 01:18:26 -------- d-----w- C:\Users\St0rM\AppData\Local\{275DBD08-D293-4728-96CE-8CCBCCBC33D0}
2012-04-20 13:17:58 -------- d-----w- C:\Users\St0rM\AppData\Local\{FD6F2C79-BC89-4854-A280-202A247E2E68}
2012-04-20 13:17:46 -------- d-----w- C:\Users\St0rM\AppData\Local\{D698C16D-8E32-4DB8-A1F3-DD450F57DE02}
2012-04-20 02:16:27 -------- d-----w- C:\Users\St0rM\AppData\Roaming\SoftGrid Client
2012-04-20 02:16:27 -------- d-----w- C:\Users\St0rM\AppData\Local\SoftGrid Client
2012-04-20 01:17:18 -------- d-----w- C:\Users\St0rM\AppData\Local\{DA0E9127-5426-4FA2-AEBE-2FD9C7B75EE6}
2012-04-20 01:17:07 -------- d-----w- C:\Users\St0rM\AppData\Local\{F8F6C0E1-EAFF-4840-9331-90DD052766A6}
2012-04-19 15:04:27 -------- d-----w- C:\ProgramData\CPA_VA
2012-04-19 15:01:55 -------- d-----w- C:\Users\St0rM\AppData\Roaming\QFX Software
2012-04-19 15:01:55 -------- d-----w- C:\ProgramData\QFX Software
2012-04-19 14:43:11 -------- d-----w- C:\ProgramData\Comodo
2012-04-19 14:43:07 -------- d-----w- C:\Program Files\COMODO
2012-04-19 14:43:01 -------- d-----w- C:\Users\St0rM\AppData\Local\Comodo
2012-04-19 14:43:00 50952 ----a-w- C:\Windows\System32\certsentry.dll
2012-04-19 14:43:00 42760 ----a-w- C:\Windows\SysWow64\certsentry.dll
2012-04-19 14:42:56 -------- d-----w- C:\Program Files (x86)\Comodo
2012-04-19 14:32:24 222904 ----a-w- C:\Windows\System32\drivers\keyscrambler.sys
2012-04-19 14:32:24 -------- d-----w- C:\Program Files (x86)\KeyScrambler
2012-04-19 13:16:38 -------- d-----w- C:\Users\St0rM\AppData\Local\{275B6984-C19C-4F23-9B82-0E60CAF2993F}
2012-04-19 13:16:25 -------- d-----w- C:\Users\St0rM\AppData\Local\{486D64FE-249A-4082-9E41-816B9623D5CB}
2012-04-19 00:41:50 -------- d-----w- C:\Users\St0rM\AppData\Local\{C35E2F76-C93C-4246-9D86-6F988D50B058}
2012-04-19 00:41:38 -------- d-----w- C:\Users\St0rM\AppData\Local\{82EFD9C9-EE00-4111-8E14-93E110491AAF}
2012-04-18 17:47:17 -------- d-----w- C:\Users\St0rM\AppData\Roaming\Malwarebytes
2012-04-18 17:47:13 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-04-18 17:47:13 -------- d-----w- C:\ProgramData\Malwarebytes
2012-04-18 17:47:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-04-17 14:34:31 -------- d-----w- C:\Users\St0rM\AppData\Local\{25D1A232-5179-43E5-8B30-F363738E4AB0}
2012-04-17 14:34:19 -------- d-----w- C:\Users\St0rM\AppData\Local\{572F1BE8-18F4-4360-A148-D1CC28528F48}
2012-04-16 13:57:42 -------- d-----w- C:\Users\St0rM\AppData\Local\{4D1CDF16-6D33-4C35-ACCD-A6188FD96BEB}
2012-04-16 13:57:27 -------- d-----w- C:\Users\St0rM\AppData\Local\{ADFDFBC4-774F-426A-AC27-BEE0D83676AB}
2012-04-15 13:40:44 -------- d-----w- C:\Users\St0rM\AppData\Local\{A176A975-755C-4EDA-BDE4-4C30BACEE4A9}
2012-04-15 13:40:32 -------- d-----w- C:\Users\St0rM\AppData\Local\{AADFD8A5-349F-41AA-880B-3847DB5F1C30}
2012-04-14 17:07:11 -------- d-----w- C:\Program Files\Groove Games
2012-04-14 15:53:40 -------- d-----w- C:\Users\St0rM\AppData\Local\{579080D4-6D45-41AB-98AD-16699079F19B}
2012-04-14 15:53:24 -------- d-----w- C:\Users\St0rM\AppData\Local\{4FF5A6CB-D4C0-4B12-928D-727A72F4319A}
2012-04-13 15:44:02 -------- d-----w- C:\Users\St0rM\AppData\Local\{83F4CBAB-5DC0-4BFE-A589-F580A85110D4}
2012-04-13 15:43:50 -------- d-----w- C:\Users\St0rM\AppData\Local\{8CA5F542-501B-4488-893F-7DA68BBE970F}
2012-04-13 03:43:24 -------- d-----w- C:\Users\St0rM\AppData\Local\{DAC8FBEF-07A5-4622-85BC-D77CF5EA923E}
2012-04-13 03:43:12 -------- d-----w- C:\Users\St0rM\AppData\Local\{C2985FCF-03EA-4980-9454-BA274852F32F}
2012-04-13 03:42:37 -------- d-----w- C:\Windows\en
2012-04-13 03:37:47 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cb3077d71cd192601\DSETUP.dll
2012-04-13 03:37:47 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cb3077d71cd192601\DXSETUP.exe
2012-04-13 03:37:47 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cb3077d71cd192601\dsetup32.dll
2012-04-13 03:22:39 -------- d-----w- C:\Users\St0rM\AppData\Local\{4CA7E4BD-91F4-43F7-B727-F68648448AB9}
2012-04-12 15:26:46 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-04-12 15:26:45 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-04-12 15:26:44 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-04-12 15:24:10 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-04-12 15:24:10 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-04-12 15:24:10 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-04-12 15:24:08 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-04-12 15:24:08 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-04-12 15:24:08 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-04-12 15:24:08 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-04-12 15:22:13 -------- d-----w- C:\Users\St0rM\AppData\Local\{E4D48E0A-F3B2-4714-ABD3-C40B2AA74256}
2012-04-11 16:30:57 -------- d-----w- C:\Users\St0rM\AppData\Local\{3B00B874-7AE4-4CB0-9EF0-6B4270C9EAB3}
2012-04-11 15:38:16 -------- d-----w- C:\Users\St0rM\AppData\Roaming\NavNet Solutions
2012-04-11 15:08:01 -------- d-----w- C:\Users\St0rM\AppData\Roaming\Unity
2012-04-11 15:07:32 -------- d-----w- C:\Users\St0rM\AppData\Local\Unity
2012-04-10 13:52:25 -------- d-----w- C:\Users\St0rM\AppData\Local\{ED97E3C3-6E7D-4C48-B5A5-72B0EFA0CA08}
2012-04-09 14:43:23 -------- d-----w- C:\Users\St0rM\AppData\Local\{256B6082-C582-4DF8-A5AB-8D67B15422DA}
2012-04-08 15:45:26 -------- d-----w- C:\Users\St0rM\AppData\Local\{86E69A61-6687-4733-AD30-F4EF1158EC1D}
2012-04-07 16:13:31 -------- d-----w- C:\Users\St0rM\AppData\Local\{2F096F6A-5DE2-4E6D-BC6C-EE57949A6D6A}
2012-04-07 02:14:55 -------- d-----w- C:\Users\St0rM\AppData\Local\{080B3826-598B-447F-A61D-6229289966D9}
2012-04-06 14:14:41 -------- d-----w- C:\Users\St0rM\AppData\Local\{D1C69DB9-1C6E-4501-BDB8-59A3A8C97A97}
2012-04-05 13:33:33 -------- d-----w- C:\Users\St0rM\AppData\Local\{0BAEAA6B-421B-407A-85D4-7E985D7B5137}
2012-04-04 23:49:23 -------- d-----w- C:\Users\St0rM\AppData\Local\{23768D17-E513-4387-AC67-DA0A2CEE87A3}
2012-04-04 05:53:56 182160 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2012-04-04 05:53:56 182160 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2012-04-03 13:07:07 -------- d-----w- C:\Users\St0rM\AppData\Local\{5D4B0A4F-14C6-4C2B-BD1A-A9FE8D1D0EEA}
2012-04-02 13:06:44 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-02 13:06:30 -------- d-----w- C:\Users\St0rM\AppData\Local\{E15C49D1-0AA9-4877-B22C-0F5FC5899782}
2012-04-01 15:47:35 -------- d-----w- C:\Users\St0rM\AppData\Local\{ADCD0C23-D5CF-4EC6-A475-54EEF9058C88}
2012-04-01 03:47:10 -------- d-----w- C:\Users\St0rM\AppData\Local\{F14B3350-2A05-41D8-AF65-51E2052B16F7}
2012-03-31 15:46:45 -------- d-----w- C:\Users\St0rM\AppData\Local\{A8FB34B4-3AE5-4F35-90E4-5F79B96525DE}
2012-03-30 16:08:54 -------- d-----w- C:\Users\St0rM\AppData\Local\{863CD6F9-60BB-4B5F-A444-59A177CF632B}
2012-03-29 13:35:31 -------- d-----w- C:\Users\St0rM\AppData\Local\{4B5507A8-F473-4602-BAF8-AD7312620DB3}
2012-03-29 11:49:38 -------- d-----w- C:\Users\St0rM\.magictree
2012-03-29 11:46:59 -------- d-----w- C:\strawberry
.
==================== Find3M ====================
.
2012-04-02 13:06:44 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-25 17:03:02 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll
2012-03-12 04:13:42 577824 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys
2012-03-12 04:13:42 43248 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2012-03-12 04:13:40 22696 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2012-03-12 04:13:22 41200 ----a-w- C:\Windows\System32\cmdcsr.dll
2012-03-12 04:13:20 301224 ----a-w- C:\Windows\SysWow64\guard32.dll
2012-03-12 04:13:18 389840 ----a-w- C:\Windows\System32\guard64.dll
2012-03-09 01:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2012-03-09 01:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-24 21:30:03 878076 ----a-w- C:\Users\St0rM\AppData\Roaming\ssupdater.exe
2012-02-23 22:28:43 98304 ----a-w- C:\Windows\System32\prjChameleon.ocx
2012-02-23 17:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-02-15 19:01:50 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2012-02-15 19:01:50 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll
2012-02-15 05:05:32 69632 ----a-w- C:\Windows\System32\OpenVideo64.dll
2012-02-15 05:05:26 59904 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2012-02-15 05:05:20 61952 ----a-w- C:\Windows\System32\OVDecode64.dll
2012-02-15 05:05:16 54784 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2012-02-15 05:05:08 16507904 ----a-w- C:\Windows\System32\amdocl64.dll
2012-02-15 05:04:26 13238272 ----a-w- C:\Windows\SysWow64\amdocl.dll
2012-02-15 05:03:44 54272 ----a-w- C:\Windows\System32\OpenCL.dll
2012-02-15 05:03:38 48128 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2012-02-15 03:48:32 10856960 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2012-02-15 03:21:24 25839104 ----a-w- C:\Windows\System32\atio6axx.dll
2012-02-15 03:18:56 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
2012-02-15 03:18:40 791040 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2012-02-15 03:17:04 957952 ----a-w- C:\Windows\System32\aticfx64.dll
2012-02-15 03:13:56 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2012-02-15 03:13:40 496128 ----a-w- C:\Windows\System32\atieclxx.exe
2012-02-15 03:13:00 235520 ----a-w- C:\Windows\System32\atiesrxx.exe
2012-02-15 03:11:42 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2012-02-15 03:10:58 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2012-02-15 03:10:54 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2012-02-15 03:10:48 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2012-02-15 03:07:44 6200320 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2012-02-15 02:58:56 19392000 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2012-02-15 02:52:28 7646208 ----a-w- C:\Windows\System32\atidxx64.dll
2012-02-15 02:41:28 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
2012-02-15 02:40:54 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2012-02-15 02:40:42 4958208 ----a-w- C:\Windows\System32\atiumd6a.dll
2012-02-15 02:34:56 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2012-02-15 02:34:54 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2012-02-15 02:34:46 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2012-02-15 02:34:44 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2012-02-15 02:34:36 5954048 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2012-02-15 02:34:30 13859840 ----a-w- C:\Windows\System32\aticaldd64.dll
2012-02-15 02:29:52 5062656 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2012-02-15 02:29:50 11561984 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2012-02-15 02:25:06 7551488 ----a-w- C:\Windows\System32\atiumd64.dll
2012-02-15 02:16:38 58880 ----a-w- C:\Windows\System32\coinst.dll
2012-02-15 02:14:00 512000 ----a-w- C:\Windows\System32\atiadlxx.dll
2012-02-15 02:13:50 356352 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2012-02-15 02:13:36 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
2012-02-15 02:13:32 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2012-02-15 02:13:32 14336 ----a-w- C:\Windows\System32\atiglpxx.dll
2012-02-15 02:13:28 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2012-02-15 02:13:20 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2012-02-15 02:13:12 327680 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2012-02-15 02:12:22 43008 ----a-w- C:\Windows\System32\atiuxp64.dll
2012-02-15 02:12:14 33280 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2012-02-15 02:12:08 39936 ----a-w- C:\Windows\System32\atiu9p64.dll
2012-02-15 02:12:00 30208 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2012-02-15 02:11:22 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2012-02-15 02:11:16 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2012-02-15 02:11:16 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
2012-02-15 02:11:10 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2012-02-15 02:11:10 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2012-02-10 22:38:14 42392 ----a-w- C:\Windows\SysWow64\xfcodec.dll
2012-02-10 22:38:14 28056 ----a-w- C:\Windows\System32\xfcodec64.dll
2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-02-03 04:34:34 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-01-31 13:02:26 21504 ----a-w- C:\Windows\System32\kdbsdk64.dll
2012-01-31 13:00:24 16896 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll
.
============= FINISH: 14:50:30.29 ===============

More about about my problem: will be found here
http://www.bleepingcomputer.com/forums/topic450648.html/

and said in one of my post witch one of the kind man understood what I was saying from this post:

:edit: seems like I'm not the only one having this problem http://www.sevenforums.com/general-discussion/36083-windows-minimize-their-own.html

Hmmm I recently upgraded to Windows 7 and I've noticed a similar, though not identical, problem. When I run a program such as Word or IE sometimes my typing will suddenly stop. The title bar changes to a slightly lighter color (as if I had clicked off of the window). Describing this in words is difficult so just click on your toolbar where there are no icons and you'll see what I mean. I then must reclick the window I'm on to begin typing or scrolling again. Another problem is when I play a computer game (not the basic accessory games but a real game). My game will randomly minimize (I did not hit any keys that would cause minimization), sending me back to the desktop. This is extremely annoying since this often occurs during online play and causes my defeat.

that person on the windows 7 forums says the same thing, that's whats happening to me.


I'm trying to say it the best I can but I'm on hardly any sleep I'm 17 and go to school :P

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,769 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:31 AM

Posted 01 May 2012 - 10:33 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html
===

Third party programs if not up to date can be the cause infiltration of an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.

Please post the logs for my review.

p.s.
Not sure if it relevant but the Attach.txt your provided (Attachment) is report this error continuously.
4/27/2012 9:59:01 AM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 441 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Are you having any difficulties with this Device?

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,769 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:31 AM

Posted 07 May 2012 - 10:22 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users