Tech Support Forum banner
Cancel

Random mouse clicking and entering text - virus?

Jump to Latest Follow
Status
Not open for further replies.
1 - 3 of 3 Posts
B

· Registered
Joined
·
1 Posts
Discussion Starter · #1 ·
Hi,

Periodically I get random mouse clicks and keyboard entering spaces or my username (but in lower case)!! I got this thing today while I was making presentation in power point.

I had MSE installed, but I didn't find anything. I uninstalled it and installed NOD32 and nothing was found either.

I followed your instructions for posting, but in GMER, I was able only to check Services, Registry, ADS and Files (selected C only). Everything else was disabled.

Currently (and in the time of scanning) I was running OS with all startup items disabled (i unchecked everything in msconfig) and now I don't get any clicking and keystroking... None of startup items seems odd to me...


.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Bruno at 0:16:30,27 on pon 04.04.2011.
Internet Explorer: 9.0.8112.16421
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.385.1033.18.3990.2431 [GMT 2:00]
.
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
C:\MPICH2\bin\smpd.exe
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\Bruno\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Bruno\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Lenovo\System Update\SUService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Users\Bruno\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Bruno\Downloads\dds (1).scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {dda57003-0068-4ed2-9d32-4d1ec707d94d} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
EB: Web Test Recorder 10.0: {5802d092-1784-4908-8cdb-99b6842d353d} - mscoree.dll
EB: Developer Tools: {1a6fe369-f28c-4ad9-a3e6-2bcb50807cf1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll
DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} - hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
EB-X64: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - No File
mRun-x64: [(Default)]
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
Hosts: 192.168.147.1 developerservices.windowsphone.com
============= SERVICES / DRIVERS ===============
.
R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2011-3-25 31344]
R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2011-3-14 15472]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-3-14 203264]
R2 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2010-12-21 170640]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-1-21 810144]
R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2010-12-21 125296]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2011-3-14 93032]
R2 mpich2_smpd;MPICH2 Process Manager, Argonne National Lab;C:\MPICH2\bin\smpd.exe [2011-2-17 483328]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-3-10 2296696]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2011-3-14 114024]
R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2011-3-14 64440]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-1-22 563760]
R3 5U875UVC;Integrated Camera;C:\Windows\System32\drivers\RCUVCMNP.sys [2011-3-14 220032]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2011-3-14 7195648]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2011-3-14 265728]
R3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;C:\Windows\System32\drivers\ATSwpWDF.sys [2009-12-3 716872]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2008-8-22 316544]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-3-14 56344]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2011-3-14 10342240]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETwNs64.sys [2010-10-18 8153088]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 RecFltr;Reclusa Keyboard;C:\Windows\System32\drivers\RecFltr.sys [2007-1-18 45440]
R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
R3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2011-3-14 45496]
S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2011-3-25 155496]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 51456888]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2011-3-25 79208]
S3 RDID1045;FANTOM-X;C:\Windows\System32\drivers\Rdwm1045.sys [2011-3-15 81920]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-3-9 20992]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-9 59392]
S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-18 68440]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-1 1255736]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2010-11-11 306416]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-9-17 430424]
.
=============== Created Last 30 ================
.
2011-04-03 21:43:44 -------- d-----w- C:\Users\Bruno\AppData\Roaming\Malwarebytes
2011-04-03 21:43:33 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-04-03 21:43:33 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-04-03 21:43:30 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-04-03 21:43:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-04-03 21:37:08 -------- d-----w- C:\Windows\pss
2011-04-03 21:03:48 -------- d-----w- C:\Program Files (x86)\Sophos
2011-04-03 20:55:02 77312 ----a-w- C:\Windows\SysWow64\ztvunace26.dll
2011-04-03 20:55:02 75264 ----a-w- C:\Windows\SysWow64\unacev2.dll
2011-04-03 20:55:02 69632 ----a-w- C:\Windows\SysWow64\ztvcabinet.dll
2011-04-03 20:55:02 162304 ----a-w- C:\Windows\SysWow64\ztvunrar36.dll
2011-04-03 20:55:01 153088 ----a-w- C:\Windows\SysWow64\UNRAR3.dll
2011-04-03 20:55:01 -------- d-----w- C:\Users\Bruno\AppData\Roaming\Simply Super Software
2011-04-03 20:55:01 -------- d-----w- C:\Program Files (x86)\Trojan Remover
2011-04-03 20:55:01 -------- d-----w- C:\PROGRA~3\Simply Super Software
2011-04-03 20:48:13 -------- d-----w- C:\Program Files\ESET
2011-04-03 18:28:20 87040 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPAA.DLL
2011-04-03 18:28:20 28672 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDAA.DLL
2011-04-03 18:28:15 348672 ----a-w- C:\Windows\System32\CNC280L.dll
2011-04-03 18:28:15 307200 ----a-w- C:\Windows\SysWow64\CNC280L.dll
2011-04-03 18:28:15 15872 ----a-w- C:\Windows\SysWow64\CNHMCA.dll
2011-04-03 18:28:15 1354240 ----a-w- C:\Windows\System32\CNC280C.dll
2011-04-03 18:28:15 112128 ----a-w- C:\Windows\System32\CNC280I.dll
2011-04-03 18:28:15 106496 ----a-w- C:\Windows\SysWow64\CNC280U.dll
2011-04-03 18:28:14 17920 ----a-w- C:\Windows\System32\CNHMCA6.dll
2011-04-03 18:27:49 361472 ----a-w- C:\Windows\System32\CNMLMAA.DLL
2011-04-03 18:27:37 248320 ----a-w- C:\Windows\System32\CNMIUAA.DLL
2011-04-03 18:27:37 103424 ----a-w- C:\Windows\System32\CNC280O.dll
2011-04-03 11:33:42 -------- d-----w- C:\Users\Bruno\AppData\Local\{FDBA07EA-4AA3-46DC-B818-58CC64121E65}
2011-04-02 22:56:44 -------- d-----w- C:\PROGRA~3\ALM
2011-04-02 15:41:04 15872 ----a-w- C:\Windows\System32\drivers\sscdwhnt.sys
2011-04-02 15:41:04 15872 ----a-w- C:\Windows\System32\drivers\sscdwh.sys
2011-04-02 15:41:03 18944 ----a-w- C:\Windows\System32\drivers\sscdmdfl.sys
2011-04-02 15:41:03 161280 ----a-w- C:\Windows\System32\drivers\sscdmdm.sys
2011-04-02 15:41:03 15360 ----a-w- C:\Windows\System32\drivers\sscdcmnt.sys
2011-04-02 15:41:03 15360 ----a-w- C:\Windows\System32\drivers\sscdcm.sys
2011-04-02 15:41:03 129024 ----a-w- C:\Windows\System32\drivers\sscdserd.sys
2011-04-02 15:41:03 127488 ----a-w- C:\Windows\System32\drivers\sscdbus.sys
2011-04-02 15:41:03 -------- d-----w- C:\Program Files\SAMSUNG
2011-04-02 15:40:38 -------- d-----w- C:\PROGRA~3\Samsung
2011-04-02 13:12:18 -------- d-----w- C:\WindowsAzureMMC
2011-04-01 08:34:15 -------- d-----w- C:\Users\Bruno\AppData\Local\{53455687-42A1-4712-AD8F-88C6A7EE38E8}
2011-03-31 11:23:24 -------- d-----w- C:\MPICH2
2011-03-31 10:12:09 -------- d-----w- C:\Users\Bruno\AppData\Local\{C66D9A3B-3D63-4F61-8518-59BA9BB78974}
2011-03-30 23:07:14 -------- d-----w- C:\Program Files\MPICH2
2011-03-30 18:19:32 -------- d-----w- C:\Users\Bruno\AppData\Local\{01A784ED-DF53-414C-B237-FD9005BFB71A}
2011-03-30 06:19:09 -------- d-----w- C:\Users\Bruno\AppData\Local\{C5764F6D-D42A-49C0-8F4F-576FE6B8C660}
2011-03-30 00:02:14 -------- d-----w- C:\Users\Bruno\AppData\Roaming\apm
2011-03-30 00:02:05 -------- d-----w- C:\Program Files (x86)\abylonsoft
2011-03-29 17:29:33 -------- d-----w- C:\Users\Bruno\AppData\Local\{0E10F92E-DD49-4BD8-AB6A-FA5F196D8429}
2011-03-29 05:29:10 -------- d-----w- C:\Users\Bruno\AppData\Local\{D2A3EBB9-ED6A-4974-9D08-7DC61883710F}
2011-03-28 12:27:26 -------- d-----w- C:\Users\Bruno\AppData\Local\{842E4D15-B0F3-4A83-A212-340EA7D38362}
2011-03-28 00:27:03 -------- d-----w- C:\Users\Bruno\AppData\Local\{DF36E530-1BB2-4B8B-A476-33F3F3C34762}
2011-03-27 12:26:40 -------- d-----w- C:\Users\Bruno\AppData\Local\{E067C924-C6F4-4BEA-A86E-1987FD809047}
2011-03-26 12:57:59 -------- d-----w- C:\Users\Bruno\AppData\Local\{21451318-7352-4885-9C4E-64FF5F669C55}
2011-03-25 12:27:18 -------- d-----w- C:\Users\Bruno\AppData\Roaming\PwrMgr
2011-03-25 11:26:35 -------- d-----w- C:\Users\Bruno\AppData\Local\{2BA81F17-7106-4B50-99F4-2300744648D1}
2011-03-25 10:54:26 -------- d-----w- C:\SWTOOLS
2011-03-25 10:54:25 -------- d-----w- C:\PROGRA~3\Lenovo
2011-03-25 10:53:06 509288 ------w- C:\Windows\PWMBTHLV.EXE
2011-03-25 10:53:05 -------- d-----w- C:\Program Files (x86)\ThinkPad
2011-03-25 10:53:04 31344 ----a-w- C:\Windows\System32\drivers\DZHDD64.SYS
2011-03-25 10:53:04 14960 ----a-w- C:\Windows\System32\drivers\TPPWR64V.SYS
2011-03-25 10:53:04 1007464 ----a-w- C:\Windows\System32\PWMCP64V.cpl
2011-03-25 10:52:34 90112 ----a-w- C:\Windows\System32\snymsico.dll
2011-03-25 10:52:34 67072 ----a-w- C:\Windows\System32\drivers\rimmpx64.sys
2011-03-25 10:52:34 57856 ----a-w- C:\Windows\System32\drivers\rixdpx64.sys
2011-03-25 10:52:34 54784 ----a-w- C:\Windows\System32\drivers\rimspx64.sys
2011-03-25 10:52:34 172032 ----a-w- C:\Windows\System32\rixdicon.dll
2011-03-24 11:26:02 -------- d-----w- C:\Users\Bruno\AppData\Local\{4002CB1B-9FC1-4AC4-817E-5ADB3B143CB5}
2011-03-23 20:55:53 -------- d-----w- C:\Users\Bruno\AppData\Local\{262B9AC1-C52E-4A0E-92F7-42E41ADC47CD}
2011-03-23 16:26:36 -------- d-----w- C:\Windows\SysWow64\xlive
2011-03-23 16:26:36 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-03-23 16:26:34 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
2011-03-23 16:24:42 111968 ----a-w- C:\PROGRA~3\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2011-03-23 16:23:33 -------- d-----w- C:\Program Files (x86)\Microsoft XDE
2011-03-23 08:55:30 -------- d-----w- C:\Users\Bruno\AppData\Local\{4FBFFFFF-E985-46B6-ABF2-956D4B1AC91F}
2011-03-22 21:43:33 -------- d-----r- C:\Users\Bruno\Podcasts
2011-03-22 21:43:23 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-BR
2011-03-22 21:43:22 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-PT
2011-03-22 21:43:22 -------- d-----w- C:\Windows\System32\drivers\UMDF\nl-NL
2011-03-22 21:43:22 -------- d-----w- C:\Windows\System32\drivers\UMDF\it-IT
2011-03-22 21:43:21 -------- d-----w- C:\Windows\System32\drivers\UMDF\fr-FR
2011-03-22 21:43:21 -------- d-----w- C:\Windows\System32\drivers\UMDF\es-ES
2011-03-22 21:43:21 -------- d-----w- C:\Windows\System32\drivers\UMDF\de-DE
2011-03-22 16:05:56 -------- d-----w- C:\Users\Bruno\AppData\Local\{C0BCE7E1-6DDF-4B7F-9D0E-FFF6E9240A4B}
2011-03-21 13:29:14 -------- d-----w- C:\Users\Bruno\AppData\Local\{7A7170F0-8258-4D4F-B668-C5BCF859D019}
2011-03-21 01:28:51 -------- d-----w- C:\Users\Bruno\AppData\Local\{6CB8A8AF-B098-4541-B2FC-4C8E476D9DDA}
2011-03-20 13:28:31 -------- d-----w- C:\Users\Bruno\AppData\Local\{51E10501-EC91-4DFF-82FD-039DD9F701F8}
2011-03-20 01:28:08 -------- d-----w- C:\Users\Bruno\AppData\Local\{ABA21836-763B-4CF0-AADC-4096823915E8}
2011-03-19 13:27:57 -------- d-----w- C:\Users\Bruno\AppData\Local\{941834C4-CCA8-44D1-A65B-4EFA1479D167}
2011-03-18 11:53:05 -------- d-----w- C:\Users\Bruno\AppData\Local\{C68BE2B9-424F-4FA9-9544-F7023EC362DD}
2011-03-17 23:52:41 -------- d-----w- C:\Users\Bruno\AppData\Local\{E52FC643-4953-4836-81C6-0186D666B3BB}
2011-03-17 22:03:24 359871552 ----a-w- C:\temp\en_visio_2010_x64_516535.exe
2011-03-17 11:52:19 -------- d-----w- C:\Users\Bruno\AppData\Local\{BEA9EA26-B366-46F6-AE80-9A5124F24980}
2011-03-16 11:51:45 -------- d-----w- C:\Users\Bruno\AppData\Local\{16CBD1EE-79B3-4810-8012-D52C35E1FDD6}
2011-03-15 21:29:18 -------- d-----w- C:\Users\Bruno\AppData\Local\{172BAA05-8DEB-42C1-BAAE-EEF785802EA7}
2011-03-15 10:29:04 9216 ----a-w- C:\Windows\System32\RdCi1045.dll
2011-03-15 10:29:04 81920 ----a-w- C:\Windows\System32\drivers\Rdwm1045.sys
2011-03-15 10:29:04 56832 ----a-w- C:\Windows\System32\RDCP1045.CPL
2011-03-15 10:29:04 410624 ----a-w- C:\Windows\System32\RDDP1045.DAT
2011-03-15 10:29:04 -------- d-----w- C:\Program Files\RdDrv001
2011-03-15 09:28:54 -------- d-----w- C:\Users\Bruno\AppData\Local\{1B12F80C-39EC-4CC5-B017-95794C1BA56E}
2011-03-14 21:28:31 -------- d-----w- C:\Users\Bruno\AppData\Local\{F2504A9F-8E0D-43C7-AD77-07BEB2343E19}
2011-03-14 09:04:47 -------- d-----w- C:\Program Files\Lenovo
2011-03-14 09:04:43 15472 ----a-w- C:\Windows\System32\drivers\smiifx64.sys
2011-03-14 09:04:01 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-03-14 09:04:00 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-03-14 09:03:59 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-03-14 09:03:59 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-03-14 09:03:55 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2011-03-14 09:03:54 45928 ----a-w- C:\Windows\System32\ibmpmsvc.exe
2011-03-14 09:03:54 39024 ----a-w- C:\Windows\System32\drivers\ibmpmdrv.sys
2011-03-14 09:03:54 38760 ----a-w- C:\Windows\System32\tpinspm.dll
2011-03-14 00:28:04 -------- d-----w- C:\Users\Bruno\AppData\Local\ATI
2011-03-14 00:24:01 398848 ----a-w- C:\Windows\System32\UCI64A42.dll
2011-03-14 00:24:00 649216 ----a-w- C:\Windows\System32\drivers\CHDRT64.sys
2011-03-14 00:24:00 1811968 ----a-w- C:\Windows\System32\CX64TP17.dll
2011-03-14 00:21:42 -------- d-----w- C:\Program Files (x86)\RotateImage
2011-03-14 00:21:42 -------- d-----w- C:\Program Files (x86)\Integrated Camera Driver
2011-03-14 00:21:41 249856 ----a-w- C:\Windows\SysWow64\5U875.ax
2011-03-14 00:21:41 249856 ----a-w- C:\Windows\System32\5U875.ax
2011-03-14 00:21:41 220032 ----a-w- C:\Windows\System32\drivers\RCUVCMNP.sys
2011-03-14 00:21:41 114688 ----a-w- C:\Windows\System32\RCUVCMNP.dll
2011-03-14 00:20:59 -------- d-----w- C:\Users\Bruno\AppData\Roaming\Intel
2011-03-14 00:20:04 -------- d-----w- C:\Program Files\Common Files\Intel
2011-03-14 00:20:02 -------- d-----w- C:\Program Files (x86)\Cisco
2011-03-14 00:19:22 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2011-03-14 00:19:04 -------- d-----w- C:\Windows\SysWow64\x64
2011-03-14 00:19:04 -------- d-----w- C:\Windows\SysWow64\Lang
2011-03-14 00:19:03 989720 ----a-w- C:\Windows\SysWow64\heciudlg.exe
2011-03-14 00:19:02 56344 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2011-03-14 00:03:12 -------- d-----w- C:\Program Files (x86)\Lenovo
2011-03-14 00:03:03 27136 ----a-w- C:\Windows\System32\drivers\psadd.sys
2011-03-13 23:56:46 -------- d-----w- C:\Users\Bruno\AppData\Local\{2E539E7C-0F8A-41E4-8AF4-349361254C40}
2011-03-13 11:56:35 -------- d-----w- C:\Users\Bruno\AppData\Local\{FFB5A3F0-B71B-4C15-A1E0-89685434C715}
2011-03-12 12:44:36 -------- d-----w- C:\WAPTK
2011-03-12 11:56:12 -------- d-----w- C:\Users\Bruno\AppData\Local\{2E76ECEF-8BA4-4737-ABD8-57EBCD0FFE1F}
2011-03-11 22:09:59 -------- d-----w- C:\Program Files (x86)\TimeAdjuster
2011-03-11 13:54:10 -------- d-----w- C:\Users\Bruno\AppData\Local\{3F67ECED-E31C-4159-945F-ED69A3439FE1}
2011-03-10 21:42:59 -------- d-----w- C:\Users\Bruno\AppData\Roaming\TeamViewer
2011-03-10 21:40:21 -------- d-----w- C:\Program Files (x86)\TeamViewer
2011-03-10 15:55:55 -------- d-----w- C:\Users\Bruno\AppData\Local\{FF30F77C-3F28-4445-B587-F316E1F94527}
2011-03-09 23:26:45 -------- d-----w- C:\Users\Bruno\AppData\Local\{B9DC224E-ACDA-484E-8196-A433BE97DB88}
2011-03-09 13:12:29 -------- d-----w- C:\Windows\System32\SPReview
2011-03-09 13:12:17 -------- d-----w- C:\Windows\System32\EventProviders
2011-03-09 13:10:53 -------- d-----w- C:\Program Files\Microsoft IntelliPoint
2011-03-09 13:09:07 48976 ----a-w- C:\Windows\System32\netfxperf.dll
2011-03-09 13:09:06 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-03-09 13:07:59 755200 ----a-w- C:\Windows\SysWow64\sud.dll
2011-03-09 13:06:52 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2011-03-09 13:06:52 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2011-03-09 13:06:52 1225216 ----a-w- C:\Windows\System32\wbem\wbemcore.dll
2011-03-09 13:06:49 933376 ----a-w- C:\Windows\System32\SmiEngine.dll
2011-03-09 13:06:48 199168 ----a-w- C:\Windows\System32\PkgMgr.exe
2011-03-09 13:06:40 422912 ----a-w- C:\Windows\System32\drvstore.dll
2011-03-09 13:06:40 399872 ----a-w- C:\Windows\System32\dpx.dll
2011-03-09 12:58:28 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-03-09 12:58:27 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-03-09 11:26:22 -------- d-----w- C:\Users\Bruno\AppData\Local\{DAFB8640-067F-44E9-8EBB-F0CB4A609596}
2011-03-08 17:00:34 -------- d-----w- C:\Users\Bruno\AppData\Local\{C45B637F-6A55-4A89-91A8-613B18B5ED45}
2011-03-07 23:13:40 -------- d-----w- C:\Program Files (x86)\Common Files\DevExpress
2011-03-07 23:12:44 -------- d-----w- C:\Users\Bruno\AppData\Roaming\CodeRush for VS .NET
2011-03-07 23:06:19 -------- d-----w- C:\Program Files (x86)\DevExpress 2010.2
2011-03-07 19:55:39 -------- d-----w- C:\Users\Bruno\AppData\Local\{C8DF4FEC-2656-4F11-9F75-D0C23E1AE925}
2011-03-07 07:55:16 -------- d-----w- C:\Users\Bruno\AppData\Local\{82571703-5D8C-4486-A383-FC4D48E00D04}
2011-03-06 15:13:01 -------- d-----w- C:\Users\Bruno\AppData\Local\{55386D6B-DF5A-4B6D-A886-C9F02136E41E}
2011-03-05 22:50:44 -------- d-----w- C:\Users\Bruno\AppData\Local\{A1BE12B3-E39A-4D58-920E-6BAAE58C236A}
2011-03-05 10:50:33 -------- d-----w- C:\Users\Bruno\AppData\Local\{CAF7FBA8-803E-49B1-A65A-65D29F1CA257}
.
==================== Find3M ====================
.
2011-03-09 13:16:35 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-03-09 13:16:35 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-03-02 00:21:05 230352 ----a-w- C:\Windows\System32\drivers\truecrypt.sys
2011-02-28 11:59:22 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-02-19 12:05:15 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-19 12:04:37 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-19 12:04:17 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-02-19 06:30:51 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-19 06:30:50 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-02-17 14:47:38 1859584 ----a-w- C:\Windows\SysWow64\mpich2nemesisp.dll
2011-02-17 14:41:48 167936 ----a-w- C:\Windows\SysWow64\mpich2mpi.dll
2011-02-17 14:41:14 1617920 ----a-w- C:\Windows\SysWow64\mpich2nemesis.dll
2011-02-17 14:34:48 1552384 ----a-w- C:\Windows\SysWow64\mpich2mtp.dll
2011-02-17 14:29:10 1347584 ----a-w- C:\Windows\SysWow64\mpich2mt.dll
2011-02-17 14:23:56 135168 ----a-w- C:\Windows\SysWow64\fmpich2s.dll
2011-02-17 14:20:54 167936 ----a-w- C:\Windows\SysWow64\fmpich2g.dll
2011-02-17 14:18:10 159744 ----a-w- C:\Windows\SysWow64\fmpich2.dll
2011-02-17 14:13:22 757760 ----a-w- C:\Windows\System32\TraceInput.dll
2011-02-17 14:13:20 177152 ----a-w- C:\Windows\System32\fmpich2g.dll
2011-02-17 14:12:04 147456 ----a-w- C:\Windows\SysWow64\mpich2mpe.dll
2011-02-17 14:12:02 135168 ----a-w- C:\Windows\SysWow64\mpe.dll
2011-02-17 14:11:40 185856 ----a-w- C:\Windows\System32\fmpich2.dll
2011-02-17 14:10:58 1527808 ----a-w- C:\Windows\SysWow64\mpich2p.dll
2011-02-17 14:08:20 2067456 ----a-w- C:\Windows\System32\mpich2nemesisp.dll
2011-02-17 14:03:54 1778176 ----a-w- C:\Windows\System32\mpich2nemesis.dll
2011-02-17 13:59:32 1932800 ----a-w- C:\Windows\System32\mpich2mtp.dll
2011-02-17 13:58:36 1323008 ----a-w- C:\Windows\SysWow64\mpich2.dll
2011-02-17 13:55:52 1684480 ----a-w- C:\Windows\System32\mpich2mt.dll
2011-02-17 13:52:16 1875456 ----a-w- C:\Windows\System32\mpich2p.dll
2011-02-17 13:48:44 169472 ----a-w- C:\Windows\System32\mpich2mpe.dll
2011-02-17 13:48:42 155136 ----a-w- C:\Windows\System32\mpe.dll
2011-02-17 13:48:40 230912 ----a-w- C:\Windows\System32\mpich2mpi.dll
2011-02-17 13:48:34 1617920 ----a-w- C:\Windows\System32\mpich2.dll
2011-02-01 17:04:43 0 ----a-w- C:\Windows\ativpsrm.bin
2011-01-07 15:03:08 45408 ----a-w- C:\Windows\System32\drivers\point64.sys
2011-01-07 12:17:52 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-01-07 12:17:52 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-01-07 12:14:11 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-07 09:20:44 366592 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-07 07:46:34 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-01-07 07:46:34 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-01-07 07:45:57 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-07 05:43:36 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-01-06 18:37:02 51584 ----a-w- C:\Windows\System32\drivers\dc3d.sys
2011-01-05 06:56:24 3129344 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 0:16:52,80 ===============


Thanks in advance!
 

Attachments

N

· Registered
Joined
·
2,656 Posts
#2 ·
Hi,
I'm nasdaq

Nothing suspicious was found on your log.

If you have any difficulties or want to check further please run this tool.

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: A guide and tutorial on using ComboFix

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.

How to : Disable Anti-virus and Firewall...
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall

Note: If you have difficulty properly disabling your protective programs, refer to this link --> How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs


For AVG antivirus and anti-spyware security software users only.
Due to recent changes in AVG and how it interacts with CF, AVG must be uninstalled to run ComboFix. You will get a message from CF stating such.

If AVG will not uninstall, it is first recommended to uninstall it with this AppRemover by Opswat. The AVG uninstaller can be downloaded from here > AppRemover.exe Go to their homepage and you will see they have support for removal of other AV's as well AVG appremover tool.
Click to expand...
 
1 - 3 of 3 Posts
Status
Not open for further replies.
About this Discussion
2 Replies
3 Participants
Last post:
amateur
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Windows XP Support Windows 7 , Windows Vista Support Motherboards, Bios|UEFI & CPU Networking Support Laptop Support
Top