computer running slow
#1
Posted 21 June 2014 - 11:56 AM
#2
Posted 21 June 2014 - 12:00 PM
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!
First
Please download OTL to your Desktop
- Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
- Make sure all other windows are closed and to let it run uninterrupted.
- Click the Scan All Users checkbox
and - Check the option for All under the Extra Registry section
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic
- OTL.txt <-- Will be opened, maximized
- Extras.txt <-- Will be minimized on task bar.
#3
Posted 22 June 2014 - 09:56 AM
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!
First
Please download OTL to your Desktop
- Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
- Make sure all other windows are closed and to let it run uninterrupted.
- Click the Scan All Users checkbox
and- Check the option for All under the Extra Registry section
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic
Please post the contents of both OTL.txt and Extras.txt files in your next reply.
- OTL.txt <-- Will be opened, maximized
- Extras.txt <-- Will be minimized on task bar.
#4
Posted 22 June 2014 - 10:00 AM
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jim\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.29 Gb Available Physical Memory | 14.63% Memory free
3.98 Gb Paging File | 1.78 Gb Available in Paging File | 44.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 433.17 Gb Free Space | 93.00% Space Free | Partition Type: NTFS
Computer Name: JIM-PC | User Name: jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2014/06/22 08:25:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jim\Downloads\OTL (1).exe
PRC - [2014/06/22 08:08:26 | 000,339,456 | ---- | M] () -- C:\ProgramData\UpdateTask\vmhost.exe
PRC - [2014/06/22 07:59:28 | 000,370,176 | ---- | M] (The Privoxy team - www.privoxy.org) -- C:\Program Files\MSR\Privoxy\privoxy.exe
PRC - [2014/06/05 06:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/05/29 04:16:32 | 000,241,344 | ---- | M] () -- C:\Program Files\pcmax\pcmax.exe
PRC - [2014/05/04 07:57:25 | 000,372,032 | ---- | M] (Media Corporation) -- C:\ProgramData\MediaDev\1399215444\mediadev.exe
PRC - [2014/04/30 08:15:10 | 000,365,888 | ---- | M] (Media Corporation) -- C:\Users\jim\AppData\Roaming\UpdateServ\UpdaterService.exe
PRC - [2014/04/26 11:18:44 | 000,541,696 | ---- | M] () -- C:\Program Files\003\buuoujqmrk32.exe
PRC - [2014/04/23 18:52:18 | 000,016,384 | ---- | M] () -- C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe
PRC - [2014/04/14 20:06:51 | 000,052,648 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jp2launcher.exe
PRC - [2014/04/14 20:04:29 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\java.exe
PRC - [2014/04/10 19:05:52 | 000,705,136 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\IePluginService\PluginService.exe
PRC - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/08/25 20:39:45 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013/08/01 17:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013/05/23 13:11:42 | 000,119,056 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2013/03/15 15:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2013/01/15 13:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/09/02 16:23:28 | 001,638,400 | ---- | M] (Eastman Kodak Company) -- C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
========== Modules (No Company Name) ==========
MOD - [2014/06/22 08:08:26 | 000,339,456 | ---- | M] () -- C:\ProgramData\UpdateTask\vmhost.exe
MOD - [2014/06/05 06:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014/06/05 06:58:37 | 014,612,296 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
MOD - [2014/06/05 06:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014/06/05 06:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014/06/05 06:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014/06/05 06:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2014/04/14 20:10:58 | 000,044,968 | ---- | M] () -- C:\Program Files\Java\jre7\bin\prism-d3d.dll
MOD - [2014/04/14 20:07:12 | 000,018,856 | ---- | M] () -- C:\Program Files\Java\jre7\bin\jp2native.dll
MOD - [2014/04/14 20:06:19 | 000,202,152 | ---- | M] () -- C:\Program Files\Java\jre7\bin\jp2iexp.dll
MOD - [2014/04/14 20:04:57 | 000,243,112 | ---- | M] () -- C:\Program Files\Java\jre7\bin\javafx-font.dll
MOD - [2014/04/14 20:03:22 | 000,159,656 | ---- | M] () -- C:\Program Files\Java\jre7\bin\glass.dll
MOD - [2014/04/14 20:02:49 | 000,062,888 | ---- | M] () -- C:\Program Files\Java\jre7\bin\decora-sse.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\KeyDownload\KeyPlayr\guardnot.exe -- (System guard)
SRV - File not found [Auto | Running] -- \?\C:\Users\jim\AppData\Local\Temp\KDUpdSrv.exe [WARNING: \?\C:\Users\jim\AppData\Local\Temp\KDUpdSrv.exe] -- (KDUpdater)
SRV - [2014/06/20 05:59:28 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/30 01:28:30 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/05/29 04:16:32 | 000,241,344 | ---- | M] () [Auto | Running] -- C:\Program Files\pcmax\pcmax.exe -- (pcmaxservice)
SRV - [2014/05/04 07:57:25 | 000,372,032 | ---- | M] (Media Corporation) [Auto | Running] -- C:\ProgramData\MediaDev\1399215444\mediadev.exe -- (MediaDevSrv)
SRV - [2014/04/30 08:15:10 | 000,365,888 | ---- | M] (Media Corporation) [Auto | Running] -- C:\Users\jim\AppData\Roaming\UpdateServ\UpdaterService.exe -- (WinDevSrv)
SRV - [2014/04/26 11:18:44 | 000,541,696 | ---- | M] () [Auto | Running] -- C:\Program Files\003\buuoujqmrk32.exe -- (buuoujqmrk32)
SRV - [2014/04/23 18:52:18 | 000,016,384 | ---- | M] () [Auto | Running] -- C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe -- (System Update kb70007)
SRV - [2014/04/10 19:05:52 | 000,705,136 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginService\PluginService.exe -- (IePluginService)
SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/02 03:11:22 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/05/26 21:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/23 13:11:42 | 000,119,056 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2013/03/15 15:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2013/01/15 13:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
========== Driver Services (SafeList) ==========
DRV - [2011/07/22 09:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 14:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/11/20 14:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 14:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 14:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?t...psd&t=34197b01d
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...r=785548438&ir=
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?t...psd&t=34197b01d
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com/
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F2 D4 2C 0A 0C A2 CE 01 [binary data]
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes,DefaultScope = {57C67C9C-69F1-4A7A-B508-BED57391A514}
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com...rchTerms}&SSPV=
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes\{57C67C9C-69F1-4A7A-B508-BED57391A514}: "URL" = http://start.mysearc...r=785548438&ir=
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7GUEA_enUS550
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://search.condui...3228196290&UM=2
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes\{A1EDA897-51B5-4512-A585-22B40C9C495A}: "URL" = http://search.condui...q={searchTerms}
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1: C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll File not found
File not found (No name found) -- C:\PROGRAM FILES\AMIEXT\FLASHENHANCER\FF
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://att.yahoo.com/mail
CHR - plugin: Error reading preferences file
CHR - Extension: Google Drive = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: HQPro-1.9 = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.68_0\crossrider
CHR - Extension: HQPro-1.9 = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.68_0\
CHR - Extension: Google Play Books = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.9_0\
CHR - Extension: Google Wallet = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014/06/22 07:43:53 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [fst_us_48] File not found
O4 - HKLM..\Run: [pcreg] C:\Program Files\pcmax\service.exe ()
O4 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001..\Run: [cdloader] C:\Users\jim\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001..\Run: [pcreg] C:\Program Files\pcmax\service.exe ()
O4 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001..\Run: [TWC.Win7] C:\Program Files\The Weather Channel\Desktop Weather\TWC.Win7.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7AB4A89B-534C-4591-BA56-1ACFB14EF603}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4b326da4-6d86-11e3-8015-001cc0703165}\Shell - "" = AutoRun
O33 - MountPoints2\{4b326da4-6d86-11e3-8015-001cc0703165}\Shell\AutoRun\command - "" = E:\ToolLauncher-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/06/22 08:06:43 | 000,000,000 | ---D | C] -- C:\Users\jim\Desktop\GooredFix Backups
[2014/06/22 07:43:42 | 000,000,000 | ---D | C] -- C:\_OTM
[2014/06/18 15:19:48 | 000,000,000 | ---D | C] -- C:\Users\jim\AppData\Local\globalUpdate
[2014/06/18 15:19:48 | 000,000,000 | ---D | C] -- C:\Program Files\globalUpdate
[2014/06/18 15:19:27 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro
[2014/06/17 17:02:53 | 000,000,000 | ---D | C] -- C:\ProgramData\2308189059
[2014/06/17 16:49:54 | 000,000,000 | ---D | C] -- C:\Program Files\pcmax
[2014/06/17 16:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\PC Speed Maximizer
[2014/06/17 16:49:16 | 000,000,000 | ---D | C] -- C:\Program Files\FLVM Player
[2014/06/17 16:49:07 | 005,066,013 | ---- | C] (Bechiro) -- C:\Users\jim\Desktop\FLVMPlayer.exe
[2014/06/17 16:09:37 | 000,000,000 | ---D | C] -- C:\SUPERDelete
[2014/06/15 07:46:29 | 000,000,000 | ---D | C] -- C:\Program Files\Lightspark 0.5.3-git
[2014/06/15 07:46:23 | 000,000,000 | ---D | C] -- C:\Program Files\AmiExt
[2014/06/15 07:46:13 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft
[2014/06/15 07:45:42 | 000,000,000 | ---D | C] -- C:\Program Files\MSR
[2014/06/12 18:09:40 | 000,000,000 | ---D | C] -- C:\Users\jim\Desktop\06-12-2014
[2014/06/12 06:19:46 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/06/12 06:19:45 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/06/12 06:19:45 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/06/12 06:19:42 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/06/12 06:19:39 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/06/12 06:19:39 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/06/12 06:19:38 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/06/12 06:19:38 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/06/12 06:19:38 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/06/12 06:19:37 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/06/12 06:19:33 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/06/12 06:19:32 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/06/12 06:19:31 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/06/12 06:19:30 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/06/12 06:19:28 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/06/12 06:19:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/06/12 06:19:22 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/06/12 06:19:20 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/06/12 06:19:11 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/06/12 06:19:08 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/06/12 06:19:01 | 004,244,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/06/12 06:16:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2014/06/12 06:16:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014/06/12 06:15:40 | 000,187,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014/06/12 06:15:27 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/06/12 06:15:26 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014/06/11 22:08:22 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2014/06/11 05:53:53 | 000,000,000 | ---D | C] -- C:\Users\jim\AppData\Roaming\serv
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/06/22 08:38:05 | 000,000,254 | ---- | M] () -- C:\Windows\tasks\Guard-{67E160EA-8771-4172-86EB-AF21ADC868B9}.job
[2014/06/22 08:33:05 | 000,000,278 | ---- | M] () -- C:\Windows\tasks\FF Watcher {C41F172F-3F47-4625-BF89-61A2A579D4B0}.job
[2014/06/22 08:10:09 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/22 08:09:16 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/22 08:08:45 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/22 08:08:45 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/22 07:59:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/22 07:59:04 | 1602,404,352 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/22 07:56:49 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\PrintProjects Communicator.job
[2014/06/22 07:49:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/22 07:43:53 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2014/06/20 05:59:25 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/06/20 05:59:25 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/06/17 16:49:09 | 005,066,013 | ---- | M] (Bechiro) -- C:\Users\jim\Desktop\FLVMPlayer.exe
[2014/06/15 07:46:26 | 000,000,070 | ---- | M] () -- C:\extensions.ini
[2014/06/15 07:46:26 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite
[2014/06/12 17:59:21 | 000,002,114 | ---- | M] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
[2014/06/08 01:48:16 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/06/08 01:43:43 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014/05/30 02:02:39 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/05/30 02:02:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/05/30 01:43:06 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/05/30 01:42:16 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/05/30 01:34:17 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/05/30 01:33:48 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/05/30 01:30:43 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/05/30 01:28:33 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/05/30 01:28:30 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/05/30 01:27:56 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/05/30 01:21:36 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/05/30 01:16:26 | 000,368,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/05/30 01:10:46 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/05/30 01:06:06 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/05/30 01:02:32 | 000,242,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/05/30 00:57:16 | 000,595,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/05/30 00:56:50 | 004,244,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/05/30 00:54:14 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/05/30 00:50:09 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/05/30 00:49:38 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/05/30 00:13:47 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/06/18 15:18:53 | 000,000,254 | ---- | C] () -- C:\Windows\tasks\Guard-{67E160EA-8771-4172-86EB-AF21ADC868B9}.job
[2014/06/15 07:46:26 | 000,000,070 | ---- | C] () -- C:\extensions.ini
[2014/06/15 07:46:26 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite
[2014/06/12 17:59:21 | 000,002,114 | ---- | C] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
[2014/05/04 08:02:34 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/03/09 11:19:55 | 000,007,597 | ---- | C] () -- C:\Users\jim\AppData\Local\Resmon.ResmonCfg
[2013/12/07 11:04:36 | 000,000,307 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/11/16 14:26:38 | 000,087,552 | R--- | C] () -- C:\Users\jim\AppData\Roaming\Other.res
[2013/08/25 20:45:10 | 000,000,258 | RHS- | C] () -- C:\Users\jim\ntuser.pol
========== ZeroAccess Check ==========
[2009/07/13 21:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 19:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
#5
Posted 22 June 2014 - 10:10 AM
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jim\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.29 Gb Available Physical Memory | 14.63% Memory free
3.98 Gb Paging File | 1.78 Gb Available in Paging File | 44.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 433.17 Gb Free Space | 93.00% Space Free | Partition Type: NTFS
Computer Name: JIM-PC | User Name: jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- "C:\Program Files\File Identifier\fi.exe" "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08742D20-A57A-4057-9348-0D86D39A0AF8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0BAAC192-715F-490D-A1C1-5827242448C0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{25A46072-DB8A-4F02-862A-BACE3C6A6AC0}" = lport=139 | protocol=6 | dir=in | app=system |
"{2C0E23C1-1A3E-4ED1-B8AF-BB45B5C11687}" = rport=139 | protocol=6 | dir=out | app=system |
"{2D20DE8A-EC56-4D05-A108-24DC8ED82A35}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3A919A7E-53A5-40EA-B5A7-245AF7AF83C2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3C8C0F8F-D48E-4E67-8A25-5EC7D2CCDAD4}" = rport=138 | protocol=17 | dir=out | app=system |
"{5F587529-3175-4454-B81F-3498FECCDE59}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{674E29E1-AFF7-4CFE-83F2-7A1DDBD5D5A9}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{69084D07-0899-4153-8FB4-6BC633717CCF}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{762EFF34-BD0E-43F5-AC1B-52164674C9A0}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{8C7150D8-E4B9-4A2D-BB7F-850BFA950837}" = lport=10243 | protocol=6 | dir=in | app=system |
"{931980CC-B7B8-4B3D-B5BF-61C739302120}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{93EB67FD-030B-43E4-B59E-8209BC38085B}" = lport=445 | protocol=6 | dir=in | app=system |
"{9934315F-521A-442B-9630-AB4826520C02}" = lport=137 | protocol=17 | dir=in | app=system |
"{9D14231C-E05E-4CDF-87EB-ABB91A2BE8E0}" = rport=445 | protocol=6 | dir=out | app=system |
"{B84D3ECA-71CB-4965-87B2-9F8AF24521CD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{BF37BB00-24B3-4E19-8AFF-8621B5DC4424}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CAE7F9A0-3354-417A-A993-0F4A48A53CFD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D1663B33-EA1C-4984-971C-65DC63DD17AC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{DCA58499-9061-4D17-8942-A828882A25E6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DF74D1E7-454D-45FC-92E5-2F99FBD2D563}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E2429A4D-F726-4F00-9F42-31E17457907A}" = lport=138 | protocol=17 | dir=in | app=system |
"{FA915800-9EF0-4021-BEFF-E11F3A04D886}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FFD21688-4CF4-4369-97E7-36352993DEED}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004301B5-5728-4C0F-AB83-B014535C1E36}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\aiohomecenter.exe |
"{0439C499-DA31-4882-89D9-42C408EF15D8}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\networkprinterdiscovery.exe |
"{08236CE6-D170-4694-B6BC-61A8226999C7}" = protocol=1 | dir=out | [email protected],-28544 |
"{1FEE2746-325A-43D2-B20C-B63CD6EE53F9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{22BDE97D-708A-4060-BC2A-2C34D168A9AC}" = dir=in | app=c:\users\jim\appdata\local\temp\updater_145834.exe |
"{2FDF47C4-B9E8-43A2-BE51-B569CB0FC6C3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{37BE429D-412C-4CAB-88B3-91AE18C86A1A}" = protocol=1 | dir=in | [email protected],-28543 |
"{40D32695-A454-4E23-973F-076F04A0FD83}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{46AB9C28-AD4E-470B-B1AF-280F09E0B5E3}" = dir=out | app=c:\program files\pcmax\pcmax.exe |
"{49E286D3-3DA2-446A-99B6-BB3185C96F00}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe |
"{4ECD95F4-D229-430C-BFF1-9C6A0A10A6ED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F943E24-5665-427E-B7D8-18D692AE3B78}" = dir=in | app=c:\program files\pcmax\pcmax.exe |
"{66281B4B-4369-4814-ACC1-E85375B0764C}" = dir=in | app=c:\program files\pcmax\service.exe |
"{784F15B6-B0D5-4B79-9215-F89989C63472}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\firmware\kodakaioupdater.exe |
"{7CCEB42D-C9B5-4ABC-95C7-B66CEEC15340}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe |
"{7F3BF149-3044-4A00-A860-F53E26DFF102}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7FBD2443-B1DB-4EDB-8759-8EFB82C83C4F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{846DFEF3-6911-4246-BDDC-77C2507CE725}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\networkprinterdiscovery.exe |
"{93BBD775-ABE1-4F77-94B1-DA080BAFD42C}" = protocol=6 | dir=out | app=system |
"{9420342E-1A2C-4A85-BAF2-650E65B607F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9AB6D725-03BF-4412-BB67-50719A41E88F}" = protocol=58 | dir=in | [email protected],-28545 |
"{9DD76606-7945-4526-9EA6-2B413FDDCF8E}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{A39AAE97-5DA5-4082-9168-C715D7399EEE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AFA1B720-0A84-47DF-BF32-405C6DF9DFB6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B0CA420D-F675-4704-8D39-B541693A8F46}" = dir=in | app=c:\users\jim\appdata\local\temp\speedmax_14671.exe |
"{B9D13C74-5879-426E-B4D8-FC406B4494B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA47E6BE-0CB8-419A-A921-AB8E3B10FCF2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C58A50F2-4B1B-4B9D-AE44-6350BAE8E8C8}" = protocol=58 | dir=out | [email protected],-28546 |
"{E062F378-A651-4BB4-B047-A64567CD11F4}" = dir=in | app=c:\users\jim\appdata\local\temp\n3505\speedmaxzs_1605-d640b376.exe |
"{E35F66A5-8001-4ADA-983B-F92A9C52838B}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{EF3D4190-952C-41E9-9C93-B1D142699585}" = dir=out | app=c:\program files\pcmax\service.exe |
"{F2154763-BCEA-4276-984E-8F65AC405A31}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\firmware\kodakaioupdater.exe |
"{FA4F0E8B-5AE6-4683-9A52-5F0EC24B8B3F}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\aiohomecenter.exe |
"TCP Query User{0AAF3A5E-B0AF-4EF3-B596-FBF55B089680}C:\users\jim\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\jim\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{8CA3B691-368A-44C1-889D-7E3D34E4AD0D}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{BA90F856-C0E2-4AF5-AD70-5B751B589488}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{D7C721CA-CCBE-4E30-A059-07274EDA69F5}C:\users\jim\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\jim\appdata\roaming\mjusbsp\magicjack.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 55
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{376348C2-E372-48BC-A138-E896757BD86A}" = aioscnnr
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{AEB719FD-EDB0-43E9-B524-90F97C1E6499}" = System Update kb70007
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{C8B24B83-920A-446E-B027-38F72C9D8898}_is1" = File Viewer version 1.0.2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software
"{E15BC10F-04AA-0AFD-A6C9-476730195F8B}" = Adobe Download Assistant
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"File Identifier_is1" = File Identifier version 1.0.3
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"PrintProjects" = PrintProjects
"VLC media player" = VLC media player 2.1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"magicJack" = magicJack
"Media Player Packages" = Media Player Packages
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6/19/2014 8:57:34 AM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/19/2014 9:14:16 AM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/20/2014 1:49:32 AM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/20/2014 8:51:08 AM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/20/2014 9:30:33 AM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/20/2014 4:13:39 PM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/20/2014 11:09:15 PM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/21/2014 12:34:48 PM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/21/2014 12:55:39 PM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/22/2014 11:00:55 AM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 4/21/2014 8:33:20 PM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 4/21/2014 8:33:21 PM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 4/21/2014 8:33:22 PM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 4/21/2014 8:33:23 PM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 4/21/2014 8:33:23 PM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 4/21/2014 8:33:24 PM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 4/21/2014 8:33:25 PM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 4/21/2014 8:33:26 PM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 4/22/2014 12:32:04 AM | Computer Name = jim-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.
Error - 4/22/2014 12:32:29 AM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
< End of report >
#6
Posted 22 June 2014 - 10:13 AM
You have quite a bit of addware.
Next
Please download AdwCleaner by Xplode onto your Desktop.
- Close all open programs and internet browsers.
- Double click on AdwCleaner.exe to run the tool.
- Click the Scan button and wait for the process to complete.
- Click the Report button and the report will open in Notepad.
- NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
- Click on the Clean button follow the prompts.
- A log file will automatically open after the scan has finished and the PC has rebooted.
- Please post the content of that log file with your next answer.
- You can find the log file at C:\AdwCleaner
- Next
Please download Junkware Removal Tool to your Desktop.
Please close your security software to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete, depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
Please post the contents of JRT.txt into your reply.
1-AdwCleaner [so].txt
2-JRT.TXT
Thanks
Joe
#7
Posted 22 June 2014 - 11:03 AM
#8
Posted 22 June 2014 - 11:18 AM
Open notepad at the top click "Format" Put a check in "word wrap"
#9
Posted 22 June 2014 - 11:35 AM
Edited by jimbo1949, 22 June 2014 - 11:40 AM.
#10
Posted 22 June 2014 - 11:42 AM
Please download MiniToolBox http://download.blee...MiniToolBox.exe and run it.
Checkmark following boxes:
- Flush DNS
- Report IE Proxy Settings
- Reset IE Proxy Settings
- Report FF Proxy Settings
- Reset FF Proxy Settings
- content of Hosts
- List IP configuration
- List Winsock Entries
- List Users, Partitions and Memory size
- List Restore Points
Your next reply:
1-Post the minitoolbox report
2-Post a new OTL Log.
Thanks
Joe
#11
Posted 22 June 2014 - 11:43 AM
#12
Posted 22 June 2014 - 11:49 AM
#13
Posted 22 June 2014 - 12:18 PM
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jim\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.54 Gb Available Physical Memory | 27.13% Memory free
3.98 Gb Paging File | 2.22 Gb Available in Paging File | 55.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 432.87 Gb Free Space | 92.94% Space Free | Partition Type: NTFS
Computer Name: JIM-PC | User Name: jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/06/22 10:55:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jim\Desktop\OTL.exe
PRC - [2014/06/22 10:42:00 | 000,293,208 | ---- | M] (Setup Aplications) -- C:\Users\jim\AppData\Local\Temp\n8\s8.exe
PRC - [2014/06/22 10:41:53 | 000,513,440 | ---- | M] (firseria sl) -- C:\Users\jim\Downloads\Setup (6).exe
PRC - [2014/06/22 10:26:37 | 000,389,992 | ---- | M] (VM Host Corporation) -- C:\ProgramData\UpdateServer\1403457996\webdev.exe
PRC - [2014/06/22 09:56:09 | 000,370,176 | ---- | M] (The Privoxy team - www.privoxy.org) -- C:\Program Files\MSR\Privoxy\privoxy.exe
PRC - [2014/06/22 08:08:26 | 000,339,456 | ---- | M] () -- C:\ProgramData\UpdateTask\vmhost.exe
PRC - [2014/06/05 06:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/05/29 04:16:32 | 000,241,344 | ---- | M] () -- C:\Program Files\pcmax\pcmax.exe
PRC - [2014/05/04 07:57:25 | 000,372,032 | ---- | M] (Media Corporation) -- C:\ProgramData\MediaDev\1399215444\mediadev.exe
PRC - [2014/04/23 18:52:18 | 000,016,384 | ---- | M] () -- C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe
PRC - [2014/04/05 10:06:26 | 000,185,920 | ---- | M] () -- C:\ProgramData\PrintProjects\Communicator.exe
PRC - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/08/25 20:39:45 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013/05/23 13:11:42 | 000,119,056 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2013/03/15 15:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2013/01/15 13:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/09/02 16:23:28 | 001,638,400 | ---- | M] (Eastman Kodak Company) -- C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
========== Modules (No Company Name) ==========
MOD - [2014/06/22 08:08:26 | 000,339,456 | ---- | M] () -- C:\ProgramData\UpdateTask\vmhost.exe
MOD - [2014/06/12 17:58:52 | 000,080,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kodak.Statistics\cae3ca035b3ee498e7394f0aad7a5147\Kodak.Statistics.ni.exe
MOD - [2014/06/12 17:58:43 | 003,720,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CommonControls\7fcf65c904840c26592a9f55f77fe64b\CommonControls.ni.dll
MOD - [2014/06/12 17:58:35 | 000,239,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Localization\f5e12b2f3ec4ce0627335b08ded5c233\Inkjet.Localization.ni.dll
MOD - [2014/06/12 17:58:35 | 000,098,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Devidd83fa01#\35f2093e205d5ab52612314de33cc0a5\Inkjet.DeviceSettings.ni.dll
MOD - [2014/06/12 17:58:34 | 000,296,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Utilities\63c5943acf6c05606a71a61bd6236f09\Inkjet.Utilities.ni.dll
MOD - [2014/06/12 17:58:33 | 000,888,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Hardware\baea1d97618ebe83e8f6e87751aa04d7\Inkjet.Hardware.ni.dll
MOD - [2014/06/12 17:58:33 | 000,164,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.EKAiO2SDKLib\28d2af5802c33456d08e2288ecb73972\Interop.EKAiO2SDKLib.ni.dll
MOD - [2014/06/12 17:58:32 | 000,178,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Statistics\f3a380f33a9b08e9fecdaab6ec407eb2\Inkjet.Statistics.ni.dll
MOD - [2014/06/12 17:58:31 | 001,190,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\InkjetCore\cbc6446c385cdf8ba003c7aa9b928ed4\InkjetCore.ni.dll
MOD - [2014/06/12 17:58:28 | 000,153,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Windows\385ee2bf7935b217f71e208a9590afd8\Inkjet.Windows.ni.dll
MOD - [2014/06/12 17:58:28 | 000,108,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Diagnostics\721fba01fa957eef866e29da121c9d0f\Inkjet.Diagnostics.ni.dll
MOD - [2014/06/12 17:58:28 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Configuration\615c42848e088814e5e45489f1a443d7\Inkjet.Configuration.ni.dll
MOD - [2014/06/05 06:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014/06/05 06:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014/06/05 06:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014/06/05 06:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014/06/05 06:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2014/05/17 17:06:49 | 002,404,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\596140a3921ac96353517d92a9f46925\System.Web.Extensions.ni.dll
MOD - [2014/05/17 09:57:40 | 000,141,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5d4937df67333206a096b29d28fb4ea3\System.Web.Abstractions.ni.dll
MOD - [2014/05/15 05:36:31 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\70dbdd46969daf2bea2443c75b7629d4\System.Web.ni.dll
MOD - [2014/04/05 10:06:26 | 000,185,920 | ---- | M] () -- C:\ProgramData\PrintProjects\Communicator.exe
MOD - [2014/02/28 11:26:00 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\868ad9d8acc0bf80a973c0e4e9cae4fa\System.Core.ni.dll
MOD - [2014/02/28 11:25:53 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4412bbbb473c356b5ea3e1ea13b25f52\System.Management.ni.dll
MOD - [2014/02/28 08:46:02 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014/02/28 08:45:47 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014/02/28 08:44:36 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014/02/28 08:44:26 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014/02/28 08:44:10 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014/02/28 08:43:57 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/02/27 22:13:07 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/27 22:12:53 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/27 22:12:48 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\4f5069e6497e5e6a381ab6aadf05d6a5\Accessibility.ni.dll
MOD - [2014/02/27 22:12:43 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/27 22:12:35 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/27 22:12:00 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/27 22:09:58 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013/08/25 20:47:56 | 008,013,664 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\KeyDownload\KeyPlayr\guardnot.exe -- (System guard)
SRV - File not found [Auto | Stopped] -- \?\C:\Users\jim\AppData\Local\Temp\KDUpdSrv.exe [WARNING: \?\C:\Users\jim\AppData\Local\Temp\KDUpdSrv.exe] -- (KDUpdater)
SRV - [2014/06/22 10:26:37 | 000,389,992 | ---- | M] (VM Host Corporation) [Auto | Running] -- C:\ProgramData\UpdateServer\1403457996\webdev.exe -- (WinDevSvc)
SRV - [2014/06/20 05:59:28 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/30 01:28:30 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/05/29 04:16:32 | 000,241,344 | ---- | M] () [Auto | Running] -- C:\Program Files\pcmax\pcmax.exe -- (pcmaxservice)
SRV - [2014/05/04 07:57:25 | 000,372,032 | ---- | M] (Media Corporation) [Auto | Running] -- C:\ProgramData\MediaDev\1399215444\mediadev.exe -- (MediaDevSrv)
SRV - [2014/04/23 18:52:18 | 000,016,384 | ---- | M] () [Auto | Running] -- C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe -- (System Update kb70007)
SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/02 03:11:22 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/05/26 21:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/23 13:11:42 | 000,119,056 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2013/03/15 15:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2013/01/15 13:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
========== Driver Services (SafeList) ==========
DRV - [2011/07/22 09:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 14:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/11/20 14:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 14:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 14:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...IE8SRC<br /> IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ceid=ie7<br />
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com/
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F2 D4 2C 0A 0C A2 CE 01 [binary data]
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...IE11SR<br /> IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...nUS550<br /> IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1: C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll File not found
File not found (No name found) -- C:\PROGRAM FILES\AMIEXT\FLASHENHANCER\FF
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://att.yahoo.com/mail
CHR - plugin: Error reading preferences file
CHR - Extension: Google Drive = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Play Books = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.9_0\
CHR - Extension: Google Wallet = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014/06/22 07:43:53 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [fst_us_48] File not found
O4 - HKLM..\Run: [pcreg] C:\Program Files\pcmax\service.exe ()
O4 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001..\Run: [cdloader] C:\Users\jim\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001..\Run: [pcreg] C:\Program Files\pcmax\service.exe ()
O4 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001..\Run: [TWC.Win7] C:\Program Files\The Weather Channel\Desktop Weather\TWC.Win7.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7AB4A89B-534C-4591-BA56-1ACFB14EF603}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4b326da4-6d86-11e3-8015-001cc0703165}\Shell - "" = AutoRun
O33 - MountPoints2\{4b326da4-6d86-11e3-8015-001cc0703165}\Shell\AutoRun\command - "" = E:\ToolLauncher-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/06/22 10:55:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\jim\Desktop\OTL.exe
[2014/06/22 10:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\UpdateServer
[2014/06/22 10:08:44 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/06/22 09:56:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSR
[2014/06/22 09:50:03 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014/06/22 09:39:12 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/22 07:43:42 | 000,000,000 | ---D | C] -- C:\_OTM
[2014/06/17 16:49:54 | 000,000,000 | ---D | C] -- C:\Program Files\pcmax
[2014/06/17 16:49:16 | 000,000,000 | ---D | C] -- C:\Program Files\FLVM Player
[2014/06/17 16:09:37 | 000,000,000 | ---D | C] -- C:\SUPERDelete
[2014/06/15 07:46:13 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft
[2014/06/12 18:09:40 | 000,000,000 | ---D | C] -- C:\Users\jim\Desktop\06-12-2014
[2014/06/12 06:19:46 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/06/12 06:19:45 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/06/12 06:19:45 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/06/12 06:19:42 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/06/12 06:19:39 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/06/12 06:19:39 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/06/12 06:19:38 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/06/12 06:19:38 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/06/12 06:19:38 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/06/12 06:19:37 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/06/12 06:19:33 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/06/12 06:19:32 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/06/12 06:19:31 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/06/12 06:19:30 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/06/12 06:19:28 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/06/12 06:19:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/06/12 06:19:22 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/06/12 06:19:20 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/06/12 06:19:11 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/06/12 06:19:08 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/06/12 06:19:01 | 004,244,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/06/12 06:16:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2014/06/12 06:16:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014/06/12 06:15:40 | 000,187,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014/06/12 06:15:27 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/06/12 06:15:26 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014/06/11 22:08:22 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2014/06/11 05:53:53 | 000,000,000 | ---D | C] -- C:\Users\jim\AppData\Roaming\serv
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/06/22 11:08:13 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\PrintProjects Communicator.job
[2014/06/22 11:08:05 | 000,000,254 | ---- | M] () -- C:\Windows\tasks\Guard-{67E160EA-8771-4172-86EB-AF21ADC868B9}.job
[2014/06/22 10:55:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jim\Desktop\OTL.exe
[2014/06/22 10:49:17 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/22 10:09:18 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/22 10:06:57 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/22 10:06:57 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/22 09:56:08 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/22 09:55:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/22 09:55:49 | 1602,404,352 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/22 07:43:53 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2014/06/20 05:59:25 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/06/20 05:59:25 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/06/15 07:46:26 | 000,000,070 | ---- | M] () -- C:\extensions.ini
[2014/06/15 07:46:26 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite
[2014/06/12 17:59:21 | 000,002,114 | ---- | M] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
[2014/06/08 01:48:16 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/06/08 01:43:43 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014/05/30 02:02:39 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/05/30 02:02:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/05/30 01:43:06 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/05/30 01:42:16 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/05/30 01:34:17 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/05/30 01:33:48 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/05/30 01:30:43 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/05/30 01:28:33 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/05/30 01:28:30 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/05/30 01:27:56 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/05/30 01:21:36 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/05/30 01:16:26 | 000,368,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/05/30 01:10:46 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/05/30 01:06:06 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/05/30 01:02:32 | 000,242,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/05/30 00:57:16 | 000,595,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/05/30 00:56:50 | 004,244,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/05/30 00:54:14 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/05/30 00:50:09 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/05/30 00:49:38 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/05/30 00:13:47 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/06/18 15:18:53 | 000,000,254 | ---- | C] () -- C:\Windows\tasks\Guard-{67E160EA-8771-4172-86EB-AF21ADC868B9}.job
[2014/06/15 07:46:26 | 000,000,070 | ---- | C] () -- C:\extensions.ini
[2014/06/15 07:46:26 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite
[2014/06/12 17:59:21 | 000,002,114 | ---- | C] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
[2014/05/04 08:02:34 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/03/09 11:19:55 | 000,007,597 | ---- | C] () -- C:\Users\jim\AppData\Local\Resmon.ResmonCfg
[2013/12/07 11:04:36 | 000,000,307 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/11/16 14:26:38 | 000,087,552 | R--- | C] () -- C:\Users\jim\AppData\Roaming\Other.res
[2013/08/25 20:45:10 | 000,000,258 | RHS- | C] () -- C:\Users\jim\ntuser.pol
========== ZeroAccess Check ==========
[2009/07/13 21:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 19:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
#14
Posted 22 June 2014 - 12:20 PM
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jim\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.54 Gb Available Physical Memory | 27.13% Memory free
3.98 Gb Paging File | 2.22 Gb Available in Paging File | 55.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 432.87 Gb Free Space | 92.94% Space Free | Partition Type: NTFS
Computer Name: JIM-PC | User Name: jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- "C:\Program Files\File Identifier\fi.exe" "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08742D20-A57A-4057-9348-0D86D39A0AF8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0BAAC192-715F-490D-A1C1-5827242448C0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{25A46072-DB8A-4F02-862A-BACE3C6A6AC0}" = lport=139 | protocol=6 | dir=in | app=system |
"{2C0E23C1-1A3E-4ED1-B8AF-BB45B5C11687}" = rport=139 | protocol=6 | dir=out | app=system |
"{2D20DE8A-EC56-4D05-A108-24DC8ED82A35}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3A919A7E-53A5-40EA-B5A7-245AF7AF83C2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3C8C0F8F-D48E-4E67-8A25-5EC7D2CCDAD4}" = rport=138 | protocol=17 | dir=out | app=system |
"{5F587529-3175-4454-B81F-3498FECCDE59}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{674E29E1-AFF7-4CFE-83F2-7A1DDBD5D5A9}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{69084D07-0899-4153-8FB4-6BC633717CCF}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{762EFF34-BD0E-43F5-AC1B-52164674C9A0}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{8C7150D8-E4B9-4A2D-BB7F-850BFA950837}" = lport=10243 | protocol=6 | dir=in | app=system |
"{931980CC-B7B8-4B3D-B5BF-61C739302120}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{93EB67FD-030B-43E4-B59E-8209BC38085B}" = lport=445 | protocol=6 | dir=in | app=system |
"{9934315F-521A-442B-9630-AB4826520C02}" = lport=137 | protocol=17 | dir=in | app=system |
"{9D14231C-E05E-4CDF-87EB-ABB91A2BE8E0}" = rport=445 | protocol=6 | dir=out | app=system |
"{B84D3ECA-71CB-4965-87B2-9F8AF24521CD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{BF37BB00-24B3-4E19-8AFF-8621B5DC4424}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CAE7F9A0-3354-417A-A993-0F4A48A53CFD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D1663B33-EA1C-4984-971C-65DC63DD17AC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{DCA58499-9061-4D17-8942-A828882A25E6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DF74D1E7-454D-45FC-92E5-2F99FBD2D563}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E2429A4D-F726-4F00-9F42-31E17457907A}" = lport=138 | protocol=17 | dir=in | app=system |
"{FA915800-9EF0-4021-BEFF-E11F3A04D886}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FFD21688-4CF4-4369-97E7-36352993DEED}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004301B5-5728-4C0F-AB83-B014535C1E36}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\aiohomecenter.exe |
"{0439C499-DA31-4882-89D9-42C408EF15D8}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\networkprinterdiscovery.exe |
"{08236CE6-D170-4694-B6BC-61A8226999C7}" = protocol=1 | dir=out | [email protected],-28544 |
"{1FEE2746-325A-43D2-B20C-B63CD6EE53F9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{22BDE97D-708A-4060-BC2A-2C34D168A9AC}" = dir=in | app=c:\users\jim\appdata\local\temp\updater_145834.exe |
"{2FDF47C4-B9E8-43A2-BE51-B569CB0FC6C3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{37BE429D-412C-4CAB-88B3-91AE18C86A1A}" = protocol=1 | dir=in | [email protected],-28543 |
"{40D32695-A454-4E23-973F-076F04A0FD83}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{46AB9C28-AD4E-470B-B1AF-280F09E0B5E3}" = dir=out | app=c:\program files\pcmax\pcmax.exe |
"{49E286D3-3DA2-446A-99B6-BB3185C96F00}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe |
"{4ECD95F4-D229-430C-BFF1-9C6A0A10A6ED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F943E24-5665-427E-B7D8-18D692AE3B78}" = dir=in | app=c:\program files\pcmax\pcmax.exe |
"{66281B4B-4369-4814-ACC1-E85375B0764C}" = dir=in | app=c:\program files\pcmax\service.exe |
"{784F15B6-B0D5-4B79-9215-F89989C63472}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\firmware\kodakaioupdater.exe |
"{7CCEB42D-C9B5-4ABC-95C7-B66CEEC15340}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe |
"{7F3BF149-3044-4A00-A860-F53E26DFF102}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7FBD2443-B1DB-4EDB-8759-8EFB82C83C4F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{846DFEF3-6911-4246-BDDC-77C2507CE725}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\networkprinterdiscovery.exe |
"{93BBD775-ABE1-4F77-94B1-DA080BAFD42C}" = protocol=6 | dir=out | app=system |
"{9420342E-1A2C-4A85-BAF2-650E65B607F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9AB6D725-03BF-4412-BB67-50719A41E88F}" = protocol=58 | dir=in | [email protected],-28545 |
"{9DD76606-7945-4526-9EA6-2B413FDDCF8E}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{A39AAE97-5DA5-4082-9168-C715D7399EEE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AFA1B720-0A84-47DF-BF32-405C6DF9DFB6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B0CA420D-F675-4704-8D39-B541693A8F46}" = dir=in | app=c:\users\jim\appdata\local\temp\speedmax_14671.exe |
"{B9D13C74-5879-426E-B4D8-FC406B4494B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA47E6BE-0CB8-419A-A921-AB8E3B10FCF2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C58A50F2-4B1B-4B9D-AE44-6350BAE8E8C8}" = protocol=58 | dir=out | [email protected],-28546 |
"{E062F378-A651-4BB4-B047-A64567CD11F4}" = dir=in | app=c:\users\jim\appdata\local\temp\n3505\speedmaxzs_1605-d640b376.exe |
"{E35F66A5-8001-4ADA-983B-F92A9C52838B}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{EF3D4190-952C-41E9-9C93-B1D142699585}" = dir=out | app=c:\program files\pcmax\service.exe |
"{F2154763-BCEA-4276-984E-8F65AC405A31}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\firmware\kodakaioupdater.exe |
"{FA4F0E8B-5AE6-4683-9A52-5F0EC24B8B3F}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\aiohomecenter.exe |
"TCP Query User{0AAF3A5E-B0AF-4EF3-B596-FBF55B089680}C:\users\jim\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\jim\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{8CA3B691-368A-44C1-889D-7E3D34E4AD0D}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{BA90F856-C0E2-4AF5-AD70-5B751B589488}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{D7C721CA-CCBE-4E30-A059-07274EDA69F5}C:\users\jim\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\jim\appdata\roaming\mjusbsp\magicjack.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 55
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{376348C2-E372-48BC-A138-E896757BD86A}" = aioscnnr
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{AEB719FD-EDB0-43E9-B524-90F97C1E6499}" = System Update kb70007
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{C8B24B83-920A-446E-B027-38F72C9D8898}_is1" = File Viewer version 1.0.2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software
"{E15BC10F-04AA-0AFD-A6C9-476730195F8B}" = Adobe Download Assistant
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"File Identifier_is1" = File Identifier version 1.0.3
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"PrintProjects" = PrintProjects
"VLC media player" = VLC media player 2.1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"magicJack" = magicJack
"Media Player Packages" = Media Player Packages
< End of report >
#15
Posted 22 June 2014 - 12:42 PM
Next
We need to do a fix to delete some files using OTL
- Double click on the to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:COMMANDS [CREATERESTOREPOINT] :OTL SRV - File not found [Auto | Stopped] -- C:\Program Files\KeyDownload\KeyPlayr\guardnot.exe -- (System guard) SRV - File not found [Auto | Stopped] -- \?\C:\Users\jim\AppData\Local\Temp\KDUpdSrv.exe [WARNING: \?\C:\Users\jim\AppData\Local\Temp\KDUpdSrv.exe] -- (KDUpdater) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118 IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118 FF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1: C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll File not found O3 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found O4 - HKLM..\Run: [fst_us_48] File not found O4 - HKLM..\Run: [pcreg] C:\Program Files\pcmax\service.exe () O4 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001..\Run: [pcreg] C:\Program Files\pcmax\service.exe () O13 - gopher Prefix: missing [2014/06/17 16:49:54 | 000,000,000 | ---D | C] -- C:\Program Files\pcmax [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] :Files ipconfig /flushdns /c C:\Users\jim\Downloads\Setup (6).exe C:\Users\jim\AppData\Local\Temp\n8\s8.exe :Commands [emptytemp] [resethosts]
- Make sure all other windows are closed.
- Click the Run Fix button at the top
- Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
- Post the log that is found in C:\_OTL\Moved Files in your next reply.
- Open OTL again and click the Quick Scan button.
1-Post the OTL Fix Log after running fix, after the computer reboots that log should pop up in front of you, if not it's located here->C:\_OTL\Moved Files
2- After you do a quick scan post the New OTL.
3 Tell me what issues remain?
Thanks
Joe
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users