Viksuniksu
2010-12-08, 14:13
Yeah, very funny to get an Keylogger from a Mozilla Firefox, my browser, for downloading something. My SSD: DDS (Ver_10-12-05.01) - NTFS_AMD64
Run by Niki at 14:56:25,85 on ke 08.12.2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
============== Running Processes ===============
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\XoftSpySE6\XoftSpySE.exe
C:\Program Files (x86)\Common Files\XoftSpySE\6\xoftspyservice.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Niki\Downloads\dds.scr
C:\Windows\SysWOW64\svchost.exe -k Akamai
============== Pseudo HJT Report ===============
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [XoftSpySE] "C:\Program Files (x86)\XoftSpySE6\XoftSpySE.exe" -NM -hidesplash
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
mRun-x64: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
================= FIREFOX ===================
FF - ProfilePath - C:\Users\Niki\AppData\Roaming\Mozilla\Firefox\Profiles\w6o2xyze.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2795637&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - www.google.com
FF - component: C:\Users\Niki\AppData\Roaming\Mozilla\Firefox\Profiles\w6o2xyze.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Extension: Vista-aero: {07b2a769-ed19-4483-87ce-c643914c81bb} - C:\Users\Niki\AppData\Roaming\Mozilla\Firefox\Profiles\w6o2xyze.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
FF - Extension: SmallringFX DARKBlue: {0471d3b0-a403-11df-981c-0800200c9a66} - C:\Users\Niki\AppData\Roaming\Mozilla\Firefox\Profiles\w6o2xyze.default\extensions\{0471d3b0-a403-11df-981c-0800200c9a66}
FF - Extension: Conduit Engine : engine@conduit.com - C:\Users\Niki\AppData\Roaming\Mozilla\Firefox\Profiles\w6o2xyze.default\extensions\engine@conduit.com
============= SERVICES / DRIVERS ===============
R? dump_wmimmc;dump_wmimmc
R? Futuremark SystemInfo Service;Futuremark SystemInfo Service
R? npggsvc;nProtect GameGuard Service
R? SBSDWSCService;SBSD Security Center Service
R? WatAdminSvc;Windowsin aktivointitekniikoiden palvelu
R? X6va003;X6va003
S? !SASCORE;SAS Core Service
S? Akamai;Akamai NetSession Interface
S? AMD External Events Utility;AMD External Events Utility
S? amdkmdag;amdkmdag
S? amdkmdap;amdkmdap
S? AtiHDAudioService;ATI Function Driver for HD Audio Service
S? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
S? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
S? cmderd;COMODO Internet Security Eradication Driver
S? cmdGuard;COMODO Internet Security Sandbox Driver
S? cmdHlp;COMODO Internet Security Helper Driver
S? netr28ux;Langattoman RT2870 USB LAN -kortin ohjain Vistalle
S? RTL8167;Realtek 8167 NT Driver
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
S? vwififlt;Virtual WiFi Filter Driver
S? XoftSpyService;XoftSpyService
=============== Created Last 30 ================
2010-12-08 12:17:58 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2010-12-08 12:17:58 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy
2010-12-07 17:53:16 -------- d-----w- C:\5ce92edeca8e86bede045a213c
2010-12-07 17:48:23 -------- d-----w- C:\Program Files (x86)\Safer Networking
2010-12-07 17:33:07 388096 ----a-r- C:\Users\Niki\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-12-07 17:33:07 -------- d-----w- C:\Program Files (x86)\Trend Micro
2010-12-07 17:28:29 -------- d-----w- C:\Program Files (x86)\NT Registry Optimizer
2010-12-07 16:34:21 -------- d-----w- C:\Users\Niki\AppData\Roaming\SUPERAntiSpyware.com
2010-12-07 16:34:21 -------- d-----w- C:\PROGRA~3\SUPERAntiSpyware.com
2010-12-07 16:33:44 -------- d-----w- C:\PROGRA~3\!SASCORE
2010-12-07 16:33:40 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2010-12-07 16:00:05 81920 ----a-w- C:\Windows\eSellerateControl350.dll
2010-12-07 16:00:05 356352 ----a-w- C:\Windows\eSellerateEngine.dll
2010-12-07 16:00:02 -------- d-----w- C:\Program Files (x86)\Ardamax Keylogger Removal Tool
2010-12-07 15:36:37 -------- d-----w- C:\Program Files (x86)\Common Files\ParetoLogic
2010-12-07 15:36:37 -------- d-----w- C:\PROGRA~3\XoftSpySE
2010-12-07 15:36:37 -------- d-----w- C:\PROGRA~3\ParetoLogic
2010-12-07 15:35:26 -------- d-sh--w- C:\$RECYCLE.BIN
2010-12-07 15:31:37 -------- d-----w- C:\Program Files (x86)\Common Files\XoftSpySE
2010-12-07 15:31:30 -------- d-----w- C:\Program Files (x86)\XoftSpySE6
2010-12-07 13:08:33 98816 ----a-w- C:\Windows\sed.exe
2010-12-07 13:08:33 89088 ----a-w- C:\Windows\MBR.exe
2010-12-07 13:08:33 256512 ----a-w- C:\Windows\PEV.exe
2010-12-07 13:08:33 161792 ----a-w- C:\Windows\SWREG.exe
2010-12-07 13:02:37 -------- d-----w- C:\Users\Niki\AppData\Roaming\Malwarebytes
2010-12-07 13:02:16 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-07 13:02:16 -------- d-----w- C:\PROGRA~3\Malwarebytes
2010-12-07 13:02:13 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-12-07 13:02:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-12-07 12:40:07 -------- d-----w- C:\99c90713cf9e25d0b7e2
2010-12-07 12:38:53 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{7BE0193C-A9B8-4C3E-BD5F-775C126C9311}\mpengine.dll
2010-12-07 12:27:50 -------- d-----w- C:\SDFix
2010-12-06 18:32:26 -------- d-----w- C:\c2cbf91ae1195885633ae5
2010-12-04 22:15:18 -------- d-----w- C:\PROGRA~3\Nexon
2010-12-04 22:10:09 -------- d-----w- C:\PROGRA~3\NexonEU
2010-12-04 21:52:09 -------- d-----w- C:\Download
2010-12-04 21:51:59 235 ----a-w- C:\Windows\SysWow64\nxEuUninstall.bat
2010-12-04 21:51:58 446464 ----a-w- C:\Windows\NEXON_EU_DownloaderUpdater.exe
2010-12-03 05:38:41 -------- d-----w- C:\PacSteamT
2010-12-01 12:25:14 -------- d-----w- C:\Steam
2010-11-28 10:20:02 -------- d-sh--w- C:\PROGRA~3\DSS
2010-11-27 19:57:37 -------- d-----w- C:\.jagex_cache_32
2010-11-27 10:23:33 -------- d-----w- C:\Program Files (x86)\ATI
2010-11-27 09:44:28 -------- d-----w- C:\Program Files (x86)\Counter-Strike Source
2010-11-27 08:16:01 -------- d-----w- C:\Visual Basic 6.0
2010-11-24 17:55:30 -------- d-----w- C:\Program Files (x86)\Counter-Strike 1.6 V35
2010-11-24 17:53:41 7680 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2010-11-24 17:53:41 7680 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
2010-11-20 09:07:24 -------- d-----w- C:\Program Files (x86)\VideoLAN
2010-11-19 17:48:35 -------- d-----w- C:\MocroGamers
2010-11-19 14:50:45 -------- d-----w- C:\PROGRA~3\IObit
2010-11-19 14:50:44 -------- d-----w- C:\Program Files (x86)\IObit
2010-11-19 13:51:08 -------- d-----w- C:\Users\Niki\AppData\Local\Google
2010-11-17 06:00:52 -------- d-----w- C:\Program Files (x86)\Euro
2010-11-13 12:42:57 -------- d-----w- C:\Program Files\IDT
2010-11-13 12:42:42 -------- d-----w- C:\Program Files (x86)\IDT
2010-11-13 12:36:20 -------- d-----w- C:\Users\Niki\AppData\Local\ElevatedDiagnostics
==================== Find3M ====================
2010-10-25 15:51:36 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2010-10-23 11:21:59 4660224 ----a-w- C:\Windows\System32\atidxx64.dll
2010-10-22 16:08:18 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-10-22 15:20:55 0 ----a-w- C:\Windows\ativpsrm.bin
2010-10-21 20:06:45 4208208 ----a-w- C:\Windows\SysWow64\GameMon.des
2010-10-19 08:41:44 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-09-20 12:51:40 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2010-09-20 12:51:40 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2010-09-10 20:41:40 362784 ----a-w- C:\Windows\System32\guard64.dll
2010-09-10 20:41:40 285480 ----a-w- C:\Windows\SysWow64\guard32.dll
2010-09-10 20:40:44 33208 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2010-09-10 20:40:44 249496 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys
2010-09-10 20:40:42 20864 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2010-09-10 05:35:44 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2010-09-10 05:35:43 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
============= FINISH: 15:05:37,70 ===============
Hey, Spybot scanned my computer and it scanned the folder where was rbot and keylogger win32 files but it didn't take them on malware? Only net browser fixes that i got. The keylogger get my PC lag and using processor 100% So im sad that i buyed MW2 week ago and now i cant play without getting it crashed :( Please answer soon :( :thanks: Aldeready..
Run by Niki at 14:56:25,85 on ke 08.12.2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
============== Running Processes ===============
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\XoftSpySE6\XoftSpySE.exe
C:\Program Files (x86)\Common Files\XoftSpySE\6\xoftspyservice.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Niki\Downloads\dds.scr
C:\Windows\SysWOW64\svchost.exe -k Akamai
============== Pseudo HJT Report ===============
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [XoftSpySE] "C:\Program Files (x86)\XoftSpySE6\XoftSpySE.exe" -NM -hidesplash
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
mRun-x64: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
================= FIREFOX ===================
FF - ProfilePath - C:\Users\Niki\AppData\Roaming\Mozilla\Firefox\Profiles\w6o2xyze.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2795637&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - www.google.com
FF - component: C:\Users\Niki\AppData\Roaming\Mozilla\Firefox\Profiles\w6o2xyze.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Extension: Vista-aero: {07b2a769-ed19-4483-87ce-c643914c81bb} - C:\Users\Niki\AppData\Roaming\Mozilla\Firefox\Profiles\w6o2xyze.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
FF - Extension: SmallringFX DARKBlue: {0471d3b0-a403-11df-981c-0800200c9a66} - C:\Users\Niki\AppData\Roaming\Mozilla\Firefox\Profiles\w6o2xyze.default\extensions\{0471d3b0-a403-11df-981c-0800200c9a66}
FF - Extension: Conduit Engine : engine@conduit.com - C:\Users\Niki\AppData\Roaming\Mozilla\Firefox\Profiles\w6o2xyze.default\extensions\engine@conduit.com
============= SERVICES / DRIVERS ===============
R? dump_wmimmc;dump_wmimmc
R? Futuremark SystemInfo Service;Futuremark SystemInfo Service
R? npggsvc;nProtect GameGuard Service
R? SBSDWSCService;SBSD Security Center Service
R? WatAdminSvc;Windowsin aktivointitekniikoiden palvelu
R? X6va003;X6va003
S? !SASCORE;SAS Core Service
S? Akamai;Akamai NetSession Interface
S? AMD External Events Utility;AMD External Events Utility
S? amdkmdag;amdkmdag
S? amdkmdap;amdkmdap
S? AtiHDAudioService;ATI Function Driver for HD Audio Service
S? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
S? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
S? cmderd;COMODO Internet Security Eradication Driver
S? cmdGuard;COMODO Internet Security Sandbox Driver
S? cmdHlp;COMODO Internet Security Helper Driver
S? netr28ux;Langattoman RT2870 USB LAN -kortin ohjain Vistalle
S? RTL8167;Realtek 8167 NT Driver
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
S? vwififlt;Virtual WiFi Filter Driver
S? XoftSpyService;XoftSpyService
=============== Created Last 30 ================
2010-12-08 12:17:58 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2010-12-08 12:17:58 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy
2010-12-07 17:53:16 -------- d-----w- C:\5ce92edeca8e86bede045a213c
2010-12-07 17:48:23 -------- d-----w- C:\Program Files (x86)\Safer Networking
2010-12-07 17:33:07 388096 ----a-r- C:\Users\Niki\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-12-07 17:33:07 -------- d-----w- C:\Program Files (x86)\Trend Micro
2010-12-07 17:28:29 -------- d-----w- C:\Program Files (x86)\NT Registry Optimizer
2010-12-07 16:34:21 -------- d-----w- C:\Users\Niki\AppData\Roaming\SUPERAntiSpyware.com
2010-12-07 16:34:21 -------- d-----w- C:\PROGRA~3\SUPERAntiSpyware.com
2010-12-07 16:33:44 -------- d-----w- C:\PROGRA~3\!SASCORE
2010-12-07 16:33:40 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2010-12-07 16:00:05 81920 ----a-w- C:\Windows\eSellerateControl350.dll
2010-12-07 16:00:05 356352 ----a-w- C:\Windows\eSellerateEngine.dll
2010-12-07 16:00:02 -------- d-----w- C:\Program Files (x86)\Ardamax Keylogger Removal Tool
2010-12-07 15:36:37 -------- d-----w- C:\Program Files (x86)\Common Files\ParetoLogic
2010-12-07 15:36:37 -------- d-----w- C:\PROGRA~3\XoftSpySE
2010-12-07 15:36:37 -------- d-----w- C:\PROGRA~3\ParetoLogic
2010-12-07 15:35:26 -------- d-sh--w- C:\$RECYCLE.BIN
2010-12-07 15:31:37 -------- d-----w- C:\Program Files (x86)\Common Files\XoftSpySE
2010-12-07 15:31:30 -------- d-----w- C:\Program Files (x86)\XoftSpySE6
2010-12-07 13:08:33 98816 ----a-w- C:\Windows\sed.exe
2010-12-07 13:08:33 89088 ----a-w- C:\Windows\MBR.exe
2010-12-07 13:08:33 256512 ----a-w- C:\Windows\PEV.exe
2010-12-07 13:08:33 161792 ----a-w- C:\Windows\SWREG.exe
2010-12-07 13:02:37 -------- d-----w- C:\Users\Niki\AppData\Roaming\Malwarebytes
2010-12-07 13:02:16 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-07 13:02:16 -------- d-----w- C:\PROGRA~3\Malwarebytes
2010-12-07 13:02:13 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-12-07 13:02:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-12-07 12:40:07 -------- d-----w- C:\99c90713cf9e25d0b7e2
2010-12-07 12:38:53 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{7BE0193C-A9B8-4C3E-BD5F-775C126C9311}\mpengine.dll
2010-12-07 12:27:50 -------- d-----w- C:\SDFix
2010-12-06 18:32:26 -------- d-----w- C:\c2cbf91ae1195885633ae5
2010-12-04 22:15:18 -------- d-----w- C:\PROGRA~3\Nexon
2010-12-04 22:10:09 -------- d-----w- C:\PROGRA~3\NexonEU
2010-12-04 21:52:09 -------- d-----w- C:\Download
2010-12-04 21:51:59 235 ----a-w- C:\Windows\SysWow64\nxEuUninstall.bat
2010-12-04 21:51:58 446464 ----a-w- C:\Windows\NEXON_EU_DownloaderUpdater.exe
2010-12-03 05:38:41 -------- d-----w- C:\PacSteamT
2010-12-01 12:25:14 -------- d-----w- C:\Steam
2010-11-28 10:20:02 -------- d-sh--w- C:\PROGRA~3\DSS
2010-11-27 19:57:37 -------- d-----w- C:\.jagex_cache_32
2010-11-27 10:23:33 -------- d-----w- C:\Program Files (x86)\ATI
2010-11-27 09:44:28 -------- d-----w- C:\Program Files (x86)\Counter-Strike Source
2010-11-27 08:16:01 -------- d-----w- C:\Visual Basic 6.0
2010-11-24 17:55:30 -------- d-----w- C:\Program Files (x86)\Counter-Strike 1.6 V35
2010-11-24 17:53:41 7680 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2010-11-24 17:53:41 7680 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
2010-11-20 09:07:24 -------- d-----w- C:\Program Files (x86)\VideoLAN
2010-11-19 17:48:35 -------- d-----w- C:\MocroGamers
2010-11-19 14:50:45 -------- d-----w- C:\PROGRA~3\IObit
2010-11-19 14:50:44 -------- d-----w- C:\Program Files (x86)\IObit
2010-11-19 13:51:08 -------- d-----w- C:\Users\Niki\AppData\Local\Google
2010-11-17 06:00:52 -------- d-----w- C:\Program Files (x86)\Euro
2010-11-13 12:42:57 -------- d-----w- C:\Program Files\IDT
2010-11-13 12:42:42 -------- d-----w- C:\Program Files (x86)\IDT
2010-11-13 12:36:20 -------- d-----w- C:\Users\Niki\AppData\Local\ElevatedDiagnostics
==================== Find3M ====================
2010-10-25 15:51:36 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2010-10-23 11:21:59 4660224 ----a-w- C:\Windows\System32\atidxx64.dll
2010-10-22 16:08:18 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-10-22 15:20:55 0 ----a-w- C:\Windows\ativpsrm.bin
2010-10-21 20:06:45 4208208 ----a-w- C:\Windows\SysWow64\GameMon.des
2010-10-19 08:41:44 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-09-20 12:51:40 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2010-09-20 12:51:40 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2010-09-10 20:41:40 362784 ----a-w- C:\Windows\System32\guard64.dll
2010-09-10 20:41:40 285480 ----a-w- C:\Windows\SysWow64\guard32.dll
2010-09-10 20:40:44 33208 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2010-09-10 20:40:44 249496 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys
2010-09-10 20:40:42 20864 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2010-09-10 05:35:44 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2010-09-10 05:35:43 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
============= FINISH: 15:05:37,70 ===============
Hey, Spybot scanned my computer and it scanned the folder where was rbot and keylogger win32 files but it didn't take them on malware? Only net browser fixes that i got. The keylogger get my PC lag and using processor 100% So im sad that i buyed MW2 week ago and now i cant play without getting it crashed :( Please answer soon :( :thanks: Aldeready..