Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer slows to the point of almost freezing


  • Please log in to reply

#1
ChargerKen

ChargerKen

    New Member

  • Member
  • Pip
  • 1 posts
I'm attempting to fix this computer for my brother, who knows much less about computers than I (and I'm no expert). I have run Malwarebytes Anti-Malware in safe mode and am running Advanced SystemCare 6 and Iobit Malware Fighter.

Malware bytes detected and presumably removed about 15 viruses but the slowing problem persists.

Thank you for the help.


OTL logfile created on: 8/21/2013 1:23:16 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kenny\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.38 Mb Total Physical Memory | 153.96 Mb Available Physical Memory | 15.19% Memory free
2.23 Gb Paging File | 1.08 Gb Available in Paging File | 48.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110.32 Gb Total Space | 67.72 Gb Free Space | 61.38% Space Free | Partition Type: NTFS

Computer Name: KENNY-PC | User Name: Kenny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/21 13:22:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kenny\Downloads\OTL (1).exe
PRC - [2013/08/11 21:07:18 | 000,107,520 | ---- | M] () -- C:\Users\Kenny\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
PRC - [2013/08/08 19:33:48 | 001,303,360 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2013/08/08 19:33:48 | 000,807,800 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2013/07/24 17:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/06/14 10:03:16 | 001,515,328 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
PRC - [2013/05/30 01:16:38 | 000,573,952 | ---- | M] () -- C:\Program Files\DefaultTab\DefaultTabSearch.exe
PRC - [2013/05/09 01:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 01:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2013/01/15 18:47:12 | 000,491,840 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
PRC - [2013/01/15 18:47:10 | 000,465,216 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2012/11/26 06:30:18 | 000,687,104 | ---- | M] () -- C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/01/19 00:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/01/25 17:50:26 | 000,063,096 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
PRC - [2007/01/25 17:47:50 | 000,136,816 | ---- | M] () -- C:\TOSHIBA\IVP\ISM\pinger.exe
PRC - [2006/12/19 23:16:44 | 000,411,768 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2006/12/19 23:15:44 | 000,428,152 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2006/12/11 17:45:16 | 000,448,632 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
PRC - [2006/11/14 22:02:36 | 001,372,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2006/11/14 21:19:42 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2006/11/14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2006/11/09 10:57:52 | 003,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006/10/31 22:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2006/10/27 13:11:02 | 000,192,512 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2006/09/12 08:03:20 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006/05/25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2005/12/16 02:41:28 | 000,188,416 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/24 17:49:46 | 000,396,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
MOD - [2013/07/24 17:49:45 | 013,599,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
MOD - [2013/07/24 17:49:44 | 004,052,944 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013/07/24 17:48:51 | 001,597,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 6\madbasic_.bpl
MOD - [2006/11/28 20:17:12 | 000,061,440 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
MOD - [2006/11/28 20:12:28 | 000,077,824 | ---- | M] () -- C:\Windows\System32\hccutils.dll


========== Services (SafeList) ==========

SRV - [2013/08/11 21:09:40 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/11 21:07:18 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Users\Kenny\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate)
SRV - [2013/08/08 19:33:48 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013/05/30 01:16:38 | 000,573,952 | ---- | M] () [Auto | Running] -- C:\Program Files\DefaultTab\DefaultTabSearch.exe -- (DefaultTabSearch)
SRV - [2013/05/09 01:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2013/01/15 18:47:10 | 000,465,216 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2012/11/26 06:30:18 | 000,687,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe -- (FastFreeConverterUpdt)
SRV - [2009/03/30 19:13:44 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/01/25 17:50:26 | 000,063,096 | ---- | M] () [Auto | Running] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2007/01/25 17:47:50 | 000,136,816 | ---- | M] () [Auto | Running] -- C:\TOSHIBA\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/12/19 23:15:44 | 000,428,152 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2006/11/14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006/10/31 22:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2006/09/12 08:03:20 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/05/25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Unavailable | Unknown] -- system32\DRIVERS\msfwhlpr.sys -- (MSFWHLPR)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/07/05 13:12:03 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/07/05 13:12:03 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/07/05 13:12:03 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/22 18:49:32 | 000,015,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2013/05/09 01:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 01:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 01:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 01:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/05/09 01:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/03/26 19:35:18 | 000,020,944 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2013/03/26 19:35:12 | 000,031,752 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys -- (RegFilter)
DRV - [2013/03/23 15:50:04 | 000,021,480 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2007/02/28 18:04:58 | 000,694,784 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/02/19 19:13:24 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10N.sys -- (KR10N)
DRV - [2007/02/19 19:12:46 | 000,219,520 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10I.sys -- (KR10I)
DRV - [2006/11/04 09:35:50 | 000,059,392 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006/11/02 00:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2006/10/23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006/10/18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/10/05 22:22:14 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2006/09/27 20:06:56 | 000,479,488 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\kr3npxp.sys -- (KR3NPXP)
DRV - [2006/08/31 06:53:00 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/07/28 16:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
DRV - [2006/07/06 13:44:00 | 000,168,448 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/08/01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE - HKLM\..\SearchScopes,DefaultScope = {A57D9ACE-B0E4-4B84-9235-D840E9B85B5C}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...mrud=25-08-2011
IE - HKLM\..\SearchScopes\{843A979C-5FDD-45A4-80BA-8F7219B3E7FF}: "URL" = http://www.google.co...ge={startPage};

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...1D-906C38874736
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {A57D9ACE-B0E4-4B84-9235-D840E9B85B5C}
IE - HKCU\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...mrud=25-08-2011
IE - HKCU\..\SearchScopes\{30132888-A54C-4113-9934-309E2124A8C2}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{4281D002-2366-40DC-AC13-F77BBB89224F}: "URL" = http://search.condui...q={searchTerms}
IE - HKCU\..\SearchScopes\{843A979C-5FDD-45A4-80BA-8F7219B3E7FF}: "URL" = http://www.google.co...ie7&rlz=1I7TSHB
IE - HKCU\..\SearchScopes\{A57D9ACE-B0E4-4B84-9235-D840E9B85B5C}: "URL" = http://search.condui...1065840161&UM=2
IE - HKCU\..\SearchScopes\{A7C94C4D-1245-4709-9589-F35925BE3ED5}: "URL" = http://websearch.ask...8D-8D9F413E1630
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/17 08:19:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/17 08:19:13 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://search.condui...=CT3291325&UM=2
CHR - default_search_provider: suggest_url = http://suggest.searc...7622642612&UM=2
CHR - Extension: KeyBar 1.12 = C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gipmblamjgodbimgeafaiegdpfbaeihe\10.16.100.4_0\
CHR - Extension: KeyBar 1.12 = C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gipmblamjgodbimgeafaiegdpfbaeihe\10.16.100.504_0\
CHR - Extension: Ebay Shopping Assistant by Spigot = C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.0_0\
CHR - Extension: Domain Error Assistant = C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.1_0\
CHR - Extension: DefaultTab = C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.23_0\
CHR - Extension: Slick Savings = C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\
CHR - Extension: Amazon Shopping Assistant by Spigot = C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Kenny\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Cartwheel) - {B50DF051-E1D4-439C-B94E-F4DE82B56542} - C:\Users\Kenny\AppData\Roaming\Cartwheel\Cartwheel.dll (Cartwheel, Inc.)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (Fast Free Converter 3.0) - {DDA5D4B3-468F-4D62-9092-75142C6169B1} - C:\Program Files\Fast Free Converter\FastFreeConverter\FastFreeConverter.dll (Fast Free Converter)
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Advanced SystemCare 6] C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe (IObit)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: wsihq.com ([wess] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcp...ols/pcmatic.cab (PCPitstop Utility)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{897807C9-4B65-4FDF-9105-02481032085C}: DhcpNameServer = 24.116.33.232 24.116.2.34
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9CDF76F-7689-47A5-825F-E28D3EC10468}: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img11.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img11.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8c62f8bc-97d9-11dd-91be-001b3817bca0}\Shell - "" = AutoRun
O33 - MountPoints2\{8c62f8bc-97d9-11dd-91be-001b3817bca0}\Shell\AutoRun\command - "" = E:\Imageviewer.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/16 16:18:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2013/08/14 16:11:14 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2013/08/14 16:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Apps Toolbar
[2013/08/11 21:07:38 | 000,000,000 | ---D | C] -- C:\Program Files\DefaultTab
[2013/08/11 21:07:18 | 000,000,000 | ---D | C] -- C:\Users\Kenny\AppData\Roaming\DefaultTab
[2013/08/11 16:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2013/08/10 16:29:11 | 000,000,000 | ---D | C] -- C:\Program Files\24x7Help
[2013/08/10 16:28:04 | 000,000,000 | ---D | C] -- C:\Users\Kenny\AppData\Local\Conduit
[2013/08/10 16:26:31 | 000,000,000 | ---D | C] -- C:\Program Files\SearchProtect
[2013/08/10 16:26:01 | 000,000,000 | ---D | C] -- C:\Users\Kenny\AppData\Roaming\SearchProtect
[2013/08/10 16:25:57 | 000,000,000 | ---D | C] -- C:\Users\Kenny\AppData\Local\CRE
[2013/08/10 16:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2013/08/10 16:24:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ZalmanInstaller_52331
[2013/07/27 21:00:21 | 000,023,872 | ---- | C] (IObit) -- C:\Windows\System32\RegistryDefragBootTime.exe

========== Files - Modified Within 30 Days ==========

[2013/08/21 13:03:11 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/21 12:55:34 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/21 12:55:34 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/21 12:43:41 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/21 12:43:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/21 08:57:45 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/18 09:50:51 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/08/14 17:10:28 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/08/14 17:10:28 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/08/11 21:07:31 | 000,000,258 | RHS- | M] () -- C:\Users\Kenny\ntuser.pol
[2013/08/11 16:18:10 | 000,000,958 | ---- | M] () -- C:\Users\Kenny\Application Data\Microsoft\Internet Explorer\Quick Launch\Smart Defrag 2.lnk
[2013/08/11 16:18:10 | 000,000,934 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2013/08/11 16:15:16 | 000,000,961 | ---- | M] () -- C:\Users\Kenny\Application Data\Microsoft\Internet Explorer\Quick Launch\IObit Malware Fighter.lnk
[2013/08/11 16:15:16 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2013/08/11 15:50:06 | 000,000,954 | ---- | M] () -- C:\Users\Kenny\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/08/10 16:24:56 | 000,000,009 | ---- | M] () -- C:\END
[2013/08/10 14:53:16 | 000,000,184 | ---- | M] () -- C:\Users\Kenny\Desktop\PHFFL Home - Free Fantasy Football 2013 Fantasy Football - NFL.com.url
[2013/08/04 10:15:59 | 000,001,898 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2013/08/11 21:07:31 | 000,000,258 | RHS- | C] () -- C:\Users\Kenny\ntuser.pol
[2013/08/11 16:18:12 | 000,015,672 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2013/08/11 16:15:16 | 000,000,961 | ---- | C] () -- C:\Users\Kenny\Application Data\Microsoft\Internet Explorer\Quick Launch\IObit Malware Fighter.lnk
[2013/08/11 16:15:16 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2013/08/11 15:50:06 | 000,000,954 | ---- | C] () -- C:\Users\Kenny\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/08/10 14:53:15 | 000,000,184 | ---- | C] () -- C:\Users\Kenny\Desktop\PHFFL Home - Free Fantasy Football 2013 Fantasy Football - NFL.com.url
[2013/07/05 13:12:04 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys.sum
[2013/07/05 13:12:04 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2013/07/05 13:12:04 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSnx.sys.sum
[2013/04/14 15:56:04 | 000,175,176 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/04/14 15:56:02 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2009/03/20 17:30:43 | 000,007,230 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2007/08/15 19:46:44 | 000,000,000 | ---- | C] () -- C:\Users\Kenny\AppData\Roaming\wklnhst.dat
[2007/08/15 19:33:05 | 000,004,608 | ---- | C] () -- C:\Users\Kenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010/03/08 09:29:50 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\acccore
[2013/03/18 20:16:22 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\Cartwheel
[2013/08/11 21:07:18 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\DefaultTab
[2012/12/12 19:19:12 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\DriverCure
[2013/04/27 10:47:18 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\IObit
[2007/12/29 14:59:07 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\iWin
[2007/12/29 14:54:30 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\iWinArcade
[2013/03/18 20:19:48 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\MusicOasis
[2012/12/12 19:19:12 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\ParetoLogic
[2007/12/17 21:25:12 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\PlayFirst
[2013/08/11 18:14:42 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\SearchProtect
[2007/08/15 19:47:53 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\Template
[2007/08/13 18:17:16 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\toshiba
[2007/08/15 19:08:35 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\Ulead Systems
[2009/04/05 15:09:22 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\W Photo Studio
[2009/03/08 13:03:23 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\W Photo Studio Viewer
[2009/03/08 13:04:38 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\Walgreens
[2007/09/06 20:27:31 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\WildTangent
[2007/08/11 09:15:29 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\WinBatch

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:52067872

< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Uninstall
Advanced SystemCare 6 and Iobit Malware Fighter.


Download the adwCleaner
Pause your anti-virus. Close all browsers.
  • Run the Tool
    Windows Vista and Windows 7 users:
    Right click in the adwCleaner.exe and select the Delete option
  • When the scan completes, it will open a notepad windows.
  • Please, copy the content of this file in your next reply.


Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop.
  • Pause your anti-virus. Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
rsvpsp.dll
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
user32.dll
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%ProgramFiles%\WINDOWS NT\*.* /s
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group
Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes
then Run Scan.
You should get two logs. Please copy and paste both of them.



Download aswMBR.exe to your desktop.
Double click the aswMBR.exe to run it
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply




Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.
Wait until the computer starts to slow down then:
File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.



Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Make sure the computer has been on for at least an hour. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.


Tonight while you sleep:
First mute the speakers so it won't wake you up when Windows loads. Click on the Orange ball. Click on Security. Click on AntiVirus. Scroll down to the bottom and find Boot-time scan. Click on Settings. Where it says Heuristic Sensitivity click on the last rectangle so that all of them are orange and it says High. Then change When a threat is found ... to: Move to Chest. OK. Now click on Schedule Now. Close the Avast window and then reboot. The scan will start. It will tell you where it will save the report. Usually it's
C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location. When Windows loads Click on the Orange Ball then Maintenance then Scan Logs. Click on the Boot-time scan log and then View Results. IF it found anything then open the saved Report and copy and paste the text into a reply so I can see it.



Ron
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP