jackjohnson44
asked on
safe saver browser addin keeps coming back
I keep removing the "safe saver" add in from my browsers and it keeps coming back in chrome and firefox.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Sudeep, here are the contents:
OTL Extras logfile created on: 10/1/2013 2:58:14 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\jack\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
8.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 56.00% Memory free
15.00 Gb Paging File | 12.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48.83 Gb Total Space | 4.32 Gb Free Space | 8.86% Space Free | Partition Type: NTFS
Drive D: | 976.56 Gb Total Space | 562.66 Gb Free Space | 57.62% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 244.14 Gb Total Space | 181.19 Gb Free Space | 74.21% Space Free | Partition Type: NTFS
Drive G: | 465.76 Gb Total Space | 65.86 Gb Free Space | 14.14% Space Free | Partition Type: NTFS
Drive H: | 48.83 Gb Total Space | 27.97 Gb Free Space | 57.29% Space Free | Partition Type: NTFS
Drive I: | 48.83 Gb Total Space | 48.68 Gb Free Space | 99.69% Space Free | Partition Type: NTFS
Drive L: | 1817.83 Gb Total Space | 110.55 Gb Free Space | 6.08% Space Free | Partition Type: NTFS
Drive N: | 3.63 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: WIN7VHD
Current User Name: jack
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWA RE\Classes \<extensio n>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.ini[@ = Notepad++_file] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLED.E XE (Microsoft Corporation)
.js[@ = Notepad++_file] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLED.E XE (Microsoft Corporation)
.txt[@ = Notepad++_file] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLED.E XE (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWA RE\Classes \<extensio n>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\contro l.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.ini [@ = Notepad++_file] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLED.E XE (Microsoft Corporation)
.js [@ = Notepad++_file] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLED.E XE (Microsoft Corporation)
.txt [@ = Notepad++_file] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLED.E XE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWAR E\Classes\ <extension >]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[color=#E56717]========== Shell Spawning ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWA RE\Classes \<key>\she ll\[comman d]\command ]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.e xe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.e xe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfD efaultInst all.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundl l32.exe" "C:\Windows\System32\mshtm l.dll",Pri ntHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSave r %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rund ll32.exe %SystemRoot%\system32\shel l32.dll,Op enAs_RunDL L %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069- A2EA-08002 B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWA RE\Classes \<key>\she ll\[comman d]\command ]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\cont rol.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.e xe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.e xe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfD efaultInst all.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundl l32.exe" "C:\Windows\System32\mshtm l.dll",Pri ntHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSave r %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rund ll32.exe %SystemRoot%\system32\shel l32.dll,Op enAs_RunDL L %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069- A2EA-08002 B30309D} [OpenHomePage] -- Reg Error: Value error.
[color=#E56717]========== Security Center Settings ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWA RE\Microso ft\Securit y Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWA RE\Microso ft\Securit y Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWA RE\Microso ft\Securit y Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWA RE\Microso ft\Securit y Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWA RE\Microso ft\Securit y Center]
[HKEY_LOCAL_MACHINE\SOFTWA RE\Microso ft\Securit y Center\Svc]
[HKEY_LOCAL_MACHINE\SYSTEM \CurrentCo ntrolSet\S ervices\Sh aredAccess \Parameter s\Firewall Policy\Dom ainProfile ]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM \CurrentCo ntrolSet\S ervices\Sh aredAccess \Parameter s\Firewall Policy\Sta ndardProfi le]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM \CurrentCo ntrolSet\S ervices\Sh aredAccess \Parameter s\Firewall Policy\Pub licProfile ]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWA RE\Microso ft\Windows \CurrentVe rsion\Unin stall]
"{13417784-A359-3CDD-8DE1- B7108707D6 47}" = Visual Studio 2012 Prerequisites - ENU Language Pack
"{13D558FE-A863-402C-B115- 1600072770 33}" = Microsoft SQL Server 2012 Express LocalDB
"{18B2A97C-92C3-4AC7-BE72- F823E0BC89 5B}" = SQL Server 2012 Database Engine Services
"{1ABA92B0-CD1F-478B-A351- 415F79B2A9 E6}" = SQL Server 2012 Data quality service
"{1AD147D0-BE0E-3D6C-AC11- 64F6DC4163 F1}" = Microsoft .NET Framework 4.5
"{1D411379-9CE0-4B13-A19B- 72D3222DD6 20}" = SQL Server 2012 Common Files
"{1D8E6291-B0D5-35EC-8441- 6616F567A0 F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{202AAF1F-69AA-442A-B59F- 6B54B1AD07 C6}" = SQL Server 2012 Common Files
"{27726449-83B8-428D-92DE- 101346C1E1 5C}" = Microsoft Security Client
"{27EF252D-800C-ED42-9904- 459FE00462 25}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{2EDC2FA3-1F34-34E5-9085- 588C9EFD1C C6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{34A7A77A-A23D-44ED-B3B6- EC8198BE26 22}" = SQL Server 2012 Full text search
"{36E619BC-A234-4EC3-849B- 779A7C865A 45}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{38661DD1-576D-48CA-A188- F97819D5B5 FB}" = SQL Server 2012 Data quality service
"{3E0DD83F-BE4C-4478-86A0- AD0D79D135 3E}" = Microsoft VSS Writer for SQL Server 2012
"{3FA063D7-EDC1-AFA8-54AF- 0563C7DEE0 70}" = Windows App Certification Kit Native Components
"{4701DEDE-1888-49E0-BAE5- 857875924C A2}" = Microsoft SQL Server System CLR Types (x64)
"{54C5041B-0E91-4E92-8417- AAA12493C7 90}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{54FF8FAB-DE27-4187-82F1- EBAE6AEE86 9A}" = SQL Server 2012 Database Engine Shared
"{572E796D-C52B-3797-A685- 2FB6F895D4 BE}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{5FB4C443-6BD6-1514-2717- 3827D65AE6 FB}" = Windows Software Development Kit DirectX x64 Remote
"{61862D7C-CDBC-48D5-8AE1- 3B8BD1E23B C5}" = Visual Studio 2012 Prerequisites
"{633AB014-DDE6-403E-A302- 8920CC32C5 43}" = Microsoft Visual Studio 2012 Performance Collection Tools
"{6603C2CE-3C54-4F1D-92F9- 8390CD4CCC A8}" = SQL Server 2012 Database Engine Shared
"{662014D2-0450-37ED-ABAE- 157C88127B EB}" = Visual Studio 2010 Prerequisites - English
"{67630560-B0DC-4FC6-8B04- 7B949F8ABE F0}" = TortoiseSVN 1.8.0.24401 (64 bit)
"{73468C65-BC53-4D88-9246- 75A5BB014D A2}" = JavaScript Tooling
"{764384C5-BCA9-307C-9AAC- FD44366268 6A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{78909610-D229-459C-A936- 25D92283D3 FD}" = Microsoft SQL Server Compact 4.0 SP1 x64 ENU
"{7B72F338-EBCC-32A6-A44C- DEF9B436AE F2}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{7BF61FA9-BDFB-4563-98AD- FCB0DA28CC C7}" = IIS 8.0 Express
"{84FBCA4A-D650-4B0D-8094- EC0671FA9B 91}" = SQL Server 2012 Database Engine Services
"{88CB5DFD-6CE1-486F-998C- 9FC090FCE5 E2}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service
"{89F4137D-6C26-4A84-BDB8- 2E5A4BB71E 00}" = Microsoft Silverlight
"{8CB0713F-CFE0-445D-BCB2- 538465860E 1A}" = Microsoft SQL Server 2012 Setup (English)
"{90150000-0015-0409-1000- 0000000FF1 CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0409-1000- 0000000FF1 CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0018-0409-1000- 0000000FF1 CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0409-1000- 0000000FF1 CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0409-1000- 0000000FF1 CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0409-1000- 0000000FF1 CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0409-1000- 0000000FF1 CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000- 0000000FF1 CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-0C0A-1000- 0000000FF1 CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0409-1000- 0000000FF1 CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0409-1000- 0000000FF1 CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-0054-0409-1000- 0000000FF1 CE}" = Microsoft Visio MUI (English) 2013
"{90150000-006E-0409-1000- 0000000FF1 CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0409-1000- 0000000FF1 CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0409-1000- 0000000FF1 CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0409-1000- 0000000FF1 CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00C1-0000-1000- 0000000FF1 CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0409-1000- 0000000FF1 CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0409-1000- 0000000FF1 CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0409-1000- 0000000FF1 CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0115-0409-1000- 0000000FF1 CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000- 0000000FF1 CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0409-1000- 0000000FF1 CE}" = Microsoft Lync MUI (English) 2013
"{91150000-0011-0000-1000- 0000000FF1 CE}" = Microsoft Office Professional Plus 2013
"{91150000-0051-0000-1000- 0000000FF1 CE}" = Microsoft Visio Professional 2013
"{91537A0E-FEEB-4AB1-A203- 0563BEBB34 64}" = Microsoft SQL Server 2012 RsFx Driver
"{92FB6C44-E685-45AD-9B20- CADF4CABA1 32} - 1033" = Microsoft .NET Framework 4.5
"{9674CB74-4808-4B59-B79D- 9AB501F232 79}" = SQL Server 2012 Analysis Services
"{993F6DDC-63F8-4BCD-9B28- D941971A9C AC}" = Windows XP Targeting with C++
"{9D573E71-1077-4C7E-B4DB- 4E22A5D2B4 8B}" = Microsoft SQL Server 2012 Command Line Utilities
"{9f4f4a9b-eec5-4906-92fe- d1f43ccf5c 8d}.sdb" = IIS Express Application Compatibility Database for x64
"{A7037EB2-F953-4B12-B843- 195F4D988D A1}" = SQL Server 2012 Management Studio
"{AA72C306-30BE-4BB1-9E42- 59552BAD2C DF}" = Microsoft Web Deploy 3.0
"{AAFF73AD-3432-3575-ABD1- 14E48EF2F4 CB}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610
"{B143BE44-8723-315E-9413- 011C55873C 0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B40EE88B-400A-4266-A17B- E3DE64E944 31}" = Microsoft SQL Server 2008 Setup Support Files
"{BED1EA3D-592D-4305-9D1F- 20F03726EF C1}" = Sql Server Customer Experience Improvement Program
"{CDDCBBF1-2703-46BC-938B- BCC81A1EEA AA}" = SUPERAntiSpyware
"{D307B5CF-D1F0-48A4-8DA3- 54765F5352 08}" = SQL Server 2012 SQL Data Quality Common
"{D411E9C9-CE62-4DBF-9D92- 4CB22B750E D5}" = Microsoft SQL Server 2012 Native Client
"{D9F3D00D-E946-3B3D-A4A6- 93D5020DB9 F7}" = Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727
"{DCCB1789-1DA0-4E3A-A52F- 7815B602CC 98}" = SQL Server 2012 Reporting Services
"{E2B8249D-895C-4685-8C83- 00F3B1A130 28}" = Microsoft Web Platform Installer 4.0
"{E5748D30-7E6D-3A8E-BFE6- C1D02C6DDA BB}" = Microsoft Help Viewer 1.1
"{E7DD9E2F-25BB-3488-AA6A- 6C5A9A27DA 76}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
"{F1949145-EB64-4DE7-9D81- E6D2793714 6C}" = Microsoft System CLR Types for SQL Server 2012 (x64)
"{FA0A244E-F3C2-4589-B42A- 3D522DE79A 42}" = Microsoft SQL Server 2012 Management Objects (x64)
"{FB1349FD-D102-4722-9F0A- 2543670FF7 FB}" = SQL Server 2012 Analysis Services
"{FCD81E1A-6ED6-4F19-A572- 82FFE10265 4E}" = SQL Server 2012 Reporting Services
"{fdfba1f3-74ae-4255-9c10- a0f552b461 0f}.sdb" = IIS Express Application Compatibility Database for x86
"{FE74AC04-F248-4641-B3A9- 89C6AA4339 CD}" = Microsoft Visual Studio 2012 Performance Collection Tools - ENU
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 11" = Microsoft SQL Server 2012 (64-bit)
"Microsoft SQL Server SQLServer2012" = Microsoft SQL Server 2012 (64-bit)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Office15.PROPLUSR" = Microsoft Office Professional Plus 2013
"Office15.VISPROR" = Microsoft Visio Professional 2013
[HKEY_LOCAL_MACHINE\SOFTWA RE\Microso ft\Windows \CurrentVe rsion\Unin stall]
"{00EC8ABC-3C5A-40F8-A8CB- E7DCD5ABFA 05}" = Microsoft NuGet - Visual Studio 2012
"{02213A81-CB13-7262-5ABE- 1FFA2C7555 9F}" = Windows App Certification Kit x64
"{05E1731A-5DD6-314E-889F- 265C006C8E F9}" = Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries
"{0BCC836F-0B28-4090-B58A- 64883BAA3B 2F}" = WCF Data Services 5.0 (for OData v3) Primary Components
"{0C03A66F-1FF0-45F9-8D67- 0D806EBFFB A1}" = Blend for Visual Studio SDK for Silverlight 5
"{1228E4A3-8371-4F9B-BA6F- 3D34113811 B9}" = Visual Studio Extensions for Windows Library for JavaScript
"{148878BD-A2A5-4CF1-A103- 2BA632F419 53}" = WCF Data Services Tools for Microsoft Visual Studio 2012
"{1690CE56-2231-4E59-9006- A0876D949E A8}" = Tools for .Net 3.5
"{16DD6E8B-E10B-4B6D-BC2D- B2BF631094 F2}" = Microsoft Visual Studio 2012 Preparation
"{17c2e197-cf26-443b-8beb- 53151940df 3f}" = Microsoft Visual Studio Professional 2012
"{189AEA94-DAFB-487A-8CEE- F9D3DDE0A7 48}" = Microsoft Silverlight 4 SDK
"{18F675EA-CB03-462D-A04B- 3832DBAB53 18}" = Microsoft Visual C++ 2012 Compilers - ENU Resources
"{1948E039-EC79-4591-951D- 9867A8C14C 90}" = Microsoft .NET Framework 4.5 SDK
"{1B9BBB23-65CB-3AEE-BFC6- 633E7CA299 FD}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU
"{1C997E1C-5CE9-4AF3-AAA9- DC65E60908 27}" = Microsoft Expression Blend SDK for Silverlight 4
"{1DB43E5A-2F24-4F51-92B0- A2C0EBF5C7 42}" = Microsoft Report Viewer Add-On for Visual Studio 2012
"{23176E97-26CB-C72A-19EB- BFB21AC1D1 5A}" = Windows Software Development Kit DirectX x86 Remote
"{26A24AE4-039D-4CA4-87B4- 2F83217025 FF}" = Java 7 Update 25
"{2C0CC01A-DDBC-3AED-AF18- E741242FD7 27}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
"{2C76E3DA-BA76-4FAD-B1B1- 72B46D6390 28}" = PreEmptive Analytics Visual Studio Components
"{2F6CE32A-018D-4656-895B- 9E5E20D774 0A}" = Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update
"{2F8F489A-0476-3129-857B- A553F38B19 2D}" = Microsoft Visual C++ 2012 Core Libraries
"{330E5D98-20D2-4CA4-AE51- FCB8AA80F6 34}" = Microsoft Visual Studio 2012 Devenv
"{36155860-97D8-43CF-828A- 7ADEA94F7C AA}" = Microsoft LightSwitch for Visual Studio 2012 v3.0 Core
"{372D17F6-A54E-4A01-B264- 1314890FFE 61}" = Dotfuscator and Analytics Community Edition
"{37E53780-3944-4A6A-842F- 727128E861 6E}" = Blend for Visual Studio SDK for .NET 4.5
"{38FC6E9A-F719-431A-A83D- 4C86D5FD65 55}" = Microsoft Visual Studio 2012 Shell (Minimum) Resources
"{3A523AF9-D32F-4C85-8388- 0335731F34 05}" = WCF RIA Services V1.0 SP2
"{3D6AD258-61EA-35F5-812C- B7A0215299 6E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{42F61556-29ED-8122-F39E- 6F04EA5FF2 79}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{451526FA-52D1-41F2-B7E2- 96343EC958 53}" = Windows Azure Tools for LightSwitch HTML Client for Visual Studio 2012
"{4A03706F-666A-4037-7777- 5F2748764D 10}" = Java Auto Updater
"{4B9E6EB0-0EED-4E74-9479- F982C3254F 71}" = SQL Server Browser for SQL Server 2012
"{532DBCC8-9468-435C-AEF6- 30B7F50735 A2}" = Blend for Visual Studio 2012 ENU resources
"{57F20F04-014D-453F-B6A3- AE9485C4DF AB}" = Blend for Visual Studio 2012
"{5CBFF3F3-2D40-34EE-BCA5- A95BC19E40 0D}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{5D9ED403-94DE-3BA0-B1D6- 71F4BDA412 E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{605FFCBB-EC5A-485C-B27E- 189F1C8A96 E5}" = Microsoft Visual C++ 2012 x86-x64 Compilers
"{60D5EF2A-4E0C-2C30-38F6- 59C26E134F 4A}" = Windows Software Development Kit
"{631471BE-DEAB-454B-A9AC- CE3EB42C28 B3}" = Microsoft ASP.NET Web Pages
"{64BF43AC-A7E7-47A7-AED7- 978D811E2C A1}" = VisualSVN 3.5.0
"{6C44519A-497D-382C-8596- E972C77057 C2}" = Microsoft Portable Library Multi-Targeting Pack
"{6D6D43E5-218C-4B05-92D3- 2240810F47 60}" = Microsoft SQL Server 2012 T-SQL Language Service
"{6DAB46E3-D017-3E2B-85D8- F57A230384 C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{6F066545-40A2-4C38-A8F7- 78581CC5C4 42}" = Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools
"{7437A4B9-314F-3B8F-827B- 22909146E4 71}" = Microsoft LightSwitch for Visual Studio 2012 Core
"{77E2D875-FD9E-3DEE-9A84- C34FDECB4E CA}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610
"{790E9425-8570-493F-9AE7- 81AFC9E469 30}" = Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00)
"{800F484E-9D69-492D-B656- 7BAA325861 42}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{820C677A-41B2-48C3-8136- FEE35A052E 73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{834B6E00-F509-40F2-A677- E862611845 76}" = Blend for Visual Studio Add-in for Adobe FXG Import
"{83F2B8F4-5CF3-4BE9-9772- 9543EAE4AC 5F}" = Microsoft SQL Server 2008 R2 Management Objects
"{8762B098-374D-4900-B68E- 34BF2840E6 94}" = Microsoft Web Developer Tools 2012.2 - Visual Studio 2012
"{9169C939-ED01-446A-BD0C- 29873BAF4E 48}" = Prerequisites for SSDT
"{93489CA8-6656-33A0-A5AC- E0EDEDB17C 3E}" = Microsoft Visual Studio Professional 2012
"{942CC691-5B98-42A3-8BC5- A246BA69D9 83}" = Microsoft ASP.NET MVC 4 Runtime
"{95120000-00B9-0409-0000- 0000000FF1 CE}" = Microsoft Application Error Reporting
"{96F50F87-0F15-4F93-9FE6- 387DD9CFB0 77}" = Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - ENU
"{9B3A1C97-A361-463E-8817- 444F9F88CD FE}" = Microsoft Expression Blend SDK for .NET 4
"{9BE518E6-ECC6-35A9-88E4- 87755C0720 0F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCE40CE-A9E6-4916-8729- B008558EEF 3F}" = Microsoft Report Viewer 2012 Runtime
"{A3A6D5EA-B6B5-3C05-BDA8- EAB99C09CD DC}" = Microsoft Visual Studio 2012 SharePoint Developer Tools
"{A6563D7C-F3AD-11E2-A4DB- 984BE15F17 4E}" = Evernote v. 4.6.7
"{A7E87388-3512-4D9C-9BBA- 284C3577CB E9}" = Microsoft Visual C++ 2012 Compilers
"{A92DAB39-4E2C-4304-9AB6- BC44E68B55 E2}" = Google Update Helper
"{AFA4B0BF-3289-495A-B949- BA91F39B1A 44}" = Entity Framework Designer for Visual Studio 2012 - enu
"{B1465D1D-6427-4CA1-AE29- 8B699209E6 63}" = Microsoft Visual Studio 2012 Devenv Resources
"{B40E950B-300A-41B5-A6C1- 2FEBEEA1BE EA}" = Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - ENU
"{B5DA9D49-9BD8-0F2F-52FC- C7E66BC8D9 44}" = LocalESPCui for en-us
"{B7E38540-E355-3503-AFD7- 635B2F2F76 E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B9F35D86-242E-3FA4-B9F8- A982E0DF91 8D}" = Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack
"{BAD0254F-9BDB-3D14-A5AC- 9C0EF51F3D 09}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - enu
"{BD9DC17D-C48D-3B1B-944A- D0DE74FC74 BC}" = Microsoft Visual C++ 2012 Extended Libraries
"{BDBE5D2A-AAB7-77BD-7A0E- 5006665CE7 C6}" = LocalESPC
"{BE4F3A79-8954-499C-AEF9- E8A3BC2356 77}" = JavaScript Tooling
"{C1BE4600-7D15-3D1E-8AA2- B3241DB1D0 63}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C3F6F200-6D7B-4879-B9EE- 700C0CE1FC DA}" = Microsoft SQL Server System CLR Types
"{C5C9E20C-CBD6-4FCE-B9FD- 46E94BEC91 69}" = Microsoft LightSwitch for Visual Studio 2012 v3.0 CoreRes - ENU
"{C81452EB-CBCF-B8EB-3124- 48C5B3D506 B0}" = Windows Runtime Intellisense Content - en-us
"{CFEF48A8-BFB8-3EAC-8BA5- DE4F8AA267 CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFFDC0EC-6924-3347-B047- 13339EDBEC 28}" = Microsoft Visual Studio Professional 2012 - ENU
"{D11F66FF-82B3-DDB8-1146- 525370552B E1}" = Windows Software Development Kit for Windows Store Apps
"{D3A828A9-FD4A-4463-9CB0- 9673C682A0 C7}" = Microsoft Visual C++ 2012 32bit Compilers - ENU Resources
"{D64B6984-242F-32BC-B008- 752806E5FC 44}" = Microsoft Visual Studio 2010 Shell (Isolated) - ENU
"{D7428139-7884-4630-8CA5- 9A41087BDB 62}" = NinjaTrader 7
"{DA1C1761-5F4F-4332-AB9D- 29EDF3F8EA 0A}" = Microsoft SQL Server 2012 Management Objects
"{DC487E40-046E-42A9-9C7C- 5D2B1A7EB2 11}" = Microsoft SQL Server 2012 Policies
"{DCDEC776-BADD-48B9-8F9A- DFF513C3D7 FA}" = Microsoft ASP.NET MVC 3
"{E1FBB3D4-ADB0-4949-B101- 855DA061C7 35}" = Microsoft Silverlight 5 SDK
"{E2082604-4BA5-44BB-BBFB- AF0F3CB8C6 AB}" = Microsoft System CLR Types for SQL Server 2012
"{E4ADE757-7FE9-322D-9CAE- C77D77A2D2 BF}" = Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU
"{E4C33F5B-1B2F-466E-957E- B274F08151 A0}" = Microsoft Web Deploy dbSqlPackage Provider - enu
"{E7D4E834-93EB-351F-B8FB- 82CDAE6230 03}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E818AE7C-244B-4A50-9C86- C0E4A8B691 59}" = Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU
"{E997DB06-141F-4A4F-AB8B- DE08E1CA3A 6E}" = JetBrains ReSharper 7.1.3
"{EA63C5C1-EBBC-477C-9CC7- 41454DDFAF F2}" = Microsoft ASP.NET Web Pages 2 Runtime
"{F0C3E5D1-1ADE-321E-8167- 68EF0DE699 A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F361FE04-789E-42F3-BBAB- E7B380AA5E 06}" = Windows XP Targeting with C++
"{FA804794-2CCB-4301-954F- 2C28946988 76}" = Microsoft SQL Server Data Tools - enu (11.1.20627.00)
"{FBA6F90E-36EC-4FC9-9B25- 3834E3BD46 A8}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{FEB375AB-6EEC-3929-8FAF- 188ED81DD8 B5}" = Microsoft Help Viewer 2.0
"{FFC6E93A-B9AD-3F20-9B06- EE20E24AAE AF}" = Microsoft Visual C++ 2012 Core Libraries
"7-Zip" = 7-Zip 9.22beta
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"FileZilla Client" = FileZilla Client 3.7.1.1
"Google Chrome" = Google Chrome
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US)
"MozillaMaintenanceService " = Mozilla Maintenance Service
"Notepad++" = Notepad++
"Safe Saver" = Safe Saver
"thinkorswim from TD AMERITRADE" = thinkorswim from TD AMERITRADE
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWAR E\Microsof t\Windows\ CurrentVer sion\Unins tall]
"WinDirStat" = WinDirStat 1.1.2
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 9/29/2013 11:30:08 PM | Computer Name = win7vhd | Source = VisualSVN | ID = 1000
Description = Unexpected message: BeginDropNotifyMessage
Error - 9/29/2013 11:32:57 PM | Computer Name = win7vhd | Source = VisualSVN | ID = 1000
Description = Unexpected message: BeginDropNotifyMessage
Error - 9/29/2013 11:37:17 PM | Computer Name = win7vhd | Source = VisualSVN | ID = 1000
Description = Unexpected message: BeginDropNotifyMessage
Error - 9/29/2013 11:37:25 PM | Computer Name = win7vhd | Source = VisualSVN | ID = 1000
Description = Unexpected message: BeginDropNotifyMessage
Error - 9/29/2013 11:38:01 PM | Computer Name = win7vhd | Source = VisualSVN | ID = 1000
Description = Unexpected message: BeginDropNotifyMessage
Error - 9/30/2013 9:54:54 AM | Computer Name = win7vhd | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 9/30/2013 8:23:43 PM | Computer Name = win7vhd | Source = VisualSVN | ID = 1000
Description = Unexpected message: BeginDropNotifyMessage
Error - 9/30/2013 11:42:42 PM | Computer Name = win7vhd | Source = VisualSVN | ID = 1000
Description = Unexpected exception: Can't stat 'C:\Projects\trunk\JTrade. Web\app_of fline.htm' :
Access is denied. at ManagedSVN.Client.GetStatu s(String path, Boolean recurse,
Boolean getAll, Boolean noIgnore, Boolean ignoreExternals, GetStatusCallback callback)
at VisualSVN.Core.FileStatusR eceiver..c tor(Client client, String path, Boolean
recursive) at VisualSVN.Core.StatusUpdat er.LoadSta tus(String [] paths) StackTrace:
at System.Environment.GetStac kTrace(Exc eption e, Boolean needFileInfo) at System.Environment.get_Sta ckTrace()
at VisualSVN.Utils.Log.Report Exception( Exception ex) at VisualSVN.Core.StatusUpdat er.LoadSta tus(String []
paths) at VisualSVN.Core.StatusUpdat er.Process Impl(IsCan celedCallb ack isCanceled)
at VisualSVN.Core.StatusUpdat er.Process (IsCancele dCallback isCanceled) at VisualSVN.Core.StatusManag er.Work()
at System.Threading.ThreadHel per.Thread Start_Cont ext(Object state) at System.Threading.Execution Context.Ru nInternal( ExecutionC ontext
executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.Execution Context.Ru n(Executio nContext executionContext, ContextCallback
callback, Object state, Boolean preserveSyncCtx) at System.Threading.Execution Context.Ru n(Executio nContext
executionContext, ContextCallback callback, Object state) at System.Threading.ThreadHel per.Thread Start()
Error - 10/1/2013 12:12:58 AM | Computer Name = win7vhd | Source = VisualSVN | ID = 1000
Description = Unexpected exception: Can't check path 'C:\Projects\trunk\JTrade. Web\app_of fline.htm' :
Access is denied. at ManagedSVN.Client.GetStatu s(String path, Boolean recurse,
Boolean getAll, Boolean noIgnore, Boolean ignoreExternals, GetStatusCallback callback)
at VisualSVN.Core.FileStatusR eceiver..c tor(Client client, String path, Boolean
recursive) at VisualSVN.Core.StatusUpdat er.LoadSta tus(String [] paths) StackTrace:
at System.Environment.GetStac kTrace(Exc eption e, Boolean needFileInfo) at System.Environment.get_Sta ckTrace()
at VisualSVN.Utils.Log.Report Exception( Exception ex) at VisualSVN.Core.StatusUpdat er.LoadSta tus(String []
paths) at VisualSVN.Core.StatusUpdat er.Process Impl(IsCan celedCallb ack isCanceled)
at VisualSVN.Core.StatusUpdat er.Process (IsCancele dCallback isCanceled) at VisualSVN.Core.StatusManag er.Work()
at System.Threading.ThreadHel per.Thread Start_Cont ext(Object state) at System.Threading.Execution Context.Ru nInternal( ExecutionC ontext
executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.Execution Context.Ru n(Executio nContext executionContext, ContextCallback
callback, Object state, Boolean preserveSyncCtx) at System.Threading.Execution Context.Ru n(Executio nContext
executionContext, ContextCallback callback, Object state) at System.Threading.ThreadHel per.Thread Start()
Error - 10/1/2013 8:40:23 AM | Computer Name = win7vhd | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ System Events ]
Error - 9/30/2013 12:51:57 PM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
Error - 9/30/2013 3:16:02 PM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
Error - 9/30/2013 4:48:31 PM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
Error - 9/30/2013 6:00:39 PM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
Error - 9/30/2013 7:09:31 PM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
Error - 9/30/2013 8:12:30 PM | Computer Name = win7vhd | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 9/30/2013 8:23:40 PM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
Error - 9/30/2013 9:55:50 PM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
Error - 9/30/2013 11:12:16 PM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
Error - 10/1/2013 12:20:22 AM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
< End of report >
OTL Extras logfile created on: 10/1/2013 2:58:14 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\jack\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
8.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 56.00% Memory free
15.00 Gb Paging File | 12.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48.83 Gb Total Space | 4.32 Gb Free Space | 8.86% Space Free | Partition Type: NTFS
Drive D: | 976.56 Gb Total Space | 562.66 Gb Free Space | 57.62% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 244.14 Gb Total Space | 181.19 Gb Free Space | 74.21% Space Free | Partition Type: NTFS
Drive G: | 465.76 Gb Total Space | 65.86 Gb Free Space | 14.14% Space Free | Partition Type: NTFS
Drive H: | 48.83 Gb Total Space | 27.97 Gb Free Space | 57.29% Space Free | Partition Type: NTFS
Drive I: | 48.83 Gb Total Space | 48.68 Gb Free Space | 99.69% Space Free | Partition Type: NTFS
Drive L: | 1817.83 Gb Total Space | 110.55 Gb Free Space | 6.08% Space Free | Partition Type: NTFS
Drive N: | 3.63 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: WIN7VHD
Current User Name: jack
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWA
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.ini[@ = Notepad++_file] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLED.E
.js[@ = Notepad++_file] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLED.E
.txt[@ = Notepad++_file] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLED.E
[HKEY_LOCAL_MACHINE\SOFTWA
.cpl [@ = cplfile] -- C:\Windows\SysWow64\contro
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.ini [@ = Notepad++_file] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLED.E
.js [@ = Notepad++_file] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLED.E
.txt [@ = Notepad++_file] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLED.E
[HKEY_CURRENT_USER\SOFTWAR
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[color=#E56717]========== Shell Spawning ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWA
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.e
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.e
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfD
InternetShortcut [print] -- "C:\Windows\System32\rundl
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSave
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rund
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-
[HKEY_LOCAL_MACHINE\SOFTWA
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\cont
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.e
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.e
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfD
InternetShortcut [print] -- "C:\Windows\System32\rundl
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSave
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rund
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-
[color=#E56717]========== Security Center Settings ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWA
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWA
64bit: [HKEY_LOCAL_MACHINE\SOFTWA
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWA
[HKEY_LOCAL_MACHINE\SOFTWA
[HKEY_LOCAL_MACHINE\SOFTWA
[HKEY_LOCAL_MACHINE\SYSTEM
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWA
"{13417784-A359-3CDD-8DE1-
"{13D558FE-A863-402C-B115-
"{18B2A97C-92C3-4AC7-BE72-
"{1ABA92B0-CD1F-478B-A351-
"{1AD147D0-BE0E-3D6C-AC11-
"{1D411379-9CE0-4B13-A19B-
"{1D8E6291-B0D5-35EC-8441-
"{202AAF1F-69AA-442A-B59F-
"{27726449-83B8-428D-92DE-
"{27EF252D-800C-ED42-9904-
"{2EDC2FA3-1F34-34E5-9085-
"{34A7A77A-A23D-44ED-B3B6-
"{36E619BC-A234-4EC3-849B-
"{38661DD1-576D-48CA-A188-
"{3E0DD83F-BE4C-4478-86A0-
"{3FA063D7-EDC1-AFA8-54AF-
"{4701DEDE-1888-49E0-BAE5-
"{54C5041B-0E91-4E92-8417-
"{54FF8FAB-DE27-4187-82F1-
"{572E796D-C52B-3797-A685-
"{5FB4C443-6BD6-1514-2717-
"{61862D7C-CDBC-48D5-8AE1-
"{633AB014-DDE6-403E-A302-
"{6603C2CE-3C54-4F1D-92F9-
"{662014D2-0450-37ED-ABAE-
"{67630560-B0DC-4FC6-8B04-
"{73468C65-BC53-4D88-9246-
"{764384C5-BCA9-307C-9AAC-
"{78909610-D229-459C-A936-
"{7B72F338-EBCC-32A6-A44C-
"{7BF61FA9-BDFB-4563-98AD-
"{84FBCA4A-D650-4B0D-8094-
"{88CB5DFD-6CE1-486F-998C-
"{89F4137D-6C26-4A84-BDB8-
"{8CB0713F-CFE0-445D-BCB2-
"{90150000-0015-0409-1000-
"{90150000-0016-0409-1000-
"{90150000-0018-0409-1000-
"{90150000-0019-0409-1000-
"{90150000-001A-0409-1000-
"{90150000-001B-0409-1000-
"{90150000-001F-0409-1000-
"{90150000-001F-040C-1000-
"{90150000-001F-0C0A-1000-
"{90150000-002C-0409-1000-
"{90150000-0044-0409-1000-
"{90150000-0054-0409-1000-
"{90150000-006E-0409-1000-
"{90150000-0090-0409-1000-
"{90150000-00A1-0409-1000-
"{90150000-00BA-0409-1000-
"{90150000-00C1-0000-1000-
"{90150000-00C1-0409-1000-
"{90150000-00E1-0409-1000-
"{90150000-00E2-0409-1000-
"{90150000-0115-0409-1000-
"{90150000-0117-0409-1000-
"{90150000-012B-0409-1000-
"{91150000-0011-0000-1000-
"{91150000-0051-0000-1000-
"{91537A0E-FEEB-4AB1-A203-
"{92FB6C44-E685-45AD-9B20-
"{9674CB74-4808-4B59-B79D-
"{993F6DDC-63F8-4BCD-9B28-
"{9D573E71-1077-4C7E-B4DB-
"{9f4f4a9b-eec5-4906-92fe-
"{A7037EB2-F953-4B12-B843-
"{AA72C306-30BE-4BB1-9E42-
"{AAFF73AD-3432-3575-ABD1-
"{B143BE44-8723-315E-9413-
"{B40EE88B-400A-4266-A17B-
"{BED1EA3D-592D-4305-9D1F-
"{CDDCBBF1-2703-46BC-938B-
"{D307B5CF-D1F0-48A4-8DA3-
"{D411E9C9-CE62-4DBF-9D92-
"{D9F3D00D-E946-3B3D-A4A6-
"{DCCB1789-1DA0-4E3A-A52F-
"{E2B8249D-895C-4685-8C83-
"{E5748D30-7E6D-3A8E-BFE6-
"{E7DD9E2F-25BB-3488-AA6A-
"{F1949145-EB64-4DE7-9D81-
"{FA0A244E-F3C2-4589-B42A-
"{FB1349FD-D102-4722-9F0A-
"{FCD81E1A-6ED6-4F19-A572-
"{fdfba1f3-74ae-4255-9c10-
"{FE74AC04-F248-4641-B3A9-
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 11" = Microsoft SQL Server 2012 (64-bit)
"Microsoft SQL Server SQLServer2012" = Microsoft SQL Server 2012 (64-bit)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Office15.PROPLUSR" = Microsoft Office Professional Plus 2013
"Office15.VISPROR" = Microsoft Visio Professional 2013
[HKEY_LOCAL_MACHINE\SOFTWA
"{00EC8ABC-3C5A-40F8-A8CB-
"{02213A81-CB13-7262-5ABE-
"{05E1731A-5DD6-314E-889F-
"{0BCC836F-0B28-4090-B58A-
"{0C03A66F-1FF0-45F9-8D67-
"{1228E4A3-8371-4F9B-BA6F-
"{148878BD-A2A5-4CF1-A103-
"{1690CE56-2231-4E59-9006-
"{16DD6E8B-E10B-4B6D-BC2D-
"{17c2e197-cf26-443b-8beb-
"{189AEA94-DAFB-487A-8CEE-
"{18F675EA-CB03-462D-A04B-
"{1948E039-EC79-4591-951D-
"{1B9BBB23-65CB-3AEE-BFC6-
"{1C997E1C-5CE9-4AF3-AAA9-
"{1DB43E5A-2F24-4F51-92B0-
"{23176E97-26CB-C72A-19EB-
"{26A24AE4-039D-4CA4-87B4-
"{2C0CC01A-DDBC-3AED-AF18-
"{2C76E3DA-BA76-4FAD-B1B1-
"{2F6CE32A-018D-4656-895B-
"{2F8F489A-0476-3129-857B-
"{330E5D98-20D2-4CA4-AE51-
"{36155860-97D8-43CF-828A-
"{372D17F6-A54E-4A01-B264-
"{37E53780-3944-4A6A-842F-
"{38FC6E9A-F719-431A-A83D-
"{3A523AF9-D32F-4C85-8388-
"{3D6AD258-61EA-35F5-812C-
"{42F61556-29ED-8122-F39E-
"{451526FA-52D1-41F2-B7E2-
"{4A03706F-666A-4037-7777-
"{4B9E6EB0-0EED-4E74-9479-
"{532DBCC8-9468-435C-AEF6-
"{57F20F04-014D-453F-B6A3-
"{5CBFF3F3-2D40-34EE-BCA5-
"{5D9ED403-94DE-3BA0-B1D6-
"{605FFCBB-EC5A-485C-B27E-
"{60D5EF2A-4E0C-2C30-38F6-
"{631471BE-DEAB-454B-A9AC-
"{64BF43AC-A7E7-47A7-AED7-
"{6C44519A-497D-382C-8596-
"{6D6D43E5-218C-4B05-92D3-
"{6DAB46E3-D017-3E2B-85D8-
"{6F066545-40A2-4C38-A8F7-
"{7437A4B9-314F-3B8F-827B-
"{77E2D875-FD9E-3DEE-9A84-
"{790E9425-8570-493F-9AE7-
"{800F484E-9D69-492D-B656-
"{820C677A-41B2-48C3-8136-
"{834B6E00-F509-40F2-A677-
"{83F2B8F4-5CF3-4BE9-9772-
"{8762B098-374D-4900-B68E-
"{9169C939-ED01-446A-BD0C-
"{93489CA8-6656-33A0-A5AC-
"{942CC691-5B98-42A3-8BC5-
"{95120000-00B9-0409-0000-
"{96F50F87-0F15-4F93-9FE6-
"{9B3A1C97-A361-463E-8817-
"{9BE518E6-ECC6-35A9-88E4-
"{9CCE40CE-A9E6-4916-8729-
"{A3A6D5EA-B6B5-3C05-BDA8-
"{A6563D7C-F3AD-11E2-A4DB-
"{A7E87388-3512-4D9C-9BBA-
"{A92DAB39-4E2C-4304-9AB6-
"{AFA4B0BF-3289-495A-B949-
"{B1465D1D-6427-4CA1-AE29-
"{B40E950B-300A-41B5-A6C1-
"{B5DA9D49-9BD8-0F2F-52FC-
"{B7E38540-E355-3503-AFD7-
"{B9F35D86-242E-3FA4-B9F8-
"{BAD0254F-9BDB-3D14-A5AC-
"{BD9DC17D-C48D-3B1B-944A-
"{BDBE5D2A-AAB7-77BD-7A0E-
"{BE4F3A79-8954-499C-AEF9-
"{C1BE4600-7D15-3D1E-8AA2-
"{C3F6F200-6D7B-4879-B9EE-
"{C5C9E20C-CBD6-4FCE-B9FD-
"{C81452EB-CBCF-B8EB-3124-
"{CFEF48A8-BFB8-3EAC-8BA5-
"{CFFDC0EC-6924-3347-B047-
"{D11F66FF-82B3-DDB8-1146-
"{D3A828A9-FD4A-4463-9CB0-
"{D64B6984-242F-32BC-B008-
"{D7428139-7884-4630-8CA5-
"{DA1C1761-5F4F-4332-AB9D-
"{DC487E40-046E-42A9-9C7C-
"{DCDEC776-BADD-48B9-8F9A-
"{E1FBB3D4-ADB0-4949-B101-
"{E2082604-4BA5-44BB-BBFB-
"{E4ADE757-7FE9-322D-9CAE-
"{E4C33F5B-1B2F-466E-957E-
"{E7D4E834-93EB-351F-B8FB-
"{E818AE7C-244B-4A50-9C86-
"{E997DB06-141F-4A4F-AB8B-
"{EA63C5C1-EBBC-477C-9CC7-
"{F0C3E5D1-1ADE-321E-8167-
"{F361FE04-789E-42F3-BBAB-
"{FA804794-2CCB-4301-954F-
"{FBA6F90E-36EC-4FC9-9B25-
"{FEB375AB-6EEC-3929-8FAF-
"{FFC6E93A-B9AD-3F20-9B06-
"7-Zip" = 7-Zip 9.22beta
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"FileZilla Client" = FileZilla Client 3.7.1.1
"Google Chrome" = Google Chrome
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US)
"MozillaMaintenanceService
"Notepad++" = Notepad++
"Safe Saver" = Safe Saver
"thinkorswim from TD AMERITRADE" = thinkorswim from TD AMERITRADE
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWAR
"WinDirStat" = WinDirStat 1.1.2
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 9/29/2013 11:30:08 PM | Computer Name = win7vhd | Source = VisualSVN | ID = 1000
Description = Unexpected message: BeginDropNotifyMessage
Error - 9/29/2013 11:32:57 PM | Computer Name = win7vhd | Source = VisualSVN | ID = 1000
Description = Unexpected message: BeginDropNotifyMessage
Error - 9/29/2013 11:37:17 PM | Computer Name = win7vhd | Source = VisualSVN | ID = 1000
Description = Unexpected message: BeginDropNotifyMessage
Error - 9/29/2013 11:37:25 PM | Computer Name = win7vhd | Source = VisualSVN | ID = 1000
Description = Unexpected message: BeginDropNotifyMessage
Error - 9/29/2013 11:38:01 PM | Computer Name = win7vhd | Source = VisualSVN | ID = 1000
Description = Unexpected message: BeginDropNotifyMessage
Error - 9/30/2013 9:54:54 AM | Computer Name = win7vhd | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 9/30/2013 8:23:43 PM | Computer Name = win7vhd | Source = VisualSVN | ID = 1000
Description = Unexpected message: BeginDropNotifyMessage
Error - 9/30/2013 11:42:42 PM | Computer Name = win7vhd | Source = VisualSVN | ID = 1000
Description = Unexpected exception: Can't stat 'C:\Projects\trunk\JTrade.
Access is denied. at ManagedSVN.Client.GetStatu
Boolean getAll, Boolean noIgnore, Boolean ignoreExternals, GetStatusCallback callback)
at VisualSVN.Core.FileStatusR
recursive) at VisualSVN.Core.StatusUpdat
at System.Environment.GetStac
at VisualSVN.Utils.Log.Report
paths) at VisualSVN.Core.StatusUpdat
at VisualSVN.Core.StatusUpdat
at System.Threading.ThreadHel
executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.Execution
callback, Object state, Boolean preserveSyncCtx) at System.Threading.Execution
executionContext, ContextCallback callback, Object state) at System.Threading.ThreadHel
Error - 10/1/2013 12:12:58 AM | Computer Name = win7vhd | Source = VisualSVN | ID = 1000
Description = Unexpected exception: Can't check path 'C:\Projects\trunk\JTrade.
Access is denied. at ManagedSVN.Client.GetStatu
Boolean getAll, Boolean noIgnore, Boolean ignoreExternals, GetStatusCallback callback)
at VisualSVN.Core.FileStatusR
recursive) at VisualSVN.Core.StatusUpdat
at System.Environment.GetStac
at VisualSVN.Utils.Log.Report
paths) at VisualSVN.Core.StatusUpdat
at VisualSVN.Core.StatusUpdat
at System.Threading.ThreadHel
executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.Execution
callback, Object state, Boolean preserveSyncCtx) at System.Threading.Execution
executionContext, ContextCallback callback, Object state) at System.Threading.ThreadHel
Error - 10/1/2013 8:40:23 AM | Computer Name = win7vhd | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ System Events ]
Error - 9/30/2013 12:51:57 PM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
Error - 9/30/2013 3:16:02 PM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
Error - 9/30/2013 4:48:31 PM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
Error - 9/30/2013 6:00:39 PM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
Error - 9/30/2013 7:09:31 PM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
Error - 9/30/2013 8:12:30 PM | Computer Name = win7vhd | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 9/30/2013 8:23:40 PM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
Error - 9/30/2013 9:55:50 PM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
Error - 9/30/2013 11:12:16 PM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
Error - 10/1/2013 12:20:22 AM | Computer Name = win7vhd | Source = TermDD | ID = 655410
Description =
< End of report >
ASKER
OTL logfile created on: 10/1/2013 2:58:14 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\jack\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
8.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 56.00% Memory free
15.00 Gb Paging File | 12.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48.83 Gb Total Space | 4.32 Gb Free Space | 8.86% Space Free | Partition Type: NTFS
Drive D: | 976.56 Gb Total Space | 562.66 Gb Free Space | 57.62% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 244.14 Gb Total Space | 181.19 Gb Free Space | 74.21% Space Free | Partition Type: NTFS
Drive G: | 465.76 Gb Total Space | 65.86 Gb Free Space | 14.14% Space Free | Partition Type: NTFS
Drive H: | 48.83 Gb Total Space | 27.97 Gb Free Space | 57.29% Space Free | Partition Type: NTFS
Drive I: | 48.83 Gb Total Space | 48.68 Gb Free Space | 99.69% Space Free | Partition Type: NTFS
Drive L: | 1817.83 Gb Total Space | 110.55 Gb Free Space | 6.08% Space Free | Partition Type: NTFS
Drive N: | 3.63 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: WIN7VHD
Current User Name: jack
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2013/10/01 14:57:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\jack\Desktop\OTL. exe
PRC - [2013/09/16 23:21:30 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Applic ation\chro me.exe
PRC - [2013/08/30 03:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/08/30 03:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.ex e
PRC - [2013/07/23 09:08:38 | 001,089,888 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files (x86)\Evernote\Evernote\Ev ernoteClip per.exe
PRC - [2009/12/23 17:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServic eAE.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2013/10/01 14:57:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\jack\Desktop\OTL. exe
MOD - [2010/11/20 08:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta .dll
MOD - [2010/11/20 07:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_micr osoft.wind ows.common -controls_ 6595b64144 ccf1df_6.0 .7601.1751 4_none_41e 6975e2bd6f 2b2\comctl 32.dll
MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscri pt.ocx
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV:64bit: - [2013/08/30 03:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.ex e -- (avast! Antivirus)
SRV:64bit: - [2013/06/20 20:33:08 | 000,366,600 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/06/20 20:33:08 | 000,023,808 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/23 16:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SAS CORE64.EXE -- (!SASCORE)
SRV:64bit: - [2012/10/01 20:34:38 | 000,178,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV:64bit: - [2011/04/20 02:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\aties rxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/11/20 09:27:27 | 000,214,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umrdp .dll -- (UmRdpService)
SRV:64bit: - [2010/11/20 09:26:36 | 000,453,120 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\inets rv\iisw3ad m.dll -- (WAS)
SRV:64bit: - [2010/11/20 09:26:36 | 000,453,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inets rv\iisw3ad m.dll -- (W3SVC)
SRV:64bit: - [2010/11/20 09:25:59 | 000,692,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsv c.dll -- (CscService)
SRV:64bit: - [2010/11/20 09:25:40 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inets rv\apphost svc.dll -- (AppHostSvc)
SRV:64bit: - [2009/07/13 21:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerD istSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmg mts.dll -- (AppMgmt)
SRV - [2013/09/30 20:21:35 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice .exe -- (MozillaMaintenance)
SRV - [2012/07/25 18:58:26 | 000,126,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\ TAEF\Wex.S ervices.ex e -- (Te.Service)
SRV - [2012/07/25 18:13:16 | 000,139,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\F ramework\v 4.0.30319\ mscorsvw.e xe -- (clr_optimization_v4.0.303 19_32)
SRV - [2012/07/08 23:24:30 | 000,123,856 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\F ramework64 \v4.0.3031 9\mscorsvw .exe -- (clr_optimization_v4.0.303 19_64)
SRV - [2012/07/08 23:24:30 | 000,051,648 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\F ramework64 \v4.0.3031 9\aspnet_s tate.exe -- (aspnet_state)
SRV - [2012/01/05 11:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2010/11/20 08:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsr v\iisw3adm .dll -- (WAS)
SRV - [2010/11/20 08:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsr v\iisw3adm .dll -- (W3SVC)
SRV - [2010/11/20 08:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsr v\apphosts vc.dll -- (AppHostSvc)
SRV - [2009/12/23 17:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServic eAE.exe -- (StarWindServiceAE)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\rdvgkmd .sys -- (VGPU)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\tsusbhu b.sys -- (tsusbhub)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\synth3d vsc.sys -- (Synth3dVsc)
DRV:64bit: - [2013/08/30 03:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drive rs\aswRdr2 .sys -- (AswRdr)
DRV:64bit: - [2013/08/30 03:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drive rs\aswMonF lt.sys -- (aswMonFlt)
DRV:64bit: - [2013/07/17 23:14:21 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drive rs\sptd.sy s -- (sptd)
DRV:64bit: - [2013/07/17 09:05:10 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drive rs\dtsoftb us01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/06/18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drive rs\NisDrvW FP.sys -- (NisDrv)
DRV:64bit: - [2012/10/30 08:22:32 | 000,302,464 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drive rs\e1e6232 e.sys -- (e1express) Intel(R)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\rdpvide ominiport. sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\TsUsbFl t.sys -- (TsUsbFlt)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sas difsv64.sy s -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sas kutil64.sy s -- (SASKUTIL)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\atikmda g.sys -- (atikmdag)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drive rs\atikmda g.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 01:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drive rs\atikmpa g.sys -- (amdkmdap)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\amdsata .sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drive rs\amdxata .sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:34:01 | 000,199,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drive rs\vmbus.s ys -- (vmbus)
DRV:64bit: - [2010/11/20 09:34:01 | 000,046,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drive rs\vmstorf l.sys -- (storflt)
DRV:64bit: - [2010/11/20 09:34:01 | 000,034,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\storvsc .sys -- (storvsc)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\HpSAMD. sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 05:57:33 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\vms3cap .sys -- (s3cap)
DRV:64bit: - [2010/11/20 05:57:13 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\VMBusHI D.sys -- (VMBusHID)
DRV:64bit: - [2010/11/20 05:27:13 | 000,514,560 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drive rs\csc.sys -- (CSC)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\amdsbs. sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\lsi_sas 2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\stexsto r.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\evbda.s ys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\bxvbda. sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\b57nd60 a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive rs\hcw85ci r.sys -- (hcw85cir)
DRV:64bit: - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drive rs\Rt64win 7.sys -- (RTL8167)
DRV - [2012/07/13 16:13:14 | 000,070,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys -- (VSPerfDrv110)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\In ternet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank. htm
IE - HKCU\SOFTWARE\Microsoft\In ternet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\In ternet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\In ternet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 91 AF 46 89 E4 82 CE 01 [binary data]
IE - HKCU\Software\Microsoft\Wi ndows\Curr entVersion \Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - HKLM\software\mozilla\Fire fox\Extens ions\\wrc@ avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKLM\software\mozilla\Mozi lla Firefox 24.0\extensions\\Component s: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKLM\software\mozilla\Mozi lla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/08/18 01:02:19 | 000,000,000 | ---D | M]
[2013/07/17 09:01:54 | 000,000,000 | ---D | M] -- C:\Users\jack\AppData\Roam ing\Mozill a\Extensio ns
[2013/09/30 23:13:47 | 000,000,000 | ---D | M] -- C:\Users\jack\AppData\Roam ing\Mozill a\Firefox\ Profiles\8 4j7x762.de fault\exte nsions
[2013/09/30 23:13:57 | 000,000,000 | ---D | M] -- C:\Users\jack\AppData\Roam ing\Mozill a\Firefox\ Profiles\8 4j7x762.de fault\exte nsions\588 a2804-b11d -4809-963b -a886d1e86 84e@416c89 02-1140-4f 75-9037-bf 86b99379db .com
[2013/09/30 23:13:51 | 000,000,000 | ---D | M] -- C:\Users\jack\AppData\Roam ing\Mozill a\Firefox\ Profiles\8 4j7x762.de fault\exte nsions\588 a2804-b11d -4809-963b -a886d1e86 84e@416c89 02-1140-4f 75-9037-bf 86b99379db .com\chrom e\content\ extensionC ode
[2013/08/18 01:02:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/09/30 20:21:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions \{972ce4c6 -7e08-4474 -a285-3208 198ce6fd}
[2013/06/13 20:45:42 | 000,034,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJ oinPluginO C.dll
O1 HOSTS File: ([2013/09/30 23:02:35 | 000,000,856 | ---- | M]) - C:\Windows\SysNative\drive rs\etc\hos ts
O1 - Hosts: 127.0.0.1 jtrade.com
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2 923E76605D A} - C:\Program Files\Microsoft Office\Office15\OCHelper.d ll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-4 2B3008E02F F} - C:\Program Files\Microsoft Office\Office15\URLREDIR.D LL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-A BA463DBD3B F} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.D LL (Microsoft Corporation)
O2 - BHO: (Safe Saver) - {11111111-1111-1111-1111-1 1031132115 4} - C:\Program Files (x86)\Safe Saver\Safe Saver-bho.dll (Safe Saver)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2 923E76605D A} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.d ll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D 4DAF1D92D4 3} - C:\Program Files (x86)\Java\jre7\bin\ssv.dl l (Oracle Corporation)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-4 99CF856608 E} - C:\Program Files (x86)\Evernote\Evernote\Ev ernoteIE.d ll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-4 2B3008E02F F} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.D LL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-A BA463DBD3B F} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.D LL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9 C25C1C588A 9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv .dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0 333ea26e11 3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0 333ea26e11 3} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUP ERAntiSpyw are.exe (SUPERAntiSpyware)
O4 - Startup: C:\Users\jack\AppData\Roam ing\Micros oft\Window s\Start Menu\Programs\Startup\Ever noteClippe r.lnk = C:\Program Files (x86)\Evernote\Evernote\Ev ernoteClip per.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O6 - HKLM\SOFTWARE\Microsoft\Wi ndows\Curr entVersion \policies\ Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Wi ndows\Curr entVersion \policies\ Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Wi ndows\Curr entVersion \policies\ System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Wi ndows\Curr entVersion \policies\ System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\E vernoteIER es\NewNote .html ()
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office15\ONBttnIE.d ll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\E vernoteIER es\NewNote .html ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office15\ONBttnIE.d ll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5 663EE0C6C4 9} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.d ll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5 663EE0C6C4 9} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.d ll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2 923E76605D A} - C:\Program Files\Microsoft Office\Office15\OCHelper.d ll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2 923E76605D A} - C:\Program Files\Microsoft Office\Office15\OCHelper.d ll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-E DE0DB0C95C A} - C:\Program Files\Microsoft Office\Office15\ONBttnIELi nkedNotes. dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-E DE0DB0C95C A} - C:\Program Files\Microsoft Office\Office15\ONBttnIELi nkedNotes. dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5 663EE0C6C4 9} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.d ll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5 663EE0C6C4 9} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.d ll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2 923E76605D A} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.d ll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2 923E76605D A} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.d ll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-E DE0DB0C95C A} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELi nkedNotes. dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-E DE0DB0C95C A} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELi nkedNotes. dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Re source.dll ,-101 - {A95fe080-8f5d-11d2-a20b-0 0aa003c157 a} - C:\Program Files (x86)\Evernote\Evernote\\E vernoteIER es\AddNote .html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Re source.dll ,-101 - {A95fe080-8f5d-11d2-a20b-0 0aa003c157 a} - C:\Program Files (x86)\Evernote\Evernote\\E vernoteIER es\AddNote .html ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {82774781-8F4E-11D1-AB1C-0 000F8773BF 0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab (DLC Class)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-0 0c04f8ec29 4} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-0 95128A113D 1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-0 0c04f8ec29 4} - Reg Error: Key error. File not found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-0 95128A113D 1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-0 0B0D022E94 5} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.D LL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-0 0B0D022E94 5} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.D LL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerforman ce.exe) - C:\Windows\SysNative\Syste mPropertie sPerforman ce.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explor er.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerforman ce.exe) - C:\Windows\SysWow64\System Properties Performanc e.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-0 0AA005127E D} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-0 0AA005127E D} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/02/10 21:29:03 | 000,000,045 | R--- | M] () - N:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{2acc693e-f0f c-11e2-9c6 b-001fd08e 233b}\Shel l - "" = AutoRun
O33 - MountPoints2\{2acc693e-f0f c-11e2-9c6 b-001fd08e 233b}\Shel l\AutoRun\ command - "" = O:\LaunchU3.exe -- File not found
O33 - MountPoints2\{67f8f440-ef5 a-11e2-bfe e-806e6f6e 6963}\Shel l - "" = AutoRun
O33 - MountPoints2\{67f8f440-ef5 a-11e2-bfe e-806e6f6e 6963}\Shel l\AutoRun\ command - "" = N:\setup.exe -- [2012/10/20 03:21:35 | 000,201,728 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{d34a546a-ef5 3-11e2-9ba e-806e6f6e 6963}\Shel l - "" = AutoRun
O33 - MountPoints2\{d34a546a-ef5 3-11e2-9ba e-806e6f6e 6963}\Shel l\AutoRun\ command - "" = D:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\jack\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
8.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 56.00% Memory free
15.00 Gb Paging File | 12.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48.83 Gb Total Space | 4.32 Gb Free Space | 8.86% Space Free | Partition Type: NTFS
Drive D: | 976.56 Gb Total Space | 562.66 Gb Free Space | 57.62% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 244.14 Gb Total Space | 181.19 Gb Free Space | 74.21% Space Free | Partition Type: NTFS
Drive G: | 465.76 Gb Total Space | 65.86 Gb Free Space | 14.14% Space Free | Partition Type: NTFS
Drive H: | 48.83 Gb Total Space | 27.97 Gb Free Space | 57.29% Space Free | Partition Type: NTFS
Drive I: | 48.83 Gb Total Space | 48.68 Gb Free Space | 99.69% Space Free | Partition Type: NTFS
Drive L: | 1817.83 Gb Total Space | 110.55 Gb Free Space | 6.08% Space Free | Partition Type: NTFS
Drive N: | 3.63 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: WIN7VHD
Current User Name: jack
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2013/10/01 14:57:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\jack\Desktop\OTL.
PRC - [2013/09/16 23:21:30 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Applic
PRC - [2013/08/30 03:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/08/30 03:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.ex
PRC - [2013/07/23 09:08:38 | 001,089,888 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files (x86)\Evernote\Evernote\Ev
PRC - [2009/12/23 17:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServic
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2013/10/01 14:57:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\jack\Desktop\OTL.
MOD - [2010/11/20 08:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta
MOD - [2010/11/20 07:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_micr
MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscri
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV:64bit: - [2013/08/30 03:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.ex
SRV:64bit: - [2013/06/20 20:33:08 | 000,366,600 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/06/20 20:33:08 | 000,023,808 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/23 16:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SAS
SRV:64bit: - [2012/10/01 20:34:38 | 000,178,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV:64bit: - [2011/04/20 02:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\aties
SRV:64bit: - [2010/11/20 09:27:27 | 000,214,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umrdp
SRV:64bit: - [2010/11/20 09:26:36 | 000,453,120 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\inets
SRV:64bit: - [2010/11/20 09:26:36 | 000,453,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inets
SRV:64bit: - [2010/11/20 09:25:59 | 000,692,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsv
SRV:64bit: - [2010/11/20 09:25:40 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inets
SRV:64bit: - [2009/07/13 21:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerD
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmg
SRV - [2013/09/30 20:21:35 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice
SRV - [2012/07/25 18:58:26 | 000,126,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\
SRV - [2012/07/25 18:13:16 | 000,139,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\F
SRV - [2012/07/08 23:24:30 | 000,123,856 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\F
SRV - [2012/07/08 23:24:30 | 000,051,648 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\F
SRV - [2012/01/05 11:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2010/11/20 08:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsr
SRV - [2010/11/20 08:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsr
SRV - [2010/11/20 08:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsr
SRV - [2009/12/23 17:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServic
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2013/08/30 03:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2013/08/30 03:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drive
DRV:64bit: - [2013/07/17 23:14:21 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drive
DRV:64bit: - [2013/07/17 09:05:10 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drive
DRV:64bit: - [2013/06/18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drive
DRV:64bit: - [2012/10/30 08:22:32 | 000,302,464 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drive
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sas
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sas
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drive
DRV:64bit: - [2011/04/20 01:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drive
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drive
DRV:64bit: - [2010/11/20 09:34:01 | 000,199,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drive
DRV:64bit: - [2010/11/20 09:34:01 | 000,046,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drive
DRV:64bit: - [2010/11/20 09:34:01 | 000,034,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2010/11/20 05:57:33 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2010/11/20 05:57:13 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2010/11/20 05:27:13 | 000,514,560 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drive
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drive
DRV:64bit: - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drive
DRV - [2012/07/13 16:13:14 | 000,070,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\In
IE - HKCU\SOFTWARE\Microsoft\In
IE - HKCU\SOFTWARE\Microsoft\In
IE - HKCU\SOFTWARE\Microsoft\In
IE - HKCU\Software\Microsoft\Wi
[color=#E56717]========== FireFox ==========[/color]
FF - HKLM\software\mozilla\Fire
FF - HKLM\software\mozilla\Mozi
FF - HKLM\software\mozilla\Mozi
[2013/07/17 09:01:54 | 000,000,000 | ---D | M] -- C:\Users\jack\AppData\Roam
[2013/09/30 23:13:47 | 000,000,000 | ---D | M] -- C:\Users\jack\AppData\Roam
[2013/09/30 23:13:57 | 000,000,000 | ---D | M] -- C:\Users\jack\AppData\Roam
[2013/09/30 23:13:51 | 000,000,000 | ---D | M] -- C:\Users\jack\AppData\Roam
[2013/08/18 01:02:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/09/30 20:21:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/06/13 20:45:42 | 000,034,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJ
O1 HOSTS File: ([2013/09/30 23:02:35 | 000,000,856 | ---- | M]) - C:\Windows\SysNative\drive
O1 - Hosts: 127.0.0.1 jtrade.com
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-4
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-A
O2 - BHO: (Safe Saver) - {11111111-1111-1111-1111-1
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-4
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-4
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-A
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUP
O4 - Startup: C:\Users\jack\AppData\Roam
O6 - HKLM\SOFTWARE\Microsoft\Wi
O6 - HKLM\SOFTWARE\Microsoft\Wi
O6 - HKLM\SOFTWARE\Microsoft\Wi
O6 - HKLM\SOFTWARE\Microsoft\Wi
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\E
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office15\ONBttnIE.d
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\E
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office15\ONBttnIE.d
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-E
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-E
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-E
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-E
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Re
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Re
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {82774781-8F4E-11D1-AB1C-0
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-0
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-0
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-0
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-0
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-0
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-0
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerforman
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explor
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerforman
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-0
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-0
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/02/10 21:29:03 | 000,000,045 | R--- | M] () - N:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{2acc693e-f0f
O33 - MountPoints2\{2acc693e-f0f
O33 - MountPoints2\{67f8f440-ef5
O33 - MountPoints2\{67f8f440-ef5
O33 - MountPoints2\{d34a546a-ef5
O33 - MountPoints2\{d34a546a-ef5
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ASKER
ASKER
I was having issues trying to paste that file. I think it finally worked. I found entries for
C:\Windows\tasks\Safe Saver-updater.job
I can't find those in my task scheduler though. Can I delete those files? Is there a way to remove them or view them from the task scheduler?
C:\Windows\tasks\Safe Saver-updater.job
I can't find those in my task scheduler though. Can I delete those files? Is there a way to remove them or view them from the task scheduler?
ASKER
I just found the jobs in the job scheduler by clicking on the root node in the tree vs the windows one. I removed it then removed the addin from my browser.
http://www.wintips.org/remove-safesaver-adware/ The instructions from the Safe-Saver web site fail to mention that it is installed in the system outside of the browser add-ons which is probably why it keeps re-appearing.