Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

computer slow and sluggish, sometimes non responsive

Started by lisaandben , Jan 22 2015 12:13 PM

  • Please log in to reply

#1
lisaandben
Posted 22 January 2015 - 12:13 PM

lisaandben

    New Member

  • Member
  • Pip
  • 1 posts

I don't know if I did this right, but here's hoping.....

OTL Extras logfile created on: 1/22/2015 11:35:30 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Trade It\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.86 Gb Total Physical Memory | 0.12 Gb Available Physical Memory | 4.06% Memory free
5.71 Gb Paging File | 1.86 Gb Available in Paging File | 32.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278.56 Gb Total Space | 234.21 Gb Free Space | 84.08% Space Free | Partition Type: NTFS
Drive D: | 1.84 Gb Total Space | 1.83 Gb Free Space | 99.40% Space Free | Partition Type: FAT
 
Computer Name: LISA | User Name: Trade It | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015E6E44-40CE-4E0D-9CE7-F9F0860EC4AE}" = lport=1723 | protocol=6 | dir=in | app=system |
"{02C0799B-EECB-4ADC-AABC-D2BA0C2E3F85}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1D325CCF-218C-443B-ABDB-E7295CA84347}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2A3EB798-6DFA-4466-B34A-62443861A042}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2B3E2441-5793-4CFE-9B23-94CE859DCD0A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2C88FD25-01E3-4E87-B1A3-07C2D4AC13CC}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{371992D7-743F-4D2D-86FB-3C4F3EF0EFF2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3F0D1032-C3A8-48DF-B1B8-E264065487E7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{49452CAC-CA2C-4BE4-99B3-574EFBD06BA0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4E676DE8-136B-4E11-9E74-6D322E58D85E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{60748580-D719-436E-95C2-A46252AA1415}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{6469DEF5-9BAE-4CA9-AFC1-BF86368F2797}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6DABA684-814F-4879-BB09-C638F14FA4FB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7774A77E-4BBA-4C69-9B7E-2CF20C861B76}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{781F68AD-FBCE-4EC3-9BF8-453A08BEDF45}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{853E1230-E2A9-4703-A597-FA0A88472ABA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8D6D566D-0EA9-491B-A91B-F80B5D6F1CE0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{92C1A7E0-B853-4380-86AF-9EDF7D54D500}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9944312E-D1BB-474B-99B0-A4333DC1ED9E}" = lport=1701 | protocol=17 | dir=in | app=system |
"{9E3BC769-7B86-418C-8C58-65B0DCD59CAF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9FAE618D-B863-4555-866D-DD4DE23269F2}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{AA5AC37B-15B2-4CF7-B2F4-F2B55F87F6B4}" = lport=7000 | protocol=6 | dir=in | name=windows easy transfer tcp port |
"{B167D2D8-9847-4346-863D-FDAA13A4CE1B}" = lport=7000 | protocol=17 | dir=in | name=windows easy transfer udp port |
"{B9B1C38F-0F2A-46B6-998A-4E7E84A6D0E1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C88FEC83-1D95-48B4-817A-F6C489B53C60}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CC9164FD-6E99-4F2C-8D84-5ACDFDC9A2C6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D2C4633D-4DD4-49F8-A456-BA819951528C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D3D6E9A3-5930-4126-B8ED-3789972169D4}" = rport=1701 | protocol=17 | dir=out | app=system |
"{DAFB14CF-0F69-48B9-9002-6CFFAA13A4AC}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E1D2FE85-570E-41A4-B661-07B97499FF49}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EA9ED66F-3903-4742-8CC6-C7346CFFAEAF}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{EFDEAD87-3A6B-4FAB-82E1-F650A96FD4FC}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{FBA2384E-02BF-46B8-8CF5-3559FE07E47A}" = rport=1723 | protocol=6 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0079D5AF-EECC-4515-966A-B822FDE88E65}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{03343E5C-640B-450E-943E-1654B99B3EA9}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\acrobat.com\acrobat.com.exe |
"{03652768-9F18-4F23-A63C-43800BF05E38}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{046314AE-187D-49C6-85DE-ACF2639B9720}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{04C318E3-B82D-4AF0-B177-B57C354E97CA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0958817E-A3B4-48A6-BAB5-80CD6A01281E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{135F0EA2-15AD-4AD1-957A-0D548ECDA7A6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2C33B73E-B11C-4313-A6D2-680A38612B83}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\acrobat.com\acrobat.com.exe |
"{30AB0F7E-D256-4F39-8338-40E255228DC7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3280A6EC-42A8-41EC-8104-35198AAFD835}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{370EA921-C385-402D-A547-E99B036EA18D}" = protocol=47 | dir=in | app=system |
"{3970CEBC-962A-4451-85C3-D598FE4EC948}" = protocol=47 | dir=out | app=system |
"{4C2FD4E6-39B1-4D0A-B4FD-98124C3033E3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{573015EF-AA52-4B05-BDDB-44DF50D80B0A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{61F72DB5-1FA7-494E-BDEA-F033541D4EE9}" = protocol=6 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe |
"{639D2D5F-5B7E-4698-AC85-62F0F04284EA}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{65CAB2CF-5EC8-423F-9F73-E26F0E6649FA}" = dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{66359255-9696-4681-85BB-78D742E4319C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6B7A0190-C76B-4B20-90CF-AD7F1D8D2A97}" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{6CA670F2-4BC1-46D5-9361-D3AECF2ACEAC}" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{8996450E-D3DD-4530-ACC9-31AF0309FE38}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{95F4DDA4-FD61-4426-B336-1FD1A197F7D9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AFE496F2-4DFF-4B20-8820-3B31330A301A}" = protocol=17 | dir=in | app=c:\esupport\edriver\install.exe |
"{B75D6692-9CC6-4E3C-98CB-477AAFA14F80}" = protocol=6 | dir=in | app=c:\esupport\edriver\install.exe |
"{BEF100C4-94BE-4AED-8F27-0A628FA771D2}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{BF6E02D1-6E49-432D-AE15-6CAB90B46753}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C46AFB7F-492F-477D-8DA4-D2EE00163B47}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{D4D4B678-4375-4717-9AE7-6444E9C7890B}" = protocol=17 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe |
"{E7632927-53A6-40DC-8B32-C87D39CC1AC9}" = protocol=6 | dir=out | app=system |
"{F16B010E-571A-42B4-BC4E-31070DD4E24A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F23A7045-4B2F-4629-B455-009097BB217F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F52DA3CC-1E3E-4A74-B6EF-BE761D82977B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{23F2C78C-E131-4CA0-8F84-3473FB7728BA}" = Microsoft Security Client
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Elantech" = ETDWare PS/2-x64 7.0.5.12_WHQL
"Microsoft Security Client" = Microsoft Security Essentials
"USB2.0 UVC VGA WebCam" = USB2.0 UVC VGA WebCam
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35827710-D042-428B-A1E5-E20E12D2FEB9}" = SparkTrust PC Cleaner Plus
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{7958A795-4364-4D57-B2C3-CFEEC8991323}" = Vipre
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}" = JMicron Ethernet Adapter NDIS Driver
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F817F09-5E09-4F08-907B-F1BB74801733}" = SparkTrust AntiVirus
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Google Chrome" = Google Chrome
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.4.1028
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Aff Packages" = Aff Packages
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 2/24/2014 8:18:27 PM | Computer Name = Lisa | Source = System Restore | ID = 8193
Description =
 
Error - 2/26/2014 8:44:46 AM | Computer Name = Lisa | Source = System Restore | ID = 8193
Description =
 
Error - 2/26/2014 10:27:41 AM | Computer Name = Lisa | Source = Application Error | ID = 1000
Description = Faulting application name: LiveUpdt.exe, version: 2.0.0.0, time stamp:
 0x4a6d7c8e  Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp:
 0x4ec49d10  Exception code: 0xc0000005  Fault offset: 0x0002e3c6  Faulting process id:
 0x1270  Faulting application start time: 0x01cf32fee76cfd57  Faulting application path:
 C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdt.exe  Faulting module path:
C:\Windows\SysWOW64\ntdll.dll  Report Id: 25ddfc31-9ef2-11e3-8df5-20cf30675601
 
Error - 2/26/2014 5:39:05 PM | Computer Name = Lisa | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
 Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3.  The value
 "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
 "version" in element "assemblyIdentity" is invalid.
 
Error - 2/26/2014 5:39:12 PM | Computer Name = Lisa | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\windows
 live\messenger\wlcsdk.exe".  Dependent Assembly UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 2/26/2014 5:45:42 PM | Computer Name = Lisa | Source = System Restore | ID = 8193
Description =
 
Error - 2/27/2014 5:12:32 PM | Computer Name = Lisa | Source = System Restore | ID = 8193
Description =
 
Error - 2/28/2014 9:05:54 AM | Computer Name = Lisa | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
 Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3.  The value
 "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
 "version" in element "assemblyIdentity" is invalid.
 
Error - 2/28/2014 9:06:01 AM | Computer Name = Lisa | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\windows
 live\messenger\wlcsdk.exe".  Dependent Assembly UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 2/28/2014 9:16:58 AM | Computer Name = Lisa | Source = System Restore | ID = 8193
Description =
 
Error - 3/1/2014 11:03:10 AM | Computer Name = Lisa | Source = System Restore | ID = 8193
Description =
 
Error - 3/2/2014 2:07:53 PM | Computer Name = Lisa | Source = System Restore | ID = 8193
Description =
 
Error - 3/3/2014 2:22:01 PM | Computer Name = Lisa | Source = Application Error | ID = 1000
Description = Faulting application name: LiveUpdt.exe, version: 2.0.0.0, time stamp:
 0x4a6d7c8e  Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp:
 0x4ec49d10  Exception code: 0xc0000005  Fault offset: 0x0002e3c6  Faulting process id:
 0x1354  Faulting application start time: 0x01cf370d77958ef7  Faulting application path:
 C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdt.exe  Faulting module path:
C:\Windows\SysWOW64\ntdll.dll  Report Id: b64c2355-a300-11e3-a2f5-20cf30675601
 
Error - 3/3/2014 2:22:50 PM | Computer Name = Lisa | Source = System Restore | ID = 8193
Description =
 
Error - 3/4/2014 9:47:49 AM | Computer Name = Lisa | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
 Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3.  The value
 "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
 "version" in element "assemblyIdentity" is invalid.
 
Error - 3/4/2014 9:47:59 AM | Computer Name = Lisa | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\windows
 live\messenger\wlcsdk.exe".  Dependent Assembly UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 3/4/2014 9:54:39 AM | Computer Name = Lisa | Source = System Restore | ID = 8193
Description =
 
Error - 3/4/2014 3:57:17 PM | Computer Name = Lisa | Source = System Restore | ID = 8193
Description =
 
[ Media Center Events ]
Error - 4/12/2014 9:39:59 PM | Computer Name = Lisa | Source = MCUpdate | ID = 0
Description = 9:39:58 PM - Error connecting to the internet.  9:39:58 PM -     Unable
 to contact server.. 
 
Error - 4/12/2014 10:43:59 PM | Computer Name = Lisa | Source = MCUpdate | ID = 0
Description = 10:43:59 PM - Error connecting to the internet.  10:43:59 PM -     Unable
 to contact server.. 
 
Error - 4/12/2014 10:44:05 PM | Computer Name = Lisa | Source = MCUpdate | ID = 0
Description = 10:44:04 PM - Error connecting to the internet.  10:44:04 PM -     Unable
 to contact server.. 
 
Error - 5/1/2014 10:31:19 PM | Computer Name = Lisa | Source = MCUpdate | ID = 0
Description = 10:31:19 PM - Error connecting to the internet.  10:31:19 PM -     Unable
 to contact server.. 
 
Error - 5/1/2014 10:33:29 PM | Computer Name = Lisa | Source = MCUpdate | ID = 0
Description = 10:33:27 PM - Error connecting to the internet.  10:33:27 PM -     Unable
 to contact server.. 
 
Error - 5/20/2014 4:52:27 PM | Computer Name = Lisa | Source = MCUpdate | ID = 0
Description = 4:52:27 PM - Failed to retrieve Broadband (Error: The underlying connection
 was closed: An unexpected error occurred on a receive.) 
 
Error - 5/26/2014 7:52:32 PM | Computer Name = Lisa | Source = MCUpdate | ID = 0
Description = 7:52:32 PM - Error connecting to the internet.  7:52:32 PM -     Unable
 to contact server.. 
 
Error - 5/26/2014 7:52:42 PM | Computer Name = Lisa | Source = MCUpdate | ID = 0
Description = 7:52:37 PM - Error connecting to the internet.  7:52:37 PM -     Unable
 to contact server.. 
 
Error - 7/6/2014 10:17:56 PM | Computer Name = Lisa | Source = MCUpdate | ID = 0
Description = 10:17:56 PM - Error connecting to the internet.  10:17:56 PM -     Unable
 to contact server.. 
 
Error - 7/6/2014 10:18:06 PM | Computer Name = Lisa | Source = MCUpdate | ID = 0
Description = 10:18:01 PM - Error connecting to the internet.  10:18:01 PM -     Unable
 to contact server.. 
 
[ System Events ]
Error - 1/21/2015 11:05:32 PM | Computer Name = Lisa | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

 Feature:
 %%886     Error Code: 0x80070002     Error description: The system cannot find the file specified.
      Reason: %%858
 
Error - 1/21/2015 11:56:53 PM | Computer Name = Lisa | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
 
Error - 1/22/2015 12:12:09 PM | Computer Name = Lisa | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler
 service to connect.
 
Error - 1/22/2015 12:12:09 PM | Computer Name = Lisa | Source = Service Control Manager | ID = 7000
Description = The MBAMScheduler service failed to start due to the following error:
   %%1053
 
Error - 1/22/2015 12:12:10 PM | Computer Name = Lisa | Source = Service Control Manager | ID = 7003
Description = The Net.Msmq Listener Adapter service depends the following service:
 msmq. This service might not be installed.
 
Error - 1/22/2015 12:12:13 PM | Computer Name = Lisa | Source = SNMP | ID = 16713180
Description = The SNMP Service encountered an error while accessing the registry
 key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
 
Error - 1/22/2015 12:12:24 PM | Computer Name = Lisa | Source = RemoteAccess | ID = 20152
Description = The currently configured authentication provider failed to load and
 initialize successfully. The requested name is valid, but no data of the requested
 type was found. 
 
Error - 1/22/2015 12:12:26 PM | Computer Name = Lisa | Source = Service Control Manager | ID = 7024
Description = The Routing and Remote Access service terminated with service-specific
 error %%11004.
 
Error - 1/22/2015 12:13:53 PM | Computer Name = Lisa | Source = Service Control Manager | ID = 7022
Description = The MBAMService service hung on starting.
 
Error - 1/22/2015 12:19:09 PM | Computer Name = Lisa | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.
 
 
< End of report >


  • 0

Advertisements

#2
RKinner
Posted 22 January 2015 - 06:47 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Not quite right.  We actually want the OTL log and not the Extras so see if you can find it.

 

Also let's run a few scans:

 

 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
    •  
     
     
    Please download Farbar Recovery Scan Tool and save it to your Desktop. 
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. 
     
    •  
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 
    •  

    Get Process Explorer
     
    Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
     
    View, Select Column, check Verified Signer, OK
    Options, Verify Image Signatures
     
     

    Get the free version of Speccy:
     
    http://www.filehippo...download_speccy  (Look in the upper right for the Download
    Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.) Attach the file to your next post.  Uninstall Speccy.
     
     

    • 0
    Back to Virus, Spyware, Malware Removal · Next Unread Topic →




    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    1. Geeks to Go Community
    2. Security
    3. Virus, Spyware, Malware Removal

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP