# AdwCleaner v3.008 - Report created 19/10/2013 at 13:16:04 # Updated 17/10/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Woody - MACK-GAMING-HP # Running from : C:\Users\Woody\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Woody\AppData\LocalLow\AskToolbar ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16720 ************************* AdwCleaner[R0].txt - [10063 octets] - [19/10/2013 12:16:33] AdwCleaner[R1].txt - [821 octets] - [19/10/2013 13:15:28] AdwCleaner[s0].txt - [10230 octets] - [19/10/2013 12:21:19] AdwCleaner[s1].txt - [747 octets] - [19/10/2013 13:16:04] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [806 octets] ########## Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-10-2013 Ran by Woody (administrator) on MACK-GAMING-HP on 19-10-2013 13:22:40 Running from C:\Users\Woody\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe (ThreatTrack Security, Inc.) C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe () C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (ThreatTrack Security, Inc.) C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe (ThreatTrack Security, Inc.) C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [beatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard ) HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-26] (IDT, Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [HP Remote Solution] - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-24] (Hewlett-Packard) HKLM-x32\...\Run: [bATINDICATOR] - C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe HKLM-x32\...\Run: [LaunchHPOSIAPP] - C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe [385024 2009-04-03] (Hewlett-Packard) HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation) HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc) HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation) HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2013-09-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2013-09-03] (Adobe Systems Inc.) HKLM-x32\...\Run: [sBAMTray] - C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe [3155776 2013-04-18] (ThreatTrack Security, Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKU\Mack\...\Run: [steam] - C:\Program Files (x86)\Steam\steam.exe [1597864 2013-02-27] (Valve Corporation) HKU\Mack\...\Run: [AdobeBridge] - [x] HKU\Mack\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.) AppInit_DLLs: [0 ] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1 SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKLM - {E40D88A2-CD14-4EEC-9403-CA3A37442687} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKLM-x32 - {E40D88A2-CD14-4EEC-9403-CA3A37442687} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = SearchScopes: HKCU - {E40D88A2-CD14-4EEC-9403-CA3A37442687} URL = BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll No File BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File Toolbar: HKLM - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No File Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File Toolbar: HKLM-x32 - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No File Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 ==================== Services (Whitelisted) ================= S2 CLKMSVC10_38F51D56; c:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-01-25] (CyberLink) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation) R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc) R2 SBAMSvc; C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe [3680512 2013-04-18] (ThreatTrack Security, Inc.) R2 SBPIMSvc; C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe [175936 2013-04-18] (ThreatTrack Security, Inc.) S2 SeaPort; "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" [x] ==================== Drivers (Whitelisted) ==================== S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security) S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security) R3 HCW723x; C:\Windows\System32\DRIVERS\HCW723x.sys [1799552 2009-12-15] (Hauppauge Computer Works, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [88432 2013-04-16] (ThreatTrack Security, Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-19 13:22 - 2013-10-19 13:22 - 00000000 ____D C:\FRST 2013-10-19 13:21 - 2013-10-19 13:21 - 01954548 _____ (Farbar) C:\Users\Woody\Desktop\FRST64.exe 2013-10-19 12:15 - 2013-10-19 13:16 - 00000000 ____D C:\AdwCleaner 2013-10-19 12:15 - 2013-10-19 12:15 - 01050644 _____ C:\Users\Woody\Desktop\AdwCleaner.exe 2013-10-19 12:10 - 2013-10-19 12:10 - 00000000 ____D C:\Users\Woody\hpremote 2013-10-19 12:10 - 2013-10-19 12:10 - 00000000 ____D C:\Users\Woody\AppData\Roaming\Hewlett-Packard 2013-10-18 22:30 - 2013-10-19 12:10 - 00000000 ____D C:\Users\Woody\AppData\Roaming\Skype 2013-10-18 22:30 - 2013-10-18 22:30 - 00000000 ____D C:\Users\Woody\AppData\Roaming\LolClient 2013-10-18 21:45 - 2013-10-18 21:45 - 00013682 _____ C:\Users\Woody\Desktop\attach.txt 2013-10-18 21:45 - 2013-10-18 21:44 - 00021350 _____ C:\Users\Woody\Desktop\dds.txt 2013-10-18 21:42 - 2013-10-18 21:42 - 00688992 ____R (Swearware) C:\Users\Woody\Desktop\dds.scr 2013-10-18 19:31 - 2013-10-18 19:31 - 00000000 ____D C:\Users\Woody\AppData\Roaming\Malwarebytes 2013-10-18 19:30 - 2013-10-18 19:30 - 00002600 _____ C:\Users\Woody\Desktop\Rkill.txt 2013-10-18 19:30 - 2013-10-18 19:30 - 00000000 ____D C:\Users\Woody\Desktop\rkill 2013-10-18 19:03 - 2013-10-18 19:03 - 00000000 ____D C:\Users\Woody\AppData\Roaming\GFI Software 2013-10-18 19:03 - 2013-10-18 19:03 - 00000000 ____D C:\Users\Woody\AppData\Local\PDFC 2013-10-18 19:03 - 2013-10-18 19:03 - 00000000 ____D C:\Users\Woody\AppData\Local\Adobe 2013-10-18 19:02 - 2013-10-18 19:03 - 00000000 ___RD C:\Users\Woody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-10-18 19:02 - 2013-10-18 19:03 - 00000000 ___RD C:\Users\Woody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-10-18 19:02 - 2013-10-18 19:03 - 00000000 ____D C:\Users\Woody\AppData\Roaming\Adobe 2013-10-18 19:02 - 2013-10-18 19:02 - 00001415 _____ C:\Users\Woody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-10-18 19:01 - 2013-10-19 12:10 - 00000000 ____D C:\Users\Woody 2013-10-18 19:01 - 2013-10-18 19:01 - 00000020 ___SH C:\Users\Woody\ntuser.ini 2013-10-18 19:01 - 2013-10-18 19:01 - 00000000 ____D C:\Users\Woody\AppData\Local\VirtualStore 2013-10-18 19:01 - 2011-10-15 04:46 - 00000000 ____D C:\Users\Woody\AppData\Roaming\Macromedia 2013-10-18 19:01 - 2011-10-15 04:39 - 00001974 _____ C:\Users\Woody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hulu Desktop.lnk 2013-10-18 19:01 - 2009-07-13 23:54 - 00000000 ___RD C:\Users\Woody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-10-18 19:01 - 2009-07-13 23:49 - 00000000 ___RD C:\Users\Woody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-10-16 19:57 - 2013-10-16 19:57 - 00000000 ____D C:\ProgramData\Oracle 2013-10-16 19:56 - 2013-10-16 19:55 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-16 19:56 - 2013-10-16 19:55 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-16 19:56 - 2013-10-16 19:55 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-16 19:56 - 2013-10-16 19:55 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-16 18:05 - 2013-10-16 18:05 - 00001520 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk 2013-10-16 17:52 - 2013-10-16 17:52 - 00000000 __SHD C:\found.000 2013-10-15 21:11 - 2013-10-15 21:11 - 00000000 ____D C:\Users\Mack\AppData\Local\LogMeIn 2013-10-15 21:11 - 2013-10-15 21:11 - 00000000 ____D C:\ProgramData\LogMeIn 2013-10-14 21:58 - 2013-10-14 21:58 - 24267712 _____ C:\Users\Mack\Documents\Divide.psd 2013-10-14 21:42 - 2013-10-14 21:42 - 33123991 _____ C:\Users\Mack\Documents\big_mountain_hires.psd 2013-10-10 03:10 - 2013-09-22 18:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-10-10 03:10 - 2013-09-22 18:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-10-10 03:10 - 2013-09-22 18:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-10-10 03:10 - 2013-09-22 18:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-10-10 03:10 - 2013-09-22 18:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-10-10 03:10 - 2013-09-22 18:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-10-10 03:10 - 2013-09-22 18:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-10-10 03:10 - 2013-09-22 18:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-10-10 03:10 - 2013-09-22 18:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-10-10 03:10 - 2013-09-22 18:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-10-10 03:10 - 2013-09-22 18:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-10-10 03:10 - 2013-09-22 18:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-10-10 03:10 - 2013-09-22 18:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-10-10 03:10 - 2013-09-22 17:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-10 03:10 - 2013-09-22 17:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-10 03:10 - 2013-09-22 17:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-10-10 03:10 - 2013-09-22 17:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-10 03:10 - 2013-09-22 17:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-10 03:10 - 2013-09-22 17:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-10 03:10 - 2013-09-22 17:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-10 03:10 - 2013-09-22 17:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-10-10 03:10 - 2013-09-22 17:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-10-10 03:10 - 2013-09-22 17:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-10-10 03:10 - 2013-09-22 17:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-10-10 03:10 - 2013-09-22 17:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-10-10 03:10 - 2013-09-22 17:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-10-10 03:10 - 2013-09-22 17:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-10-10 03:10 - 2013-09-20 22:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-10-10 03:10 - 2013-09-20 22:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-10-10 03:10 - 2013-09-20 21:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-10-10 03:10 - 2013-09-20 21:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-10-09 04:04 - 2013-09-13 20:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-10-09 04:04 - 2013-09-07 21:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-10-09 04:04 - 2013-09-07 21:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2013-10-09 04:04 - 2013-09-07 21:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2013-10-09 04:04 - 2013-09-04 07:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-10-09 04:04 - 2013-09-04 07:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-10-09 04:04 - 2013-09-04 07:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-10-09 04:04 - 2013-09-04 07:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-10-09 04:04 - 2013-09-04 07:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2013-10-09 04:04 - 2013-09-04 07:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2013-10-09 04:04 - 2013-09-04 07:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2013-10-09 04:04 - 2013-08-28 21:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-10-09 04:04 - 2013-08-28 21:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-10-09 04:04 - 2013-08-28 21:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2013-10-09 04:04 - 2013-08-28 21:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-10-09 04:04 - 2013-08-28 21:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2013-10-09 04:04 - 2013-08-28 20:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-10-09 04:04 - 2013-08-28 20:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-10-09 04:04 - 2013-08-28 20:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-10-09 04:04 - 2013-08-28 20:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2013-10-09 04:04 - 2013-08-28 20:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-10-09 04:04 - 2013-08-28 20:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2013-10-09 04:04 - 2013-08-28 19:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-10-09 04:04 - 2013-08-28 19:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-10-09 04:04 - 2013-08-28 19:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-10-09 04:04 - 2013-08-28 19:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-10-09 04:04 - 2013-08-27 20:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-09 04:04 - 2013-08-27 20:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2013-10-09 04:04 - 2013-08-01 07:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-09 04:04 - 2013-07-20 05:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 04:04 - 2013-07-20 05:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 04:04 - 2013-07-12 05:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2013-10-09 04:04 - 2013-07-12 05:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys 2013-10-09 04:04 - 2013-07-04 07:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2013-10-09 04:04 - 2013-07-04 07:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2013-10-09 04:04 - 2013-07-04 07:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2013-10-09 04:04 - 2013-07-04 06:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2013-10-09 04:04 - 2013-07-04 06:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2013-10-09 04:04 - 2013-07-04 06:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2013-10-09 04:04 - 2013-07-04 05:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2013-10-09 04:04 - 2013-07-02 23:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2013-10-09 04:04 - 2013-07-02 23:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-10-09 04:04 - 2013-06-25 17:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-10-09 04:04 - 2013-06-06 00:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2013-10-09 04:04 - 2013-06-06 00:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2013-10-09 04:04 - 2013-06-06 00:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2013-10-09 04:04 - 2013-06-06 00:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2013-10-09 04:04 - 2013-06-05 23:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2013-10-09 04:04 - 2013-06-05 23:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2013-10-09 04:04 - 2013-06-05 23:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2013-10-09 04:04 - 2013-06-05 22:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-10-09 04:04 - 2013-06-05 22:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2013-10-09 04:04 - 2013-06-05 22:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2013-09-23 18:46 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2013-09-23 18:46 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2013-09-23 18:46 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2013-09-23 18:46 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2013-09-23 18:45 - 2013-10-14 21:21 - 00000000 ____D C:\Users\Mack\AppData\Local\Warframe 2013-09-23 18:45 - 2013-09-23 18:45 - 00002311 _____ C:\Users\Mack\Desktop\Warframe.lnk 2013-09-23 18:45 - 2013-09-23 18:45 - 00000000 ____D C:\Users\Mack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe ==================== One Month Modified Files and Folders ======= 2013-10-19 13:22 - 2013-10-19 13:22 - 00000000 ____D C:\FRST 2013-10-19 13:21 - 2013-10-19 13:21 - 01954548 _____ (Farbar) C:\Users\Woody\Desktop\FRST64.exe 2013-10-19 13:21 - 2009-07-14 00:13 - 00779724 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-19 13:20 - 2011-12-26 14:33 - 01722240 _____ C:\Windows\WindowsUpdate.log 2013-10-19 13:18 - 2012-05-05 10:49 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-19 13:17 - 2011-10-15 04:47 - 00000000 ____D C:\ProgramData\PDFC 2013-10-19 13:17 - 2011-10-15 04:29 - 00000000 ____D C:\ProgramData\NVIDIA 2013-10-19 13:17 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-19 13:16 - 2013-10-19 12:15 - 00000000 ____D C:\AdwCleaner 2013-10-19 13:16 - 2009-07-13 23:51 - 00051487 _____ C:\Windows\setupact.log 2013-10-19 13:16 - 2009-07-13 23:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-19 13:16 - 2009-07-13 23:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-19 13:11 - 2010-11-20 22:47 - 00407746 _____ C:\Windows\PFRO.log 2013-10-19 12:21 - 2012-01-06 23:56 - 00000000 ____D C:\Users\Mack\AppData\Local\CrashDumps 2013-10-19 12:15 - 2013-10-19 12:15 - 01050644 _____ C:\Users\Woody\Desktop\AdwCleaner.exe 2013-10-19 12:10 - 2013-10-19 12:10 - 00000000 ____D C:\Users\Woody\hpremote 2013-10-19 12:10 - 2013-10-19 12:10 - 00000000 ____D C:\Users\Woody\AppData\Roaming\Hewlett-Packard 2013-10-19 12:10 - 2013-10-18 22:30 - 00000000 ____D C:\Users\Woody\AppData\Roaming\Skype 2013-10-19 12:10 - 2013-10-18 19:01 - 00000000 ____D C:\Users\Woody 2013-10-19 02:00 - 2012-08-05 23:12 - 00000000 ____D C:\Users\Mack\AppData\Local\Adobe 2013-10-18 22:31 - 2013-02-13 08:00 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-10-18 22:31 - 2012-03-01 19:30 - 00000000 ____D C:\ProgramData\Skype 2013-10-18 22:30 - 2013-10-18 22:30 - 00000000 ____D C:\Users\Woody\AppData\Roaming\LolClient 2013-10-18 22:30 - 2012-03-01 19:30 - 00002515 _____ C:\Users\Public\Desktop\Skype.lnk 2013-10-18 21:45 - 2013-10-18 21:45 - 00013682 _____ C:\Users\Woody\Desktop\attach.txt 2013-10-18 21:44 - 2013-10-18 21:45 - 00021350 _____ C:\Users\Woody\Desktop\dds.txt 2013-10-18 21:42 - 2013-10-18 21:42 - 00688992 ____R (Swearware) C:\Users\Woody\Desktop\dds.scr 2013-10-18 19:31 - 2013-10-18 19:31 - 00000000 ____D C:\Users\Woody\AppData\Roaming\Malwarebytes 2013-10-18 19:30 - 2013-10-18 19:30 - 00002600 _____ C:\Users\Woody\Desktop\Rkill.txt 2013-10-18 19:30 - 2013-10-18 19:30 - 00000000 ____D C:\Users\Woody\Desktop\rkill 2013-10-18 19:03 - 2013-10-18 19:03 - 00000000 ____D C:\Users\Woody\AppData\Roaming\GFI Software 2013-10-18 19:03 - 2013-10-18 19:03 - 00000000 ____D C:\Users\Woody\AppData\Local\PDFC 2013-10-18 19:03 - 2013-10-18 19:03 - 00000000 ____D C:\Users\Woody\AppData\Local\Adobe 2013-10-18 19:03 - 2013-10-18 19:02 - 00000000 ___RD C:\Users\Woody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-10-18 19:03 - 2013-10-18 19:02 - 00000000 ___RD C:\Users\Woody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-10-18 19:03 - 2013-10-18 19:02 - 00000000 ____D C:\Users\Woody\AppData\Roaming\Adobe 2013-10-18 19:02 - 2013-10-18 19:02 - 00001415 _____ C:\Users\Woody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-10-18 19:01 - 2013-10-18 19:01 - 00000020 ___SH C:\Users\Woody\ntuser.ini 2013-10-18 19:01 - 2013-10-18 19:01 - 00000000 ____D C:\Users\Woody\AppData\Local\VirtualStore 2013-10-18 18:43 - 2012-03-01 19:30 - 00000000 ____D C:\Users\Mack\AppData\Roaming\Skype 2013-10-18 17:05 - 2013-06-18 18:10 - 00000000 ____D C:\Users\Mack\AppData\Local\PMB Files 2013-10-16 19:57 - 2013-10-16 19:57 - 00000000 ____D C:\ProgramData\Oracle 2013-10-16 19:55 - 2013-10-16 19:56 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-16 19:55 - 2013-10-16 19:56 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-16 19:55 - 2013-10-16 19:56 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-16 19:55 - 2013-10-16 19:56 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-16 19:55 - 2012-04-14 22:58 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-16 18:20 - 2013-01-15 22:08 - 00002028 _____ C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk 2013-10-16 18:16 - 2012-08-05 23:31 - 00000000 ____D C:\Program Files\Common Files\Adobe 2013-10-16 18:14 - 2012-08-05 23:13 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-10-16 18:05 - 2013-10-16 18:05 - 00001520 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk 2013-10-16 18:05 - 2012-08-05 23:34 - 00000000 ____D C:\Program Files\Adobe 2013-10-16 17:54 - 2011-12-26 14:33 - 00000000 ____D C:\Users\Mack 2013-10-16 17:53 - 2012-11-27 14:20 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForMack.job 2013-10-16 17:52 - 2013-10-16 17:52 - 00000000 __SHD C:\found.000 2013-10-15 21:26 - 2012-11-27 14:20 - 00003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForMack 2013-10-15 21:25 - 2012-01-10 18:37 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2013-10-15 21:25 - 2011-12-27 17:54 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log 2013-10-15 21:24 - 2011-12-27 17:53 - 00000000 ____D C:\Users\Mack\AppData\Roaming\HP Support Assistant 2013-10-15 21:24 - 2011-12-27 16:05 - 00000000 ____D C:\Users\Mack\AppData\Roaming\HpUpdate 2013-10-15 21:15 - 2013-06-18 18:10 - 00000000 ____D C:\ProgramData\PMB Files 2013-10-15 21:11 - 2013-10-15 21:11 - 00000000 ____D C:\Users\Mack\AppData\Local\LogMeIn 2013-10-15 21:11 - 2013-10-15 21:11 - 00000000 ____D C:\ProgramData\LogMeIn 2013-10-14 21:58 - 2013-10-14 21:58 - 24267712 _____ C:\Users\Mack\Documents\Divide.psd 2013-10-14 21:42 - 2013-10-14 21:42 - 33123991 _____ C:\Users\Mack\Documents\big_mountain_hires.psd 2013-10-14 21:21 - 2013-09-23 18:45 - 00000000 ____D C:\Users\Mack\AppData\Local\Warframe 2013-10-12 10:10 - 2012-12-14 04:19 - 00000354 _____ C:\Windows\Tasks\HPCeeScheduleForMACK-GAMING-HP$.job 2013-10-12 10:10 - 2012-07-01 23:04 - 00003230 _____ C:\Windows\System32\Tasks\HPCeeScheduleForMACK-GAMING-HP$ 2013-10-10 22:38 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache 2013-10-10 03:29 - 2009-07-13 23:45 - 04908944 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-10 03:28 - 2013-03-13 03:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-10 03:28 - 2013-03-13 03:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-10 03:08 - 2011-02-11 12:15 - 00773448 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-10-10 03:06 - 2013-08-14 03:01 - 00000000 ____D C:\Windows\system32\MRT 2013-10-10 03:04 - 2013-06-19 23:52 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-10-08 14:22 - 2012-05-05 10:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-08 14:22 - 2012-05-05 10:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-08 14:22 - 2012-05-05 10:49 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-23 18:46 - 2011-10-15 04:48 - 00045710 _____ C:\Windows\DirectX.log 2013-09-23 18:45 - 2013-09-23 18:45 - 00002311 _____ C:\Users\Mack\Desktop\Warframe.lnk 2013-09-23 18:45 - 2013-09-23 18:45 - 00000000 ____D C:\Users\Mack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe 2013-09-22 18:28 - 2013-10-10 03:10 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-22 18:28 - 2013-10-10 03:10 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-22 18:27 - 2013-10-10 03:10 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-22 18:27 - 2013-10-10 03:10 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-22 18:27 - 2013-10-10 03:10 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-22 18:27 - 2013-10-10 03:10 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-22 18:27 - 2013-10-10 03:10 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-22 18:27 - 2013-10-10 03:10 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-22 18:27 - 2013-10-10 03:10 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-22 18:27 - 2013-10-10 03:10 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-22 18:27 - 2013-10-10 03:10 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-22 18:27 - 2013-10-10 03:10 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-22 18:27 - 2013-10-10 03:10 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-22 17:55 - 2013-10-10 03:10 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-22 17:55 - 2013-10-10 03:10 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-22 17:55 - 2013-10-10 03:10 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-22 17:54 - 2013-10-10 03:10 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-22 17:54 - 2013-10-10 03:10 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-22 17:54 - 2013-10-10 03:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-22 17:54 - 2013-10-10 03:10 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-22 17:54 - 2013-10-10 03:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-22 17:54 - 2013-10-10 03:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-22 17:54 - 2013-10-10 03:10 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-22 17:54 - 2013-10-10 03:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-22 17:54 - 2013-10-10 03:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-22 17:54 - 2013-10-10 03:10 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-22 17:54 - 2013-10-10 03:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-20 22:38 - 2013-10-10 03:10 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-20 22:30 - 2013-10-10 03:10 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-20 21:48 - 2013-10-10 03:10 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-09-20 21:39 - 2013-10-10 03:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe Alureon: C:\Users\Mack\AppData\Local\Temp\smeivxx\srqurid\wow.dll Files to move or delete: ==================== C:\ProgramData\hash.dat Some content of TEMP: ==================== C:\Users\Woody\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-11 23:53 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-10-2013 Ran by Woody at 2013-10-19 13:23:50 Running from C:\Users\Woody\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: GFI Software VIPRE (Enabled - Up to date) {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: GFI Software VIPRE (Enabled - Up to date) {5BB89C30-6480-BC7C-9F17-199BD76F557A} ==================== Installed Programs ====================== 7-Zip 9.20 (x32) Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.8) Adobe AIR (x32 Version: 3.8.0.1280) Adobe CS6 Design and Web Premium (x32 Version: 6) Adobe Download Assistant (x32 Version: 1.2.3) Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117) Adobe Help Manager (x32 Version: 4.0.244) Adobe Photoshop CS6 (x32 Version: 13.0) Adobe Widget Browser (x32 Version: 2.0 Build 348) Adobe Widget Browser (x32 Version: 2.0.348) Adobe® Content Viewer (x32 Version: 3.3.0) Agatha Christie - Peril at End House (x32 Version: 2.2.0.95) ARMA 2 (x32) ARMA 2: Operation Arrowhead (x32) BattlEye for OA Uninstall (x32) BattlEye Uninstall (x32) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95) Bejeweled 3 (x32 Version: 2.2.0.95) Bing Bar (x32 Version: 6.0.2282.0) Bing Bar Platform (x32 Version: 6.0.2282.0) Bing Rewards Client Installer (x32 Version: 16.0.345.0) Blackhawk Striker 2 (x32 Version: 2.2.0.95) Blasterball 3 (x32 Version: 2.2.0.95) Blio (x32 Version: 2.2.6699) Bounce Symphony (x32 Version: 2.2.0.95) Build-a-lot 2 (x32 Version: 2.2.0.95) Cake Mania (x32 Version: 2.2.0.95) Chuzzle Deluxe (x32 Version: 2.2.0.95) CyberLink PowerDVD 10 (x32 Version: 10.0.1.2615) D3DX10 (x32 Version: 15.4.2368.0902) Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95) Dora's World Adventure (x32 Version: 2.2.0.95) Farm Frenzy (x32 Version: 2.2.0.95) FATE - The Traitor Soul (x32 Version: 2.2.0.95) Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000) HP Auto (Version: 1.0.12935.3667) HP Client Services (Version: 1.1.12938.3539) HP Customer Experience Enhancements (x32 Version: 6.0.1.7) HP Games (x32 Version: 1.0.2.4) HP Keyboard (x32 Version: 1.5.0.4) HP LinkUp (x32 Version: 2.01.026) HP MediaSmart/TouchSmart Netflix (x32 Version: 1.0.6.0) HP MovieStore (x32 Version: 1.0.045) HP MovieStore (x32 Version: 2.0) HP Odometer (x32 Version: 2.10.0000) HP Remote Solution (x32 Version: 1.1.14.0) HP Setup (x32 Version: 8.6.4530.3651) HP Setup Manager (x32 Version: 1.1.13253.3682) HP Support Assistant (x32 Version: 7.0.39.15) HP Support Information (x32 Version: 10.1.1000) HP Update (x32 Version: 5.002.003.003) HP Vision Hardware Diagnostics (Version: 2.5.0.0) Hulu Desktop (HKCU Version: 0.9.13) IDT Audio (x32 Version: 1.0.6325.0) Intel® Management Engine Components (x32 Version: 7.0.0.1144) Java 7 Update 45 (x32 Version: 7.0.450) Java Auto Updater (x32 Version: 2.1.9.8) Java 6 Update 31 (x32 Version: 6.0.310) Junk Mail filter update (x32 Version: 15.4.3502.0922) Kobo (x32 Version: 1.6) LabelPrint (x32 Version: 2.5.3609) League of Legends (x32 Version: 3.0.0) Mah Jong Medley (x32 Version: 2.2.0.95) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) Mesh Runtime (x32 Version: 15.4.5722.2) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Default Manager (x32 Version: 2.2.114.0) Microsoft Office 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000) Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000) Microsoft Search Enhancement Pack (x32 Version: 3.0.131.0) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0) Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) Mumble 1.2.3 (x32 Version: 1.2.3) Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95) Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95) Norton Online Backup (x32 Version: 2.1.17869) NVIDIA 3D Vision Driver 267.95 (Version: 267.95) NVIDIA Control Panel 267.95 (Version: 267.95) NVIDIA Graphics Driver 267.95 (Version: 267.95) NVIDIA Install Application (Version: 2.265.41.0) NVIDIA PhysX (x32 Version: 9.10.0514) NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6795) Pando Media Booster (x32 Version: 2.6.0.7) PDF Complete Special Edition (x32 Version: 4.0.35) PDF Settings CS6 (x32 Version: 11.0) Penguins! (x32 Version: 2.2.0.95) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95) PlayReady PC Runtime amd64 (Version: 1.3.0) PlayReady PC Runtime x86 (x32 Version: 1.3.0) Poker Superstars III (x32 Version: 2.2.0.95) Polar Bowler (x32 Version: 2.2.0.95) Polar Golfer (x32 Version: 2.2.0.95) Power2Go (x32 Version: 6.1.4817) PressReader (x32 Version: 5.10.1217.0) Recovery Manager (x32 Version: 5.5.3621) Remote Graphics Receiver (x32 Version: 5.4.5) RoxioNow Player (x32 Version: 1.9.5.103) Sid Meier's Civilization V (x32) Skype™ 6.9 (x32 Version: 6.9.106) Slingo Supreme (x32 Version: 2.2.0.95) Star Wars: The Old Republic (x32 Version: 1.00) Steam (x32 Version: 1.0.0.0) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3) Update Installer for WildTangent Games App (x32) VIPRE Antivirus (x32 Version: 6.2.4.7) Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95) Warframe (x32 Version: 1.0.0) Wheel of Fortune 2 (x32 Version: 2.2.0.95) WildTangent Games App (x32 Version: 4.0.10.2) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3508.1109) Windows Live ID Sign-in Assistant (Version: 7.250.4225.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3508.1109) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Mesh (x32 Version: 15.4.3502.0922) Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2) Windows Live Messenger (x32 Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) WinRAR 4.11 (64-bit) (Version: 4.11.0) World of Warcraft (x32 Version: 5.2.0.16769) Zinio Reader 4 (x32 Version: 4.0.3184) Zuma Deluxe (x32 Version: 2.2.0.95) ==================== Restore Points ========================= 17-10-2013 00:50:25 Removed LogMeIn Hamachi 17-10-2013 00:54:31 Installed Java 7 Update 45 ==================== Hosts content: ========================== 2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {3916D71B-3A62-4D66-8511-DD43CF8AD1D8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {4CD17A51-4217-4872-9ABD-3DE9E32E576A} - System32\Tasks\HPCeeScheduleForMACK-GAMING-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {6298E022-89A9-49A7-8129-0F65B5861EAD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated) Task: {68885ADB-5638-4ACF-A1A4-4B6D8B78224F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {736CD329-5F01-46AF-9B87-F92FB1A52751} - System32\Tasks\AdobeAAMUpdater-1.0-Mack-Gaming-HP-Mack => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated) Task: {77301C0E-482F-4B25-A225-19D0F882D917} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2013-09-17] (Microsoft) Task: {78F54311-EEEA-4239-B5B1-D64FC562E009} - System32\Tasks\HPOSIAPP64 => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe [2009-02-27] () Task: {C4EF016C-AA6F-476C-9870-AA633A86F501} - System32\Tasks\HPCeeScheduleForMack => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {D913D344-C133-404A-B809-E7A00DA941CB} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-12-21] (CyberLink) Task: {F33E47BB-6837-4E5C-8428-DADB78D71208} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {F73D083F-62C0-4506-B520-29AFF3C3F347} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-08-09] (Hewlett-Packard) Task: {F9EE2342-87BF-4BE7-AAB0-A6DFE596A9B6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company) Task: {FB78DCDF-8D83-4DA6-922C-67FA3A07C2A9} - \Scheduled Update for Ask Toolbar No Task File Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\HPCeeScheduleForMACK-GAMING-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\HPCeeScheduleForMack.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2012-10-24 14:38 - 2012-10-24 14:38 - 00160768 _____ () C:\Program Files (x86)\GFI Software\VIPRE\unrar.dll 2011-10-15 04:40 - 2009-02-19 19:22 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\WMINPUT.DLL 2011-12-26 14:54 - 2013-07-05 14:25 - 00190752 _____ () C:\Program Files (x86)\GFI Software\VIPRE\Definitions\libBase64.dll 2011-12-26 14:54 - 2013-07-05 14:25 - 00178464 _____ () C:\Program Files (x86)\GFI Software\VIPRE\Definitions\libMachoUniv.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBPIMSvc => ""="Service" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/19/2013 01:18:40 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/19/2013 01:13:38 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/19/2013 00:21:18 PM) (Source: Application Error) (User: ) Description: Faulting application name: dllhost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x000000000004eae0 Faulting process id: 0x53f8 Faulting application start time: 0xdllhost.exe0 Faulting application path: dllhost.exe1 Faulting module path: dllhost.exe2 Report Id: dllhost.exe3 Error: (10/19/2013 00:21:12 PM) (Source: Application Error) (User: ) Description: Faulting application name: dllhost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x000000000004eae0 Faulting process id: 0x29a0 Faulting application start time: 0xdllhost.exe0 Faulting application path: dllhost.exe1 Faulting module path: dllhost.exe2 Report Id: dllhost.exe3 Error: (10/19/2013 00:19:52 PM) (Source: Application Error) (User: ) Description: Faulting application name: dllhost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x000000000004eae0 Faulting process id: 0x3808 Faulting application start time: 0xdllhost.exe0 Faulting application path: dllhost.exe1 Faulting module path: dllhost.exe2 Report Id: dllhost.exe3 Error: (10/19/2013 00:19:30 PM) (Source: Application Error) (User: ) Description: Faulting application name: dllhost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x000000000004eae0 Faulting process id: 0x5954 Faulting application start time: 0xdllhost.exe0 Faulting application path: dllhost.exe1 Faulting module path: dllhost.exe2 Report Id: dllhost.exe3 Error: (10/19/2013 00:19:19 PM) (Source: Application Error) (User: ) Description: Faulting application name: dllhost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x000000000004eae0 Faulting process id: 0x63dc Faulting application start time: 0xdllhost.exe0 Faulting application path: dllhost.exe1 Faulting module path: dllhost.exe2 Report Id: dllhost.exe3 Error: (10/19/2013 00:18:48 PM) (Source: Application Error) (User: ) Description: Faulting application name: dllhost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x000000000004eae0 Faulting process id: 0x2550 Faulting application start time: 0xdllhost.exe0 Faulting application path: dllhost.exe1 Faulting module path: dllhost.exe2 Report Id: dllhost.exe3 Error: (10/19/2013 00:18:25 PM) (Source: Application Error) (User: ) Description: Faulting application name: dllhost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x000000000004eae0 Faulting process id: 0x26c8 Faulting application start time: 0xdllhost.exe0 Faulting application path: dllhost.exe1 Faulting module path: dllhost.exe2 Report Id: dllhost.exe3 Error: (10/19/2013 00:18:20 PM) (Source: Application Error) (User: ) Description: Faulting application name: dllhost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca54 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x000000000004eae0 Faulting process id: 0x6088 Faulting application start time: 0xdllhost.exe0 Faulting application path: dllhost.exe1 Faulting module path: dllhost.exe2 Report Id: dllhost.exe3 System errors: ============= Error: (10/19/2013 01:17:09 PM) (Source: Service Control Manager) (User: ) Description: The SeaPort service failed to start due to the following error: %%2 Error: (10/19/2013 01:12:07 PM) (Source: Service Control Manager) (User: ) Description: The SeaPort service failed to start due to the following error: %%2 Error: (10/19/2013 01:11:56 PM) (Source: EventLog) (User: ) Description: The previous system shutdown at 1:10:28 PM on 10/19/2013 was unexpected. Error: (10/19/2013 01:00:58 PM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service. Error: (10/19/2013 01:00:28 PM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service. Error: (10/19/2013 00:59:58 PM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service. Error: (10/19/2013 00:59:28 PM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service. Error: (10/19/2013 00:58:58 PM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service. Error: (10/19/2013 10:53:19 AM) (Source: Schannel) (User: NT AUTHORITY) Description: The following fatal alert was generated: 40. The internal error state is 107. Error: (10/19/2013 10:53:19 AM) (Source: Schannel) (User: NT AUTHORITY) Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. Microsoft Office Sessions: ========================= Error: (10/19/2013 01:18:40 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/19/2013 01:13:38 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/19/2013 00:21:18 PM) (Source: Application Error)(User: ) Description: dllhost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18247521eaf24c0000005000000000004eae053f801ceccef65136f0aC:\Windows\system32\dllhost.exeC:\Windows\SYSTEM32\ntdll.dlldd0c5aa4-38e2-11e3-8b8b-386077904850 Error: (10/19/2013 00:21:12 PM) (Source: Application Error)(User: ) Description: dllhost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18247521eaf24c0000005000000000004eae029a001cecceeece42157C:\Windows\system32\dllhost.exeC:\Windows\SYSTEM32\ntdll.dlld9712ee2-38e2-11e3-8b8b-386077904850 Error: (10/19/2013 00:19:52 PM) (Source: Application Error)(User: ) Description: dllhost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18247521eaf24c0000005000000000004eae0380801ceccef586820d9C:\Windows\system32\dllhost.exeC:\Windows\SYSTEM32\ntdll.dlla9fa0a93-38e2-11e3-8b8b-386077904850 Error: (10/19/2013 00:19:30 PM) (Source: Application Error)(User: ) Description: dllhost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18247521eaf24c0000005000000000004eae0595401ceccef3a354be5C:\Windows\system32\dllhost.exeC:\Windows\SYSTEM32\ntdll.dll9cd6f3da-38e2-11e3-8b8b-386077904850 Error: (10/19/2013 00:19:19 PM) (Source: Application Error)(User: ) Description: dllhost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18247521eaf24c0000005000000000004eae063dc01ceccef194fd768C:\Windows\system32\dllhost.exeC:\Windows\SYSTEM32\ntdll.dll95edab35-38e2-11e3-8b8b-386077904850 Error: (10/19/2013 00:18:48 PM) (Source: Application Error)(User: ) Description: dllhost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18247521eaf24c0000005000000000004eae0255001cecceeda0805c3C:\Windows\system32\dllhost.exeC:\Windows\SYSTEM32\ntdll.dll83a3be16-38e2-11e3-8b8b-386077904850 Error: (10/19/2013 00:18:25 PM) (Source: Application Error)(User: ) Description: dllhost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18247521eaf24c0000005000000000004eae026c801ceccef11a39fa7C:\Windows\system32\dllhost.exeC:\Windows\SYSTEM32\ntdll.dll75ff2e4a-38e2-11e3-8b8b-386077904850 Error: (10/19/2013 00:18:20 PM) (Source: Application Error)(User: ) Description: dllhost.exe6.1.7600.163854a5bca54ntdll.dll6.1.7601.18247521eaf24c0000005000000000004eae0608801cecceec0fbcca4C:\Windows\system32\dllhost.exeC:\Windows\SYSTEM32\ntdll.dll72c79335-38e2-11e3-8b8b-386077904850 ==================== Memory info =========================== Percentage of memory in use: 19% Total physical RAM: 10220.31 MB Available physical RAM: 8244.57 MB Total Pagefile: 20438.8 MB Available Pagefile: 18265.88 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:1385.55 GB) (Free:1218.78 GB) NTFS Drive d: (HP_RECOVERY) (Fixed) (Total:11.62 GB) (Free:1.42 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive e: (Photoshop CS6) (CDROM) (Total:1.78 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 1397 GB) (Disk ID: 019EED83) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=-711304675328) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS) ==================== End Of Log ============================