Results 1 to 2 of 2

Thread: Not quite sure what to think...

  1. 2011-09-11, 05:34 #1
    knightmarez28
    knightmarez28 is offline
    Junior Member
    Join Date
    Aug 2011
    Posts
    1

    Default Not quite sure what to think...

    So I'm doing random directory scans with spybot and I get to C:\windows\assemlby and apparently heuristic scans found over 40 fraud.windowsrecover and fraud.internetsecurity2011. Full scan of microsoft security essentials (updated about 5 am sept. 9), ad-aware (installed today), hijackthis (installed today) and spybot turns up nothing. Let me take that back, adaware did find some trojans and removed them successfully. Nothing major. Anyways, I did download the root analyzer as well and it didn't come up with anything. Computer bluescreened on me earlier and I've been fighting to get windows back in order ever since. Windows update last checked this morning as well so I have all the security updates and such. Anyways, I copied a full list of all the assemblies that were infected, guess I just want to know if it would be a false positive or what? Worse come to worse, I have no problems reformating as I have anything I want to keep on a separate drive and just a partition specifically for windows. I apologies if I'm posting in the wrong section or forgetting to take a step before posting, been staring at this screen for about 15 hours today (not all at once, of course).
    Thanks in advance

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by David at 22:48:57 on 2011-09-10
    Neo Reconia Windows Shine Edition 6.1.7601.1.1252.1.1033.18.4094.2598 [GMT -4:00]
    .
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
    AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\UnsignedThemesSvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Notepad2\Notepad2.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\sppsvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDFiles.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uLocal Page = www.google.com
    uSearch Page = hxxp://www.google.com/
    uStart Page = hxxp://www.google.com/
    uDefault_Page_URL = www.google.com
    mStart Page = www.google.com
    mDefault_Search_URL = hxxp://www.google.com/
    mDefault_Page_URL = hxxp://www.google.com/
    mLocal Page = hxxp://www.google.com/
    mSearch Page = hxxp://www.google.com/
    uURLSearchHooks: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll
    mWinlogon: Userinit=userinit.exe
    BHO: FileServeManager: {00000001-ab3b-4334-9da2-ec6b2a02afc6} - C:\Program Files (x86)\FileServe Manager\FileServeBHO.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll
    TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    uRun: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: Download with FileServe Manager - C:\Program Files (x86)\FileServe Manager\GetUrl.htm
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    Trusted Zone: blackviper.com\www
    Trusted Zone: facebook.com\www
    Trusted Zone: google.com\www
    Trusted Zone: hotmail.com\www
    Trusted Zone: microsoft.com\update
    Trusted Zone: microsoft.com\www
    Trusted Zone: msn.com\www
    Trusted Zone: yahoo.com\www
    Trusted Zone: youtube.com\www
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{E98E8CDF-5B4C-4FBB-9A97-3586B896239A} : DhcpNameServer = 192.168.1.1
    STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\SysWow64\DreamScene.dll
    IFEO: notepad.exe - "C:\Program Files\Notepad2\Notepad2.exe" /z
    BHO-X64: FileServeManager: {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} - C:\Program Files (x86)\FileServe Manager\FileServeBHO.dll
    BHO-X64: FileServeManager - No File
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll
    TB-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    STS-X64: Windows DreamScene: {E31004D1-A431-41B8-826F-E902F9D95C81} - %SystemRoot%\SysWow64\DreamScene.dll
    IFEO-X64: notepad.exe - "C:\Program Files\Notepad2\Notepad2.exe" /z
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\lvbthuwk.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - www.google.com
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=937811&p=
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    FF - plugin: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll
    FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
    R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-7-28 361984]
    R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-23 55424]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-9-3 1153368]
    R2 UnsignedThemes;Unsigned Themes;C:\Windows\UnsignedThemesSvc.exe [2009-7-13 24168]
    R2 uxpatch;uxpatch;\??\C:\Windows\system32\drivers\uxpatch.sys --> C:\Windows\system32\drivers\uxpatch.sys [?]
    R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
    R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-8-18 2151640]
    S3 cpuz134;cpuz134;C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [2011-9-6 21480]
    S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
    S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
    S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\system32\drivers\Synth3dVsc.sys --> C:\Windows\system32\drivers\Synth3dVsc.sys [?]
    S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
    S3 tsusbhub;Remote Deskotop USB Hub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2011-09-11 02:35:53 -------- d-----w- C:\Users\David\AppData\Roaming\Safer Networking
    2011-09-11 02:35:14 -------- d-----w- C:\Program Files (x86)\Safer Networking
    2011-09-10 23:25:10 -------- d-----w- C:\Windows\SysWow64\RTCOM
    2011-09-10 22:52:12 16432 ----a-w- C:\Windows\System32\lsdelete.exe
    2011-09-10 22:04:01 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
    2011-09-10 22:02:31 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys
    2011-09-10 22:02:29 -------- d-----w- C:\Program Files (x86)\Lavasoft
    2011-09-10 21:10:12 388096 ----a-r- C:\Users\David\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-09-10 20:31:56 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2011-09-10 18:50:03 -------- d-----w- C:\Users\David\AppData\Local\Microangelo On Display
    2011-09-10 18:50:03 -------- d-----w- C:\ProgramData\Microangelo On Display
    2011-09-10 18:49:58 -------- d-----w- C:\Users\David\AppData\Roaming\Icons and Cursors
    2011-09-10 18:46:39 -------- d-----w- C:\Windows\CheckSur
    2011-09-10 18:25:18 -------- d-----w- C:\Users\David\AppData\Local\Apps
    2011-09-10 15:18:28 -------- d-----w- C:\Users\David\AppData\Local\{5E143E51-2E42-47BD-9960-175BF1CD52C1}
    2011-09-10 15:18:17 -------- d-----w- C:\Users\David\AppData\Local\{A67F6420-CBB2-406A-B2BF-F42BAB9CDF23}
    2011-09-10 15:15:52 -------- d-----w- C:\Windows\PCHEALTH
    2011-09-10 15:11:21 -------- d-----w- C:\Users\David\AppData\Local\{BEC64792-B349-49EA-891A-6B9D97964A7D}
    2011-09-10 15:06:28 -------- d-----w- C:\Users\David\AppData\Local\{578661FF-BAD2-48FB-A1A5-44222177D9AF}
    2011-09-10 11:37:41 8862544 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2F5CE568-0309-4D0F-A75D-D51F572E7052}\mpengine.dll
    2011-09-10 11:36:18 -------- d-----w- C:\Users\David\AppData\Local\{835E9A4C-F60A-4016-997C-CFA13316B571}
    2011-09-10 11:36:07 -------- d-----w- C:\Users\David\AppData\Local\{080F4431-2DAB-40CF-8ACE-8BA9193D1451}
    2011-09-09 18:25:28 -------- d-----w- C:\Users\David\AppData\Local\{81AF8F47-5926-47D8-B8E5-756FDB593A2A}
    2011-09-09 18:25:17 -------- d-----w- C:\Users\David\AppData\Local\{710E31BC-0587-4005-B652-17C7166383F9}
    2011-09-09 06:24:53 -------- d-----w- C:\Users\David\AppData\Local\{1A47C01B-BC3A-46EB-9BF8-BF2EBCF41B00}
    2011-09-09 06:24:42 -------- d-----w- C:\Users\David\AppData\Local\{1FA76C31-69E5-40C5-8078-ABB389BF1FCF}
    2011-09-08 18:34:09 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
    2011-09-08 18:34:08 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{10DFC224-9A80-48C5-A753-CEF2F673705C}\gapaengine.dll
    2011-09-08 18:24:15 -------- d-----w- C:\Users\David\AppData\Local\{92FE38A4-7543-46C6-8ED4-221DA7EBD261}
    2011-09-08 18:24:03 -------- d-----w- C:\Users\David\AppData\Local\{72F8ACBC-7CE0-4471-B205-36171D86B36C}
    2011-09-07 23:18:44 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
    2011-09-07 23:18:41 -------- d-----w- C:\Users\David\AppData\Local\PunkBuster
    2011-09-07 23:18:13 280736 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
    2011-09-07 23:18:13 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
    2011-09-07 23:18:12 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
    2011-09-07 23:18:12 2434856 ----a-w- C:\Windows\SysWow64\pbsvc_bc2.exe
    2011-09-07 23:15:59 508264 ----a-w- C:\Windows\System32\d3dx10_35.dll
    2011-09-07 14:56:48 -------- d-----w- C:\Users\David\AppData\Local\{0FB352DA-2D88-4E9A-871E-CD25AB9A8D68}
    2011-09-07 14:56:35 -------- d-----w- C:\Users\David\AppData\Local\{C178127B-925E-402E-86FF-E32323D6273F}
    2011-09-07 07:28:12 -------- d-----w- C:\Program Files\Ventrilo
    2011-09-07 07:27:49 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    2011-09-07 00:44:10 114176 ----a-w- C:\Windows\SysWow64\PCWizard.cpl
    2011-09-07 00:44:10 -------- d-----w- C:\Windows\Java
    2011-09-07 00:44:07 -------- d-----w- C:\Program Files (x86)\CPUID
    2011-09-06 23:20:19 203264 ----a-w- C:\Windows\System32\unrar.dll
    2011-09-06 23:20:18 86016 ----a-w- C:\Windows\System32\ff_vfw.dll
    2011-09-06 23:20:17 -------- d-----w- C:\Program Files\K-Lite Codec Pack x64
    2011-09-06 23:14:32 839680 ----a-w- C:\Windows\SysWow64\lameACM.acm
    2011-09-06 23:14:32 151552 ----a-w- C:\Windows\SysWow64\ac3acm.acm
    2011-09-06 23:14:31 74752 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
    2011-09-06 23:14:31 650752 ----a-w- C:\Windows\SysWow64\xvidcore.dll
    2011-09-06 23:14:31 630784 ----a-w- C:\Windows\SysWow64\vp7vfw.dll
    2011-09-06 23:14:31 243200 ----a-w- C:\Windows\SysWow64\xvidvfw.dll
    2011-09-06 23:14:31 216064 ----a-w- C:\Windows\SysWow64\lagarith.dll
    2011-09-06 23:06:46 -------- d-----w- C:\Users\David\AppData\Local\{7F13EEA4-1576-45D7-936E-B352793BF225}
    2011-09-06 23:06:36 -------- d-----w- C:\Users\David\AppData\Local\{4C00F0F0-2489-48BF-9613-D7A890A02A5D}
    2011-09-06 23:05:33 -------- d-----w- C:\ProgramData\DFX
    2011-09-06 23:05:32 -------- d-----w- C:\Program Files\DFX
    2011-09-06 23:05:32 -------- d-----w- C:\Program Files\Common Files\DFX
    2011-09-06 23:04:03 -------- d-----w- C:\ATI
    2011-09-06 11:06:11 -------- d-----w- C:\Users\David\AppData\Local\{4F5DDE9D-A18F-44C9-983E-1C1FD0F16437}
    2011-09-06 11:06:01 -------- d-----w- C:\Users\David\AppData\Local\{3C505592-3BB3-42CD-9E24-4B67B649FBA7}
    2011-09-06 11:06:00 -------- d-----w- C:\Users\David\AppData\Local\{96861AE6-5630-4D95-8180-467EE88E076B}
    2011-09-06 10:43:11 -------- d-----w- C:\Program Files\PeerBlock
    2011-09-06 08:00:39 -------- d-----w- C:\Program Files (x86)\WinASO
    2011-09-06 06:32:07 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2011-09-06 06:24:23 -------- d-----w- C:\Windows\SysWow64\Adobe
    2011-09-06 05:45:16 -------- d-----w- C:\ProgramData\ServeZip
    2011-09-06 05:45:16 -------- d-----w- C:\Program Files (x86)\ServeZip
    2011-09-06 02:48:13 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
    2011-09-06 02:48:13 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
    2011-09-06 02:48:13 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
    2011-09-06 02:48:13 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
    2011-09-06 02:48:13 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
    2011-09-06 02:48:13 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
    2011-09-06 02:48:13 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
    2011-09-06 01:41:23 -------- d-----w- C:\Users\David\AppData\Local\Adobe
    2011-09-05 17:21:07 118784 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
    2011-09-05 17:21:07 1071088 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
    2011-09-05 17:21:00 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
    2011-09-05 10:34:29 -------- d-----w- C:\Downloads
    2011-09-05 10:32:24 -------- d-----w- C:\Users\David\AppData\Local\FileServe Manager
    2011-09-05 10:31:51 -------- d-----w- C:\ProgramData\FileServe Limited
    2011-09-05 10:31:51 -------- d-----w- C:\Program Files (x86)\FileServe Manager
    2011-09-05 10:30:03 -------- d-----w- C:\ProgramData\Web Installer
    2011-09-05 01:45:24 -------- d-----w- C:\Users\David\AppData\Roaming\Notepad2
    2011-09-05 00:56:33 -------- d-----w- C:\Users\David\AppData\Roaming\DMCache
    2011-09-04 17:10:25 8862544 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2011-09-04 17:09:41 -------- d-----w- C:\Users\David\AppData\Local\{A3BE5C33-3C6A-4C37-94F7-41D06CF37A52}
    2011-09-04 17:09:28 -------- d-----w- C:\Users\David\AppData\Local\{2C5B1D1A-FD0C-4C26-9C24-2527BE9A0F6B}
    2011-09-03 20:33:09 -------- d-----w- C:\Users\David\AppData\Local\{8CE458EA-9A42-43E5-B439-5652B5F18225}
    2011-09-03 20:32:58 -------- d-----w- C:\Users\David\AppData\Local\{870A7AF8-0DB2-4031-A3F8-9F6DB417FC86}
    2011-09-03 20:32:46 -------- d-----w- C:\Users\David\Tracing
    2011-09-03 20:27:59 -------- d-----w- C:\Users\David\AppData\Local\Windows Live
    2011-09-03 20:27:59 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
    2011-09-03 12:14:03 -------- d-----w- C:\Windows\SysWow64\Wat
    2011-09-03 12:14:03 -------- d-----w- C:\Windows\System32\Wat
    2011-09-03 09:16:44 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2011-09-03 09:16:44 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2011-09-03 08:08:22 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
    2011-09-03 08:08:21 -------- d-----w- C:\Program Files\Microsoft Security Client
    2011-09-03 07:48:33 -------- d-----w- C:\Users\David\AppData\Local\Apple Computer
    2011-09-02 03:49:37 -------- d-----w- C:\Program Files (x86)\YouTube Downloader Toolbar
    2011-09-02 03:49:37 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot
    2011-09-02 03:49:37 -------- d-----w- C:\Program Files (x86)\Application Updater
    2011-09-02 03:49:32 -------- d-----w- C:\ProgramData\YouTube Downloader
    2011-09-02 03:49:29 -------- d-----w- C:\Program Files (x86)\YouTube Downloader
    2011-09-01 16:05:39 967 ----a-w- C:\Windows\ScUnin.pif
    2011-09-01 16:05:38 94208 ----a-w- C:\Windows\ScUnin.exe
    2011-08-31 22:17:40 -------- d-----w- C:\Program Files (x86)\Disktrix
    2011-08-31 22:08:47 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-08-31 21:36:05 8199504 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2011-08-31 21:36:03 8862544 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FA6AD033-116D-4E21-8E81-1104BECBCB5C}\mpengine.dll
    2011-08-31 21:27:50 -------- d-----w- C:\Users\David\AppData\Local\AMD
    2011-08-31 21:27:36 -------- d-----w- C:\Users\David\AppData\Local\ATI
    2011-08-31 21:27:12 0 ----a-w- C:\Windows\ativpsrm.bin
    2011-08-31 21:26:07 -------- d-----w- C:\Program Files (x86)\AMD APP
    2011-08-31 21:26:05 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
    2011-08-31 21:26:05 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
    2011-08-31 21:25:58 -------- d-----w- C:\ProgramData\AMD
    2011-08-31 21:25:57 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys
    2011-08-31 21:25:41 -------- d-----w- C:\Program Files (x86)\ATI Technologies
    2011-08-31 21:25:35 -------- d-----w- C:\Program Files\ATI Technologies
    2011-08-31 21:25:31 -------- d-----w- C:\Program Files\ATI
    2011-08-31 21:24:30 525544 ----a-w- C:\Windows\System32\deployJava1.dll
    2011-08-31 21:23:56 -------- d-----w- C:\Windows\System32\appmgmt
    2011-08-31 21:20:23 -------- d-----w- C:\Users\David\AppData\Local\Mozilla
    2011-08-31 21:15:23 1698408 ----a-w- C:\Windows\RtlExUpd.dll
    2011-08-31 21:15:21 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
    2011-08-31 21:12:25 -------- d-----w- C:\Windows\SysWow64\directx
    2011-08-31 21:10:29 -------- d-----w- C:\Program Files\Realtek
    2011-08-31 21:10:22 -------- d--h--w- C:\Program Files (x86)\Temp
    2011-08-31 21:10:20 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
    2011-08-31 21:10:20 65024 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
    2011-08-31 21:10:20 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
    2011-08-31 21:10:20 204800 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
    2011-08-31 21:10:19 757760 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
    2011-08-31 21:10:19 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
    2011-08-31 21:10:18 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
    2011-08-31 21:09:13 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
    2011-08-31 21:09:13 539240 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
    2011-08-31 21:09:13 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
    2011-08-31 21:09:09 -------- d-----w- C:\Program Files (x86)\Realtek
    2011-08-31 21:00:59 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2011-08-31 21:00:59 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2011-08-31 21:00:59 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2011-08-31 20:29:53 -------- d-----w- C:\Users\David\AppData\Local\Apple
    2011-08-26 22:22:30 28056 ----a-w- C:\Windows\System32\xfcodec64.dll
    2011-08-24 14:49:10 56320 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
    2011-08-24 14:48:30 13601280 ----a-w- C:\Windows\SysWow64\amdocl.dll
    2011-08-24 14:47:52 43520 ----a-w- C:\Windows\SysWow64\OpenCL.dll
    2011-08-15 07:43:31 16530944 ----a-w- C:\Windows\SysWow64\wmploc.DLL
    2011-08-14 22:24:48 16531456 ----a-w- C:\Windows\System32\wmploc.DLL
    .
    ==================== Find3M ====================
    .
    2011-09-10 18:11:55 705536 ----a-w- C:\Windows\SysWow64\imagesp1.dll
    2011-09-10 18:11:54 20268032 ----a-w- C:\Windows\SysWow64\imageres.dll
    2011-09-10 18:11:15 1792000 ----a-w- C:\Windows\SysWow64\authui.dll
    2011-09-10 18:10:25 1493504 ----a-w- C:\Windows\SysWow64\ExplorerFrame.dll
    2011-09-10 18:06:35 705536 ----a-w- C:\Windows\System32\imagesp1.dll
    2011-09-10 18:06:34 20268032 ----a-w- C:\Windows\System32\imageres.dll
    2011-09-10 18:05:44 1866240 ----a-w- C:\Windows\System32\ExplorerFrame.dll
    2011-09-10 18:04:59 1927680 ----a-w- C:\Windows\System32\authui.dll
    2011-08-30 21:28:46 3069032 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
    2011-08-30 17:37:44 2518632 ----a-w- C:\Windows\System32\RtPgEx64.dll
    2011-08-24 17:30:06 3201128 ----a-w- C:\Windows\System32\RtkAPO64.dll
    2011-08-23 16:06:12 97896 ----a-w- C:\Windows\System32\RCoInst64.dll
    2011-08-20 01:10:26 64600 ----a-w- C:\Windows\System32\MBppld64.dll
    2011-08-20 01:10:16 886360 ----a-w- C:\Windows\System32\MBAPO64.dll
    2011-08-20 01:10:14 746072 ----a-w- C:\Windows\SysWow64\MBAPO32.dll
    2011-08-19 18:54:12 1881704 ----a-w- C:\Windows\System32\RtkApi64.dll
    2011-08-14 13:56:22 15331328 ----a-w- C:\Windows\System32\spwizimg.dll
    2011-08-11 14:37:21 2560 ----a-w- C:\Windows\System32\bootstr.dll
    2011-08-05 11:33:57 7680 ----a-w- C:\Windows\System32\spwizres.dll
    2011-07-28 22:23:16 9980416 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
    2011-07-28 22:09:06 23921664 ----a-w- C:\Windows\System32\atio6axx.dll
    2011-07-28 21:44:06 18388480 ----a-w- C:\Windows\SysWow64\atioglxx.dll
    2011-07-28 21:40:58 151552 ----a-w- C:\Windows\System32\atiapfxx.exe
    2011-07-28 21:40:44 726528 ----a-w- C:\Windows\SysWow64\aticfx32.dll
    2011-07-28 21:39:14 852992 ----a-w- C:\Windows\System32\aticfx64.dll
    2011-07-28 21:36:26 462848 ----a-w- C:\Windows\System32\ATIDEMGX.dll
    2011-07-28 21:36:12 485376 ----a-w- C:\Windows\System32\atieclxx.exe
    2011-07-28 21:35:34 204288 ----a-w- C:\Windows\System32\atiesrxx.exe
    2011-07-28 21:34:20 120320 ----a-w- C:\Windows\System32\atitmm64.dll
    2011-07-28 21:34:00 423424 ----a-w- C:\Windows\System32\atipdl64.dll
    2011-07-28 21:33:54 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
    2011-07-28 21:33:42 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
    2011-07-28 21:33:36 21504 ----a-w- C:\Windows\System32\atimuixx.dll
    2011-07-28 21:33:32 59392 ----a-w- C:\Windows\System32\atiedu64.dll
    2011-07-28 21:33:26 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
    2011-07-28 21:30:26 4198912 ----a-w- C:\Windows\SysWow64\atidxx32.dll
    2011-07-28 21:20:36 4943360 ----a-w- C:\Windows\System32\atidxx64.dll
    2011-07-28 21:12:14 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
    2011-07-28 21:11:42 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
    2011-07-28 21:11:30 3871744 ----a-w- C:\Windows\System32\atiumd6a.dll
    2011-07-28 21:11:16 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
    2011-07-28 21:11:14 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
    2011-07-28 21:11:04 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
    2011-07-28 21:11:02 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
    2011-07-28 21:10:50 9644544 ----a-w- C:\Windows\System32\aticaldd64.dll
    2011-07-28 21:09:10 4256768 ----a-w- C:\Windows\SysWow64\atiumdag.dll
    2011-07-28 21:07:24 8247296 ----a-w- C:\Windows\SysWow64\aticaldd.dll
    2011-07-28 21:03:58 4056064 ----a-w- C:\Windows\SysWow64\atiumdva.dll
    2011-07-28 21:02:28 5399040 ----a-w- C:\Windows\System32\atiumd64.dll
    2011-07-28 21:01:50 58880 ----a-w- C:\Windows\System32\coinst.dll
    2011-07-28 20:54:52 378368 ----a-w- C:\Windows\System32\atiadlxx.dll
    2011-07-28 20:54:44 266240 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
    2011-07-28 20:54:34 15360 ----a-w- C:\Windows\System32\atig6pxx.dll
    2011-07-28 20:54:30 13312 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
    2011-07-28 20:54:30 13312 ----a-w- C:\Windows\System32\atiglpxx.dll
    2011-07-28 20:54:26 39936 ----a-w- C:\Windows\System32\atig6txx.dll
    2011-07-28 20:54:18 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
    2011-07-28 20:54:10 309248 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
    2011-07-28 20:53:22 40960 ----a-w- C:\Windows\System32\atiuxp64.dll
    2011-07-28 20:53:14 31744 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
    2011-07-28 20:53:08 38912 ----a-w- C:\Windows\System32\atiu9p64.dll
    2011-07-28 20:53:00 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
    2011-07-28 20:52:26 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
    2011-07-28 20:51:10 53760 ----a-w- C:\Windows\System32\atimpc64.dll
    2011-07-28 20:51:10 53760 ----a-w- C:\Windows\System32\amdpcom64.dll
    2011-07-28 20:51:04 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll
    2011-07-28 20:51:04 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
    2011-07-28 13:54:10 699904 ----a-w- C:\Windows\System32\taskmgr.exe
    2011-07-28 12:19:14 60416 ----a-w- C:\Windows\System32\OVDecode64.dll
    2011-07-28 12:18:58 51200 ----a-w- C:\Windows\System32\OpenCL.dll
    2011-07-28 12:18:48 16552960 ----a-w- C:\Windows\System32\amdocl64.dll
    2011-07-28 04:55:14 2604376 ----a-w- C:\Windows\System32\WavesGUILib.dll
    2011-07-28 04:55:08 2132824 ----a-w- C:\Windows\System32\MaxxAudioEQ.dll
    2011-07-22 23:35:22 1247848 ----a-w- C:\Windows\System32\RTCOM64.dll
    2011-07-22 05:42:23 2303488 ----a-w- C:\Windows\System32\jscript9.dll
    2011-07-22 05:36:16 1389056 ----a-w- C:\Windows\System32\wininet.dll
    2011-07-22 05:32:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-07-22 02:54:43 1797632 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2011-07-22 02:48:26 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-07-22 02:44:36 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-07-16 05:41:50 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2011-07-16 05:41:49 243200 ----a-w- C:\Windows\System32\wow64.dll
    2011-07-16 05:41:49 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2011-07-16 05:39:10 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2011-07-16 05:37:12 421888 ----a-w- C:\Windows\System32\KernelBase.dll
    2011-07-16 04:29:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2011-07-16 04:26:00 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2011-07-16 04:25:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2011-07-16 04:24:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2011-07-16 04:24:22 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2011-07-16 02:21:44 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2011-07-16 02:21:41 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2011-07-16 02:17:19 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2011-07-16 02:17:19 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 02:17:19 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 02:17:19 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2011-07-12 14:22:20 3147368 ----a-w- C:\Windows\System32\RtkHDM64.dll
    2011-07-12 14:22:20 2432104 ----a-w- C:\Windows\System32\RHDMEx64.dll
    2011-07-09 05:26:20 2048 ----a-w- C:\Windows\System32\tzres.dll
    2011-07-09 04:29:46 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    .
    ============= FINISH: 22:49:16.60 ===============
  2. 2011-09-11, 17:27 #2
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default




    Please read Before You Post
    While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

    Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.



    Please run the MGA Diagnostic Tool and post the report it produces:
    1. Download MGADiag to your desktop.
    2. Double-click on MGADiag.exe to launch the program.
    3. Click Continue.
    4. Ensure that the Windows tab is selected. (It should be by default.)
    5. Click the Copy button to copy the MGA Diagnostic Report to the Windows clipboard.
    6. Paste the MGA Diagnostic Report into your next reply.





    • Please download WVCheck by Artellos from one of the mirrors below;
    • After the download, run WVCheck.exe
    • As indicated by the prompt, This program can take a while depending on your hard drive space.
    • Once the program is done, copy the contents of the notepad file as a reply.







    Download CKScanner by askey127 from Here & save it to your Desktop.
    • Doubleclick CKScanner.exe then click Search For Files
    • When the cursor hourglass disappears, click Save List To File
    • A message box will verify the file saved
    • Double-click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply




    Post the 3 reports please not as attachments but copy and paste them in to the thread
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules