Page 1 of 4 123 ... LastLast
Results 1 to 10 of 31
  1. #1
    Member
    Join Date
    May 2014
    Posts
    18
    Points
    6

    Default 100% cpu, poor video streaming: youtube and netflix, lagging when browser is open.

    Hi and hope you can help.

    My CPU maxes out and causes lagging while viewing web pages, using any browser. Youtube videos skip frames and lose sink with audio and Netflix (Silverlight) results in poor grainy image.

    I have tried many fixes but nothing has helped. Could this be a virus?

    Kind regards

    Dan

    PS I am unable to attach log files with above link to attachment manager????

    My computer properies.jpgMy computer properies.jpg






    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 11:51:44, on 08/05/2014
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.17041)

    FIREFOX: 29.0 (en-US)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Users\Dan\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)
    O4 - HKLM\..\Run: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: http://*.hola.org
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 6514 bytes






    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 05/08/2014 at 11:12 AM

    Application Version : 5.7.1018

    Core Rules Database Version : 11215
    Trace Rules Database Version: 9027

    Scan type : Complete Scan
    Total Scan Time : 00:45:33

    Operating System Information
    Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 527
    Memory threats detected : 0
    Registry items scanned : 68493
    Registry threats detected : 0
    File items scanned : 46275
    File threats detected : 179

    Adware.Tracking Cookie
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\F0ADFX3G.txt [ /at.atwola.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\501XNMU0.txt [ /ads.pubmatic.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\GE9GHTE2.txt [ /atdmt.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\C4BPPNC2.txt [ /doubleclick.net ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\HO4W9AEA.txt [ /www.googleadservices.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\YFYCWZI9.txt [ /media6degrees.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\ADO0PS7Y.txt [ /adtech.de ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\IBGYH2E1.txt [ /mmstat.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\99AWIMWD.txt [ /ads.creative-serving.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\2CSOKGZP.txt [ /tradedoubler.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\8POSOVKE.txt [ /tribalfusion.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\MN1HU3K9.txt [ /bs.serving-sys.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\C859GO2Q.txt [ /ads.yahoo.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\HUHXBS6C.txt [ /questionmarket.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\SVHX7RAU.txt [ /casalemedia.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\5II7B3F7.txt [ /ads.audience2media.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\QRO4LV8M.txt [ /microsoftsto.112.2o7.net ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\CVN7UAWL.txt [ /c1.adform.net ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\P2A9RSW5.txt [ /imrworldwide.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\SUJKY3E1.txt [ /adtechus.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\BXXFZSUK.txt [ /audience2media.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\0PL2QFXH.txt [ /serving-sys.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\LP63LRHU.txt [ /legolas-media.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\1CDDY0K9.txt [ /smartadserver.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\SD4SOBAW.txt [ /cnzz.mmstat.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\ER2MRTUG.txt [ /advertising.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\WEFQIG1S.txt [ /adform.net ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\YK9470B9.txt [ /kontera.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\1JZ4RZX8.txt [ /ad3.adfarm1.adition.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\MGOHRT8V.txt [ /media.net ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\J1I6089A.txt [ /xiti.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\DBCW15YL.txt [ /ad-emea.doubleclick.net ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\CVUESOP2.txt [ /tacoda.at.atwola.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\P1OA604E.txt [ /ad.360yield.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\0BCHSC57.txt [ /ru4.com ]
    C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Cookies\Low\8MV7AUWV.txt [ /estat.com ]
    .doubleclick.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .questionmarket.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .questionmarket.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ru4.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .clickfuse.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .clickfuse.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .clickfuse.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    c1.adform.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .burstnet.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .burstnet.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adtechus.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .smartadserver.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .smartadserver.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .clickfuse.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .clickfuse.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    tracking.servebom.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .technoratimedia.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .technoratimedia.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .technoratimedia.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ru4.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tradedoubler.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tradedoubler.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tradedoubler.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .smartadserver.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adtech.de [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .technoratimedia.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ads.audience2media.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    c1.adform.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adform.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .audience2media.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ads.audience2media.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adtech.de [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .archant.122.2o7.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .at.atwola.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .at.atwola.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tacoda.at.atwola.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tacoda.at.atwola.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    statse.webtrendslive.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tripod.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tripod.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tripod.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tripod.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .pro-market.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .pro-market.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .pro-market.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .eyeviewads.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.youtube.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .estat.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .xiti.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .xiti.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .fastclick.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .virginmedia.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tribalfusion.com [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .microsoftsto.112.2o7.net [ C:\USERS\DAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    doubleclick.net [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    questionmarket.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    questionmarket.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    ru4.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    serving-sys.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    clickfuse.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    clickfuse.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    clickfuse.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    c1.adform.net [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    c1.adform.net [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    adform.net [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    tribalfusion.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    media6degrees.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    media6degrees.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    media6degrees.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    at.atwola.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    collective-media.net [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    collective-media.net [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    casalemedia.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    casalemedia.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    casalemedia.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    casalemedia.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    casalemedia.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    burstnet.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    burstnet.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    adtechus.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    smartadserver.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    smartadserver.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    smartadserver.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    clickfuse.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    clickfuse.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    serving-sys.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    serving-sys.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    revsci.net [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    revsci.net [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    atdmt.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    atdmt.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    .unrulymedia.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    .unrulymedia.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KPOXM4WI.DEFAULT\COOKIES.SQLITE ]

    PUP.SoftonicDownloader/Variant
    C:\USERS\DAN\DOWNLOADS\SOFTONICDOWNLOADER_FOR_CLOCKGEN.EXE





    Malwarebytes Anti-Malware
    Malwarebytes | Free Anti-Malware & Internet Security Software

    Scan Date: 08/05/2014
    Scan Time: 12:35:33
    Logfile:
    Administrator: Yes

    Version: 2.00.1.1004
    Malware Database: v2014.05.08.04
    Rootkit Database: v2014.03.27.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Chameleon: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Dan

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 253854
    Time Elapsed: 30 min, 34 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Shuriken: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

  2. The Following User Says Thank You to dangerrard9 For This Useful Post:


  3. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Hi! My name is zep516 and Welcome to Help2go!
    I'll do the best I can to resolve your computer issue
    Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

    You don't need to attach logs just paste them directly in. Lets take a better look with OTL, this is just a diagnostics scan. Did you look in the task manager when the cpu is at a 100% to see if you can identify the file using all the cpu?

    First

    Please download OTL to your Desktop
    • Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
    • Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox
      and
    • Check the option for All under the Extra Registry section
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic

    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.

    Please post the contents of both OTL.txt and Extras.txt files in your next reply.

    Thanks
    Joe

  4. The Following User Says Thank You to zep516 For This Useful Post:


  5. #3
    Member
    Join Date
    May 2014
    Posts
    18
    Points
    6

    Default

    Hi Joe. Thanks for your help.

    Task manager shows iexplorer.exe or chrome.exe using most of the cpu or whatever browser I use will be at the top of the list.

    The scan you requested:

    OTL logfile created on: 5/8/2014 11:07:26 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dan\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.17041)
    Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    2.87 Gb Total Physical Memory | 1.69 Gb Available Physical Memory | 58.80% Memory free
    7.17 Gb Paging File | 5.62 Gb Available in Paging File | 78.46% Paging File free
    Paging file location(s): c:\pagefile.sys 4404 6144 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 116.37 Gb Total Space | 78.31 Gb Free Space | 67.29% Space Free | Partition Type: NTFS
    Drive D: | 116.12 Gb Total Space | 109.42 Gb Free Space | 94.23% Space Free | Partition Type: NTFS

    Computer Name: DAN-TOSH | User Name: Dan | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014/05/08 23:04:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dan\Downloads\OTL.exe
    PRC - [2014/04/03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    PRC - [2014/04/03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    PRC - [2014/04/03 09:49:06 | 006,963,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe


    ========== Modules (No Company Name) ==========


    ========== Services (SafeList) ==========

    SRV:64bit: - [2014/03/11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV:64bit: - [2014/03/11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV:64bit: - [2014/03/06 09:29:14 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2013/10/10 23:54:28 | 000,144,152 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
    SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2010/05/20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
    SRV:64bit: - [2009/09/17 16:41:36 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
    SRV:64bit: - [2009/08/27 14:38:22 | 000,251,760 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
    SRV:64bit: - [2009/08/05 15:20:12 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
    SRV:64bit: - [2009/08/04 12:15:06 | 000,826,224 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
    SRV:64bit: - [2009/07/28 16:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
    SRV:64bit: - [2009/07/08 10:41:02 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
    SRV - [2014/05/08 15:09:40 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2014/04/22 10:25:15 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2014/04/03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2014/04/03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2011/02/11 14:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
    SRV - [2011/02/10 10:25:36 | 000,112,080 | ---- | M] (Toshiba Europe GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
    SRV - [2009/08/10 20:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
    SRV - [2009/07/30 06:20:36 | 000,192,368 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
    SRV - [2009/07/14 20:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
    SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/03/10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2014/05/08 23:03:04 | 000,119,512 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
    DRV:64bit: - [2014/04/03 09:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
    DRV:64bit: - [2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
    DRV:64bit: - [2014/03/11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
    DRV:64bit: - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
    DRV:64bit: - [2011/06/20 10:07:08 | 001,225,832 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
    DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/05/20 15:26:28 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
    DRV:64bit: - [2009/10/16 15:56:40 | 000,701,952 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
    DRV:64bit: - [2009/08/27 09:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/08/05 15:45:28 | 000,058,744 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
    DRV:64bit: - [2009/08/05 13:56:04 | 000,063,856 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TosRfSnd.sys -- (TosRfSnd)
    DRV:64bit: - [2009/07/30 21:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
    DRV:64bit: - [2009/07/28 21:02:10 | 000,081,768 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom)
    DRV:64bit: - [2009/07/27 16:04:36 | 000,058,880 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
    DRV:64bit: - [2009/07/24 12:33:14 | 000,026,472 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfnds.sys -- (tosrfnds)
    DRV:64bit: - [2009/07/14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
    DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 23:12:36 | 000,019,824 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
    DRV:64bit: - [2009/07/10 07:45:12 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
    DRV:64bit: - [2009/07/07 22:39:08 | 000,211,432 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (tosrfbd)
    DRV:64bit: - [2009/06/29 17:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
    DRV:64bit: - [2009/06/29 11:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
    DRV:64bit: - [2009/06/22 18:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
    DRV:64bit: - [2009/06/19 20:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
    DRV:64bit: - [2009/06/19 11:00:26 | 000,094,336 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid)
    DRV:64bit: - [2009/06/19 10:59:32 | 000,050,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbnp.sys -- (tosrfbnp)
    DRV:64bit: - [2009/06/17 13:01:04 | 000,054,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte)
    DRV:64bit: - [2009/06/15 14:58:50 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem)
    DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/06/04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2009/05/29 19:54:14 | 000,269,360 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-3320093180-951666869-3288828288-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
    IE - HKU\S-1-5-21-3320093180-951666869-3288828288-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKU\S-1-5-21-3320093180-951666869-3288828288-1002\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKU\S-1-5-21-3320093180-951666869-3288828288-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
    IE - HKU\S-1-5-21-3320093180-951666869-3288828288-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.update: false
    FF - prefs.js..browser.startup.homepage: "www.google.co.uk"
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0
    FF - user.js - File not found

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll File not found
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

    [2014/05/04 07:47:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dan\AppData\Roaming\Mozilla\Extensions
    [2014/05/06 09:43:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\kpoxm4wi.default\extensions
    [2014/05/04 07:46:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2014/05/04 07:46:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{googleageClassification}sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: Google
    CHR - plugin: Error reading preferences file
    CHR - Extension: Google Docs = C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: Google Drive = C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: Google Search = C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: Hola Better Internet = C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.3.233_0\
    CHR - Extension: Google Wallet = C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
    CHR - Extension: Gmail = C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
    O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-3320093180-951666869-3288828288-1002..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
    O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
    O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKU\S-1-5-21-3320093180-951666869-3288828288-1002\..Trusted Domains: hola.org ([]http in Trusted sites)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4318753-038F-486F-B76F-F66B11211E10}: DhcpNameServer = 192.168.1.254
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014/05/08 15:07:11 | 000,692,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2014/05/08 15:07:11 | 000,070,832 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2014/05/08 10:23:31 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Roaming\SUPERAntiSpyware.com
    [2014/05/08 10:22:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    [2014/05/08 10:22:43 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2014/05/08 10:22:43 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2014/05/06 08:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
    [2014/05/06 08:44:43 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Roaming\Maxthon3
    [2014/05/06 08:42:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Maxthon
    [2014/05/05 21:44:41 | 000,000,000 | ---D | C] -- C:\Users\Dan\Documents\fp_10.3.183.90_archive
    [2014/05/05 13:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
    [2014/05/05 13:13:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft LifeCam
    [2014/05/05 13:13:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft LifeCam
    [2014/05/05 13:13:39 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
    [2014/05/05 13:13:38 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
    [2014/05/04 08:10:59 | 000,000,000 | -HSD | C] -- C:\Users\Dan\AppData\Local\EmieUserList
    [2014/05/04 08:10:59 | 000,000,000 | -HSD | C] -- C:\Users\Dan\AppData\Local\EmieSiteList
    [2014/05/04 07:46:44 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Roaming\Mozilla
    [2014/05/04 07:46:44 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\Mozilla
    [2014/05/04 07:46:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
    [2014/05/04 07:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
    [2014/05/04 07:46:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2014/05/03 09:23:05 | 000,313,256 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
    [2014/05/03 09:22:51 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
    [2014/05/03 09:22:51 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
    [2014/05/03 09:22:51 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
    [2014/05/03 09:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\Java
    [2014/05/02 13:32:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2014/05/02 10:39:26 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2014/05/02 10:39:25 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2014/05/02 10:39:22 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2014/05/02 10:39:09 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2014/05/02 10:39:09 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
    [2014/05/02 10:39:09 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2014/05/02 10:39:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
    [2014/05/02 10:39:05 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
    [2014/05/02 10:39:05 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
    [2014/05/02 10:39:04 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
    [2014/05/02 10:39:04 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
    [2014/05/02 10:39:03 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2014/05/02 10:39:03 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
    [2014/05/02 10:39:01 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2014/05/02 10:39:01 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2014/05/02 10:39:01 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2014/05/02 10:39:01 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2014/05/02 10:39:01 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2014/05/02 10:39:00 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
    [2014/05/02 10:38:55 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
    [2014/05/02 10:38:55 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
    [2014/05/02 10:38:55 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
    [2014/05/02 10:38:55 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
    [2014/05/02 10:38:55 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
    [2014/05/02 10:38:54 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
    [2014/05/02 10:38:53 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
    [2014/05/02 10:38:49 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2014/05/02 10:38:48 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2014/05/02 10:38:43 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2014/05/02 10:38:28 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
    [2014/05/02 10:37:45 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
    [2014/05/02 10:37:45 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
    [2014/05/01 22:09:04 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
    [2014/05/01 22:08:01 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2014/05/01 21:21:55 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
    [2014/05/01 21:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    [2014/05/01 21:20:38 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
    [2014/05/01 21:20:38 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
    [2014/05/01 21:20:38 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2014/05/01 21:20:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
    [2014/05/01 21:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2014/05/01 21:20:00 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Local\Programs
    [2014/05/01 21:11:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    [2014/05/01 21:11:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
    [2014/04/26 18:52:17 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Roaming\Oracle
    [2014/04/09 15:58:15 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
    [2014/04/09 15:58:15 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
    [2014/04/09 15:58:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
    [2014/04/09 15:58:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
    [2014/04/09 15:57:48 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
    [2014/04/09 15:57:47 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
    [2014/04/09 15:57:47 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
    [2014/04/09 15:57:47 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
    [2014/04/09 15:57:46 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
    [2014/04/09 15:57:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
    [2014/04/09 15:57:46 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
    [2014/04/09 15:57:43 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
    [2014/04/09 15:57:42 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
    [2014/04/09 15:57:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2014/05/08 23:08:31 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/05/08 23:08:31 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/05/08 23:06:03 | 000,781,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2014/05/08 23:06:03 | 000,666,176 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2014/05/08 23:06:03 | 000,125,820 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2014/05/08 23:03:04 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
    [2014/05/08 23:00:11 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task a744e930-bfd3-461a-a40e-edbd1452ef6f.job
    [2014/05/08 23:00:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/05/08 22:59:58 | 2309,705,728 | -HS- | M] () -- C:\hiberfil.sys
    [2014/05/08 22:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/05/08 18:23:01 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task c4388e51-ebb5-4c10-b450-018d473b259e.job
    [2014/05/08 15:09:40 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2014/05/08 15:09:40 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2014/05/08 12:58:33 | 000,330,157 | ---- | M] () -- C:\Users\Dan\Desktop\process explorer cpu.png
    [2014/05/08 12:55:21 | 000,175,722 | ---- | M] () -- C:\Users\Dan\Desktop\process explorer.png
    [2014/05/08 12:21:17 | 000,090,312 | ---- | M] () -- C:\Users\Dan\Desktop\performance tab.png
    [2014/05/08 12:19:14 | 000,249,931 | ---- | M] () -- C:\Users\Dan\Desktop\My computer properies.png
    [2014/05/08 10:22:48 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
    [2014/05/06 08:44:49 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
    [2014/05/04 07:48:22 | 000,001,420 | ---- | M] () -- C:\Users\Dan\Desktop\DAD's Web Browser.lnk
    [2014/05/04 07:46:37 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\MOM's Web Browser.lnk
    [2014/05/03 09:42:32 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\TAMIKA's Web Browser.lnk
    [2014/05/03 09:22:42 | 000,313,256 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
    [2014/05/03 09:22:42 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
    [2014/05/03 09:22:42 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
    [2014/05/03 09:22:42 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
    [2014/05/02 15:44:14 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/05/02 15:44:14 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/05/02 08:21:54 | 000,007,612 | ---- | M] () -- C:\Users\Dan\AppData\Local\Resmon.ResmonCfg
    [2014/05/01 21:21:08 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/05/01 21:11:15 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2014/04/27 19:39:37 | 000,002,150 | ---- | M] () -- C:\Users\Public\Desktop\DALE's Web Browser.lnk
    [2014/04/14 03:24:46 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
    [2014/04/14 03:19:37 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2014/05/08 15:07:13 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/05/08 12:58:32 | 000,330,157 | ---- | C] () -- C:\Users\Dan\Desktop\process explorer cpu.png
    [2014/05/08 12:24:15 | 000,175,722 | ---- | C] () -- C:\Users\Dan\Desktop\process explorer.png
    [2014/05/08 12:21:17 | 000,090,312 | ---- | C] () -- C:\Users\Dan\Desktop\performance tab.png
    [2014/05/08 12:19:13 | 000,249,931 | ---- | C] () -- C:\Users\Dan\Desktop\My computer properies.png
    [2014/05/08 10:23:40 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task c4388e51-ebb5-4c10-b450-018d473b259e.job
    [2014/05/08 10:23:39 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task a744e930-bfd3-461a-a40e-edbd1452ef6f.job
    [2014/05/08 10:22:48 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
    [2014/05/06 08:44:48 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
    [2014/05/04 07:48:22 | 000,001,420 | ---- | C] () -- C:\Users\Dan\Desktop\DAD's Web Browser.lnk
    [2014/05/04 07:46:37 | 000,001,126 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    [2014/05/04 07:46:37 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\MOM's Web Browser.lnk
    [2014/05/03 09:42:32 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\TAMIKA's Web Browser.lnk
    [2014/05/03 09:42:32 | 000,001,096 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
    [2014/05/01 21:21:08 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/05/01 21:11:15 | 000,000,829 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2014/05/01 19:26:35 | 000,007,612 | ---- | C] () -- C:\Users\Dan\AppData\Local\Resmon.ResmonCfg
    [2014/01/08 09:29:33 | 000,765,700 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2014/01/05 12:10:15 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI

    ========== ZeroAccess Check ==========

    [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    < End of report >

    OTL Extras logfile created on: 5/8/2014 11:07:26 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dan\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.17041)
    Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    2.87 Gb Total Physical Memory | 1.69 Gb Available Physical Memory | 58.80% Memory free
    7.17 Gb Paging File | 5.62 Gb Available in Paging File | 78.46% Paging File free
    Paging file location(s): c:\pagefile.sys 4404 6144 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 116.37 Gb Total Space | 78.31 Gb Free Space | 67.29% Space Free | Partition Type: NTFS
    Drive D: | 116.12 Gb Total Space | 109.42 Gb Free Space | 94.23% Space Free | Partition Type: NTFS

    Computer Name: DAN-TOSH | User Name: Dan | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
    .hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
    .html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
    .inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
    .js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
    .txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = comfile] -- "%1" %*
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
    .html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
    .inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-3320093180-951666869-3288828288-1002\SOFTWARE\Classes\<extension>]
    .html [@ = Max3.Association.HTML] -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
    https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
    https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{487B14FE-E60A-43AE-9BBA-0D1850663058}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{57791765-1C24-4421-BE15-A4857EB64353}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{57863C6C-C2B6-41B4-B2D6-A1707C586B0D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{9D94DFC3-3944-4825-A9BB-2B9403566E8F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{A886A1D6-6042-435A-AF84-77A825FA668C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{ABC0A75E-6FEE-43A5-9A9A-DD57DF455C5D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{AED90822-2BEF-45F8-B0AA-6311A8A4DE51}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{B05D6A89-5E83-4DCF-A4C1-68382FDB54AC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{E7AD363B-408D-4192-AF3B-ACA0A55F8F6E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{EFDA404A-7FB0-4C38-AC14-8BCD422C8923}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{F8F1B91C-BC46-44B7-99E4-56BF129323DD}" = lport=2869 | protocol=6 | dir=in | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{059488AD-4C59-4D5B-8D2F-B7EB1E47F226}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon\bin\mxup.exe |
    "{27A6EA2A-7F78-4B3A-B296-22C2B562167E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{27BC00FF-8C90-4B9D-A698-C09D5586674C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
    "{27E9C702-C792-4124-949F-7E5BFC881158}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{30BBA515-A7D7-48D6-811E-4DA47AE221CC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{3160E78E-7660-495E-B4E6-80EFA6910AB7}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon\bin\maxthon.exe |
    "{4C595746-ADFF-48D5-9D56-0EAC81314159}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{51AD08B1-8CE2-4466-99AD-F2E76002982C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{55F4699A-BF90-4E05-B9B5-7E8154104109}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{5FB982D4-61F7-4601-8650-C9E3A6582662}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
    "{69FD66D5-C735-4632-8975-7D987FD7F9FF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
    "{6DFA99C4-4741-4C7B-8D8C-04E9B4E26262}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{76C7E214-5AB6-48AA-B18A-25EE8C65BE0D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
    "{8045DA26-D604-4FC6-97EF-84494BCF5E83}" = protocol=6 | dir=out | app=system |
    "{8FAA74F4-D5CC-49AC-8FBC-072275E75814}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{8FB987C0-527C-478C-979F-CF34CE66B88B}" = protocol=6 | dir=in | app=c:\program files\hola\app\hola_svc.exe |
    "{91D1BCE7-C0A0-4423-8EAD-51D68167BCFA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{9F60BBA3-6A75-4DFB-A8F6-E870DB6A4B9B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{A050280F-EBDE-407D-9FAD-7B258E9E89D5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{AE279A92-A646-4A8A-ABAF-5FB7FAE8B540}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{B0F16421-DFF4-464D-92AA-FB06B0178484}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{B65501F8-DE91-4E49-83FC-3D96AF6FCF5C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{C80E709E-8204-472B-8C37-C30D6B48C50D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
    "{D2882271-DC6A-4DA4-9324-AFB5640F057A}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon\bin\mxup.exe |
    "{E0183A59-687D-4C35-A17B-1621050C3308}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
    "{E1EE08FE-46AF-49BF-B880-914E7258674E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
    "{EBF818F2-22D3-490D-AC03-B1332144C5BF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
    "{EC2AB594-7484-4BBA-8063-4672BAB6664E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{F13CE56B-4888-4F1B-AFB8-E4A9D6B0D42C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{F297625F-05DF-4C34-8E87-E80B6BA22228}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{F2D65185-57AC-4E2A-A468-1379674153EF}" = protocol=17 | dir=in | app=c:\program files\hola\app\hola_svc.exe |
    "{FACB6BD7-265A-492B-A755-A9302A07CA87}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon\bin\maxthon.exe |
    "TCP Query User{30752B1B-E2B3-400F-83D7-3070D590A92D}C:\program files (x86)\pc remote\pc remote\pcremote.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pc remote\pc remote\pcremote.exe |
    "TCP Query User{C2E7C4B6-87CF-4EB2-A10A-AABE7193B26D}C:\program files (x86)\pc remote\pc remote\pcremote.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pc remote\pc remote\pcremote.exe |
    "UDP Query User{24A54107-A1F8-43E1-900A-A96BEAFA2AA9}C:\program files (x86)\pc remote\pc remote\pcremote.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pc remote\pc remote\pcremote.exe |
    "UDP Query User{F557E45C-1CF8-4648-82F9-8D7EA13BDD38}C:\program files (x86)\pc remote\pc remote\pcremote.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pc remote\pc remote\pcremote.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
    "{26A24AE4-039D-4CA4-87B4-2F86417055FF}" = Java 7 Update 55 (64-bit)
    "{572D0504-2C67-4016-801F-D70879A3026A}" = File Association Helper
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
    "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
    "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
    "{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
    "{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
    "{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
    "{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
    "{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
    "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
    "{BFAE8D5B-F918-486F-B74E-90762DF11C5C}" = Microsoft Security Client
    "{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup
    "{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
    "{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
    "{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
    "{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
    "24DA573F901348FFDFF7717497830D45BE0C362E" = Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2)
    "CCleaner" = CCleaner
    "CNXT_AUDIO" = Conexant HD Audio
    "D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2" = Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "Microsoft Security Client" = Microsoft Security Essentials
    "SynTPDeinstKey" = Synaptics Pointing Device Driver

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
    "{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
    "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
    "{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}" = System Requirements Lab for Intel
    "{26D8DF7E-DBF8-43A6-8D42-F37497CE603D}" = Skype(TM) Launcher
    "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
    "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
    "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
    "{5CE1E4AB-3A3F-4D2F-80C0-58D897AC1A0E}" = Healthy Edge Lite
    "{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
    "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
    "{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
    "{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
    "{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
    "{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
    "{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}" = TOSHIBA USB Sleep and Charge Utility
    "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
    "{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
    "{F082CB11-4794-4259-99A1-D91BA762AD15}" = TOSHIBA TEMPRO
    "{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
    "Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
    "Google Chrome" = Google Chrome
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
    "InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
    "InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup
    "InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password
    "InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
    "InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
    "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
    "Maxthon3" = Maxthon Cloud Browser
    "Mozilla Firefox 29.0 (x86 en-US)" = Mozilla Firefox 29.0 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "Opera 21.0.1432.57" = Opera Stable 21.0.1432.57

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 4/6/2014 7:30:44 PM | Computer Name = Dan-TOSH | Source = SideBySide | ID = 16842832
    Description = Activation context generation failed for "C:\Program Files (x86)\TOSHIBA\Bluetooth
    Toshiba Stack\Tools\AVRCPTestTool.exe".Error in manifest or policy file "" on line
    . A component version required by the application conflicts with another component
    version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    Error - 4/6/2014 7:32:05 PM | Computer Name = Dan-TOSH | Source = SideBySide | ID = 16842815
    Description = Activation context generation failed for "c:\Program Files (x86)\Common
    Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
    Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
    "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
    "version" in element "assemblyIdentity" is invalid.

    Error - 4/7/2014 3:01:46 PM | Computer Name = Dan-TOSH | Source = Application Hang | ID = 1002
    Description = The program opera.exe version 20.0.1387.91 stopped interacting with
    Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Action Center control panel. Process ID: 1730 Start
    Time: 01cf527e64ab16ce Termination Time: 152 Application Path: C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

    Report
    Id: 0a792fd0-be87-11e3-be6f-00269e5d09f4

    Error - 4/7/2014 7:30:27 PM | Computer Name = Dan-TOSH | Source = SideBySide | ID = 16842832
    Description = Activation context generation failed for "C:\Program Files (x86)\TOSHIBA\Bluetooth
    Toshiba Stack\TosBt1st.exe".Error in manifest or policy file "" on line . A component
    version required by the application conflicts with another component version already
    active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Component
    2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

    Error - 4/7/2014 7:30:43 PM | Computer Name = Dan-TOSH | Source = SideBySide | ID = 16842832
    Description = Activation context generation failed for "C:\Program Files (x86)\TOSHIBA\Bluetooth
    Toshiba Stack\Tools\AVRCPTestTool.exe".Error in manifest or policy file "" on line
    . A component version required by the application conflicts with another component
    version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    Error - 4/7/2014 7:32:03 PM | Computer Name = Dan-TOSH | Source = SideBySide | ID = 16842815
    Description = Activation context generation failed for "c:\Program Files (x86)\Common
    Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
    Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
    "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
    "version" in element "assemblyIdentity" is invalid.

    Error - 4/12/2014 5:07:34 PM | Computer Name = Dan-TOSH | Source = Windows Search Service | ID = 3007
    Description =

    Error - 4/13/2014 5:52:16 PM | Computer Name = Dan-TOSH | Source = SideBySide | ID = 16842832
    Description = Activation context generation failed for "C:\Program Files (x86)\TOSHIBA\Bluetooth
    Toshiba Stack\TosBt1st.exe".Error in manifest or policy file "" on line . A component
    version required by the application conflicts with another component version already
    active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Component
    2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

    Error - 4/13/2014 5:52:32 PM | Computer Name = Dan-TOSH | Source = SideBySide | ID = 16842832
    Description = Activation context generation failed for "C:\Program Files (x86)\TOSHIBA\Bluetooth
    Toshiba Stack\Tools\AVRCPTestTool.exe".Error in manifest or policy file "" on line
    . A component version required by the application conflicts with another component
    version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    Error - 4/13/2014 5:54:02 PM | Computer Name = Dan-TOSH | Source = SideBySide | ID = 16842815
    Description = Activation context generation failed for "c:\Program Files (x86)\Common
    Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
    Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
    "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
    "version" in element "assemblyIdentity" is invalid.

    [ System Events ]
    Error - 5/2/2014 4:51:11 AM | Computer Name = Dan-TOSH | Source = Service Control Manager | ID = 7001
    Description = The DHCP Client service depends on the Network Store Interface Service
    service which failed to start because of the following error: %%1058

    Error - 5/2/2014 4:51:11 AM | Computer Name = Dan-TOSH | Source = Service Control Manager | ID = 7001
    Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
    DHCP Client service which failed to start because of the following error: %%1068

    Error - 5/2/2014 4:51:14 AM | Computer Name = Dan-TOSH | Source = Service Control Manager | ID = 7001
    Description = The DHCP Client service depends on the Network Store Interface Service
    service which failed to start because of the following error: %%1058

    Error - 5/2/2014 4:51:14 AM | Computer Name = Dan-TOSH | Source = Service Control Manager | ID = 7001
    Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
    DHCP Client service which failed to start because of the following error: %%1068

    Error - 5/2/2014 4:54:46 AM | Computer Name = Dan-TOSH | Source = Service Control Manager | ID = 7001
    Description = The DHCP Client service depends on the Network Store Interface Service
    service which failed to start because of the following error: %%1058

    Error - 5/2/2014 4:54:46 AM | Computer Name = Dan-TOSH | Source = Service Control Manager | ID = 7001
    Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
    DHCP Client service which failed to start because of the following error: %%1068

    Error - 5/2/2014 4:54:47 AM | Computer Name = Dan-TOSH | Source = Service Control Manager | ID = 7001
    Description = The DHCP Client service depends on the Network Store Interface Service
    service which failed to start because of the following error: %%1058

    Error - 5/2/2014 4:54:49 AM | Computer Name = Dan-TOSH | Source = Service Control Manager | ID = 7001
    Description = The DHCP Client service depends on the Network Store Interface Service
    service which failed to start because of the following error: %%1058

    Error - 5/2/2014 4:54:49 AM | Computer Name = Dan-TOSH | Source = Service Control Manager | ID = 7001
    Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
    DHCP Client service which failed to start because of the following error: %%1068

    Error - 5/2/2014 5:04:29 AM | Computer Name = Dan-TOSH | Source = ACPI | ID = 327693
    Description = : The embedded controller (EC) did not respond within the specified
    timeout period. This may indicate that there is an error in the EC hardware or
    firmware or that the BIOS is accessing the EC incorrectly. You should check with
    your computer manufacturer for an upgraded BIOS. In some situations, this error
    may cause the computer to function incorrectly.


    < End of report >

  6. The Following User Says Thank You to dangerrard9 For This Useful Post:


  7. #4
    Member
    Join Date
    May 2014
    Posts
    18
    Points
    6

    Default

    Hi Joe. Just posted scan results but don't see them listed. Can you confirm if you received them?

    Dan

  8. The Following User Says Thank You to dangerrard9 For This Useful Post:


  9. #5
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Not seeing anything outstanding so,

    Try using System File Checker,
    System File Checker merely makes sure that all system files are where they should be. The sfc /scannow command scans all protected system files and replaces incorrect versions with correct Microsoft versions.
    Open an Elevated Command Prompt window. To do so, click Start, then type cmd in the Start Search box. In the results area, right-click cmd.exe, and then click Run as administrator. You will be prompted to type the password for an administrator account. Click Continue if you are the administrator or type the administrator password. Then, click Continue.

    At the command prompt, type the following command, sfc /scannow and then press ENTER.


    The scan may take some time to complete. Windows will repair any corrupted or missing files that it finds. If required, Windows may prompt you to insert the Operating System CD.

  10. The Following User Says Thank You to zep516 For This Useful Post:


  11. #6
    Member
    Join Date
    May 2014
    Posts
    18
    Points
    6

    Default

    System file checker did not find any integrity violations.

  12. The Following User Says Thank You to dangerrard9 For This Useful Post:


  13. #7
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    OK,

    Lets double check for Malware with ESET on line scanner. Your OTL Log is as clean as mine so I don't think we are dealing with Malware. If the problem was limited to Internet Explorer we could reset it, but your issue is happening across 2 browsers odd. I see you ran process explorer too.

    ESET Online Scanner This scan may take some time.

    Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

    • Please go >>HERE<< then click on:

      Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the icon to install.

      All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
    • Select the option YES, I accept the Terms of Use then click on:
    • When prompted allow the Add-On/Active X to install.
    • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
    • Now click on Advanced Settings and select the following:
      1. Scan for potentially unwanted applications
      2. Scan for potentially unsafe applications
      3. Enable Anti-Stealth Technology
    • Now click on:
    • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
    • When completed the Online Scan will begin automatically.
    • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
    • When completed make sure you first copy the logfile located at C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt).
    • Copy and paste that log as a reply to this topic.
    • Now click on:
      (Selecting Uninstall application on close if you so wish)


    Thanks
    Joe

  14. The Following User Says Thank You to zep516 For This Useful Post:


  15. #8
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Hello,

    Since we are on a different time zone I'm posting ahead so you have something to try after ESET is run.

    Have you tried a clean boot for diagnostic purposes, see link

    How to perform a clean boot in Windows

    Joe

  16. The Following User Says Thank You to zep516 For This Useful Post:


  17. #9
    Member
    Join Date
    May 2014
    Posts
    18
    Points
    6

    Default

    The scan returned two threats:

    C:\Users\Dan\Downloads\ccsetup413.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
    C:\Users\Dan\Downloads\WinZip180.exe a variant of Win32/OpenInstall potentially unwanted application

    . Here is the log file:

    ESETSmartInstaller@High as CAB hook log:
    OnlineScanner64.ocx - registred OK
    OnlineScanner.ocx - registred OK

  18. The Following User Says Thank You to dangerrard9 For This Useful Post:


  19. #10
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    C:\Users\Dan\Downloads\ccsetup413.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
    C:\Users\Dan\Downloads\WinZip180.exe a variant of Win32/OpenInstall potentially unwanted application

    That's really nothing to worry about, you can clear out the downloads folder if you want, ESET does not like exe's in the downloads folder.

    Did you see the post I posted about cleanboot post #8

    Joe

  20. The Following User Says Thank You to zep516 For This Useful Post:


Page 1 of 4 123 ... LastLast