[jimbo1949]

runs slow

[Advertisements]

Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

First

Please download OTL to your Desktop

• Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
• Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox
  and
• Check the option for All under the Extra Registry section
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic

• OTL.txt <-- Will be opened, maximized
• Extras.txt <-- Will be minimized on task bar.

Please post the contents of both OTL.txt and Extras.txt files in your next reply.

[zep516]

Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

First

Please download OTL to your Desktop

• Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
• Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox
  and
• Check the option for All under the Extra Registry section
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic

• OTL.txt <-- Will be opened, maximized
• Extras.txt <-- Will be minimized on task bar.

Please post the contents of both OTL.txt and Extras.txt files in your next reply.

[jimbo1949]

Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

First

Please download OTL to your Desktop

• Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
• Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox
  and
• Check the option for All under the Extra Registry section
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic

• OTL.txt <-- Will be opened, maximized
• Extras.txt <-- Will be minimized on task bar.

Please post the contents of both OTL.txt and Extras.txt files in your next reply.

 

[jimbo1949]

OTL logfile created on: 6/22/2014 8:27:35 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jim\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.29 Gb Available Physical Memory | 14.63% Memory free
3.98 Gb Paging File | 1.78 Gb Available in Paging File | 44.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 433.17 Gb Free Space | 93.00% Space Free | Partition Type: NTFS

Computer Name: JIM-PC | User Name: jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2014/06/22 08:25:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jim\Downloads\OTL (1).exe
PRC - [2014/06/22 08:08:26 | 000,339,456 | ---- | M] () -- C:\ProgramData\UpdateTask\vmhost.exe
PRC - [2014/06/22 07:59:28 | 000,370,176 | ---- | M] (The Privoxy team - www.privoxy.org) -- C:\Program Files\MSR\Privoxy\privoxy.exe
PRC - [2014/06/05 06:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/05/29 04:16:32 | 000,241,344 | ---- | M] () -- C:\Program Files\pcmax\pcmax.exe
PRC - [2014/05/04 07:57:25 | 000,372,032 | ---- | M] (Media Corporation) -- C:\ProgramData\MediaDev\1399215444\mediadev.exe
PRC - [2014/04/30 08:15:10 | 000,365,888 | ---- | M] (Media Corporation) -- C:\Users\jim\AppData\Roaming\UpdateServ\UpdaterService.exe
PRC - [2014/04/26 11:18:44 | 000,541,696 | ---- | M] () -- C:\Program Files\003\buuoujqmrk32.exe
PRC - [2014/04/23 18:52:18 | 000,016,384 | ---- | M] () -- C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe
PRC - [2014/04/14 20:06:51 | 000,052,648 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jp2launcher.exe
PRC - [2014/04/14 20:04:29 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\java.exe
PRC - [2014/04/10 19:05:52 | 000,705,136 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\IePluginService\PluginService.exe
PRC - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/08/25 20:39:45 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013/08/01 17:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013/05/23 13:11:42 | 000,119,056 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2013/03/15 15:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2013/01/15 13:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/09/02 16:23:28 | 001,638,400 | ---- | M] (Eastman Kodak Company) -- C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe


========== Modules (No Company Name) ==========

MOD - [2014/06/22 08:08:26 | 000,339,456 | ---- | M] () -- C:\ProgramData\UpdateTask\vmhost.exe
MOD - [2014/06/05 06:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014/06/05 06:58:37 | 014,612,296 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
MOD - [2014/06/05 06:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014/06/05 06:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014/06/05 06:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014/06/05 06:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2014/04/14 20:10:58 | 000,044,968 | ---- | M] () -- C:\Program Files\Java\jre7\bin\prism-d3d.dll
MOD - [2014/04/14 20:07:12 | 000,018,856 | ---- | M] () -- C:\Program Files\Java\jre7\bin\jp2native.dll
MOD - [2014/04/14 20:06:19 | 000,202,152 | ---- | M] () -- C:\Program Files\Java\jre7\bin\jp2iexp.dll
MOD - [2014/04/14 20:04:57 | 000,243,112 | ---- | M] () -- C:\Program Files\Java\jre7\bin\javafx-font.dll
MOD - [2014/04/14 20:03:22 | 000,159,656 | ---- | M] () -- C:\Program Files\Java\jre7\bin\glass.dll
MOD - [2014/04/14 20:02:49 | 000,062,888 | ---- | M] () -- C:\Program Files\Java\jre7\bin\decora-sse.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\KeyDownload\KeyPlayr\guardnot.exe -- (System guard)
SRV - File not found [Auto | Running] -- \?\C:\Users\jim\AppData\Local\Temp\KDUpdSrv.exe [WARNING: \?\C:\Users\jim\AppData\Local\Temp\KDUpdSrv.exe] -- (KDUpdater)
SRV - [2014/06/20 05:59:28 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/30 01:28:30 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/05/29 04:16:32 | 000,241,344 | ---- | M] () [Auto | Running] -- C:\Program Files\pcmax\pcmax.exe -- (pcmaxservice)
SRV - [2014/05/04 07:57:25 | 000,372,032 | ---- | M] (Media Corporation) [Auto | Running] -- C:\ProgramData\MediaDev\1399215444\mediadev.exe -- (MediaDevSrv)
SRV - [2014/04/30 08:15:10 | 000,365,888 | ---- | M] (Media Corporation) [Auto | Running] -- C:\Users\jim\AppData\Roaming\UpdateServ\UpdaterService.exe -- (WinDevSrv)
SRV - [2014/04/26 11:18:44 | 000,541,696 | ---- | M] () [Auto | Running] -- C:\Program Files\003\buuoujqmrk32.exe -- (buuoujqmrk32)
SRV - [2014/04/23 18:52:18 | 000,016,384 | ---- | M] () [Auto | Running] -- C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe -- (System Update kb70007)
SRV - [2014/04/10 19:05:52 | 000,705,136 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginService\PluginService.exe -- (IePluginService)
SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/02 03:11:22 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/05/26 21:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/23 13:11:42 | 000,119,056 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2013/03/15 15:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2013/01/15 13:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)


========== Driver Services (SafeList) ==========

DRV - [2011/07/22 09:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 14:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/11/20 14:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 14:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 14:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?t...psd&t=34197b01d
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...r=785548438&ir=
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?t...psd&t=34197b01d
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com/
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F2 D4 2C 0A 0C A2 CE 01 [binary data]
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes,DefaultScope = {57C67C9C-69F1-4A7A-B508-BED57391A514}
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com...rchTerms}&SSPV=
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes\{57C67C9C-69F1-4A7A-B508-BED57391A514}: "URL" = http://start.mysearc...r=785548438&ir=
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7GUEA_enUS550
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://search.condui...3228196290&UM=2
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes\{A1EDA897-51B5-4512-A585-22B40C9C495A}: "URL" = http://search.condui...q={searchTerms}
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1: C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll File not found


File not found (No name found) -- C:\PROGRAM FILES\AMIEXT\FLASHENHANCER\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://att.yahoo.com/mail
CHR - plugin: Error reading preferences file
CHR - Extension: Google Drive = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: HQPro-1.9 = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.68_0\crossrider
CHR - Extension: HQPro-1.9 = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.68_0\
CHR - Extension: Google Play Books = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.9_0\
CHR - Extension: Google Wallet = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/06/22 07:43:53 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [fst_us_48] File not found
O4 - HKLM..\Run: [pcreg] C:\Program Files\pcmax\service.exe ()
O4 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001..\Run: [cdloader] C:\Users\jim\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001..\Run: [pcreg] C:\Program Files\pcmax\service.exe ()
O4 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001..\Run: [TWC.Win7] C:\Program Files\The Weather Channel\Desktop Weather\TWC.Win7.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7AB4A89B-534C-4591-BA56-1ACFB14EF603}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4b326da4-6d86-11e3-8015-001cc0703165}\Shell - "" = AutoRun
O33 - MountPoints2\{4b326da4-6d86-11e3-8015-001cc0703165}\Shell\AutoRun\command - "" = E:\ToolLauncher-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/06/22 08:06:43 | 000,000,000 | ---D | C] -- C:\Users\jim\Desktop\GooredFix Backups
[2014/06/22 07:43:42 | 000,000,000 | ---D | C] -- C:\_OTM
[2014/06/18 15:19:48 | 000,000,000 | ---D | C] -- C:\Users\jim\AppData\Local\globalUpdate
[2014/06/18 15:19:48 | 000,000,000 | ---D | C] -- C:\Program Files\globalUpdate
[2014/06/18 15:19:27 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro
[2014/06/17 17:02:53 | 000,000,000 | ---D | C] -- C:\ProgramData\2308189059
[2014/06/17 16:49:54 | 000,000,000 | ---D | C] -- C:\Program Files\pcmax
[2014/06/17 16:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\PC Speed Maximizer
[2014/06/17 16:49:16 | 000,000,000 | ---D | C] -- C:\Program Files\FLVM Player
[2014/06/17 16:49:07 | 005,066,013 | ---- | C] (Bechiro) -- C:\Users\jim\Desktop\FLVMPlayer.exe
[2014/06/17 16:09:37 | 000,000,000 | ---D | C] -- C:\SUPERDelete
[2014/06/15 07:46:29 | 000,000,000 | ---D | C] -- C:\Program Files\Lightspark 0.5.3-git
[2014/06/15 07:46:23 | 000,000,000 | ---D | C] -- C:\Program Files\AmiExt
[2014/06/15 07:46:13 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft
[2014/06/15 07:45:42 | 000,000,000 | ---D | C] -- C:\Program Files\MSR
[2014/06/12 18:09:40 | 000,000,000 | ---D | C] -- C:\Users\jim\Desktop\06-12-2014
[2014/06/12 06:19:46 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/06/12 06:19:45 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/06/12 06:19:45 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/06/12 06:19:42 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/06/12 06:19:39 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/06/12 06:19:39 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/06/12 06:19:38 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/06/12 06:19:38 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/06/12 06:19:38 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/06/12 06:19:37 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/06/12 06:19:33 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/06/12 06:19:32 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/06/12 06:19:31 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/06/12 06:19:30 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/06/12 06:19:28 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/06/12 06:19:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/06/12 06:19:22 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/06/12 06:19:20 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/06/12 06:19:11 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/06/12 06:19:08 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/06/12 06:19:01 | 004,244,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/06/12 06:16:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2014/06/12 06:16:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014/06/12 06:15:40 | 000,187,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014/06/12 06:15:27 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/06/12 06:15:26 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014/06/11 22:08:22 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2014/06/11 05:53:53 | 000,000,000 | ---D | C] -- C:\Users\jim\AppData\Roaming\serv
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/06/22 08:38:05 | 000,000,254 | ---- | M] () -- C:\Windows\tasks\Guard-{67E160EA-8771-4172-86EB-AF21ADC868B9}.job
[2014/06/22 08:33:05 | 000,000,278 | ---- | M] () -- C:\Windows\tasks\FF Watcher {C41F172F-3F47-4625-BF89-61A2A579D4B0}.job
[2014/06/22 08:10:09 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/22 08:09:16 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/22 08:08:45 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/22 08:08:45 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/22 07:59:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/22 07:59:04 | 1602,404,352 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/22 07:56:49 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\PrintProjects Communicator.job
[2014/06/22 07:49:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/22 07:43:53 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2014/06/20 05:59:25 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/06/20 05:59:25 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/06/17 16:49:09 | 005,066,013 | ---- | M] (Bechiro) -- C:\Users\jim\Desktop\FLVMPlayer.exe
[2014/06/15 07:46:26 | 000,000,070 | ---- | M] () -- C:\extensions.ini
[2014/06/15 07:46:26 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite
[2014/06/12 17:59:21 | 000,002,114 | ---- | M] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
[2014/06/08 01:48:16 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/06/08 01:43:43 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014/05/30 02:02:39 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/05/30 02:02:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/05/30 01:43:06 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/05/30 01:42:16 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/05/30 01:34:17 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/05/30 01:33:48 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/05/30 01:30:43 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/05/30 01:28:33 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/05/30 01:28:30 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/05/30 01:27:56 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/05/30 01:21:36 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/05/30 01:16:26 | 000,368,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/05/30 01:10:46 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/05/30 01:06:06 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/05/30 01:02:32 | 000,242,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/05/30 00:57:16 | 000,595,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/05/30 00:56:50 | 004,244,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/05/30 00:54:14 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/05/30 00:50:09 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/05/30 00:49:38 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/05/30 00:13:47 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/06/18 15:18:53 | 000,000,254 | ---- | C] () -- C:\Windows\tasks\Guard-{67E160EA-8771-4172-86EB-AF21ADC868B9}.job
[2014/06/15 07:46:26 | 000,000,070 | ---- | C] () -- C:\extensions.ini
[2014/06/15 07:46:26 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite
[2014/06/12 17:59:21 | 000,002,114 | ---- | C] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
[2014/05/04 08:02:34 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/03/09 11:19:55 | 000,007,597 | ---- | C] () -- C:\Users\jim\AppData\Local\Resmon.ResmonCfg
[2013/12/07 11:04:36 | 000,000,307 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/11/16 14:26:38 | 000,087,552 | R--- | C] () -- C:\Users\jim\AppData\Roaming\Other.res
[2013/08/25 20:45:10 | 000,000,258 | RHS- | C] () -- C:\Users\jim\ntuser.pol

========== ZeroAccess Check ==========

[2009/07/13 21:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 19:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

[jimbo1949]

OTL Extras logfile created on: 6/22/2014 8:27:35 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jim\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.29 Gb Available Physical Memory | 14.63% Memory free
3.98 Gb Paging File | 1.78 Gb Available in Paging File | 44.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 433.17 Gb Free Space | 93.00% Space Free | Partition Type: NTFS

Computer Name: JIM-PC | User Name: jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- "C:\Program Files\File Identifier\fi.exe" "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08742D20-A57A-4057-9348-0D86D39A0AF8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0BAAC192-715F-490D-A1C1-5827242448C0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{25A46072-DB8A-4F02-862A-BACE3C6A6AC0}" = lport=139 | protocol=6 | dir=in | app=system |
"{2C0E23C1-1A3E-4ED1-B8AF-BB45B5C11687}" = rport=139 | protocol=6 | dir=out | app=system |
"{2D20DE8A-EC56-4D05-A108-24DC8ED82A35}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3A919A7E-53A5-40EA-B5A7-245AF7AF83C2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3C8C0F8F-D48E-4E67-8A25-5EC7D2CCDAD4}" = rport=138 | protocol=17 | dir=out | app=system |
"{5F587529-3175-4454-B81F-3498FECCDE59}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{674E29E1-AFF7-4CFE-83F2-7A1DDBD5D5A9}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{69084D07-0899-4153-8FB4-6BC633717CCF}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{762EFF34-BD0E-43F5-AC1B-52164674C9A0}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{8C7150D8-E4B9-4A2D-BB7F-850BFA950837}" = lport=10243 | protocol=6 | dir=in | app=system |
"{931980CC-B7B8-4B3D-B5BF-61C739302120}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{93EB67FD-030B-43E4-B59E-8209BC38085B}" = lport=445 | protocol=6 | dir=in | app=system |
"{9934315F-521A-442B-9630-AB4826520C02}" = lport=137 | protocol=17 | dir=in | app=system |
"{9D14231C-E05E-4CDF-87EB-ABB91A2BE8E0}" = rport=445 | protocol=6 | dir=out | app=system |
"{B84D3ECA-71CB-4965-87B2-9F8AF24521CD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{BF37BB00-24B3-4E19-8AFF-8621B5DC4424}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CAE7F9A0-3354-417A-A993-0F4A48A53CFD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D1663B33-EA1C-4984-971C-65DC63DD17AC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{DCA58499-9061-4D17-8942-A828882A25E6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DF74D1E7-454D-45FC-92E5-2F99FBD2D563}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E2429A4D-F726-4F00-9F42-31E17457907A}" = lport=138 | protocol=17 | dir=in | app=system |
"{FA915800-9EF0-4021-BEFF-E11F3A04D886}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FFD21688-4CF4-4369-97E7-36352993DEED}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004301B5-5728-4C0F-AB83-B014535C1E36}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\aiohomecenter.exe |
"{0439C499-DA31-4882-89D9-42C408EF15D8}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\networkprinterdiscovery.exe |
"{08236CE6-D170-4694-B6BC-61A8226999C7}" = protocol=1 | dir=out | [email protected],-28544 |
"{1FEE2746-325A-43D2-B20C-B63CD6EE53F9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{22BDE97D-708A-4060-BC2A-2C34D168A9AC}" = dir=in | app=c:\users\jim\appdata\local\temp\updater_145834.exe |
"{2FDF47C4-B9E8-43A2-BE51-B569CB0FC6C3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{37BE429D-412C-4CAB-88B3-91AE18C86A1A}" = protocol=1 | dir=in | [email protected],-28543 |
"{40D32695-A454-4E23-973F-076F04A0FD83}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{46AB9C28-AD4E-470B-B1AF-280F09E0B5E3}" = dir=out | app=c:\program files\pcmax\pcmax.exe |
"{49E286D3-3DA2-446A-99B6-BB3185C96F00}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe |
"{4ECD95F4-D229-430C-BFF1-9C6A0A10A6ED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F943E24-5665-427E-B7D8-18D692AE3B78}" = dir=in | app=c:\program files\pcmax\pcmax.exe |
"{66281B4B-4369-4814-ACC1-E85375B0764C}" = dir=in | app=c:\program files\pcmax\service.exe |
"{784F15B6-B0D5-4B79-9215-F89989C63472}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\firmware\kodakaioupdater.exe |
"{7CCEB42D-C9B5-4ABC-95C7-B66CEEC15340}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe |
"{7F3BF149-3044-4A00-A860-F53E26DFF102}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7FBD2443-B1DB-4EDB-8759-8EFB82C83C4F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{846DFEF3-6911-4246-BDDC-77C2507CE725}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\networkprinterdiscovery.exe |
"{93BBD775-ABE1-4F77-94B1-DA080BAFD42C}" = protocol=6 | dir=out | app=system |
"{9420342E-1A2C-4A85-BAF2-650E65B607F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9AB6D725-03BF-4412-BB67-50719A41E88F}" = protocol=58 | dir=in | [email protected],-28545 |
"{9DD76606-7945-4526-9EA6-2B413FDDCF8E}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{A39AAE97-5DA5-4082-9168-C715D7399EEE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AFA1B720-0A84-47DF-BF32-405C6DF9DFB6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B0CA420D-F675-4704-8D39-B541693A8F46}" = dir=in | app=c:\users\jim\appdata\local\temp\speedmax_14671.exe |
"{B9D13C74-5879-426E-B4D8-FC406B4494B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA47E6BE-0CB8-419A-A921-AB8E3B10FCF2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C58A50F2-4B1B-4B9D-AE44-6350BAE8E8C8}" = protocol=58 | dir=out | [email protected],-28546 |
"{E062F378-A651-4BB4-B047-A64567CD11F4}" = dir=in | app=c:\users\jim\appdata\local\temp\n3505\speedmaxzs_1605-d640b376.exe |
"{E35F66A5-8001-4ADA-983B-F92A9C52838B}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{EF3D4190-952C-41E9-9C93-B1D142699585}" = dir=out | app=c:\program files\pcmax\service.exe |
"{F2154763-BCEA-4276-984E-8F65AC405A31}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\firmware\kodakaioupdater.exe |
"{FA4F0E8B-5AE6-4683-9A52-5F0EC24B8B3F}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\aiohomecenter.exe |
"TCP Query User{0AAF3A5E-B0AF-4EF3-B596-FBF55B089680}C:\users\jim\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\jim\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{8CA3B691-368A-44C1-889D-7E3D34E4AD0D}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{BA90F856-C0E2-4AF5-AD70-5B751B589488}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{D7C721CA-CCBE-4E30-A059-07274EDA69F5}C:\users\jim\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\jim\appdata\roaming\mjusbsp\magicjack.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 55
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{376348C2-E372-48BC-A138-E896757BD86A}" = aioscnnr
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{AEB719FD-EDB0-43E9-B524-90F97C1E6499}" = System Update kb70007
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{C8B24B83-920A-446E-B027-38F72C9D8898}_is1" = File Viewer version 1.0.2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software
"{E15BC10F-04AA-0AFD-A6C9-476730195F8B}" = Adobe Download Assistant
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"File Identifier_is1" = File Identifier version 1.0.3
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"PrintProjects" = PrintProjects
"VLC media player" = VLC media player 2.1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"magicJack" = magicJack
"Media Player Packages" = Media Player Packages

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/19/2014 8:57:34 AM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/19/2014 9:14:16 AM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/20/2014 1:49:32 AM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/20/2014 8:51:08 AM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/20/2014 9:30:33 AM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/20/2014 4:13:39 PM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/20/2014 11:09:15 PM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/21/2014 12:34:48 PM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/21/2014 12:55:39 PM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/22/2014 11:00:55 AM | Computer Name = jim-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 4/21/2014 8:33:20 PM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 4/21/2014 8:33:21 PM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 4/21/2014 8:33:22 PM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 4/21/2014 8:33:23 PM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 4/21/2014 8:33:23 PM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 4/21/2014 8:33:24 PM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 4/21/2014 8:33:25 PM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 4/21/2014 8:33:26 PM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 4/22/2014 12:32:04 AM | Computer Name = jim-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.

Error - 4/22/2014 12:32:29 AM | Computer Name = jim-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.


< End of report >

[zep516]

Hello jimbo1949,

You have quite a bit of addware.

Next

Please download AdwCleaner by Xplode onto your Desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
• Click the Scan button and wait for the process to complete.
• Click the Report button and the report will open in Notepad.
• NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
• Click on the Clean button follow the prompts.
• A log file will automatically open after the scan has finished and the PC has rebooted.
• Please post the content of that log file with your next answer.
• You can find the log file at C:\AdwCleaner
• Next
  
  Please download Junkware Removal Tool to your Desktop.
  
  Please close your security software to avoid potential conflicts.
  Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  The tool will open and start scanning your system.
  Please be patient as this can take a while to complete, depending on your system's specifications.
  On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  Please post the contents of JRT.txt into your reply.

Please post:
1-AdwCleaner [so].txt
2-JRT.TXT

Thanks
Joe

[jimbo1949]

# AdwCleaner v3.212 - Report created 22/06/2014 at 09:52:11 # Updated 05/06/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (32 bits) # Username : jim - JIM-PC # Running from : C:\Users\jim\Downloads\adwcleaner_3.212 (1).exe # Option : Clean ***** [ Services ] ***** Service Deleted : buuoujqmrk32 Service Deleted : IePluginService ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\2308189059 Folder Deleted : C:\ProgramData\IePluginService Folder Deleted : C:\ProgramData\savee net Folder Deleted : C:\Program Files\003 Folder Deleted : C:\Program Files\AmiExt Folder Deleted : C:\Program Files\AskPartnerNetwork Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\globalUpdate Folder Deleted : C:\Program Files\Lightspark 0.5.3-git [!] Folder Deleted : C:\Program Files\MSR Folder Deleted : C:\Program Files\Optimizer Pro Folder Deleted : C:\Program Files\PC Speed Maximizer Folder Deleted : C:\Program Files\predm Folder Deleted : C:\Program Files\V-bates Folder Deleted : C:\Program Files\savee net Folder Deleted : C:\Program Files\Common Files\Spigot Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser Folder Deleted : C:\Users\Administrator\AppData\Local\torch Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser Folder Deleted : C:\Users\Guest\AppData\Local\torch Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch Folder Deleted : C:\Users\jim\AppData\Local\Chromatic Browser Folder Deleted : C:\Users\jim\AppData\Local\Conduit Folder Deleted : C:\Users\jim\AppData\Local\globalUpdate Folder Deleted : C:\Users\jim\AppData\Local\Slick Savings Folder Deleted : C:\Users\jim\AppData\Local\SwvUpdater Folder Deleted : C:\Users\jim\AppData\Local\torch Folder Deleted : C:\Users\jim\AppData\LocalLow\Conduit Folder Deleted : C:\Users\jim\AppData\Roaming\1H1Q Folder Deleted : C:\Users\jim\AppData\Roaming\Activeris Folder Deleted : C:\Users\jim\AppData\Roaming\v9 Folder Deleted : C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\affhmclkdcelcpfngffbpckhlipjdnci Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\affhmclkdcelcpfngffbpckhlipjdnci Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\affhmclkdcelcpfngffbpckhlipjdnci Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgbjicolkjinkfeeglhohnjebdgmojgi Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgbjicolkjinkfeeglhohnjebdgmojgi Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgbjicolkjinkfeeglhohnjebdgmojgi File Deleted : C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage File Deleted : C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal File Deleted : C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage File Deleted : C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal File Deleted : C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage File Deleted : C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage-journal File Deleted : C:\Windows\Tasks\FF Watcher {C41F172F-3F47-4625-BF89-61A2A579D4B0}.job File Deleted : C:\Windows\System32\Tasks\FF Watcher {C41F172F-3F47-4625-BF89-61A2A579D4B0} ***** [ Shortcuts ] ***** Shortcut Disinfected : C:\Users\jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Shortcut Disinfected : C:\Users\jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma Key Deleted : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9834B4BF-5ECD-46F5-82EA-6C2DCD012029} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9834B4BF-5ECD-46F5-82EA-6C2DCD012029} Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3302996 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command Key Deleted : HKCU\Software\AmiExt Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\FreeSoftToday Key Deleted : HKCU\Software\InstallCore Key Deleted : HKCU\Software\powerpack Key Deleted : HKCU\Software\SmartBar Key Deleted : HKCU\Software\TutoTag Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\Lyrics_Monkey Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\AppDataLow\Software\Supra Savings Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B} Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C} Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252} Key Deleted : HKLM\Software\CompeteInc Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\Free_soft_today Key Deleted : HKLM\Software\InstallIQ Key Deleted : HKLM\Software\LevelQualityWatcher Key Deleted : HKLM\Software\Lightspark Team Key Deleted : HKLM\Software\suprasavings Key Deleted : HKLM\Software\Tutorials Key Deleted : HKLM\Software\Uniblue Key Deleted : HKLM\Software\V9Software Key Deleted : HKLM\Software\Wpm Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E} Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964 ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17126 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] -\\ Google Chrome v35.0.1916.153 [ File : C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [Extension] : affhmclkdcelcpfngffbpckhlipjdnci Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl Deleted [Extension] : deghekbbihbapplmbffglehkdhkeibbm Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb Deleted [Extension] : ljmibnagodajacnnbifpamhggcohblip Deleted [Extension] : mgbjicolkjinkfeeglhohnjebdgmojgi Deleted [Extension] : pflphaooapbgpeakohlggbpidpppgdff ************************* AdwCleaner[R0].txt - [10804 octets] - [22/06/2014 09:41:03] AdwCleaner[S0].txt - [9669 octets] - [22/06/2014 09:52:11] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9729 octets] ##########

[zep516]

What's wrong with that log file????

Open notepad at the top click "Format" Put a check in "word wrap"

[jimbo1949]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Home Premium x86 Ran by jim on Sun 06/22/2014 at 10:08:58.96 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{57C67C9C-69F1-4A7A-B508-BED57391A514} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A1EDA897-51B5-4512-A585-22B40C9C495A} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\jim\Local Settings\Application Data\cre" Successfully deleted: [Folder] "C:\Program Files\Common Files\spigot" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sun 06/22/2014 at 10:32:30.61 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Edited by jimbo1949, 22 June 2014 - 11:40 AM.

[zep516]

Hello,

Please download MiniToolBox http://download.blee...MiniToolBox.exe and run it.

Checkmark following boxes:

• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset FF Proxy Settings
• content of Hosts
• List IP configuration
• List Winsock Entries
• List Users, Partitions and Memory size
• List Restore Points

Click Go and post the result.

Your next reply:
1-Post the minitoolbox report
2-Post a new OTL Log.

Thanks
Joe

[jimbo1949]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Home Premium x86 Ran by jim on Sun 06/22/2014 at 10:08:58.96 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{57C67C9C-69F1-4A7A-B508-BED57391A514} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A1EDA897-51B5-4512-A585-22B40C9C495A} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\jim\Local Settings\Application Data\cre" Successfully deleted: [Folder] "C:\Program Files\Common Files\spigot" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sun 06/22/2014 at 10:32:30.61 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[jimbo1949]

MiniToolBox by Farbar Version: 20-06-2014 Ran by jim (administrator) on 22-06-2014 at 10:47:31 Running from "C:\Users\jim\Downloads" Microsoft Windows 7 Home Premium Service Pack 1 (X86) Boot Mode: Normal *************************************************************************** ========================= Flush DNS: =================================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========================= IE Proxy Settings: ============================== Proxy is enabled. ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118 "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= Hosts content: ================================= ::1 localhost 127.0.0.1 localhost ========================= IP Configuration: ================================ Realtek PCIe FE Family Controller = Local Area Connection (Connected) # ---------------------------------- # IPv4 Configuration # ---------------------------------- pushd interface ipv4 reset set global icmpredirects=enabled popd # End of IPv4 configuration Windows IP Configuration Host Name . . . . . . . . . . . . : jim-PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : gateway.2wire.net Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : gateway.2wire.net Description . . . . . . . . . . . : Realtek PCIe FE Family Controller Physical Address. . . . . . . . . : 00-1C-C0-70-31-65 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::946e:90af:1b74:8694%11(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.1.64(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Sunday, June 22, 2014 9:55:57 AM Lease Expires . . . . . . . . . . : Monday, June 23, 2014 9:55:56 AM Default Gateway . . . . . . . . . : 192.168.1.254 DHCP Server . . . . . . . . . . . : 192.168.1.254 DHCPv6 IAID . . . . . . . . . . . : 234888384 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-AB-F2-5F-00-1C-C0-70-31-65 DNS Servers . . . . . . . . . . . : 192.168.1.254 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter isatap.gateway.2wire.net: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : gateway.2wire.net Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 11: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:2cd7:2908:b331:3750(Preferred) Link-local IPv6 Address . . . . . : fe80::2cd7:2908:b331:3750%13(Preferred) Default Gateway . . . . . . . . . : :: NetBIOS over Tcpip. . . . . . . . : Disabled Server: homeportal Address: 192.168.1.254 Name: google.com Addresses: 2607:f8b0:4007:803::1004 74.125.224.195 74.125.224.196 74.125.224.192 74.125.224.194 74.125.224.193 74.125.224.200 74.125.224.201 74.125.224.199 74.125.224.197 74.125.224.206 74.125.224.198 Pinging google.com [74.125.239.6] with 32 bytes of data: Reply from 74.125.239.6: bytes=32 time=29ms TTL=54 Reply from 74.125.239.6: bytes=32 time=28ms TTL=54 Ping statistics for 74.125.239.6: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 28ms, Maximum = 29ms, Average = 28ms Server: homeportal Address: 192.168.1.254 Name: yahoo.com Addresses: 206.190.36.45 98.138.253.109 98.139.183.24 Pinging yahoo.com [98.138.253.109] with 32 bytes of data: Reply from 98.138.253.109: bytes=32 time=95ms TTL=48 Reply from 98.138.253.109: bytes=32 time=95ms TTL=48 Ping statistics for 98.138.253.109: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 95ms, Maximum = 95ms, Average = 95ms Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms =========================================================================== Interface List 11...00 1c c0 70 31 65 ......Realtek PCIe FE Family Controller 1...........................Software Loopback Interface 1 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.64 20 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.1.0 255.255.255.0 On-link 192.168.1.64 276 192.168.1.64 255.255.255.255 On-link 192.168.1.64 276 192.168.1.255 255.255.255.255 On-link 192.168.1.64 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.64 276 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.64 276 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 13 58 ::/0 On-link 1 306 ::1/128 On-link 13 58 2001::/32 On-link 13 306 2001:0:9d38:6abd:2cd7:2908:b331:3750/128 On-link 11 276 fe80::/64 On-link 13 306 fe80::/64 On-link 13 306 fe80::2cd7:2908:b331:3750/128 On-link 11 276 fe80::946e:90af:1b74:8694/128 On-link 1 306 ff00::/8 On-link 13 306 ff00::/8 On-link 11 276 ff00::/8 On-link =========================================================================== Persistent Routes: None ========================= Winsock entries ===================================== Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation) Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation) Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation) Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) ========================= Memory info: =================================== Percentage of memory in use: 55% Total physical RAM: 2037.57 MB Available physical RAM: 900.09 MB Total Pagefile: 4075.13 MB Available Pagefile: 2743.16 MB Total Virtual: 2047.88 MB Available Virtual: 1950.81 MB ========================= Partitions: ===================================== 2 Drive c: () (Fixed) (Total:465.75 GB) (Free:433.02 GB) NTFS ========================= Users: ======================================== User accounts for \\JIM-PC Administrator Guest jim **** End of log ****

[jimbo1949]

OTL logfile created on: 6/22/2014 10:56:06 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jim\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.54 Gb Available Physical Memory | 27.13% Memory free
3.98 Gb Paging File | 2.22 Gb Available in Paging File | 55.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 432.87 Gb Free Space | 92.94% Space Free | Partition Type: NTFS

Computer Name: JIM-PC | User Name: jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/06/22 10:55:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jim\Desktop\OTL.exe
PRC - [2014/06/22 10:42:00 | 000,293,208 | ---- | M] (Setup Aplications) -- C:\Users\jim\AppData\Local\Temp\n8\s8.exe
PRC - [2014/06/22 10:41:53 | 000,513,440 | ---- | M] (firseria sl) -- C:\Users\jim\Downloads\Setup (6).exe
PRC - [2014/06/22 10:26:37 | 000,389,992 | ---- | M] (VM Host Corporation) -- C:\ProgramData\UpdateServer\1403457996\webdev.exe
PRC - [2014/06/22 09:56:09 | 000,370,176 | ---- | M] (The Privoxy team - www.privoxy.org) -- C:\Program Files\MSR\Privoxy\privoxy.exe
PRC - [2014/06/22 08:08:26 | 000,339,456 | ---- | M] () -- C:\ProgramData\UpdateTask\vmhost.exe
PRC - [2014/06/05 06:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/05/29 04:16:32 | 000,241,344 | ---- | M] () -- C:\Program Files\pcmax\pcmax.exe
PRC - [2014/05/04 07:57:25 | 000,372,032 | ---- | M] (Media Corporation) -- C:\ProgramData\MediaDev\1399215444\mediadev.exe
PRC - [2014/04/23 18:52:18 | 000,016,384 | ---- | M] () -- C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe
PRC - [2014/04/05 10:06:26 | 000,185,920 | ---- | M] () -- C:\ProgramData\PrintProjects\Communicator.exe
PRC - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/08/25 20:39:45 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013/05/23 13:11:42 | 000,119,056 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2013/03/15 15:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2013/01/15 13:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/09/02 16:23:28 | 001,638,400 | ---- | M] (Eastman Kodak Company) -- C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe


========== Modules (No Company Name) ==========

MOD - [2014/06/22 08:08:26 | 000,339,456 | ---- | M] () -- C:\ProgramData\UpdateTask\vmhost.exe
MOD - [2014/06/12 17:58:52 | 000,080,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kodak.Statistics\cae3ca035b3ee498e7394f0aad7a5147\Kodak.Statistics.ni.exe
MOD - [2014/06/12 17:58:43 | 003,720,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CommonControls\7fcf65c904840c26592a9f55f77fe64b\CommonControls.ni.dll
MOD - [2014/06/12 17:58:35 | 000,239,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Localization\f5e12b2f3ec4ce0627335b08ded5c233\Inkjet.Localization.ni.dll
MOD - [2014/06/12 17:58:35 | 000,098,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Devidd83fa01#\35f2093e205d5ab52612314de33cc0a5\Inkjet.DeviceSettings.ni.dll
MOD - [2014/06/12 17:58:34 | 000,296,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Utilities\63c5943acf6c05606a71a61bd6236f09\Inkjet.Utilities.ni.dll
MOD - [2014/06/12 17:58:33 | 000,888,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Hardware\baea1d97618ebe83e8f6e87751aa04d7\Inkjet.Hardware.ni.dll
MOD - [2014/06/12 17:58:33 | 000,164,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.EKAiO2SDKLib\28d2af5802c33456d08e2288ecb73972\Interop.EKAiO2SDKLib.ni.dll
MOD - [2014/06/12 17:58:32 | 000,178,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Statistics\f3a380f33a9b08e9fecdaab6ec407eb2\Inkjet.Statistics.ni.dll
MOD - [2014/06/12 17:58:31 | 001,190,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\InkjetCore\cbc6446c385cdf8ba003c7aa9b928ed4\InkjetCore.ni.dll
MOD - [2014/06/12 17:58:28 | 000,153,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Windows\385ee2bf7935b217f71e208a9590afd8\Inkjet.Windows.ni.dll
MOD - [2014/06/12 17:58:28 | 000,108,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Diagnostics\721fba01fa957eef866e29da121c9d0f\Inkjet.Diagnostics.ni.dll
MOD - [2014/06/12 17:58:28 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Configuration\615c42848e088814e5e45489f1a443d7\Inkjet.Configuration.ni.dll
MOD - [2014/06/05 06:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014/06/05 06:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014/06/05 06:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014/06/05 06:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014/06/05 06:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2014/05/17 17:06:49 | 002,404,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\596140a3921ac96353517d92a9f46925\System.Web.Extensions.ni.dll
MOD - [2014/05/17 09:57:40 | 000,141,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5d4937df67333206a096b29d28fb4ea3\System.Web.Abstractions.ni.dll
MOD - [2014/05/15 05:36:31 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\70dbdd46969daf2bea2443c75b7629d4\System.Web.ni.dll
MOD - [2014/04/05 10:06:26 | 000,185,920 | ---- | M] () -- C:\ProgramData\PrintProjects\Communicator.exe
MOD - [2014/02/28 11:26:00 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\868ad9d8acc0bf80a973c0e4e9cae4fa\System.Core.ni.dll
MOD - [2014/02/28 11:25:53 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4412bbbb473c356b5ea3e1ea13b25f52\System.Management.ni.dll
MOD - [2014/02/28 08:46:02 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014/02/28 08:45:47 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014/02/28 08:44:36 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014/02/28 08:44:26 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014/02/28 08:44:10 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014/02/28 08:43:57 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/02/27 22:13:07 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/27 22:12:53 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/27 22:12:48 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\4f5069e6497e5e6a381ab6aadf05d6a5\Accessibility.ni.dll
MOD - [2014/02/27 22:12:43 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/27 22:12:35 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/27 22:12:00 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/27 22:09:58 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013/08/25 20:47:56 | 008,013,664 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\KeyDownload\KeyPlayr\guardnot.exe -- (System guard)
SRV - File not found [Auto | Stopped] -- \?\C:\Users\jim\AppData\Local\Temp\KDUpdSrv.exe [WARNING: \?\C:\Users\jim\AppData\Local\Temp\KDUpdSrv.exe] -- (KDUpdater)
SRV - [2014/06/22 10:26:37 | 000,389,992 | ---- | M] (VM Host Corporation) [Auto | Running] -- C:\ProgramData\UpdateServer\1403457996\webdev.exe -- (WinDevSvc)
SRV - [2014/06/20 05:59:28 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/30 01:28:30 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/05/29 04:16:32 | 000,241,344 | ---- | M] () [Auto | Running] -- C:\Program Files\pcmax\pcmax.exe -- (pcmaxservice)
SRV - [2014/05/04 07:57:25 | 000,372,032 | ---- | M] (Media Corporation) [Auto | Running] -- C:\ProgramData\MediaDev\1399215444\mediadev.exe -- (MediaDevSrv)
SRV - [2014/04/23 18:52:18 | 000,016,384 | ---- | M] () [Auto | Running] -- C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe -- (System Update kb70007)
SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/02 03:11:22 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/05/26 21:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/23 13:11:42 | 000,119,056 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2013/03/15 15:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2013/01/15 13:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)


========== Driver Services (SafeList) ==========

DRV - [2011/07/22 09:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 14:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/11/20 14:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 14:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 14:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...IE8SRC<br /> IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ceid=ie7<br />

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com/
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F2 D4 2C 0A 0C A2 CE 01 [binary data]
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...IE11SR<br /> IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...nUS550<br /> IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1: C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll File not found


File not found (No name found) -- C:\PROGRAM FILES\AMIEXT\FLASHENHANCER\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://att.yahoo.com/mail
CHR - plugin: Error reading preferences file
CHR - Extension: Google Drive = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Play Books = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.9_0\
CHR - Extension: Google Wallet = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/06/22 07:43:53 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [fst_us_48] File not found
O4 - HKLM..\Run: [pcreg] C:\Program Files\pcmax\service.exe ()
O4 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001..\Run: [cdloader] C:\Users\jim\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001..\Run: [pcreg] C:\Program Files\pcmax\service.exe ()
O4 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001..\Run: [TWC.Win7] C:\Program Files\The Weather Channel\Desktop Weather\TWC.Win7.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7AB4A89B-534C-4591-BA56-1ACFB14EF603}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4b326da4-6d86-11e3-8015-001cc0703165}\Shell - "" = AutoRun
O33 - MountPoints2\{4b326da4-6d86-11e3-8015-001cc0703165}\Shell\AutoRun\command - "" = E:\ToolLauncher-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/06/22 10:55:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\jim\Desktop\OTL.exe
[2014/06/22 10:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\UpdateServer
[2014/06/22 10:08:44 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/06/22 09:56:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSR
[2014/06/22 09:50:03 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014/06/22 09:39:12 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/22 07:43:42 | 000,000,000 | ---D | C] -- C:\_OTM
[2014/06/17 16:49:54 | 000,000,000 | ---D | C] -- C:\Program Files\pcmax
[2014/06/17 16:49:16 | 000,000,000 | ---D | C] -- C:\Program Files\FLVM Player
[2014/06/17 16:09:37 | 000,000,000 | ---D | C] -- C:\SUPERDelete
[2014/06/15 07:46:13 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft
[2014/06/12 18:09:40 | 000,000,000 | ---D | C] -- C:\Users\jim\Desktop\06-12-2014
[2014/06/12 06:19:46 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/06/12 06:19:45 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/06/12 06:19:45 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/06/12 06:19:42 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/06/12 06:19:39 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/06/12 06:19:39 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/06/12 06:19:38 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/06/12 06:19:38 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/06/12 06:19:38 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/06/12 06:19:37 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/06/12 06:19:33 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/06/12 06:19:32 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/06/12 06:19:31 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/06/12 06:19:30 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/06/12 06:19:28 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/06/12 06:19:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/06/12 06:19:22 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/06/12 06:19:20 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/06/12 06:19:11 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/06/12 06:19:08 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/06/12 06:19:01 | 004,244,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/06/12 06:16:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2014/06/12 06:16:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014/06/12 06:15:40 | 000,187,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014/06/12 06:15:27 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/06/12 06:15:26 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014/06/11 22:08:22 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2014/06/11 05:53:53 | 000,000,000 | ---D | C] -- C:\Users\jim\AppData\Roaming\serv
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/06/22 11:08:13 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\PrintProjects Communicator.job
[2014/06/22 11:08:05 | 000,000,254 | ---- | M] () -- C:\Windows\tasks\Guard-{67E160EA-8771-4172-86EB-AF21ADC868B9}.job
[2014/06/22 10:55:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jim\Desktop\OTL.exe
[2014/06/22 10:49:17 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/22 10:09:18 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/22 10:06:57 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/22 10:06:57 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/22 09:56:08 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/22 09:55:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/22 09:55:49 | 1602,404,352 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/22 07:43:53 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2014/06/20 05:59:25 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/06/20 05:59:25 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/06/15 07:46:26 | 000,000,070 | ---- | M] () -- C:\extensions.ini
[2014/06/15 07:46:26 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite
[2014/06/12 17:59:21 | 000,002,114 | ---- | M] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
[2014/06/08 01:48:16 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/06/08 01:43:43 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014/05/30 02:02:39 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/05/30 02:02:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/05/30 01:43:06 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/05/30 01:42:16 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/05/30 01:34:17 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/05/30 01:33:48 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/05/30 01:30:43 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/05/30 01:28:33 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/05/30 01:28:30 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/05/30 01:27:56 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/05/30 01:21:36 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014/05/30 01:16:26 | 000,368,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/05/30 01:10:46 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/05/30 01:06:06 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/05/30 01:02:32 | 000,242,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/05/30 00:57:16 | 000,595,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/05/30 00:56:50 | 004,244,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/05/30 00:54:14 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/05/30 00:50:09 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014/05/30 00:49:38 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/05/30 00:13:47 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/06/18 15:18:53 | 000,000,254 | ---- | C] () -- C:\Windows\tasks\Guard-{67E160EA-8771-4172-86EB-AF21ADC868B9}.job
[2014/06/15 07:46:26 | 000,000,070 | ---- | C] () -- C:\extensions.ini
[2014/06/15 07:46:26 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite
[2014/06/12 17:59:21 | 000,002,114 | ---- | C] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
[2014/05/04 08:02:34 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/03/09 11:19:55 | 000,007,597 | ---- | C] () -- C:\Users\jim\AppData\Local\Resmon.ResmonCfg
[2013/12/07 11:04:36 | 000,000,307 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/11/16 14:26:38 | 000,087,552 | R--- | C] () -- C:\Users\jim\AppData\Roaming\Other.res
[2013/08/25 20:45:10 | 000,000,258 | RHS- | C] () -- C:\Users\jim\ntuser.pol

========== ZeroAccess Check ==========

[2009/07/13 21:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 19:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

[jimbo1949]

OTL Extras logfile created on: 6/22/2014 10:56:06 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jim\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.54 Gb Available Physical Memory | 27.13% Memory free
3.98 Gb Paging File | 2.22 Gb Available in Paging File | 55.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 432.87 Gb Free Space | 92.94% Space Free | Partition Type: NTFS

Computer Name: JIM-PC | User Name: jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- "C:\Program Files\File Identifier\fi.exe" "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08742D20-A57A-4057-9348-0D86D39A0AF8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0BAAC192-715F-490D-A1C1-5827242448C0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{25A46072-DB8A-4F02-862A-BACE3C6A6AC0}" = lport=139 | protocol=6 | dir=in | app=system |
"{2C0E23C1-1A3E-4ED1-B8AF-BB45B5C11687}" = rport=139 | protocol=6 | dir=out | app=system |
"{2D20DE8A-EC56-4D05-A108-24DC8ED82A35}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3A919A7E-53A5-40EA-B5A7-245AF7AF83C2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3C8C0F8F-D48E-4E67-8A25-5EC7D2CCDAD4}" = rport=138 | protocol=17 | dir=out | app=system |
"{5F587529-3175-4454-B81F-3498FECCDE59}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{674E29E1-AFF7-4CFE-83F2-7A1DDBD5D5A9}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{69084D07-0899-4153-8FB4-6BC633717CCF}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{762EFF34-BD0E-43F5-AC1B-52164674C9A0}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{8C7150D8-E4B9-4A2D-BB7F-850BFA950837}" = lport=10243 | protocol=6 | dir=in | app=system |
"{931980CC-B7B8-4B3D-B5BF-61C739302120}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{93EB67FD-030B-43E4-B59E-8209BC38085B}" = lport=445 | protocol=6 | dir=in | app=system |
"{9934315F-521A-442B-9630-AB4826520C02}" = lport=137 | protocol=17 | dir=in | app=system |
"{9D14231C-E05E-4CDF-87EB-ABB91A2BE8E0}" = rport=445 | protocol=6 | dir=out | app=system |
"{B84D3ECA-71CB-4965-87B2-9F8AF24521CD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{BF37BB00-24B3-4E19-8AFF-8621B5DC4424}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CAE7F9A0-3354-417A-A993-0F4A48A53CFD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D1663B33-EA1C-4984-971C-65DC63DD17AC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{DCA58499-9061-4D17-8942-A828882A25E6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DF74D1E7-454D-45FC-92E5-2F99FBD2D563}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E2429A4D-F726-4F00-9F42-31E17457907A}" = lport=138 | protocol=17 | dir=in | app=system |
"{FA915800-9EF0-4021-BEFF-E11F3A04D886}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FFD21688-4CF4-4369-97E7-36352993DEED}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004301B5-5728-4C0F-AB83-B014535C1E36}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\aiohomecenter.exe |
"{0439C499-DA31-4882-89D9-42C408EF15D8}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\networkprinterdiscovery.exe |
"{08236CE6-D170-4694-B6BC-61A8226999C7}" = protocol=1 | dir=out | [email protected],-28544 |
"{1FEE2746-325A-43D2-B20C-B63CD6EE53F9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{22BDE97D-708A-4060-BC2A-2C34D168A9AC}" = dir=in | app=c:\users\jim\appdata\local\temp\updater_145834.exe |
"{2FDF47C4-B9E8-43A2-BE51-B569CB0FC6C3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{37BE429D-412C-4CAB-88B3-91AE18C86A1A}" = protocol=1 | dir=in | [email protected],-28543 |
"{40D32695-A454-4E23-973F-076F04A0FD83}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{46AB9C28-AD4E-470B-B1AF-280F09E0B5E3}" = dir=out | app=c:\program files\pcmax\pcmax.exe |
"{49E286D3-3DA2-446A-99B6-BB3185C96F00}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe |
"{4ECD95F4-D229-430C-BFF1-9C6A0A10A6ED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F943E24-5665-427E-B7D8-18D692AE3B78}" = dir=in | app=c:\program files\pcmax\pcmax.exe |
"{66281B4B-4369-4814-ACC1-E85375B0764C}" = dir=in | app=c:\program files\pcmax\service.exe |
"{784F15B6-B0D5-4B79-9215-F89989C63472}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\firmware\kodakaioupdater.exe |
"{7CCEB42D-C9B5-4ABC-95C7-B66CEEC15340}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe |
"{7F3BF149-3044-4A00-A860-F53E26DFF102}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7FBD2443-B1DB-4EDB-8759-8EFB82C83C4F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{846DFEF3-6911-4246-BDDC-77C2507CE725}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\networkprinterdiscovery.exe |
"{93BBD775-ABE1-4F77-94B1-DA080BAFD42C}" = protocol=6 | dir=out | app=system |
"{9420342E-1A2C-4A85-BAF2-650E65B607F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9AB6D725-03BF-4412-BB67-50719A41E88F}" = protocol=58 | dir=in | [email protected],-28545 |
"{9DD76606-7945-4526-9EA6-2B413FDDCF8E}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{A39AAE97-5DA5-4082-9168-C715D7399EEE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AFA1B720-0A84-47DF-BF32-405C6DF9DFB6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B0CA420D-F675-4704-8D39-B541693A8F46}" = dir=in | app=c:\users\jim\appdata\local\temp\speedmax_14671.exe |
"{B9D13C74-5879-426E-B4D8-FC406B4494B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA47E6BE-0CB8-419A-A921-AB8E3B10FCF2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C58A50F2-4B1B-4B9D-AE44-6350BAE8E8C8}" = protocol=58 | dir=out | [email protected],-28546 |
"{E062F378-A651-4BB4-B047-A64567CD11F4}" = dir=in | app=c:\users\jim\appdata\local\temp\n3505\speedmaxzs_1605-d640b376.exe |
"{E35F66A5-8001-4ADA-983B-F92A9C52838B}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{EF3D4190-952C-41E9-9C93-B1D142699585}" = dir=out | app=c:\program files\pcmax\service.exe |
"{F2154763-BCEA-4276-984E-8F65AC405A31}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\firmware\kodakaioupdater.exe |
"{FA4F0E8B-5AE6-4683-9A52-5F0EC24B8B3F}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\aiohomecenter.exe |
"TCP Query User{0AAF3A5E-B0AF-4EF3-B596-FBF55B089680}C:\users\jim\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\jim\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{8CA3B691-368A-44C1-889D-7E3D34E4AD0D}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{BA90F856-C0E2-4AF5-AD70-5B751B589488}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{D7C721CA-CCBE-4E30-A059-07274EDA69F5}C:\users\jim\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\jim\appdata\roaming\mjusbsp\magicjack.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 55
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{376348C2-E372-48BC-A138-E896757BD86A}" = aioscnnr
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{AEB719FD-EDB0-43E9-B524-90F97C1E6499}" = System Update kb70007
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{C8B24B83-920A-446E-B027-38F72C9D8898}_is1" = File Viewer version 1.0.2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software
"{E15BC10F-04AA-0AFD-A6C9-476730195F8B}" = Adobe Download Assistant
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"File Identifier_is1" = File Identifier version 1.0.3
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"PrintProjects" = PrintProjects
"VLC media player" = VLC media player 2.1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2857200164-3729861948-2052089129-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"magicJack" = magicJack
"Media Player Packages" = Media Player Packages

< End of report >

[zep516]

Hello,

Next

We need to do a fix to delete some files using OTL

• Double click on the to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :COMMANDS
  [CREATERESTOREPOINT]
  
  :OTL
  SRV - File not found [Auto | Stopped] -- C:\Program Files\KeyDownload\KeyPlayr\guardnot.exe -- (System guard)
  SRV - File not found [Auto | Stopped] -- \?\C:\Users\jim\AppData\Local\Temp\KDUpdSrv.exe [WARNING: \?\C:\Users\jim\AppData\Local\Temp\KDUpdSrv.exe] -- (KDUpdater)
  IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
  IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
  IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
  IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
  IE - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
  FF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1: C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll File not found
  O3 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
  O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
  O4 - HKLM..\Run: [fst_us_48] File not found
  O4 - HKLM..\Run: [pcreg] C:\Program Files\pcmax\service.exe ()
  O4 - HKU\S-1-5-21-2857200164-3729861948-2052089129-1001..\Run: [pcreg] C:\Program Files\pcmax\service.exe ()
  O13 - gopher Prefix: missing
  [2014/06/17 16:49:54 | 000,000,000 | ---D | C] -- C:\Program Files\pcmax
  [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
  
  :Files
  
  ipconfig /flushdns /c
  C:\Users\jim\Downloads\Setup (6).exe
  C:\Users\jim\AppData\Local\Temp\n8\s8.exe
  
  :Commands
  
  [emptytemp]
  [resethosts]
  

• Make sure all other windows are closed.
• Click the Run Fix button at the top
• Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
• Post the log that is found in C:\_OTL\Moved Files in your next reply.
• Open OTL again and click the Quick Scan button.

Your next reply:

1-Post the OTL Fix Log after running fix, after the computer reboots that log should pop up in front of you, if not it's located here->C:\_OTL\Moved Files

2- After you do a quick scan post the New OTL.

3 Tell me what issues remain?

Thanks
Joe