Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

slow comp flickering cursor

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

slow comp flickering cursor

Unread postby scheinb » October 9th, 2011, 12:10 am

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by foothill at 23:59:29 on 2011-10-08
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2795.1667 [GMT -4:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Agogo 3GP Video Converter\videoto3gp.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\foothill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5Q04TR2W\HijackThis[1].exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
uRun: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [MDS_Menu] "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaEspresso\6.1"
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
StartupFolder: C:\Users\foothill\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\foothill\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
DPF: {627C5D14-CB66-493E-B0F3-589C7E2FA832} - hxxp://192.168.2.11/template/WebClient.cab
TCP: DhcpNameServer = 10.0.0.1
TCP: Interfaces\{219C4F1B-1F92-4674-8B9E-7F4CE63B2BBA} : DhcpNameServer = 10.0.0.1
TCP: Interfaces\{95CDB13F-ED5C-4A8D-9171-60E24973F93C} : DhcpNameServer = 10.0.0.1
TCP: Interfaces\{95CDB13F-ED5C-4A8D-9171-60E24973F93C}\34F62707F627164756 : DhcpNameServer = 68.87.64.146 68.87.75.194
TCP: Interfaces\{95CDB13F-ED5C-4A8D-9171-60E24973F93C}\C696E6B6379737 : DhcpNameServer = 192.168.2.250 68.87.64.146
TCP: Interfaces\{AF2F4DCB-6845-4EBC-919C-474D8538B6A3} : DhcpNameServer = 8.8.4.4
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
mRun-x64: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [MDS_Menu] "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaEspresso\6.1"
mRun-x64: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\system32\Drivers\SmartDefragDriver.sys --> C:\Windows\system32\Drivers\SmartDefragDriver.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdvancedSystemCareService;Advanced SystemCare Service;C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-10-3 328536]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-11-18 354304]
R2 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-6-17 194496]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-1-6 310864]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-12-2 868224]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2011-10-3 820568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-11 257344]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-12-2 243232]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-9-27 172912]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-10-07 00:04:48 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E2C6F8A5-2654-4D15-8150-F5BF64CA4E4D}\offreg.dll
2011-10-04 02:45:22 -------- d-----w- C:\Windows\SysWow64\Wat
2011-10-04 02:45:21 -------- d-----w- C:\Windows\System32\Wat
2011-10-04 02:37:37 94208 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll
2011-10-04 02:37:37 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll
2011-10-04 02:37:37 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll
2011-10-04 02:37:37 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll
2011-10-04 02:37:37 212992 ----a-w- C:\Windows\System32\odbctrac.dll
2011-10-04 02:37:37 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll
2011-10-04 02:37:37 163840 ----a-w- C:\Windows\System32\odbccp32.dll
2011-10-04 02:37:37 126976 ----a-w- C:\Program Files\Common Files\System\Ole DB\msdaosp.dll
2011-10-04 02:37:37 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll
2011-10-04 02:37:37 106496 ----a-w- C:\Windows\System32\odbccu32.dll
2011-10-04 02:37:37 106496 ----a-w- C:\Windows\System32\odbccr32.dll
2011-10-04 02:31:22 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-10-04 02:31:22 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-10-04 02:31:22 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-10-04 02:23:53 3134464 ----a-w- C:\Windows\System32\win32k.sys
2011-10-04 02:22:39 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-10-04 02:22:39 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-10-04 02:22:39 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-10-04 02:22:39 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2011-10-04 02:22:39 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-10-04 02:18:55 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-10-04 02:18:55 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-10-04 02:17:52 759296 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2011-10-04 02:17:52 1110528 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2011-10-04 02:16:51 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-10-04 02:16:51 399872 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-10-04 02:16:51 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-10-04 02:15:56 102400 ----a-w- C:\Windows\System32\drivers\dfsc.sys
2011-10-04 02:15:02 499712 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-10-04 02:15:02 1896832 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-10-04 02:13:51 861184 ----a-w- C:\Windows\System32\oleaut32.dll
2011-10-04 02:13:51 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-10-04 02:10:57 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-10-04 02:10:57 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-10-04 02:10:00 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-10-04 02:09:28 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-10-04 02:09:28 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-10-04 02:08:17 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-10-04 02:08:17 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-10-04 02:06:09 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2011-10-04 02:06:09 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-10-04 02:05:16 2870272 ----a-w- C:\Windows\explorer.exe
2011-10-04 02:05:16 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe
2011-10-04 02:04:21 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-10-04 02:04:21 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-10-04 02:04:21 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-10-04 02:03:27 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-10-04 02:03:27 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-10-04 02:02:24 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-10-04 02:02:24 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-10-04 02:02:24 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-10-04 02:02:24 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-10-04 02:00:44 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2011-10-04 01:59:53 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-10-04 01:58:56 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-10-04 01:58:56 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-10-04 01:58:56 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-10-04 01:58:56 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-10-04 01:58:03 640896 ----a-w- C:\Windows\System32\winload.efi
2011-10-04 01:58:03 603976 ----a-w- C:\Windows\System32\winload.exe
2011-10-04 01:58:03 556928 ----a-w- C:\Windows\System32\winresume.efi
2011-10-04 01:58:03 518160 ----a-w- C:\Windows\System32\winresume.exe
2011-10-04 01:58:03 20352 ----a-w- C:\Windows\System32\kdusb.dll
2011-10-04 01:58:03 19328 ----a-w- C:\Windows\System32\kd1394.dll
2011-10-04 01:58:03 17792 ----a-w- C:\Windows\System32\kdcom.dll
2011-10-04 01:57:02 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-10-04 01:57:02 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-10-04 01:56:12 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-10-04 01:56:12 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-10-04 01:56:12 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2011-10-04 01:56:12 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2011-10-04 01:56:12 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-10-04 01:55:20 3138048 ----a-w- C:\Windows\System32\mstscax.dll
2011-10-04 01:55:20 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll
2011-10-04 01:55:20 1097216 ----a-w- C:\Windows\System32\mstsc.exe
2011-10-04 01:55:20 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe
2011-10-04 01:54:28 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2011-10-04 01:54:28 850432 ----a-w- C:\Windows\SysWow64\sbe.dll
2011-10-04 01:54:28 723968 ----a-w- C:\Windows\System32\EncDec.dll
2011-10-04 01:54:28 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2011-10-04 01:54:28 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-10-04 01:54:28 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
2011-10-04 01:54:28 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2011-10-04 01:54:28 1118720 ----a-w- C:\Windows\System32\sbe.dll
2011-10-04 01:53:25 5510528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-10-04 01:53:25 3957120 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-10-04 01:53:25 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-10-04 01:53:25 1739176 ----a-w- C:\Windows\System32\ntdll.dll
2011-10-04 01:53:25 1293120 ----a-w- C:\Windows\SysWow64\ntdll.dll
2011-10-04 01:50:53 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-10-04 01:50:53 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll
2011-10-04 01:50:53 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2011-10-04 01:50:53 229888 ----a-w- C:\Windows\System32\XpsRasterService.dll
2011-10-04 01:50:53 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2011-10-04 01:50:53 1863680 ----a-w- C:\Windows\System32\ExplorerFrame.dll
2011-10-04 01:50:53 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll
2011-10-04 01:50:53 1495040 ----a-w- C:\Windows\SysWow64\ExplorerFrame.dll
2011-10-04 01:50:53 144384 ----a-w- C:\Windows\System32\cdd.dll
2011-10-04 01:50:53 135168 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll
2011-10-04 01:50:53 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2011-10-04 01:49:49 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2011-10-04 01:49:49 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2011-10-04 01:47:54 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll
2011-10-04 01:46:54 395776 ----a-w- C:\Windows\System32\webio.dll
2011-10-04 01:45:23 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2011-10-04 01:45:23 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2011-10-04 01:45:23 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2011-10-04 01:45:23 444752 ----a-w- C:\Windows\System32\mscoree.dll
2011-10-04 01:45:23 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2011-10-04 01:45:23 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2011-10-04 01:45:23 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2011-10-04 01:45:23 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-10-04 01:45:23 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2011-10-04 01:45:23 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2011-10-04 01:44:57 2080256 ----a-w- C:\Program Files\Windows Mail\msoe.dll
2011-10-04 01:44:57 1619968 ----a-w- C:\Program Files (x86)\Windows Mail\msoe.dll
2011-10-04 01:44:39 223448 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2011-10-04 01:28:52 -------- d-----w- C:\ProgramData\IObit
2011-10-04 01:28:03 27992 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe
2011-10-04 01:28:03 17720 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys
2011-10-04 01:28:03 -------- d-----w- C:\Users\foothill\AppData\Roaming\IObit
2011-10-04 01:27:54 -------- d-----w- C:\Program Files (x86)\IObit
2011-10-04 01:20:43 -------- d-----w- C:\Program Files\CCleaner
2011-10-04 01:11:14 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-25 21:31:27 8578896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-09-25 21:31:12 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E2C6F8A5-2654-4D15-8150-F5BF64CA4E4D}\mpengine.dll
2011-09-18 02:08:50 -------- d-----r- C:\Users\foothill\Dropbox
2011-09-18 02:06:28 -------- d-----w- C:\Users\foothill\AppData\Roaming\Dropbox
.
==================== Find3M ====================
.
2011-10-04 02:29:10 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-04 02:29:10 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-04 02:29:09 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-10-04 02:29:09 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-10-04 02:29:09 482816 ----a-w- C:\Windows\System32\html.iec
2011-10-04 02:29:09 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-10-04 02:29:09 386048 ----a-w- C:\Windows\SysWow64\html.iec
2011-10-04 02:29:09 1197056 ----a-w- C:\Windows\System32\wininet.dll
2011-10-04 02:07:19 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2011-10-04 02:07:19 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2011-10-04 01:47:53 720896 ----a-w- C:\Windows\System32\odbc32.dll
2011-10-04 01:47:53 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll
2011-10-04 01:47:24 112000 ----a-w- C:\Windows\System32\consent.exe
2011-10-04 01:46:54 314368 ----a-w- C:\Windows\SysWow64\webio.dll
2011-10-04 01:46:38 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2011-10-04 01:46:38 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2011-10-04 01:46:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
2011-10-04 01:46:38 464384 ----a-w- C:\Windows\System32\taskeng.exe
2011-10-04 01:46:38 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2011-10-04 01:46:38 285696 ----a-w- C:\Windows\System32\schtasks.exe
2011-10-04 01:46:38 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2011-10-04 01:46:38 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2011-10-04 01:46:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
2011-10-04 01:46:38 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
2011-08-31 21:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
.
============= FINISH: 0:01:27.72 ===============
scheinb
Active Member
 
Posts: 2
Joined: October 9th, 2011, 12:05 am
Advertisement
Register to Remove

Re: slow comp flickering cursor

Unread postby pgmigg » October 10th, 2011, 10:43 pm

Hello scheinb,

Welcome to the forum! :)

My name is pgmigg and I'll be helping you with any malware problems.

Currently I am working under the guidance of the MRU teachers and everything I post to you, must first be approved by them.
This additional review process can add some extra time to my responses, but I will post back with instructions for you as soon as possible.


Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your log and will return, as soon as possible, with additional instructions. In the meantime...
Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf, you have any questions or problems, executing these instructions, <<STOP>> do not proceed, post back with the question or problem.
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: slow comp flickering cursor

Unread postby pgmigg » October 13th, 2011, 4:35 pm

Hello scheinb,

Thank you for your patience... :)

Please tell me, is this computer used for business purposes or connected to business network?
I need to know it - so I can provide the proper instructions.

Step 1.
MGA Diagnostics
  1. Please download MGA Diagnostic Tool and save it to your Desktop.
  2. Right click on MGADiag.exe and select Run As Administrator to run it.
  3. Click Continue.
  4. The program will run. It takes a while to finish the diagnosis, please be patient.
  5. Once done, click on Copy.
  6. Open Notepad and paste the contents in the window.
  7. Save this file and copy/paste it in your next reply.

Step 2.
WVCheck
  1. Please download WVCheck.exe and save it to your Desktop.
  2. Right-click WVCheck.exe and select Run as administrator... to run the process.
  3. Read the comments on the screen, then press Enter.
    The scan can take a while depending on the size of your hard drive.
  4. Once the program is done, Notepad will open with the scan report. Save the report to your Desktop.
  5. Please copy and paste the contents of the Notepad file in your next reply.

Step 3.
Run CKScanner
  1. Please download CKScanner from Here
  2. Important: - Save it to your Desktop.
  3. Right-click CKScanner.exe and select Run as administrator..., then click Search For Files.
  4. After a very short time, when the cursor hourglass disappears, click Save List To File.
  5. A message box will verify the file saved.
  6. Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Please include in your next reply:
  1. Answer for my question about type of using of your computer.
  2. Did you have any problems executing the instructions?
  3. Contents of a log created by MGADiag.exe
  4. Contents of a log created by WVCheck.exe
  5. Contents of a log created by CKFiles.txt
  6. Do you see any changes in computer behavior?

Thanks,
pgmigg
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: slow comp flickering cursor

Unread postby scheinb » October 15th, 2011, 10:31 pm

1. no

2. Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-WJ2H8-R6B6D-7QJB7
Windows Product Key Hash: ckKNc+BBPDWmo1LUlOkraNjlQ34=
Windows Product ID: 00359-OEM-8992687-00006
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7600.2.00010300.0.0.003
ID: {4FC874A9-E2FB-4925-A12C-A9C85F34E747}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7600.win7_gdr.101026-1503
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Enterprise 2007 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{4FC874A9-E2FB-4925-A12C-A9C85F34E747}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-7QJB7</PKey><PID>00359-OEM-8992687-00006</PID><PIDType>2</PIDType><SID>S-1-5-21-722121608-1145616393-3925017196</SID><SYSTEM><Manufacturer>Acer</Manufacturer><Model>Aspire 5253</Model></SYSTEM><BIOS><Manufacturer>Acer</Manufacturer><Version>V1.02</Version><SMBIOSVersion major="2" minor="7"/><Date>20101209000000.000000+000</Date></BIOS><HWID>C0B93607018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>94436407C3F2586</Val><Hash>Nh+O7p+E5Ha5+8Lxn9JfFULj9GM=</Hash><Pid>89388-707-9845457-65895</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7600.16385

Name: Windows(R) 7, HomePremium edition
Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00178-926-800006-02-1033-7600.0000-3362010
Installation ID: 008884717163902522289630043661755333171221454052004384
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: 7QJB7
License Status: Licensed
Remaining Windows rearm count: 2
Trusted time: 10/15/2011 10:23:13 PM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: N/A
HealthStatus: 0x0000000000000000
Event Time Stamp: N/A
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: MgAAAAEAAgABAAEAAAACAAAAAwABAAEAeqhol+ARVPncwZJYtiNiPUqFmNEwn4qz/Ag=

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC ACRSYS ACRPRDCT
FACP ACRSYS ACRPRDCT
HPET ACRSYS ACRPRDCT
BOOT ACRSYS ACRPRDCT
MCFG ACRSYS ACRPRDCT
SLIC ACRSYS ACRPRDCT
SSDT AMD POWERNOW
SSDT AMD POWERNOW
3.Windows Validation Check
Version: 1.9.12.5
Log Created On: 2224_15-10-2011
-----------------------

Windows Information
-----------------------
Windows Version: Windows 7
Windows Mode: Normal
Systemroot Path: C:\Windows

WVCheck's Auto Update Check
-----------------------
WVCheck could not read the Auto-Update Option.
-----------------------
Last success time for Automatic Updates for 'Detect', 'Download' and 'Install' could not be found.


WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------


WVCheck's File Dump
-----------------------
C:\Windows\System32\slwga.dll
Size: 14336 bytes
Creation; 3/10/2011 21:48:54
Modification; 3/10/2011 21:48:54
MD5; 2008845b41d561fb77b77bbe0045099e
Matched: slwga.dll
-----------------------
C:\Windows\SysWOW64\slwga.dll
Size: 14336 bytes
Creation; 3/10/2011 21:48:54
Modification; 3/10/2011 21:48:54
MD5; 2008845b41d561fb77b77bbe0045099e
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16385_none_5b467ba9bd0679bb\slwga.dll
Size: 14848 bytes
Creation; 13/7/2009 19:52:11
Modification; 13/7/2009 21:41:54
MD5; cc03cf9f24946dcbd70acb3e1b2f05bf
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16723_none_5b856235bcd79403\slwga.dll
Size: 15360 bytes
Creation; 3/10/2011 21:48:54
Modification; 3/10/2011 21:48:54
MD5; b7213e92b270761b88b313b62ba0e13b
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.20862_none_5be2bf06d6168a3a\slwga.dll
Size: 15360 bytes
Creation; 3/10/2011 21:48:54
Modification; 3/10/2011 21:48:54
MD5; 86b7d4d7a87ecb9e6bded44c52c8d5d9
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16385_none_ff27e02604a90885\slwga.dll
Size: 13824 bytes
Creation; 13/7/2009 19:36:22
Modification; 13/7/2009 21:16:15
MD5; 01fe4bdd0b47a7d8bf34d78d2bc23ddb
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16723_none_ff66c6b2047a22cd\slwga.dll
Size: 14336 bytes
Creation; 3/10/2011 21:48:54
Modification; 3/10/2011 21:48:54
MD5; 2008845b41d561fb77b77bbe0045099e
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.20862_none_ffc423831db91904\slwga.dll
Size: 14336 bytes
Creation; 3/10/2011 21:48:54
Modification; 3/10/2011 21:48:54
MD5; 2332de32759ebcc691850e092b2564a6
Matched: slwga.dll
-----------------------


WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.


WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.


WVCheck's MBAM Quarantine Check
-----------------------
There were no bad files quarantined by MBAM.


WVCheck's HOSTS File Check
-----------------------
WVCheck found no bad lines in the hosts file.


WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - e8b0ffc209e504cb7e79fc24e6c085f0


-------- End of File, program close at 2229_15-10-2011 --------
4.CKScanner - Additional Security Risks - These are not necessarily bad
c:\users\foothill\carbonite restored old user settings\appdata\roaming\macromedia\flash player\#sharedobjects\j93brfas\crackle.com\cracklesettings.sol
c:\users\foothill\carbonite restored old user settings\appdata\roaming\macromedia\flash player\macromedia.com\support\flashplayer\sys\#crackle.com\settings.sol
scanner sequence 3.LB.11.UVCPLX
----- EOF -----
5. no
scheinb
Active Member
 
Posts: 2
Joined: October 9th, 2011, 12:05 am

Re: slow comp flickering cursor

Unread postby pgmigg » October 17th, 2011, 9:52 am

Hello scheinb,

Thank you for your answers, but before we continue I need to ask you a couple of questions:
  1. Why the Windows 7 Service Pack 1 has not been installed on your computer?
  2. Looking over your log, it seems you don't have any evidence of an anti-virus software. Why you did not installed it?
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: slow comp flickering cursor

Unread postby deltalima » October 20th, 2011, 1:54 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 104 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware