For at least a couple of weeks now my computer has been very slow once I boot it. This is occuring when using the internet and opening documents and files. After a while it seems to pick up speed, but then it will just freeze eventually and I'll have to start the slow painstaking process over again! I suspect it may be some sort of malware, but it is supposed to be protected by Norton. I hope someone can help me before I lose my mind!! Here is the OTL log:
OTL logfile created on: 5/15/2014 10:07:24 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jenny_2\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 1.31 Gb Available Physical Memory | 69.96% Memory free
3.74 Gb Paging File | 3.25 Gb Available in Paging File | 86.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.15 Gb Total Space | 221.76 Gb Free Space | 77.23% Space Free | Partition Type: NTFS
Drive Q: | 9.77 Gb Total Space | 4.28 Gb Free Space | 43.81% Space Free | Partition Type: NTFS
Drive Z: | 294.40 Gb Total Space | 252.94 Gb Free Space | 85.91% Space Free | Partition Type: NTFS
Computer Name: JENNY | User Name: Jenny_2 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/05/15 10:07:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jenny_2\Desktop\OTL.exe
PRC - [2014/05/15 09:58:32 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/05/14 12:19:51 | 001,863,856 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/13 21:14:21 | 000,497,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
========== Modules (No Company Name) ==========
MOD - [2014/05/15 09:58:32 | 003,839,088 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/05/14 12:19:51 | 016,361,136 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_13_0_0_214.dll
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2014/05/15 09:58:32 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/14 12:20:11 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/24 15:03:19 | 000,203,088 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint)
SRV - [2014/04/24 15:03:13 | 000,375,120 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014/03/12 04:29:49 | 000,276,376 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Engine\21.2.0.38\NIS.exe -- (NIS)
SRV - [2014/03/06 03:38:10 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013/10/10 16:25:58 | 005,049,352 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Stopped] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV - [2013/06/26 19:23:04 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:23:00 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/05/27 00:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/01/20 04:01:25 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/11/08 12:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/07/23 10:31:54 | 000,163,680 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Stopped] -- C:\Program Files\DDNI\DIBS\DDNIService.exe -- (DDNIService)
SRV - [2010/07/20 12:04:24 | 000,171,872 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Stopped] -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe -- (DDNIMSGService)
SRV - [2010/05/04 14:47:34 | 000,125,952 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe -- (Sks8821)
SRV - [2010/03/15 17:54:56 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2010/03/05 02:05:47 | 000,072,256 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2009/08/28 18:09:58 | 001,019,904 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2008/01/10 16:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV - [2014/05/14 05:40:35 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140514.034\NAVEX15.SYS -- (NAVEX15)
DRV - [2014/05/14 05:40:35 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140514.034\NAVENG.SYS -- (NAVENG)
DRV - [2014/04/27 14:48:04 | 000,395,992 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140514.001\IDSvix86.sys -- (IDSVix86)
DRV - [2014/04/24 15:03:14 | 000,086,888 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2014/03/18 21:24:12 | 001,098,968 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20140409.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2014/03/04 00:18:12 | 000,936,152 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1502000.026\symefa.sys -- (SymEFA)
DRV - [2014/02/17 21:32:41 | 000,447,704 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\NIS\1502000.026\symnets.sys -- (SymNetS)
DRV - [2014/02/12 21:59:49 | 000,664,280 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\NIS\1502000.026\srtsp.sys -- (SRTSP)
DRV - [2014/01/22 09:52:12 | 000,088,576 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2014/01/22 08:52:12 | 000,184,192 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013/11/20 22:29:05 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/11/20 22:29:05 | 000,108,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/09/25 22:50:25 | 000,127,064 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\NIS\1502000.026\ccsetx86.sys -- (ccSet_NIS)
DRV - [2013/09/16 10:48:28 | 000,142,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/07/31 23:19:50 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1502000.026\symds.sys -- (SymDS)
DRV - [2013/07/31 00:13:30 | 000,206,936 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\NIS\1502000.026\ironx86.sys -- (SymIRON)
DRV - [2013/07/30 23:44:44 | 000,032,344 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\NIS\1502000.026\srtspx.sys -- (SRTSPX)
DRV - [2013/06/26 19:23:04 | 000,020,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2013/06/26 19:23:00 | 000,197,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2013/06/26 19:23:00 | 000,024,232 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2013/06/26 19:22:58 | 000,583,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2013/05/26 09:23:09 | 000,013,624 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2011/05/13 03:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/05/13 03:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011/05/13 03:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011/05/13 03:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/09/17 15:40:06 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2010/05/07 15:46:14 | 000,021,360 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\PC-Doctor\pcdsrvc.pkms -- (PCDSRVC{3037D694-FD904ACA-06020000}_0)
DRV - [2010/03/10 09:16:12 | 000,025,112 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ivusb.sys -- (ivusb)
DRV - [2009/07/13 19:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/07/13 18:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009/07/01 22:16:16 | 000,033,088 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{B706E027-1E19-4698-A148-2126488B8074}: "URL" = http://www.bing.com/...c=IE-SearchBox;
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/http://www. [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...l&geo=US&ver=18
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7Bae964807-bb47-5289-08f7-dd9771282010%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/01/27 10:59:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn\ [2014/05/15 03:42:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\IPSFF [2014/04/24 15:00:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2013/09/30 16:18:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenny\AppData\Roaming\Mozilla\Extensions
[2014/03/22 12:33:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenny_2\AppData\Roaming\mozilla\Firefox\Profiles\i1txox3z.default\extensions
[2013/11/06 12:21:52 | 000,000,000 | ---D | M] (Apps Hat) -- C:\Users\Jenny_2\AppData\Roaming\mozilla\Firefox\Profiles\i1txox3z.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
[2013/11/06 12:21:51 | 000,000,000 | ---D | M] ("QuickShare Widget") -- C:\Users\Jenny_2\AppData\Roaming\mozilla\Firefox\Profiles\i1txox3z.default\extensions\{ae964807-bb47-5289-08f7-dd9771282010}
[2014/03/22 13:11:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/05/15 09:58:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/05/13 12:04:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions
[2014/05/13 12:04:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [IdeaNotesUser] C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe (Digital Delivery Networks, Inc.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe ()
O4 - HKLM..\Run: [Power Manager Power Agenda] C:\Program Files\ThinkPad\Utilities\DPMHost.EXE ()
O4 - HKLM..\Run: [PWMTRV] C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [Skd8821] C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe (LITE-ON TECHNOLOGY CORP.)
O4 - HKCU..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc)
O4 - HKCU..\Run: [SansaDispatch] C:\Users\Jenny_2\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.1.65 65.32.1.70 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91277DFB-A500-4530-941A-BF41910B3FBB}: DhcpNameServer = 65.32.1.65 65.32.1.70 192.168.0.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GO36F4~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/06/10 12:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{5bb924a4-f8c8-11df-bd2a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5bb924a4-f8c8-11df-bd2a-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009/08/10 17:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/05/15 10:13:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jenny_2\Desktop\OTL.com
[2014/05/15 10:11:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jenny_2\Desktop\OTL.scr
[2014/05/15 10:07:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jenny_2\Desktop\OTL.exe
[2014/05/15 03:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014/05/06 03:00:51 | 000,000,000 | --SD | C] -- C:\Windows\System32\CompatTel
[2014/05/02 10:40:18 | 000,000,000 | ---D | C] -- C:\Users\Jenny_2\Desktop\Messenger
[2014/05/02 10:39:52 | 000,000,000 | ---D | C] -- C:\Users\Jenny_2\Desktop\zedge
[2014/05/02 10:38:34 | 000,000,000 | ---D | C] -- C:\Users\Jenny_2\Desktop\papelook
[2014/05/02 10:38:00 | 000,000,000 | ---D | C] -- C:\Users\Jenny_2\Desktop\Download
[2014/05/02 10:37:27 | 000,000,000 | ---D | C] -- C:\Users\Jenny_2\Desktop\DCIM
[2014/04/23 11:13:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/23 11:13:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/04/21 09:06:09 | 000,000,000 | -HSD | C] -- C:\Users\Jenny_2\AppData\Local\EmieUserList
[2014/04/21 09:06:09 | 000,000,000 | -HSD | C] -- C:\Users\Jenny_2\AppData\Local\EmieSiteList
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/05/15 10:13:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jenny_2\Desktop\OTL.com
[2014/05/15 10:11:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jenny_2\Desktop\OTL.scr
[2014/05/15 10:07:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jenny_2\Desktop\OTL.exe
[2014/05/15 09:55:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/15 09:55:49 | 1507,778,560 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/15 09:50:01 | 000,000,434 | ---- | M] () -- C:\Windows\tasks\GCKArchive.job
[2014/05/15 09:40:06 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/15 09:27:09 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/15 09:18:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/15 03:47:30 | 000,016,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/15 03:47:30 | 000,016,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/14 14:00:00 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2014/05/11 10:00:00 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2014/05/01 19:49:44 | 000,090,805 | ---- | M] () -- C:\Users\Jenny_2\Desktop\Contacts.vcf
[2014/04/24 15:19:12 | 000,001,024 | ---- | M] () -- C:\.rnd
[2014/04/24 15:03:14 | 000,086,888 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIRfsClientNP.dll
[2014/04/24 15:03:13 | 000,085,832 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIinit.dll
[2014/04/24 15:03:13 | 000,031,560 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIport.dll
[2014/04/23 11:13:48 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/05/02 10:39:09 | 000,090,805 | ---- | C] () -- C:\Users\Jenny_2\Desktop\Contacts.vcf
[2014/04/23 11:13:48 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
========== ZeroAccess Check ==========
[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"" = C:\Users\Jenny_2\AppData\Local\Temp\semdyed\sitvpfq\wow.dll
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/11/06 12:02:38 | 000,000,000 | ---D | M] -- C:\Users\Jenny_2\AppData\Roaming\Baidu
[2011/01/18 17:55:37 | 000,000,000 | ---D | M] -- C:\Users\Jenny_2\AppData\Roaming\DesktopPwrMgr
[2012/02/28 14:31:58 | 000,000,000 | ---D | M] -- C:\Users\Jenny_2\AppData\Roaming\OverDrive
[2012/02/28 17:26:23 | 000,000,000 | ---D | M] -- C:\Users\Jenny_2\AppData\Roaming\SanDisk
[2013/11/09 19:28:20 | 000,000,000 | ---D | M] -- C:\Users\Jenny_2\AppData\Roaming\SoftGrid Client
[2011/02/23 10:11:49 | 000,000,000 | ---D | M] -- C:\Users\Jenny_2\AppData\Roaming\TP
[2011/12/08 13:25:55 | 000,000,000 | ---D | M] -- C:\Users\Jenny_2\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
< End of report >
And here is the Extras file:
OTL Extras logfile created on: 5/15/2014 10:07:24 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jenny_2\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 1.31 Gb Available Physical Memory | 69.96% Memory free
3.74 Gb Paging File | 3.25 Gb Available in Paging File | 86.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.15 Gb Total Space | 221.76 Gb Free Space | 77.23% Space Free | Partition Type: NTFS
Drive Q: | 9.77 Gb Total Space | 4.28 Gb Free Space | 43.81% Space Free | Partition Type: NTFS
Drive Z: | 294.40 Gb Total Space | 252.94 Gb Free Space | 85.91% Space Free | Partition Type: NTFS
Computer Name: JENNY | User Name: Jenny_2 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1CBBF037-D837-4285-9F5D-3E43ADF6217E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{41649BFF-AC28-4F92-9F51-EBC2C9AC1B3F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41673B1A-D90A-4A7F-A8BE-6EC0F5CCD885}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{43440CDC-78B4-4CE0-AA2E-C7D2CE7D6166}" = rport=137 | protocol=17 | dir=out | app=system |
"{497BC244-D989-4D9F-B1DE-99FA371ABF3A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{66BB7B80-4D80-48C9-AF11-FE70A332CAE4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6FCBF227-CFDF-403C-889B-166FEF8403E8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{72260C67-1CB9-45B2-B4ED-73B7550396B7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7593CB9D-164E-455D-AE11-99A552B3ECC7}" = rport=138 | protocol=17 | dir=out | app=system |
"{80611ABF-BD8C-41F3-B509-C8BF15CDB011}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{8DE8CC67-A158-4D30-A33C-DDCA081CC203}" = lport=138 | protocol=17 | dir=in | app=system |
"{9580090F-C2BE-4171-B032-4D4E0CDFAB38}" = lport=137 | protocol=17 | dir=in | app=system |
"{9DEB1611-8840-4F2C-B662-C19A9FA927C1}" = rport=139 | protocol=6 | dir=out | app=system |
"{A3741D06-C0C5-4537-86BC-F89CB1C900F6}" = lport=445 | protocol=6 | dir=in | app=system |
"{B889DA31-0F5B-40D1-A9DE-B20111CA9DDE}" = lport=139 | protocol=6 | dir=in | app=system |
"{BE851D07-59EC-45B7-89E7-3F270A4F2093}" = rport=445 | protocol=6 | dir=out | app=system |
"{C793D9E8-9B40-411E-9C8E-7D37052B2D80}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E79BD651-AAD0-48C2-859B-1B7D6864516E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A70079-FAB0-46F0-9D5A-D18E035ACCAC}" = protocol=1 | dir=out | [email protected],-28544 |
"{0414B9E2-7640-4444-BEA4-BC82AC3148B3}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{0A2D00BD-B898-4DDD-9524-711035745432}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{0F34A9A4-80A4-42A9-9E6C-D3BC2F79B28C}" = protocol=1 | dir=in | [email protected],-28543 |
"{19248841-19DD-4A74-9ACF-0109C422D781}" = protocol=58 | dir=in | [email protected],-28545 |
"{A5C1F599-9CEB-4F7C-ABB7-9D23BEF82AB4}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{C982A567-3D06-4383-8FAB-F889BAAD6602}" = protocol=58 | dir=out | [email protected],-28546 |
"{CF3C64DD-FE55-4A08-AC0C-EDFD8F76DB46}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{259D789C-2A51-4CCE-AF8A-3377A6C1DF60}" = dtSearch
"{25C64847-B900-48AD-A164-1B4F9B774650}" = System Update
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 30
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{2E739487-6884-4D4F-8715-C4438E7C390C}" = Type2027 TWAIN Driver Ver.3
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{494D80C4-3557-4D73-A153-65FE4B3ECDC3}" = Lenovo Slim USB Keyboard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
"{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory 7
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65179FD8-04C0-40A7-87FC-007F2CD5BF1E}" = LogMeIn
"{67708668-13ED-4CB3-B01F-EEE6155020A7}" = Lenovo Welcome
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-006D-0409-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Burn.Now 4.5
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.6)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B383F243-0ABC-4E56-AA30-923B8D85076E}" = Rescue and Recovery
"{B96E0720-ADD6-11D5-8735-0003478B4C11}" = Goby Capture
"{C0C17EF3-83ED-4956-8638-7354EBE7FFFF}" = Lenovo Idea Notes
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{C7FB1A71-D808-4CD2-997D-837B39EA7EB0}" = DIBS
"{CE26F10F-C80F-4377-908B-1B7882AE2CE3}" = Crystal Reports Basic Runtime for Visual Studio 2008
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D07205E7-F6D3-4333-AFCC-782A07685B72}" = OverDrive Media Console
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkVantage Power Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}" = Message Center Plus
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"07B93EDB9CC6BC0276487EBB7D01015438101AF0" = Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (01/12/2010 6.0.1.6024)
"39C7474DA0199DEC9927E4094B3485A8A22A5C64" = Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (01/12/2010 6.0.1.6024)
"6173494C218777FC84EA543F98F626E4FCB9E58E" = Windows Driver Package - Intel Corporation (igfx) Display (12/18/2009 8.15.10.2025)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Carbonite Backup" = Carbonite
"Coupon Printer for Windows5.0.0.2" = Coupon Printer for Windows
"FB627E47ED3DD713F9902C51061322270ACB1600" = Windows Driver Package - Realtek (RTL8167) Net (11/27/2009 7.011.1127.2009)
"Gadwin PrintScreen" = Gadwin PrintScreen
"Google Desktop" = Google Desktop
"InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory Lenovo Edition
"InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Corel Burn.Now Lenovo Edition
"InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"Lenovo Central" = Lenovo Central
"Lenovo Welcome_is1" = Lenovo Welcome
"Mozilla Firefox 28.0 (x86 en-US)" = Mozilla Firefox 28.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NIS" = Norton Internet Security
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"PC-Doctor for Windows" = Lenovo ThinkVantage Toolbox
"TVWiz" = Intel® TV Wizard
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"Sansa Updater" = Sansa Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12/18/2013 1:32:43 AM | Computer Name = Jenny | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\dtSearch\bin64\dtSearch64.exe".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/19/2013 1:33:28 AM | Computer Name = Jenny | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\dtSearch\bin64\dtIndexer64.exe".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/19/2013 1:34:05 AM | Computer Name = Jenny | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\dtSearch\bin64\dtSearch64.exe".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/19/2013 1:39:59 AM | Computer Name = Jenny | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\dtSearch\bin64\dtSearch64.exe".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/20/2013 1:30:48 AM | Computer Name = Jenny | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\dtSearch\bin64\dtIndexer64.exe".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/20/2013 1:30:59 AM | Computer Name = Jenny | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\dtSearch\bin64\dtSearch64.exe".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/20/2013 1:32:47 AM | Computer Name = Jenny | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\dtSearch\bin64\dtSearch64.exe".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/25/2013 1:30:41 AM | Computer Name = Jenny | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\dtSearch\bin64\dtIndexer64.exe".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/25/2013 1:30:49 AM | Computer Name = Jenny | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\dtSearch\bin64\dtSearch64.exe".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/25/2013 1:32:12 AM | Computer Name = Jenny | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\dtSearch\bin64\dtSearch64.exe".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
[ System Events ]
Error - 5/15/2014 10:04:01 AM | Computer Name = Jenny | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 5/15/2014 10:04:04 AM | Computer Name = Jenny | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 5/15/2014 10:04:06 AM | Computer Name = Jenny | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 5/15/2014 10:04:09 AM | Computer Name = Jenny | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 5/15/2014 10:04:11 AM | Computer Name = Jenny | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 5/15/2014 10:04:13 AM | Computer Name = Jenny | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 5/15/2014 10:04:16 AM | Computer Name = Jenny | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 5/15/2014 10:04:18 AM | Computer Name = Jenny | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 5/15/2014 10:04:20 AM | Computer Name = Jenny | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 5/15/2014 10:04:23 AM | Computer Name = Jenny | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
< End of report >
Thanks!
Jenny