Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Remove Hitman Pro


  • This topic is locked This topic is locked

#1
Yippee38

Yippee38

    New Member

  • Member
  • Pip
  • 5 posts
My wife was having some problems with Steam today on her Windows 7 Home Premium, 64-bit computer. I fixed it (ran "c:\Program Files\Steam\bin\SteamService.exe" /repair), but it required a restart. When the computer restart, I noticed that I got a text screen saying something about Hitman Pro 3.something blah blah blah. Neither of us knowingly installed this software. I checked Programs to uninstall it, but it's not showing there. I checked C:\Program Files and C:\Program Files (x86), but there was nothing there. Ran a scan for Hitman and found a new folder in her user directory. I came here because somebody else had a problem here with Hitman.

I tried to run OTL, but it hangs every time when it says, "Scanning Firefox Settings". I've let it run over 1/2 hour, but it doesn't do anything at that point.

What can I do to get OTL to run, or is there another scan tool I can use?

Thanks,
Yippee38
  • 0

Advertisements


#2
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
:welcome:

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

  • 0

#3
Yippee38

Yippee38

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Thanks for the quick reply. Here's the results of FRST (I replace her user name with <user name>, the IP address with <IP address>, and similar substitutions for DNS and Host and computer name:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2013 01
Ran by <user name> (administrator) on 12-05-2013 15:07:10
Running from D:\Users\<user name>\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Farbar) d:\Users\<user name>\Desktop\FRST64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6827664 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h [9048392 2011-06-30] (COMODO)
HKLM\...\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice [6330568 2013-03-04] (ESET)
HKCU\...\Run: [Steam] "E:\Steam\Steam.exe" -silent [x]
HKCU\...\Run: [Pando Media Booster] "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" [4288048 2013-04-01] ()
HKLM-x32\...\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun [606208 2009-12-09] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll C:\Windows\System32\guard64.dll [363560 2011-06-30] (COMODO)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - DataVault Bar - {0D792CB2-2654-4E99-A597-7FC317F04D61} - C:\Program Files (x86)\DataVault\ie64.dll ()
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM-x32 - DataVault Bar - {0D792CB2-2654-4E99-A597-7FC317F04D61} - C:\Program Files (x86)\DataVault\ie.dll ()
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
Toolbar: HKCU - WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
Tcpip\..\Interfaces\{EC2BD096-8612-4CA7-A44F-7545F5778C22}: [NameServer]64.233.207.8,<Host IP>

FireFox:
========
FF ProfilePath: d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF Plugin-x32: @ascendo-inc/DataVault;version=1 - C:\Program Files (x86)\DataVault\npapi.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: Noia 2.0 eXtreme OPT - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\noia2_option@kk.noia
FF Extension: Forecastfox - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF Extension: Garmin Communicator - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: Microsoft .NET Framework Assistant - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: No Name - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\{89736E8E-4B14-4042-8C75-AD00B6BD3900}
FF Extension: Noia 2.0 (eXtreme) - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
FF Extension: WOT - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: ReminderFox - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF Extension: betterfacebook - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\betterfacebook@mattkruse.com.xpi
FF Extension: No Name - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\Extensions.rdf
FF Extension: fbp - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\fbp@fbpurity.com.xpi
FF Extension: forcetls - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\forcetls@sid.stamm.xpi
FF Extension: No Name - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\installed-extensions.txt
FF Extension: socialfixer - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\socialfixer@mattkruse.com.xpi
FF Extension: testpilot - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\testpilot@labs.mozilla.com.xpi
FF Extension: No Name - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
FF Extension: No Name - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\{BB359C50-BFC9-4f40-8302-3FE5A499A859}.xpi
FF Extension: No Name - d:\Users\<user name>\AppData\Roaming\Mozilla\Firefox\Profiles\chatscku.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - d:\Users\<user name>\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - d:\Users\<user name>\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - d:\Users\<user name>\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll ()
CHR Plugin: (Ascendo DataVault) - C:\Program Files (x86)\DataVault\npapi.dll ()
CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Google Update) - d:\Users\<user name>\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (YouTube) - d:\Users\<user name>\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1
CHR Extension: (Adblock Plus) - d:\Users\<user name>\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0
CHR Extension: (Google Search) - d:\Users\<user name>\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - d:\Users\<user name>\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Gmail) - d:\Users\<user name>\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

==================== Services (Whitelisted) =================

R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2528096 2011-06-30] (COMODO)
S3 DAUpdaterSvc; E:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2012-12-26] (BioWare)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1341664 2013-03-04] (ESET)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [252344 2011-06-30] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [41712 2011-06-30] (COMODO)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-20] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [139768 2013-01-10] (ESET)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [92688 2011-06-30] (COMODO)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-05-12 15:07 - 2013-05-12 15:07 - 00000000 ____D C:\FRST
2013-05-11 22:14 - 2013-05-11 22:14 - 00011606 ____A C:\ComboFix.txt
2013-05-11 22:09 - 2011-06-26 01:45 - 00256000 ____A C:\Windows\PEV.exe
2013-05-11 22:09 - 2010-11-07 12:20 - 00208896 ____A C:\Windows\MBR.exe
2013-05-11 22:09 - 2009-04-19 23:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-05-11 22:09 - 2000-08-30 19:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-05-11 22:09 - 2000-08-30 19:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-05-11 22:09 - 2000-08-30 19:00 - 00098816 ____A C:\Windows\sed.exe
2013-05-11 22:09 - 2000-08-30 19:00 - 00080412 ____A C:\Windows\grep.exe
2013-05-11 22:09 - 2000-08-30 19:00 - 00068096 ____A C:\Windows\zip.exe
2013-05-11 22:08 - 2013-05-11 22:14 - 00000000 ____D C:\Qoobox
2013-05-11 22:08 - 2013-05-11 22:13 - 00000000 ____D C:\Windows\erdnt
2013-05-11 19:17 - 2013-04-01 19:58 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-11 19:11 - 2012-12-16 12:11 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-05-11 19:11 - 2012-12-16 09:45 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-05-11 19:11 - 2012-12-16 09:13 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-05-11 19:11 - 2012-12-16 09:13 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-05-11 19:11 - 2010-09-30 05:41 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2013-05-11 19:11 - 2010-09-30 01:47 - 00070656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-05-11 19:10 - 2012-03-01 01:46 - 00023408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2013-05-11 19:10 - 2012-03-01 01:33 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2013-05-11 19:10 - 2012-03-01 01:28 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2013-05-11 19:10 - 2012-03-01 00:33 - 00159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-05-11 19:10 - 2012-03-01 00:29 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2013-05-11 19:09 - 2013-04-12 09:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-05-11 19:09 - 2013-03-02 00:56 - 01188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-11 19:09 - 2013-03-02 00:55 - 01492992 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-11 19:09 - 2013-03-02 00:55 - 00134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-11 19:09 - 2013-03-02 00:50 - 09059328 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-11 19:09 - 2013-03-02 00:50 - 00735232 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-11 19:09 - 2013-03-02 00:50 - 00097792 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-11 19:09 - 2013-03-02 00:49 - 12294656 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-11 19:09 - 2013-03-02 00:49 - 02458112 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-11 19:09 - 2013-03-02 00:49 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-11 19:09 - 2013-03-02 00:49 - 00064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-11 19:09 - 2013-03-01 23:58 - 01231872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-11 19:09 - 2013-03-01 23:58 - 00981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-11 19:09 - 2013-03-01 23:58 - 00132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-11 19:09 - 2013-03-01 23:54 - 06032384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-11 19:09 - 2013-03-01 23:54 - 00627712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-11 19:09 - 2013-03-01 23:54 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-11 19:09 - 2013-03-01 23:53 - 00048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-11 19:09 - 2013-03-01 23:52 - 11020800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-11 19:09 - 2013-03-01 23:52 - 02078208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-11 19:09 - 2013-03-01 23:52 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-11 19:09 - 2013-03-01 22:57 - 01638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-11 19:09 - 2013-03-01 22:22 - 01638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-11 19:09 - 2013-02-28 22:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-11 19:09 - 2013-02-15 01:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-05-11 19:09 - 2013-02-15 01:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-05-11 19:09 - 2013-02-15 01:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-05-11 19:09 - 2013-02-14 23:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-05-11 19:09 - 2013-02-14 23:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-05-11 19:09 - 2013-02-14 22:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-05-11 19:09 - 2013-02-11 23:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-05-11 19:09 - 2013-01-04 00:46 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-05-11 19:09 - 2013-01-03 23:51 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-05-11 19:09 - 2013-01-03 21:47 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-05-11 19:09 - 2013-01-03 21:47 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-05-11 19:09 - 2013-01-03 21:47 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-05-11 19:09 - 2013-01-03 21:47 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-05-11 19:09 - 2013-01-03 01:00 - 01913192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-05-11 19:09 - 2013-01-03 01:00 - 00288088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-05-11 19:09 - 2012-11-20 00:48 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-05-11 19:09 - 2012-11-19 23:51 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-05-11 19:09 - 2012-11-09 00:45 - 00750592 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-05-11 19:09 - 2012-11-09 00:45 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-05-11 19:09 - 2012-11-08 23:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-05-11 19:09 - 2012-11-08 23:42 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-05-11 19:09 - 2012-11-02 00:59 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2013-05-11 19:09 - 2012-11-02 00:11 - 00376832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-05-11 19:09 - 2012-11-01 00:43 - 02002432 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-05-11 19:09 - 2012-11-01 00:43 - 01882624 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-05-11 19:09 - 2012-10-31 23:47 - 01389568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-05-11 19:09 - 2012-10-31 23:47 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-05-11 19:09 - 2012-10-04 12:46 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-05-11 19:09 - 2012-10-04 12:46 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-05-11 19:09 - 2012-10-04 12:46 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-05-11 19:09 - 2012-10-04 12:43 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-05-11 19:09 - 2012-10-04 12:41 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-05-11 19:09 - 2012-10-04 12:41 - 00424960 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:47 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-05-11 19:09 - 2012-10-04 11:47 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 10:21 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-05-11 19:09 - 2012-10-04 09:41 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 09:41 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 09:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-05-11 19:09 - 2012-10-04 09:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-05-11 19:09 - 2012-09-25 17:47 - 00078336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-05-11 19:09 - 2012-09-25 17:46 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2013-05-11 19:09 - 2012-08-24 13:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-05-11 19:09 - 2012-08-24 11:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-05-11 19:09 - 2012-08-22 13:12 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2013-05-11 19:09 - 2012-08-10 19:56 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2013-05-11 19:09 - 2012-08-10 18:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-05-11 19:09 - 2012-07-04 17:16 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2013-05-11 19:09 - 2012-07-04 17:13 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2013-05-11 19:09 - 2012-07-04 17:13 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2013-05-11 19:09 - 2012-07-04 16:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2013-05-11 19:09 - 2012-07-04 16:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2013-05-11 19:09 - 2012-06-16 00:16 - 00609792 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-11 19:09 - 2012-06-16 00:15 - 00911360 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-11 19:09 - 2012-06-15 23:26 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-11 19:09 - 2012-06-15 23:26 - 00428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-11 19:09 - 2012-06-09 00:43 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-11 19:09 - 2012-06-08 23:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-11 19:09 - 2012-06-06 01:02 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2013-05-11 19:09 - 2012-06-06 00:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2013-05-11 19:09 - 2012-06-02 00:50 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-05-11 19:09 - 2012-06-02 00:48 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-05-11 19:09 - 2012-06-02 00:48 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2013-05-11 19:09 - 2012-06-02 00:45 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-05-11 19:09 - 2012-06-02 00:41 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-05-11 19:09 - 2012-06-02 00:41 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-05-11 19:09 - 2012-06-02 00:41 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-05-11 19:09 - 2012-06-01 23:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-05-11 19:09 - 2012-06-01 23:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-05-11 19:09 - 2012-06-01 23:36 - 01159680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-05-11 19:09 - 2012-06-01 23:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-05-11 19:09 - 2012-06-01 23:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-05-11 19:09 - 2012-06-01 23:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-05-11 19:09 - 2012-04-27 22:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2013-05-11 19:09 - 2012-04-26 00:41 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2013-05-11 19:09 - 2012-04-26 00:41 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2013-05-11 19:09 - 2012-04-26 00:34 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2013-05-11 19:09 - 2012-03-17 02:58 - 00075120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2013-05-11 19:09 - 2012-03-03 01:35 - 01544704 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-11 19:09 - 2012-03-03 00:31 - 01077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-11 19:09 - 2012-02-17 01:38 - 01031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2013-05-11 19:09 - 2012-02-17 00:34 - 00826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-05-11 19:09 - 2012-02-16 23:57 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2013-05-11 19:09 - 2011-12-27 22:59 - 00498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-05-11 19:09 - 2011-11-17 01:35 - 01447936 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-05-11 19:09 - 2011-11-17 01:35 - 00395776 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll
2013-05-11 19:09 - 2011-11-17 01:35 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2013-05-11 19:09 - 2011-11-17 01:35 - 00029184 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2013-05-11 19:09 - 2011-11-17 01:35 - 00028160 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll
2013-05-11 19:09 - 2011-11-17 01:33 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2013-05-11 19:09 - 2011-11-17 00:35 - 00314880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2013-05-11 19:09 - 2011-10-26 00:25 - 01572864 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll
2013-05-11 19:09 - 2011-10-26 00:25 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2013-05-11 19:09 - 2011-10-25 23:32 - 01328128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2013-05-11 19:09 - 2011-10-25 23:32 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-05-11 19:09 - 2011-08-17 00:26 - 00613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2013-05-11 19:09 - 2011-08-17 00:25 - 00108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2013-05-11 19:09 - 2011-08-16 23:24 - 00465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2013-05-11 19:09 - 2011-08-16 23:19 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2013-05-11 19:09 - 2011-07-08 21:46 - 00288768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2013-05-11 19:09 - 2011-06-15 05:02 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2013-05-11 19:09 - 2011-06-15 05:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2013-05-11 19:09 - 2011-06-15 05:02 - 00106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2013-05-11 19:09 - 2011-06-15 05:02 - 00106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2013-05-11 19:09 - 2011-06-15 03:55 - 00319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2013-05-11 19:09 - 2011-06-15 03:55 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2013-05-11 19:09 - 2011-06-15 03:55 - 00122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2013-05-11 19:09 - 2011-06-15 03:55 - 00086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2013-05-11 19:09 - 2011-06-15 03:55 - 00081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2013-05-11 19:09 - 2011-05-24 06:42 - 00404480 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2013-05-11 19:09 - 2011-05-24 05:40 - 00064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2013-05-11 19:09 - 2011-05-24 05:40 - 00044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2013-05-11 19:09 - 2011-05-24 05:39 - 00145920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2013-05-11 19:09 - 2011-05-24 05:37 - 00252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2013-05-11 19:09 - 2011-04-28 22:06 - 00467456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2013-05-11 19:09 - 2011-04-28 22:05 - 00410112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2013-05-11 19:09 - 2011-04-28 22:05 - 00168448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-05-11 19:09 - 2011-04-26 21:40 - 00158208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2013-05-11 19:09 - 2011-04-26 21:39 - 00128000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-05-11 19:09 - 2011-04-09 01:58 - 00142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2013-05-11 19:09 - 2011-04-09 00:56 - 00123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-05-11 19:09 - 2011-03-11 01:34 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2013-05-11 19:09 - 2011-03-11 01:34 - 01359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2013-05-11 19:09 - 2011-03-11 00:33 - 01164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2013-05-11 19:09 - 2011-03-11 00:33 - 01137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2013-05-11 19:09 - 2011-03-03 01:24 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2013-05-11 19:09 - 2011-03-03 01:24 - 00183296 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2013-05-11 19:09 - 2011-03-03 01:21 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2013-05-11 19:09 - 2011-03-03 00:38 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2013-05-11 19:09 - 2011-03-03 00:36 - 00028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2013-05-11 19:09 - 2011-02-12 06:34 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\FXSCOVER.exe
2013-05-11 19:09 - 2011-02-05 12:10 - 00642944 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-05-11 19:09 - 2011-02-05 12:10 - 00020352 ____A (Microsoft Corporation) C:\Windows\System32\kdusb.dll
2013-05-11 19:09 - 2011-02-05 12:10 - 00019328 ____A (Microsoft Corporation) C:\Windows\System32\kd1394.dll
2013-05-11 19:09 - 2011-02-05 12:10 - 00017792 ____A (Microsoft Corporation) C:\Windows\System32\kdcom.dll
2013-05-11 19:09 - 2011-02-05 12:06 - 00605552 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-05-11 19:09 - 2011-02-05 12:06 - 00566208 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-05-11 19:09 - 2011-02-05 12:06 - 00518672 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-05-11 19:09 - 2010-12-23 05:42 - 01118720 ____A (Microsoft Corporation) C:\Windows\System32\sbe.dll
2013-05-11 19:09 - 2010-12-23 05:42 - 00961024 ____A (Microsoft Corporation) C:\Windows\System32\CPFilters.dll
2013-05-11 19:09 - 2010-12-23 05:36 - 00259072 ____A (Microsoft Corporation) C:\Windows\System32\mpg2splt.ax
2013-05-11 19:09 - 2010-12-23 00:54 - 00850944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2013-05-11 19:09 - 2010-12-23 00:54 - 00642048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2013-05-11 19:09 - 2010-12-23 00:50 - 00199680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2013-05-11 19:09 - 2010-06-25 22:55 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2013-05-11 19:09 - 2010-06-25 22:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-05-11 19:08 - 2013-03-19 01:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-05-11 19:08 - 2013-03-19 00:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-05-11 19:08 - 2013-03-19 00:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-05-11 19:08 - 2013-03-19 00:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-05-11 19:08 - 2013-03-18 23:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-05-11 19:08 - 2013-03-18 22:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-05-11 19:08 - 2012-05-14 00:26 - 00956928 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-05-11 19:08 - 2011-12-16 03:46 - 00634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2013-05-11 19:08 - 2011-12-16 02:52 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2013-05-11 19:08 - 2011-11-17 01:41 - 01731920 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-05-11 19:08 - 2011-11-17 00:38 - 01292080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-05-11 19:08 - 2011-10-15 01:31 - 00723456 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2013-05-11 19:08 - 2011-10-15 00:38 - 00534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2013-05-11 19:08 - 2011-08-27 00:37 - 00861696 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2013-05-11 19:08 - 2011-08-27 00:37 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2013-05-11 19:08 - 2011-08-26 23:26 - 00571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-05-11 19:08 - 2011-08-26 23:26 - 00233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2013-05-11 19:08 - 2011-05-03 00:29 - 00976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2013-05-11 19:08 - 2011-05-02 23:30 - 00741376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2013-05-11 19:08 - 2011-02-22 23:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2013-05-11 19:06 - 2011-11-19 09:58 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll
2013-05-11 19:06 - 2011-11-19 09:01 - 00067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2013-05-11 19:02 - 2013-05-11 19:02 - 00003915 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log
2013-04-21 10:13 - 2013-04-21 10:13 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2013-04-12 18:06 - 2013-04-12 18:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-05-12 15:07 - 2013-05-12 15:07 - 00000000 ____D C:\FRST
2013-05-12 14:57 - 2009-07-13 23:45 - 00019264 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-12 14:57 - 2009-07-13 23:45 - 00019264 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-12 11:49 - 2013-03-24 10:59 - 00340756 ____A C:\Windows\DirectX.log
2013-05-12 10:58 - 2013-03-22 20:11 - 01565235 ____A C:\Windows\WindowsUpdate.log
2013-05-11 23:12 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-05-11 22:17 - 2009-07-14 00:13 - 00713888 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-11 22:14 - 2013-05-11 22:14 - 00011606 ____A C:\ComboFix.txt
2013-05-11 22:14 - 2013-05-11 22:08 - 00000000 ____D C:\Qoobox
2013-05-11 22:13 - 2013-05-11 22:08 - 00000000 ____D C:\Windows\erdnt
2013-05-11 22:13 - 2009-07-13 21:34 - 00000215 ____A C:\Windows\system.ini
2013-05-11 22:12 - 2010-11-20 22:47 - 00109922 ____A C:\Windows\PFRO.log
2013-05-11 22:12 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-11 22:12 - 2009-07-13 23:51 - 00025235 ____A C:\Windows\setupact.log
2013-05-11 21:42 - 2009-07-13 23:45 - 00292632 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-11 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-05-11 19:02 - 2013-05-11 19:02 - 00003915 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log
2013-05-11 19:02 - 2013-03-24 13:13 - 00000000 ____D C:\Program Files (x86)\Java
2013-05-11 18:33 - 2013-03-23 00:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-21 10:13 - 2013-04-21 10:13 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2013-04-12 18:06 - 2013-04-12 18:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-04-12 09:45 - 2013-05-11 19:09 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


Last Boot: 2013-05-06 00:08

==================== End Of Log ============================

And the Addition File:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2013 01
Ran by <user name> at 2013-05-12 15:07:27 Run:
Running from D:\Users\<user name>\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ABBYY FineReader OCR Engine for Microtek
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Agent Ransack 2010 (64-bit)
Ascendo DataVault 4.8.78 (Version: 4.8.78)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.14.3.0)
Auslogics Disk Defrag (Version: 3.6)
Beyond Compare Version 3.3.7
COMODO Internet Security (Version: 5.5.64714.1383)
Dragon Age: Origins - Ultimate Edition
Dropbox (Version: 2.0.5)
ESET NOD32 Antivirus (Version: 6.0.314.0)
EverQuest Free-to-Play
Foxit Reader (Version: 6.0.2.413)
Intel(R) Management Engine Components (Version: 8.1.0.1252)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Java 7 Update 17 (64-bit) (Version: 7.0.170)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Lara Croft and the Guardian of Light
Magicka
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
Mozilla Thunderbird 17.0.5 (x86 en-US) (Version: 17.0.5)
Nexus Mod Manager (Version: 0.44.5)
NVIDIA Control Panel 314.07 (Version: 314.07)
NVIDIA Graphics Driver 314.07 (Version: 314.07)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
Pando Media Booster (Version: 2.6.0.9)
Realtek Ethernet Controller Driver (Version: 7.61.612.2012)
Realtek High Definition Audio Driver (Version: 6.0.1.6699)
Samsung CLP-310 Series
ScanWizard 5
Steam (Version: 1.0.0.0)
The Elder Scrolls V: Skyrim
The Misadventures of P.B. Winterbottom
The Witcher 2: Assassins of Kings Enhanced Edition
The Witcher: Enhanced Edition
Trine 2
WOT for Internet Explorer (Version: 12.8.2.0)

==================== Restore Points  =========================

26-04-2013 14:07:51 Scheduled Checkpoint
04-05-2013 03:27:12 Scheduled Checkpoint
11-05-2013 13:09:05 Scheduled Checkpoint
12-05-2013 00:02:20 Installed Java 7 Update 21
12-05-2013 00:10:05 Windows Update
12-05-2013 16:49:27 Installed DirectX

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2013 02:43:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: DAOrigins.exe, version: 1.5.13263.0, time stamp: 0x4eb19d53
Faulting module name: DAOrigins.exe, version: 1.5.13263.0, time stamp: 0x4eb19d53
Exception code: 0xc0000005
Fault offset: 0x000d53b4
Faulting process id: 0xf24
Faulting application start time: 0xDAOrigins.exe0
Faulting application path: DAOrigins.exe1
Faulting module path: DAOrigins.exe2
Report Id: DAOrigins.exe3

Error: (05/11/2013 10:17:39 PM) (Source: Application Hang) (User: )
Description: The program OTL.exe version 3.2.69.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 440

Start Time: 01ce4ebf2f00a740

Termination Time: 0

Application Path: d:\Users\<user name>\Desktop\OTL.exe

Report Id: 7ec567f7-bab2-11e2-996c-c860009b6837

Error: (05/11/2013 10:14:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/11/2013 10:06:23 PM) (Source: Application Hang) (User: )
Description: The program OTL.exe version 3.2.69.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: bbc

Start Time: 01ce4ebb442155f4

Termination Time: 1

Application Path: d:\Users\<user name>\Desktop\OTL.exe

Report Id: e874668a-bab0-11e2-9c21-c860009b6837

Error: (05/11/2013 09:44:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/11/2013 09:42:19 PM) (Source: Application Error) (User: )
Description: Faulting application name: UNS.exe, version: 8.1.0.1252, time stamp: 0x4fe8a22d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x74456cdc
Faulting process id: 0xfac
Faulting application start time: 0xUNS.exe0
Faulting application path: UNS.exe1
Faulting module path: UNS.exe2
Report Id: UNS.exe3

Error: (05/11/2013 09:42:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: LMS.exe, version: 8.1.0.1252, time stamp: 0x4fe8a1b7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x74456cdc
Faulting process id: 0xf04
Faulting application start time: 0xLMS.exe0
Faulting application path: LMS.exe1
Faulting module path: LMS.exe2
Report Id: LMS.exe3

Error: (05/11/2013 09:42:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: jhi_service.exe, version: 8.1.0.1252, time stamp: 0x4fe8a327
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x74456cdc
Faulting process id: 0x658
Faulting application start time: 0xjhi_service.exe0
Faulting application path: jhi_service.exe1
Faulting module path: jhi_service.exe2
Report Id: jhi_service.exe3

Error: (05/11/2013 07:15:41 PM) (Source: MsiInstaller) (User: <computer name>)
Description: Product: MSXML 4.0 SP2 (KB973688) -- Error 1935. An error occured during the installation of assembly component {7B2B4EA5-1028-B7E6-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9876.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"

Error: (05/11/2013 07:14:56 PM) (Source: MsiInstaller) (User: <computer name>)
Description: Product: MSXML 4.0 SP2 (KB954430) -- Error 1935. An error occured during the installation of assembly component {7B30B69B-0E6C-B7E0-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9870.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"


System errors:
=============
Error: (05/12/2013 00:11:06 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: 
%%1058

Error: (05/12/2013 00:11:06 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: 
%%1058

Error: (05/12/2013 00:11:06 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: 
%%1058

Error: (05/12/2013 00:11:06 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: 
%%1058

Error: (05/12/2013 11:08:06 AM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: 
%%1058

Error: (05/12/2013 11:07:58 AM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: 
%%1058

Error: (05/12/2013 10:58:00 AM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Programs.

Error: (05/12/2013 10:58:00 AM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Programs.

Error: (05/12/2013 10:58:00 AM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Programs.

Error: (05/12/2013 10:58:00 AM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Programs.


Microsoft Office Sessions:
=========================
Error: (05/12/2013 02:43:18 PM) (Source: Application Error)(User: )
Description: DAOrigins.exe1.5.13263.04eb19d53DAOrigins.exe1.5.13263.04eb19d53c0000005000d53b4f2401ce4f3397018bb2E:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAOrigins.exeE:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAOrigins.exe319184bf-bb3c-11e2-996c-c860009b6837

Error: (05/11/2013 10:17:39 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.044001ce4ebf2f00a7400d:\Users\<user name>\Desktop\OTL.exe7ec567f7-bab2-11e2-996c-c860009b6837

Error: (05/11/2013 10:14:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/11/2013 10:06:23 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.0bbc01ce4ebb442155f41d:\Users\<user name>\Desktop\OTL.exee874668a-bab0-11e2-9c21-c860009b6837

Error: (05/11/2013 09:44:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/11/2013 09:42:19 PM) (Source: Application Error)(User: )
Description: UNS.exe8.1.0.12524fe8a22dunknown0.0.0.000000000c000000574456cdcfac01ce4ea1384f42acC:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exeunknown8fe2a717-baad-11e2-9ce1-c860009b6837

Error: (05/11/2013 09:42:18 PM) (Source: Application Error)(User: )
Description: LMS.exe8.1.0.12524fe8a1b7unknown0.0.0.000000000c000000574456cdcf0401ce4ea13725162eC:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exeunknown8fd6c035-baad-11e2-9ce1-c860009b6837

Error: (05/11/2013 09:42:18 PM) (Source: Application Error)(User: )
Description: jhi_service.exe8.1.0.12524fe8a327unknown0.0.0.000000000c000000574456cdc65801ce4ea0eb256f91C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exeunknown8fc3b533-baad-11e2-9ce1-c860009b6837

Error: (05/11/2013 07:15:41 PM) (Source: MsiInstaller)(User: <computer name>)
Description: Product: MSXML 4.0 SP2 (KB973688) -- Error 1935. An error occured during the installation of assembly component {7B2B4EA5-1028-B7E6-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9876.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (05/11/2013 07:14:56 PM) (Source: MsiInstaller)(User: <computer name>)
Description: Product: MSXML 4.0 SP2 (KB954430) -- Error 1935. An error occured during the installation of assembly component {7B30B69B-0E6C-B7E0-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9870.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"(NULL)(NULL)(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2013-05-11 22:12:15.287
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-05-11 22:12:15.282
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Percentage of memory in use: 12%
Total physical RAM: 8145.47 MB
Available physical RAM: 7103.81 MB
Total Pagefile: 24527.65 MB
Available Pagefile: 23255.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Programs) (Fixed) (Total:59.53 GB) (Free:39.02 GB) NTFS (Disk=0 Partition=2)
Drive d: (User Profiles) (Fixed) (Total:448.62 GB) (Free:416.08 GB) NTFS (Disk=2 Partition=2)
Drive e: (Games) (Fixed) (Total:448.62 GB) (Free:122.72 GB) NTFS (Disk=2 Partition=3)
Drive f: (Swap File) (Fixed) (Total:34.28 GB) (Free:18.19 GB) NTFS (Disk=2 Partition=1)
Drive h: (Programs_backup) (Fixed) (Total:59.62 GB) (Free:35.4 GB) NTFS (Disk=1 Partition=1) ==>[System with boot components (obtained from reading drive)]
Drive i: (User Profiles_Backup) (Fixed) (Total:448.62 GB) (Free:406.04 GB) NTFS (Disk=1 Partition=2)
Drive j: (Games_Backup) (Fixed) (Total:423.27 GB) (Free:267.88 GB) NTFS (Disk=1 Partition=3)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 60 GB) (Disk ID: 4D2C4371)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=60 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 0DAA9752)
Partition 1: (Not Active) - (Size=932 GB) - (Type=OF Extended)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 05C2C40E)
Partition 1: (Not Active) - (Size=34 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Edited by Yippee38, 12 May 2013 - 02:19 PM.

  • 0

#4
Yippee38

Yippee38

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
BTW, I don't think it makes a difference here, but this install hasn't been activated yet. It's got an extra hard drive in it from which I'm copying old data. When I'm done with that I will activate it. Don't know if that will cause any messages above, but I thought I should let you know.
  • 0

#5
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
There is no sign of Hitman Pro in that report. You did run Combofix. Did that make a difference? There is an error in the event viewer that indicates The file system structure on the disk is corrupt and unusable, and recommends that the chkdsk utility be ran on the volume Programs.

Click on the Start button, then on Computer. Locate the volume "Programs" and take note of the drive letter assigned to this volume. Then open a command prompt (Start ->type CMD on the search box and press Enter). At the prompt type the following and press Enter:

chkdsk X: /R

Replace the X above with the letter assigned to the volume Programs. This will schedule chkdsk to run next time the computer is started. Let me know the outcome and if that has made a difference.
  • 0

#6
Yippee38

Yippee38

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
To be honest with you, she wasn't seeing any abnormal behavior. I just saw that message and thought it didn't belong. I ran chkdsk on the C: drive. Thanks for the heads up on that.

I guess if there's no sign of Hitman Pro, the only explanation I can think of is that she somehow inadvertently installed it at some point, then uninstalled it, but never rebooted. When I looked at her PC and rebooted it, the message I saw must have been something about Hitman Pro being removed. <shrug>

Thanks for your help!
  • 0

#7
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Should I then consider this case as closed?
  • 0

#8
Yippee38

Yippee38

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Yes. I think so.

Thank you.
  • 0

#9
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP