Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

slow pc


  • Please log in to reply

#1
robin3

robin3

    New Member

  • Member
  • Pip
  • 1 posts
hello i was trying to see if my ole pc here has a virus ,ive ran malawarebytes and i use security essentionals and still no findings of a virus,just wanna make sure im ok for now

OTL logfile created on: 9/23/2012 10:29:27 PM - Run 1
OTL by OldTimer - Version 3.2.66.2 Folder = C:\Documents and Settings\THE BOSS\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.00 Mb Total Physical Memory | 605.39 Mb Available Physical Memory | 59.18% Memory free
2.40 Gb Paging File | 2.08 Gb Available in Paging File | 86.36% Paging File free
Paging file location(s): C:\pagefile.sys 1534 2056 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 20.95 Gb Free Space | 56.26% Space Free | Partition Type: NTFS

Computer Name: DELL-E0A70A2023 | User Name: THE BOSS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/23 22:01:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\THE BOSS\My Documents\Downloads\OTL.exe
PRC - [2012/09/05 20:26:39 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/05 20:26:41 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2006/10/22 12:22:00 | 000,212,992 | ---- | M] () -- C:\WINDOWS\system32\nvapi.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/09/16 23:49:22 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/05 20:26:40 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Boot | Unknown] -- system32\drivers\Partizan.sys -- (Partizan)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\taddoamx.sys -- (kkxa)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\THEBOS~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/09/23 22:26:22 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{52731114-E04C-481E-9BF5-D1D7C9E2FFB4}\MpKsl5326bb8c.sys -- (MpKsl5326bb8c)
DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2009/10/07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/04/30 22:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI)
DRV - [2003/09/22 11:43:06 | 001,330,048 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P16X.sys -- (P16X)
DRV - [2003/09/22 07:48:06 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/22 07:47:38 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2003/08/29 04:59:24 | 001,101,696 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMSM.sys -- (BCMModem)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.oberon-...play.com/?o=shp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://www.searchqu....q={searchTerms}


IE - HKU\.DEFAULT\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-484763869-1275210071-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-484763869-1275210071-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-484763869-1275210071-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-484763869-1275210071-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-484763869-1275210071-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-484763869-1275210071-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 46 DA 06 52 70 E8 CC 01 [binary data]
IE - HKU\S-1-5-21-484763869-1275210071-725345543-1006\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-484763869-1275210071-725345543-1006\..\URLSearchHook: {6596e107-8944-4a8c-8045-62fda3697008} - No CLSID value found
IE - HKU\S-1-5-21-484763869-1275210071-725345543-1006\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-484763869-1275210071-725345543-1006\..\URLSearchHook: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No CLSID value found
IE - HKU\S-1-5-21-484763869-1275210071-725345543-1006\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}
IE - HKU\S-1-5-21-484763869-1275210071-725345543-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-484763869-1275210071-725345543-1006\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0000007e9cfc105
IE - HKU\S-1-5-21-484763869-1275210071-725345543-1006\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....erms}&fr=mkg028
IE - HKU\S-1-5-21-484763869-1275210071-725345543-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....h?fr=mkg030&p="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?...PN10169&gct=hp"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledAddons: {50fa8145-5954-4508-9124-e61bbc85c08b}:0.2
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/16 22:16:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/03/23 18:28:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\THE BOSS\Application Data\Mozilla\Extensions
[2012/09/23 04:06:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\THE BOSS\Application Data\Mozilla\Firefox\Profiles\w575hjyo.default\extensions
[2012/09/16 21:19:53 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\THE BOSS\Application Data\Mozilla\Firefox\Profiles\w575hjyo.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2)
[2012/09/16 21:19:42 | 000,000,000 | ---D | M] (IMVU Inc) -- C:\Documents and Settings\THE BOSS\Application Data\Mozilla\Firefox\Profiles\w575hjyo.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}(2)
[2012/09/23 03:28:32 | 000,010,915 | ---- | M] () (No name found) -- C:\Documents and Settings\THE BOSS\Application Data\Mozilla\Firefox\Profiles\w575hjyo.default\extensions\{50fa8145-5954-4508-9124-e61bbc85c08b}.xpi
[2012/07/02 16:10:21 | 000,002,343 | ---- | M] () -- C:\Documents and Settings\THE BOSS\Application Data\Mozilla\Firefox\Profiles\w575hjyo.default\searchplugins\askcom.xml
[2012/09/17 01:54:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/16 20:59:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/09/17 01:54:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/09/16 20:59:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions
[2012/09/07 12:01:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/09/16 20:59:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/06/18 07:59:54 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/08/12 17:03:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/09/05 20:27:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/09/05 20:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/27 10:11:08 | 000,002,325 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pandasecuritytb.xml
[2012/09/05 20:26:22 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========


O1 HOSTS File: ([2004/08/12 08:57:47 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-484763869-1275210071-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-484763869-1275210071-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\THE BOSS\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-484763869-1275210071-725345543-1006\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-484763869-1275210071-725345543-1006\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-484763869-1275210071-725345543-1006\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-484763869-1275210071-725345543-1006\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C234292E-3A62-43B7-A357-C76FAFA4D07E}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/08/12 13:53:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/23 21:55:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\THE BOSS\Recent
[2012/09/23 14:53:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\THE BOSS\Start Menu\Programs\IMVU
[2012/09/23 02:55:21 | 000,000,000 | ---D | C] -- C:\Program Files\Webroot
[2012/09/21 23:40:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Logitech
[2012/09/21 23:40:22 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2012/09/19 16:58:08 | 000,000,000 | ---D | C] -- C:\toolbarImages
[2012/09/19 16:44:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\THE BOSS\Application Data\PriceGong
[2012/09/19 04:41:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\THE BOSS\Application Data\Panda Security
[2012/09/19 04:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Identities
[2012/09/19 04:39:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\THE BOSS\Application Data\pandasecuritytb
[2012/09/19 04:37:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2012/09/17 01:40:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2012/09/16 22:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/09/16 21:36:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\THE BOSS\Desktop\Unused Desktop Shortcuts
[2012/09/16 21:25:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/09/16 21:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2012/09/16 21:24:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012/09/16 20:59:06 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/23 22:26:04 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/09/23 22:25:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/09/23 22:25:47 | 1072,766,976 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/23 17:43:49 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/09/23 17:26:43 | 000,001,949 | ---- | M] () -- C:\Documents and Settings\THE BOSS\Desktop\IMVU.lnk
[2012/09/20 01:38:49 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/09/19 16:55:28 | 000,014,573 | ---- | M] () -- C:\Documents and Settings\THE BOSS\My Documents\barrys private.JPG
[2012/09/19 16:40:05 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/09/19 03:59:22 | 000,000,286 | ---- | M] () -- C:\WINDOWS\reimage.ini
[2012/09/18 23:51:40 | 000,020,453 | ---- | M] () -- C:\Documents and Settings\THE BOSS\My Documents\Picture 5.jpg
[2012/09/16 23:17:23 | 000,000,009 | ---- | M] () -- C:\END
[2012/09/16 23:06:21 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/09/16 23:05:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/09/16 22:17:32 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\THE BOSS\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/09/16 22:17:32 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/08/31 02:49:47 | 000,364,879 | ---- | M] () -- C:\Documents and Settings\THE BOSS\My Documents\Snap_268255742503dc70d02f7b.jpg
[2012/08/30 01:47:37 | 000,006,000 | ---- | M] () -- C:\Documents and Settings\THE BOSS\My Documents\122617.jpg
[2012/08/26 12:54:28 | 000,407,458 | ---- | M] () -- C:\Documents and Settings\THE BOSS\My Documents\Snap_7455048525038848ce7966 (1).jpg
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/23 14:53:55 | 000,001,949 | ---- | C] () -- C:\Documents and Settings\THE BOSS\Desktop\IMVU.lnk
[2012/09/19 16:55:27 | 000,014,573 | ---- | C] () -- C:\Documents and Settings\THE BOSS\My Documents\barrys private.JPG
[2012/09/19 03:59:01 | 000,000,286 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2012/09/18 23:51:38 | 000,020,453 | ---- | C] () -- C:\Documents and Settings\THE BOSS\My Documents\Picture 5.jpg
[2012/09/16 23:06:13 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/09/16 22:17:32 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\THE BOSS\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/09/16 22:17:32 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/09/16 22:17:32 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/09/11 14:25:18 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/09/01 04:11:29 | 000,407,458 | ---- | C] () -- C:\Documents and Settings\THE BOSS\My Documents\Snap_7455048525038848ce7966 (1).jpg
[2012/08/31 02:50:21 | 000,364,879 | ---- | C] () -- C:\Documents and Settings\THE BOSS\My Documents\Snap_268255742503dc70d02f7b.jpg
[2012/08/30 01:47:37 | 000,006,000 | ---- | C] () -- C:\Documents and Settings\THE BOSS\My Documents\122617.jpg
[2012/06/02 02:31:55 | 000,042,792 | ---- | C] () -- C:\Documents and Settings\THE BOSS\Application Data\userenv.xml.urlencode
[2012/06/02 02:31:55 | 000,031,992 | ---- | C] () -- C:\Documents and Settings\THE BOSS\Application Data\userenv.xml
[2012/05/01 21:54:50 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2012/05/01 21:54:49 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll
[2012/04/07 17:38:12 | 000,000,896 | ---- | C] () -- C:\Documents and Settings\THE BOSS\.recently-used.xbel
[2012/04/04 01:51:31 | 002,359,296 | ---- | C] () -- C:\Documents and Settings\THE BOSS\NTUSER.bak
[2012/02/15 17:48:22 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/08 04:51:09 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat
[2011/08/12 16:23:57 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/12 16:21:02 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/08/12 14:06:47 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2011/08/12 13:55:28 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/08/12 13:49:46 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/08/12 08:40:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/08/12 08:39:09 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== ZeroAccess Check ==========

[2011/08/12 15:55:17 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/04/16 11:09:07 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/03/14 11:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AMMYY
[2012/08/03 02:37:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blekko toolbars
[2012/05/22 10:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2011/09/25 15:36:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2011/08/14 19:39:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GamesBar
[2012/05/10 00:59:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2012/03/05 10:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leapfrog
[2011/08/14 19:40:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2012/09/19 04:37:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2011/08/30 01:15:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC1Data
[2012/09/07 12:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2012/08/19 14:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/08/21 02:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\W3i
[2012/06/02 02:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Windows Desktop Search
[2012/08/19 11:45:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\Auslogics
[2012/02/23 16:49:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\Babylon
[2012/06/14 13:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\blekkotb_019
[2012/06/14 13:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\blekkotb_soc
[2012/07/08 02:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/07/02 16:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\DarkBlood ServiceNa
[2012/05/07 17:11:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\DriverCure
[2012/07/08 04:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\GFI Software
[2012/09/16 21:25:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\GlarySoft
[2012/04/07 17:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\gtk-2.0
[2012/09/23 21:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\IMVU
[2012/09/23 14:53:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\IMVUClient
[2012/03/21 02:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\IObit
[2012/05/01 08:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\kujytuo
[2012/04/07 20:53:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\Leadertech
[2012/04/30 12:09:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\ooVoo Details
[2012/09/19 04:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\Panda Security
[2012/09/19 16:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\pandasecuritytb
[2012/07/08 04:37:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\PC Unleashed Online
[2012/03/08 14:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\pdfforge
[2012/09/19 16:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\PriceGong
[2012/01/30 00:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\Sony Online Entertainment
[2012/05/07 17:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\SpeedyPC Software
[2012/06/02 02:32:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\spotmau
[2012/04/03 06:01:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\Toolbar4
[2012/01/26 14:03:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\WeatherBug
[2012/01/06 00:49:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\Windows Desktop Search
[2012/01/09 11:23:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\Windows Search
[2012/05/07 17:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\THE BOSS\Application Data\YourFileDownloader

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4300D829
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B

< End of report >

Attached Files


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,800 posts
  • MVP
1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.

The disk check will run and will probably take an hour or more to finish.



1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.


ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe (Vista or Win 7 must right click and Run As Admin)
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply


Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.


Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a minute for things to settle down.

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.



Ron
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP