When I have an active internet connection (WLAN or wired) multiple (~30) dllhost.exe *32 processes launch bringing my laptop to a grinding halt (80-100% CPU usage). I've seen others report similar issues on this message board so I'm hoping you can help me also.
Thanks in advance for your help!!!
DDS Log
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.10.2
Run by Bob at 11:01:52 on 2014-03-20
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://acer.msn.com
uDefault_Page_URL = hxxp://acer.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{AC53CB68-76DF-42BA-ABDF-418E8C8330A4} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D238E606-65D7-4AA1-91BC-1485C25B81EA} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D238E606-65D7-4AA1-91BC-1485C25B81EA}\3557E6023586F6070234166656 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D238E606-65D7-4AA1-91BC-1485C25B81EA}\75C414E4 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{D238E606-65D7-4AA1-91BC-1485C25B81EA}\8686F6E6F62737 : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{D238E606-65D7-4AA1-91BC-1485C25B81EA}\C696E6B6379737F5355435F51383631393 : DHCPNameServer = 65.32.5.111 65.32.5.112
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\qlnbmrfl.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Musicnotes\npmusicn.dll
FF - plugin: C:\Program Files (x86)\Musicnotes\NPSibelius.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R? AMD External Events Utility;AMD External Events Utility
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? dkab_device;dkab_device
R? DsiWMIService;Dritek WMI Service
R? ePowerSvc;Acer ePower Service
R? GREGService;GREGService
R? IEEtwCollectorService;Internet Explorer ETW Collector Service
R? LMIGuardianSvc;LMIGuardianSvc
R? MWLService;MyWinLocker Service
R? NTI IScheduleSvc;NTI IScheduleSvc
R? obpedscx;obpedscx
R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader
R? SkypeUpdate;Skype Updater
R? TsUsbFlt;TsUsbFlt
R? Updater Service;Updater Service
R? WatAdminSvc;Windows Activation Technologies Service
S? k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0
S? MpFilter;Microsoft Malware Protection Driver
S? mwlPSDFilter;mwlPSDFilter
S? mwlPSDNServ;mwlPSDNServ
S? mwlPSDVDisk;mwlPSDVDisk
S? NisDrv;Microsoft Network Inspection System
S? NisSrv;Microsoft Network Inspection
.
=============== Created Last 30 ================
.
2014-03-19 17:34:10 10521840 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CCF0E090-D1CC-496E-AF67-FF1C5D1F95DE}\mpengine.dll
2014-03-14 20:35:58 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{44C88B17-1777-4F84-B738-B5E35453CDAF}\gapaengine.dll
2014-03-14 20:35:51 10536864 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-14 20:33:27 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-03-14 20:33:27 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-03-14 20:33:10 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-03-14 20:33:10 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-03-14 20:31:33 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2014-03-14 20:31:10 -------- d-----w- C:\Program Files\Microsoft Security Client
2014-03-14 19:43:14 -------- d-----w- C:\50afdc55646263780c
2014-03-13 17:21:56 -------- d-----w- C:\Users\Bob\AppData\Local\Macromedia
2014-03-09 15:53:08 -------- d-----w- C:\Windows\pss
2014-03-09 11:48:49 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8D1492DC-CAD1-4835-85BC-6685686EAE8C}\mpengine.dll
2014-02-26 16:46:52 -------- d-----w- C:\Windows\Migration
.
==================== Find3M ====================
.
2014-03-01 05:17:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-03-01 05:16:26 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 04:11:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-03-01 03:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-03-01 03:00:08 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-21 17:03:12 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 17:03:12 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-29 02:32:18 484864 ----a-w- C:\Windows\System32\wer.dll
2014-01-29 02:06:47 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-01-28 02:32:46 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-01-19 07:33:29 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-01-16 00:42:40 608032 ----a-w- C:\SecurityScanner.dll
2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-12-21 09:53:45 548864 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
.
============= FINISH: 11:05:57.52 ===============
aswMBR log
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-03-20 11:57:53
-----------------------------
11:57:53.398 OS Version: Windows x64 6.1.7601 Service Pack 1
11:57:53.398 Number of processors: 3 586 0x503
11:57:53.398 ComputerName: LAPTOP-JORDAN UserName: Bob
12:03:20.232 Initialize success
12:05:36.640 AVAST engine defs: 14031901
12:07:37.260 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:07:37.260 Disk 0 Vendor: Hitachi_HTS545032B9A300 PB3OC60F Size: 305245MB BusType: 11
12:07:37.431 Disk 0 MBR read successfully
12:07:37.431 Disk 0 MBR scan
12:07:37.556 Disk 0 Windows 7 default MBR code
12:07:37.572 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
12:07:37.618 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
12:07:37.650 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 291831 MB offset 27469824
12:07:38.019 Disk 0 scanning C:\Windows\system32\drivers
12:08:03.633 Service scanning
12:09:11.504 Modules scanning
12:09:11.504 Disk 0 trace - called modules:
12:09:11.536 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
12:09:11.551 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800433a060]
12:09:11.567 3 CLASSPNP.SYS[fffff8800195443f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80042be060]
12:09:15.262 AVAST engine scan C:\Windows
12:09:25.845 AVAST engine scan C:\Windows\system32
15:25:23.306 AVAST engine scan C:\Windows\system32\drivers
15:49:37.475 AVAST engine scan C:\Users\Bob
16:08:08.188 AVAST engine scan C:\ProgramData
20:09:43.284 Scan finished successfully
21:10:54.613 Disk 0 MBR has been saved successfully to "C:\Users\Bob\Desktop\MBR.dat"
21:10:57.080 The log file has been saved successfully to "C:\Users\Bob\Desktop\aswMBR.txt"
Thanks in advance for your help!!!
DDS Log
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.10.2
Run by Bob at 11:01:52 on 2014-03-20
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://acer.msn.com
uDefault_Page_URL = hxxp://acer.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{AC53CB68-76DF-42BA-ABDF-418E8C8330A4} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D238E606-65D7-4AA1-91BC-1485C25B81EA} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D238E606-65D7-4AA1-91BC-1485C25B81EA}\3557E6023586F6070234166656 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D238E606-65D7-4AA1-91BC-1485C25B81EA}\75C414E4 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{D238E606-65D7-4AA1-91BC-1485C25B81EA}\8686F6E6F62737 : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{D238E606-65D7-4AA1-91BC-1485C25B81EA}\C696E6B6379737F5355435F51383631393 : DHCPNameServer = 65.32.5.111 65.32.5.112
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\qlnbmrfl.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Musicnotes\npmusicn.dll
FF - plugin: C:\Program Files (x86)\Musicnotes\NPSibelius.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R? AMD External Events Utility;AMD External Events Utility
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? dkab_device;dkab_device
R? DsiWMIService;Dritek WMI Service
R? ePowerSvc;Acer ePower Service
R? GREGService;GREGService
R? IEEtwCollectorService;Internet Explorer ETW Collector Service
R? LMIGuardianSvc;LMIGuardianSvc
R? MWLService;MyWinLocker Service
R? NTI IScheduleSvc;NTI IScheduleSvc
R? obpedscx;obpedscx
R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader
R? SkypeUpdate;Skype Updater
R? TsUsbFlt;TsUsbFlt
R? Updater Service;Updater Service
R? WatAdminSvc;Windows Activation Technologies Service
S? k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0
S? MpFilter;Microsoft Malware Protection Driver
S? mwlPSDFilter;mwlPSDFilter
S? mwlPSDNServ;mwlPSDNServ
S? mwlPSDVDisk;mwlPSDVDisk
S? NisDrv;Microsoft Network Inspection System
S? NisSrv;Microsoft Network Inspection
.
=============== Created Last 30 ================
.
2014-03-19 17:34:10 10521840 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CCF0E090-D1CC-496E-AF67-FF1C5D1F95DE}\mpengine.dll
2014-03-14 20:35:58 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{44C88B17-1777-4F84-B738-B5E35453CDAF}\gapaengine.dll
2014-03-14 20:35:51 10536864 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-14 20:33:27 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-03-14 20:33:27 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-03-14 20:33:10 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-03-14 20:33:10 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-03-14 20:31:33 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2014-03-14 20:31:10 -------- d-----w- C:\Program Files\Microsoft Security Client
2014-03-14 19:43:14 -------- d-----w- C:\50afdc55646263780c
2014-03-13 17:21:56 -------- d-----w- C:\Users\Bob\AppData\Local\Macromedia
2014-03-09 15:53:08 -------- d-----w- C:\Windows\pss
2014-03-09 11:48:49 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8D1492DC-CAD1-4835-85BC-6685686EAE8C}\mpengine.dll
2014-02-26 16:46:52 -------- d-----w- C:\Windows\Migration
.
==================== Find3M ====================
.
2014-03-01 05:17:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-03-01 05:16:26 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 04:11:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-03-01 03:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-03-01 03:00:08 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-21 17:03:12 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 17:03:12 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-29 02:32:18 484864 ----a-w- C:\Windows\System32\wer.dll
2014-01-29 02:06:47 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-01-28 02:32:46 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-01-19 07:33:29 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-01-16 00:42:40 608032 ----a-w- C:\SecurityScanner.dll
2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-12-21 09:53:45 548864 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
.
============= FINISH: 11:05:57.52 ===============
aswMBR log
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-03-20 11:57:53
-----------------------------
11:57:53.398 OS Version: Windows x64 6.1.7601 Service Pack 1
11:57:53.398 Number of processors: 3 586 0x503
11:57:53.398 ComputerName: LAPTOP-JORDAN UserName: Bob
12:03:20.232 Initialize success
12:05:36.640 AVAST engine defs: 14031901
12:07:37.260 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:07:37.260 Disk 0 Vendor: Hitachi_HTS545032B9A300 PB3OC60F Size: 305245MB BusType: 11
12:07:37.431 Disk 0 MBR read successfully
12:07:37.431 Disk 0 MBR scan
12:07:37.556 Disk 0 Windows 7 default MBR code
12:07:37.572 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
12:07:37.618 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
12:07:37.650 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 291831 MB offset 27469824
12:07:38.019 Disk 0 scanning C:\Windows\system32\drivers
12:08:03.633 Service scanning
12:09:11.504 Modules scanning
12:09:11.504 Disk 0 trace - called modules:
12:09:11.536 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
12:09:11.551 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800433a060]
12:09:11.567 3 CLASSPNP.SYS[fffff8800195443f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80042be060]
12:09:15.262 AVAST engine scan C:\Windows
12:09:25.845 AVAST engine scan C:\Windows\system32
15:25:23.306 AVAST engine scan C:\Windows\system32\drivers
15:49:37.475 AVAST engine scan C:\Users\Bob
16:08:08.188 AVAST engine scan C:\ProgramData
20:09:43.284 Scan finished successfully
21:10:54.613 Disk 0 MBR has been saved successfully to "C:\Users\Bob\Desktop\MBR.dat"
21:10:57.080 The log file has been saved successfully to "C:\Users\Bob\Desktop\aswMBR.txt"
