Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Antivirus auto-disabled

Started by zoltain , Oct 02 2013 08:35 AM

  • Please log in to reply

#31
zoltain
Posted 13 October 2013 - 06:13 PM

zoltain

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 137 posts
Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>
C:\Windows\system32>sfc /VERIFYFILE=c:\windows\system32\sysmain.dll


Windows Resource Protection did not find any integrity violations.

C:\Windows\system32>
  • 0

Advertisements

#32
RKinner
Posted 13 October 2013 - 06:48 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Don't know what Superfetch is complaining about. Superfetch is supposed to make it faster at least during boot. I think it is also required if you use a USB drive to add memory. How is it running otherwise. Are you seeing any other problems?
  • 0

#33
zoltain
Posted 13 October 2013 - 08:47 PM

zoltain

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 137 posts
I think the issue with MSE being disabled at boot seems to be fixed but I am still unable to troubleshoot my internet connection. The only other thing is DOTA 2 (a game which runs on steam) has been loosing connection / crashing on me a lot recently. It never has before. It even completely shut off my computer (like the power was unplugged w/ battery detached). That may just be a problem with the game itself. Other than that my computer seems to be running fine.
  • 0

#34
RKinner
Posted 13 October 2013 - 11:45 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
I think the sdiagnhost.exe is the file that gets called by the network diagnostic routine. Let's see if it is still there:

Copy the text in the code box:

/md5start
sdiagnhost.exe
sdiageng.dll
sdiagprv.dll
/md5stop

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.
  • 0

#35
zoltain
Posted 14 October 2013 - 09:25 AM

zoltain

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 137 posts
OTL logfile created on: 14/10/2013 11 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zach\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy

15.98 Gb Total Physical Memory | 13.13 Gb Available Physical Memory | 82.17% Memory free
31.95 Gb Paging File | 28.46 Gb Available in Paging File | 89.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.79 Gb Total Space | 59.40 Gb Free Space | 25.51% Space Free | Partition Type: NTFS
Drive D: | 698.54 Gb Total Space | 87.11 Gb Free Space | 12.47% Space Free | Partition Type: NTFS

Computer Name: ZACH-PC | User Name: Zach | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
PRC - [2013/10/08 22 (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013/10/02 10 (OldTimer Tools) -- C:\Users\Zach\Desktop\OTL.exe
PRC - [2013/09/17 14 (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/09/12 01 (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/08/27 17 (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/08/27 17 (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/08/07 14 (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/06/14 19 (Valve Corporation) -- C:\Program Files (x86)\Steam\GameOverlayUI.exe
PRC - [2013/05/11 06 (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/17 17 (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2013/03/15 15 (Almico Software (www.almico.com)) -- C:\Program Files (x86)\SpeedFan\speedfan.exe
PRC - [2012/12/20 07 (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2012/12/20 07 (Western Digital ) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
PRC - [2012/12/20 07 (Western Digital ) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2012/11/19 12 (Impulse Point, LLC) -- C:\Program Files (x86)\SafeConnect\scManager.sys
PRC - [2012/09/06 10 (Western Digital) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2012/06/13 16 (Western Digital) -- C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
PRC - [2010/12/29 03 (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/29 03 (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/11/29 13 () -- C:\Program Files (x86)\Hotkey\Hotkey.exe
PRC - [2010/11/18 19 () -- C:\Program Files (x86)\Hotkey\PowerBiosServer.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/14 10 () -- C:\Users\Zach\AppData\Local\Temp\sfareca00001.dll
MOD - [2013/10/14 10 () -- C:\Users\Zach\AppData\Local\Temp\sfamcc00001.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\vstdlib.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\vscript.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\vphysics.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\vguimatsurface.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\vgui2.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\vaudio_miles.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\tier0.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\StudioRender.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\stdshader_dx9.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\stdshader_dbg.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\SoundEmitterSystem.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\shaderapidx9.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota\bin\server.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\scenefilecache.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\scaleformui_4.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\networksystem.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\mssvoice.asi
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\mssmp3.asi
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\msseax.flt
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\mssds3d.flt
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\MaterialSystem.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\localize.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\libcef.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\launcher.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\inputsystem.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\FileSystem_Stdio.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\engine.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\datacache.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota\bin\client.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\chromehtml.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\avutil-51.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\avformat-53.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\avcodec-53.dll
MOD - [2013/10/09 00 () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/08 22 () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013/09/17 14 () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/09/10 18 () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013/08/21 18 () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013/08/15 01 () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/08/15 00 () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c664f44617c6a89edcc171fa8596c89d\System.ServiceProcess.ni.dll
MOD - [2013/08/15 00 () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/08/15 00 () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/07/10 11 () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/07/10 11 () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\8c20095bd7d46cdfa7933eb258a07daa\Accessibility.ni.dll
MOD - [2013/06/14 19 () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2013/06/14 19 () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/14 19 () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/01/28 13 () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/01/28 13 () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/12/09 21 () -- C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2010/11/29 13 () -- C:\Program Files (x86)\Hotkey\Hotkey.exe
MOD - [2009/06/06 14 () -- C:\Program Files (x86)\Hotkey\Audiodll.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/08/27 17 (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/08/12 14 (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/08/12 14 (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/08/07 14 (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2013/07/17 11 (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2013/07/17 11 (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2013/07/17 11 (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2013/07/17 11 () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2013/06/13 15 (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2013/05/27 01 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/21 08 (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2013/04/01 14 () [Disabled | Stopped] -- C:\Program Files\FileMind\FileMind.Windows.Service.exe -- (Filemind.Windows.Service)
SRV:64bit: - [2012/09/12 18 (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2009/07/13 21 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/10/08 17 (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/12 01 (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/08/31 14 (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/27 17 (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/06/21 09 (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/11 06 (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/20 07 (Western Digital ) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService)
SRV - [2012/12/20 07 (Western Digital ) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2012/11/19 17 (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/11/19 12 (Impulse Point, LLC) [Auto | Running] -- C:\Program Files (x86)\SafeConnect\scManager.sys -- (SCManager)
SRV - [2012/09/06 10 (Western Digital) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2012/07/09 04 (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/12/29 03 (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/29 03 (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/18 19 () [Auto | Running] -- C:\Program Files (x86)\Hotkey\PowerBiosServer.exe -- (PowerBiosServer)
SRV - [2009/06/10 17 (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/10/02 05 (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2013/09/08 16 (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2013/08/20 09 (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/08/07 14 (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2013/08/07 14 (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/06/22 19 (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2013/06/18 21 (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/06/16 08 (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/05/29 06 (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwsw00.sys -- (NETwNs64)
DRV:64bit: - [2013/05/23 02 (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2013/05/23 02 (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2013/05/23 02 (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2013/05/23 02 (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2013/05/23 02 (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2013/05/21 08 (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2013/05/21 08 (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2013/03/28 15 (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/03/27 23 (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/02/25 17 (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/01/31 05 (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2013/01/17 15 (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2012/12/13 13 (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/10/25 05 (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/10/10 23 (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2012/08/27 19 (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2012/08/27 19 (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2012/08/23 10 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 10 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/23 10 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/23 10 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/21 13 (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/04/15 17 (Windows ® Win 7 DDK provider) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\wcmvcam64.sys -- (WCMVCAM)
DRV:64bit: - [2012/03/01 02 (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 02 (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/11 02 (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/01/15 05 (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\JME.sys -- (JME)
DRV:64bit: - [2010/12/29 03 (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/12/06 07 (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2010/11/20 23 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/20 23 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/20 23 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 23 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 23 (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/05 23 (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/07/13 17 (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:64bit: - [2010/07/01 13 () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2009/11/23 21 (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 21 (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/07/13 21 (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 21 (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21 (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/06/10 16 (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/10 16 (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16 (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16 (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2008/05/06 16 (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/04/09 14 (Waytech Development, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UsbFltr.sys -- (UsbFltr)
DRV - [2011/06/02 10 () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 21 (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4D 20 09 24 2E 24 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.17
FF - prefs.js..extensions.enabledAddons: smarterwiki%40wikiatic.com:5.1.9
FF - prefs.js..extensions.enabledAddons: %7Bbb6bc1bb-f824-4702-90cd-35e2fb24f25d%7D:1.5.2
FF - prefs.js..extensions.enabledAddons: %7BEDA7B1D7-F793-4e03-B074-E6F303317FB0%7D:1.2.7
FF - prefs.js..extensions.enabledAddons: %7B4a313247-8330-4a81-948e-b79936516f78%7D:2.0.2
FF - prefs.js..extensions.enabledAddons: %7B1A2D0EC4-75F5-4c91-89C4-3656F6E44B68%7D:0.6.3
FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.20
FF - prefs.js..extensions.enabledAddons: nosquint%40urandom.ca:2.1.9
FF - prefs.js..extensions.enabledAddons: autopager%40mozilla.org:0.8.0.8
FF - prefs.js..extensions.enabledAddons: SkipScreen%40SkipScreen:0.7.2
FF - prefs.js..extensions.enabledAddons: %7Bcd617375-6743-4ee8-bac4-fbf10f35729e%7D:2.9.5
FF - prefs.js..extensions.enabledAddons: %7B98449521-9320-4257-aa35-9e1a39c8cbe0%7D:2.0.3
FF - prefs.js..extensions.enabledAddons: %7B578e7caa-210f-4967-a0d3-88fe5b59a39f%7D:0.8.10
FF - prefs.js..extensions.enabledAddons: canitbecheaper%40trafficbroker.co.uk:3.9.4
FF - prefs.js..extensions.enabledAddons: %7B65e41d20-f092-41b7-bb83-c6e8a9ab0f57%7D:1.2.1
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.12
FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.61
FF - prefs.js..extensions.enabledAddons: %7BF003DA68-8256-4b37-A6C4-350FA04494DF%7D:6.5
FF - prefs.js..extensions.enabledAddons: treestyletab%40piro.sakura.ne.jp:0.14.2013100901
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013/08/22 00
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/09/17 14
FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 26.0a1\extensions\\Components: C:\Program Files (x86)\Nightly\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 26.0a1\extensions\\Plugins: C:\Program Files (x86)\Nightly\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 18.0.1\extensions\\Components: C:\Program Files\\Waterfox\components [2013/04/04 20
FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 18.0.1\extensions\\Plugins: C:\Program Files\\Waterfox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Zach\AppData\Roaming\IDM\idmmzcc5 [2013/10/07 10
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Zach\AppData\Roaming\IDM\idmmzcc5 [2013/10/07 10

[2013/03/18 20
[2013/08/17 13
[2013/08/17 13
[2013/10/09 17
[2013/08/17 13
[2013/09/17 15
[2013/09/17 15
[2013/08/17 13
[2013/08/17 13
[2013/08/17 13 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\[email protected]
[2013/09/22 22 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\[email protected]
[2013/08/30 22 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\[email protected]
[2013/10/03 01 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\[email protected]
[2013/08/25 18 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\[email protected]
[2013/08/30 22 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\[email protected]
[2013/08/17 13 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\[email protected]
[2013/08/17 17 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\[email protected]
[2013/08/17 13 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\[email protected]
[2013/10/09 17 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\[email protected]
[2013/08/17 13 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2013/08/17 13 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
[2013/08/17 13 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\{4a313247-8330-4a81-948e-b79936516f78}.xpi
[2013/09/30 10 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi
[2013/08/24 13 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
[2013/10/09 15 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/10/01 18 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/08/17 13 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi
[2013/09/17 14
[2013/09/17 14
[2013/08/22 00
[2013/10/07 10
[2013/06/13 20 (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: reddit companion = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\algjnflpgoopkdijmkalfcifomdhmcbe\1.1.2_0\
CHR - Extension: WikiTube = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\aneddidibfifdpbeppmpoackniodpekj\2.3_0\
CHR - Extension: WikiTube = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\aneddidibfifdpbeppmpoackniodpekj\2.4_0\
CHR - Extension: WikiTube = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\aneddidibfifdpbeppmpoackniodpekj\2.5_0\
CHR - Extension: Logitech Smooth Scrolling = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk\6.60.170_0\
CHR - Extension: The Camelizer - Amazon Price Tracker = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo\2.3.1_0\
CHR - Extension: LastPass = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.5.3_0\
CHR - Extension: LastPass = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.5.4_0\
CHR - Extension: IDM Integration Module = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.6_0\
CHR - Extension: IDM Integration Module = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.3.0.1_0\
CHR - Extension: Cookie Manager = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbnfbcpkiaganjpcanopcgeoehkleeck\1.1_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\
CHR - Extension: SABconnect++ = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\okphadhbbjadcifjplhifajfacbkkbod\0.6.8_0\
CHR - Extension: reddit companion = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\algjnflpgoopkdijmkalfcifomdhmcbe\1.1.2_0\
CHR - Extension: WikiTube = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\aneddidibfifdpbeppmpoackniodpekj\2.3_0\
CHR - Extension: WikiTube = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\aneddidibfifdpbeppmpoackniodpekj\2.4_0\
CHR - Extension: WikiTube = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\aneddidibfifdpbeppmpoackniodpekj\2.5_0\
CHR - Extension: Logitech Smooth Scrolling = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk\6.60.170_0\
CHR - Extension: The Camelizer - Amazon Price Tracker = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo\2.3.1_0\
CHR - Extension: LastPass = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.5.3_0\
CHR - Extension: LastPass = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.5.4_0\
CHR - Extension: IDM Integration Module = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.6_0\
CHR - Extension: IDM Integration Module = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.3.0.1_0\
CHR - Extension: Cookie Manager = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbnfbcpkiaganjpcanopcgeoehkleeck\1.1_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\
CHR - Extension: SABconnect++ = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\okphadhbbjadcifjplhifajfacbkkbod\0.6.8_0\

O1 HOSTS File: () - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SpeedFan] C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
O4 - HKLM..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (Western Digital)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Bing Search
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://search.bing.c...sults.aspx?q=%w
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A936B49-CC00-4762-983E-66987E017634}: DhcpNameServer = 10.10.101.201 10.10.100.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FAECE5C-6A31-41A3-BE76-57E63394ACFA}: DhcpNameServer = 10.0.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/03/23 21 () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/12 02
[2013/10/12 02
[2013/10/12 02
[2013/10/11 21
[2013/10/11 12
[2013/10/11 12
[2013/10/11 12
[2013/10/11 10
[2013/10/11 10
[2013/10/11 10
[2013/10/11 10 (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/10/09 15
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2013/10/08 15 (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/10/08 15 (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/10/08 15 (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/10/08 15 (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/10/07 10
[2013/10/06 11
[2013/10/06 11
[2013/10/06 11
[2013/10/06 11
[2013/10/06 11
[2013/10/05 19
[2013/10/05 19
[2013/10/05 19
[2013/10/05 19
[2013/10/05 19
[2013/10/05 18
[2013/10/05 17
[2013/10/05 17
[2013/10/05 17
[2013/10/05 17
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/10/04 11
[2013/10/04 11
[2013/10/04 11
[2013/10/04 11
[2013/10/04 11
[2013/10/04 07 (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2013/10/02 10 (OldTimer Tools) -- C:\Users\Zach\Desktop\OTL.exe
[2013/09/30 11
[2013/09/30 11
[2013/09/30 11
[2013/09/26 01
[2013/09/25 10
[2013/09/20 23
[2013/09/20 23
[2013/09/20 23
[2013/09/20 23
[2013/09/20 23
[2013/09/20 12
[2013/09/19 23
[2013/09/19 23
[2013/09/19 13
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvstusb.sys
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvir3dgenco6420172.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6432723.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6432723.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013/09/19 13 (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/09/19 13 (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/09/17 18
[2013/09/17 14
[2013/09/16 15
[2013/05/08 04 (Advanced Micro Devices Inc.) -- C:\Program Files (x86)\Common Files\atimpenc.dll
[2013/03/12 08 (Yamicsoft) -- C:\Users\Zach\AppData\Roaming\windows7manager.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/10/14 11 () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/14 11 () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/10/14 10 () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/10/14 10 () -- C:\Windows\SysNative\perfh009.dat
[2013/10/14 10 () -- C:\Windows\SysNative\perfc009.dat
[2013/10/14 10 () -- C:\hiberfil.sys
[2013/10/14 10 () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/14 10 () -- C:\Windows\bootstat.dat
[2013/10/14 10 () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/14 10 () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/13 13 () -- C:\Program Files (x86)\Bradford Dissolvable Agent.exe
[2013/10/12 02 () -- C:\Users\Public\Desktop\Steam.lnk
[2013/10/12 02 () -- C:\Users\Zach\Desktop\Dota 2.url
[2013/10/11 12 (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/10/11 12 () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/10/11 12 () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/10/11 10 () -- C:\Windows\tweaking.com-regbackup-ZACH-PC-Microsoft-Windows-7-Ultimate-(64-bit).dat
[2013/10/11 10 () -- C:\Users\Zach\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2013/10/10 19 () -- C:\Users\Zach\Desktop\AutoRuns.zip
[2013/10/10 19 () -- C:\Users\Zach\Desktop\AutoRuns.arn
[2013/10/09 14 () -- C:\Windows\epplauncher.mif
[2013/10/08 22 () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/10/08 22 () -- C:\Users\Zach\Desktop\Hw4.pdf
[2013/10/08 17 (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/10/08 17 (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/10/06 11 () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/10/05 19 () -- C:\Windows\SysNative\sc
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/10/04 16 ( ) -- C:\Users\Zach\Desktop\VEW.exe
[2013/10/04 11 () -- C:\Users\Zach\Desktop\MBR.dat
[2013/10/03 18 (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2013/10/02 17 () -- C:\Users\Zach\Desktop\Dur.torrent
[2013/10/02 10 (OldTimer Tools) -- C:\Users\Zach\Desktop\OTL.exe
[2013/10/02 10 () -- C:\Users\Zach\Desktop\Troubleshoot problems error.JPG
[2013/10/02 05 (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2013/09/30 11 () -- C:\Users\Zach\Desktop\Ventrilo.lnk
[2013/09/30 11 () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2013/09/28 16 () -- C:\Users\Zach\Desktop\i3nF4.jpg
[2013/09/28 16 () -- C:\Users\Zach\Desktop\1aZuY.jpg
[2013/09/26 01 () -- C:\Users\Zach\Desktop\Minecraft.exe
[2013/09/25 10 () -- C:\Users\Zach\Desktop\SteamInstall.msi
[2013/09/22 19 (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/09/22 19 (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/09/22 19 (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/09/22 19 (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/09/22 19 (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/09/22 18 (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/09/22 18 (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/09/22 18 (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/09/22 18 (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/09/22 18 (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/09/22 18 (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/09/22 18 (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/09/22 18 (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/09/20 23 () -- C:\Users\Public\Desktop\Urban Trial Freestyle.lnk
[2013/09/20 22 (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/09/20 22 (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/09/20 12 () -- C:\Users\Zach\Desktop\Puzzle Pirates.lnk
[2013/09/16 17 () -- C:\Users\Zach\Desktop\Lab2 - Zachary Bazarsky.rar
[2013/09/16 15 () -- C:\Users\Zach\Documents\cc_20130916_151927.reg
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/10/13 13 () -- C:\Program Files (x86)\Bradford Dissolvable Agent.exe
[2013/10/12 02 () -- C:\Users\Public\Desktop\Steam.lnk
[2013/10/12 02 () -- C:\Users\Zach\Desktop\Dota 2.url
[2013/10/11 10 () -- C:\Windows\tweaking.com-regbackup-ZACH-PC-Microsoft-Windows-7-Ultimate-(64-bit).dat
[2013/10/11 10 () -- C:\Users\Zach\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2013/10/10 19 () -- C:\Users\Zach\Desktop\AutoRuns.zip
[2013/10/10 19 () -- C:\Users\Zach\Desktop\AutoRuns.arn
[2013/10/08 22 () -- C:\Users\Zach\Desktop\Hw4.pdf
[2013/10/06 11 () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/10/05 19 () -- C:\Windows\SysNative\sc
[2013/10/04 16 ( ) -- C:\Users\Zach\Desktop\VEW.exe
[2013/10/04 11 () -- C:\Users\Zach\Desktop\MBR.dat
[2013/10/02 17 () -- C:\Users\Zach\Desktop\Dur.torrent
[2013/10/02 10 () -- C:\Users\Zach\Desktop\Troubleshoot problems error.JPG
[2013/09/30 11 () -- C:\Users\Zach\Desktop\Ventrilo.lnk
[2013/09/30 11 () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2013/09/28 16 () -- C:\Users\Zach\Desktop\i3nF4.jpg
[2013/09/28 16 () -- C:\Users\Zach\Desktop\1aZuY.jpg
[2013/09/26 01 () -- C:\Users\Zach\Desktop\Minecraft.exe
[2013/09/25 10 () -- C:\Users\Zach\Desktop\SteamInstall.msi
[2013/09/20 23 () -- C:\Users\Public\Desktop\Urban Trial Freestyle.lnk
[2013/09/20 12 () -- C:\Users\Zach\Desktop\Puzzle Pirates.lnk
[2013/09/20 12 () -- C:\Users\Zach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Puzzle Pirates.lnk
[2013/09/20 12 () -- C:\ProgramData\hash.dat
[2013/09/19 13 () -- C:\Windows\SysNative\nvinfo.pb
[2013/09/16 17 () -- C:\Users\Zach\Desktop\Lab2 - Zachary Bazarsky.rar
[2013/09/16 15 () -- C:\Users\Zach\Documents\cc_20130916_151927.reg
[2013/09/13 11 () -- C:\Users\Zach\AppData\Roaming\keygen.il
[2013/09/13 11 () -- C:\Users\Zach\AppData\Roaming\InstallMTW6.9.il
[2013/07/20 13 () -- C:\Users\Zach\AppData\Local\Resmon.ResmonCfg
[2013/06/23 12 () -- C:\ProgramData\1372005809.bdinstall.bin
[2013/04/23 18 () -- C:\ProgramData\1366757276.bdinstall.bin
[2013/04/23 18 () -- C:\ProgramData\1366756389.bdinstall.bin
[2013/04/02 23 () -- C:\Windows\WebFerretUninstall.exe
[2013/04/02 23 () -- C:\Windows\SysWow64\NetFerret.dll
[2013/03/30 13 () -- C:\ProgramData\1364665264.bdinstall.bin
[2013/03/30 12 () -- C:\Windows\asfbinwin.INI
[2013/03/26 17 () -- C:\Users\Zach\PUTTY.RND
[2013/03/18 19 () -- C:\Windows\SysWow64\unrar.dll
[2013/02/16 00 () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/14 00 () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22 (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21 (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21 (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23 (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21 (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

< MD5 for: SDIAGENG.DLL >
[2009/07/13 21 (Microsoft Corporation) MD5=5FEBDA813BD116EBC9DFF730EB8ECB7C -- C:\Windows\SysNative\sdiageng.dll
[2009/07/13 21 (Microsoft Corporation) MD5=5FEBDA813BD116EBC9DFF730EB8ECB7C -- C:\Windows\winsxs\amd64_microsoft-windows-s..engine-nativeengine_31bf3856ad364e35_6.1.7600.16385_none_5064a7d08ea0882d\sdiageng.dll
[2009/07/13 21 (Microsoft Corporation) MD5=B45934FDAEB1710CEC3D8F797FD481CA -- C:\Windows\SysWOW64\sdiageng.dll
[2009/07/13 21 (Microsoft Corporation) MD5=B45934FDAEB1710CEC3D8F797FD481CA -- C:\Windows\winsxs\wow64_microsoft-windows-s..engine-nativeengine_31bf3856ad364e35_6.1.7600.16385_none_5ab95222c3014a28\sdiageng.dll

< MD5 for: SDIAGNHOST.EXE >
[2009/07/13 21 (Microsoft Corporation) MD5=15F07E50407139AA93D3FB6E612D2F74 -- C:\Windows\SysWOW64\sdiagnhost.exe
[2009/07/13 21 (Microsoft Corporation) MD5=15F07E50407139AA93D3FB6E612D2F74 -- C:\Windows\winsxs\wow64_microsoft-windows-s..csengine-nativehost_31bf3856ad364e35_6.1.7600.16385_none_806f80a8aaa33dd4\sdiagnhost.exe
[2009/07/13 21 (Microsoft Corporation) MD5=DEC77AFE38AB182857BD3025A6544E23 -- C:\Windows\SysNative\sdiagnhost.exe
[2009/07/13 21 (Microsoft Corporation) MD5=DEC77AFE38AB182857BD3025A6544E23 -- C:\Windows\winsxs\amd64_microsoft-windows-s..csengine-nativehost_31bf3856ad364e35_6.1.7600.16385_none_761ad65676427bd9\sdiagnhost.exe

< MD5 for: SDIAGPRV.DLL >
[2009/07/13 21 (Microsoft Corporation) MD5=800B7FBFF56BF97EB25C3B4C997F25FB -- C:\Windows\SysNative\sdiagprv.dll
[2009/07/13 21 (Microsoft Corporation) MD5=800B7FBFF56BF97EB25C3B4C997F25FB -- C:\Windows\winsxs\amd64_microsoft-windows-s..icsprovider-library_31bf3856ad364e35_6.1.7600.16385_none_adb6e8740a39ba16\sdiagprv.dll
[2009/07/13 21 (Microsoft Corporation) MD5=E22CF2157EA7D798CA5CFA6A30A5D9FA -- C:\Windows\SysWOW64\sdiagprv.dll
[2009/07/13 21 (Microsoft Corporation) MD5=E22CF2157EA7D798CA5CFA6A30A5D9FA -- C:\Windows\winsxs\x86_microsoft-windows-s..icsprovider-library_31bf3856ad364e35_6.1.7600.16385_none_51984cf051dc48e0\sdiagprv.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:D30E8FC9
< End of report >

OTL Extras logfile created on: 14/10/2013 11
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zach\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy

15.98 Gb Total Physical Memory | 13.13 Gb Available Physical Memory | 82.17% Memory free
31.95 Gb Paging File | 28.46 Gb Available in Paging File | 89.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.79 Gb Total Space | 59.40 Gb Free Space | 25.51% Space Free | Partition Type: NTFS
Drive D: | 698.54 Gb Total Space | 87.11 Gb Free Space | 12.47% Space Free | Partition Type: NTFS

Computer Name: ZACH-PC | User Name: Zach | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- "%1" %*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\Windows\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] --
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\Windows\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] --
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002C5105-370A-46AE-BF5F-9905BAC6CA16}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{0C5DB97A-D484-425D-9A40-27B9DE588F62}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{2DE8B863-722C-4E06-8E83-3E7F1C3EEC2E}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{31D5AE17-9223-4A8B-8C21-F40C670DD7DD}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{3B33CC63-F75F-483A-9BD3-0A16D43D8EBB}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{A73E2D92-6E7A-48AB-BB4C-051C22EDB956}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B4DE5AA9-AFB8-4540-A5C6-723AF6F36D88}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B99ADA06-7F1B-45E0-97CF-111F9757A78F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CF025AF9-55B3-420C-87B1-64BAC001A8A8}" = lport=5353 | protocol=17 | dir=in | name=bonjour |
"{D35FCAD1-99C5-4214-8E47-A2D7ACB638EB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D3ECDDA8-F774-4CE5-A012-4ADED1B1E11A}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0120DA67-F5EA-4DCA-881C-07AC3DE51641}" = protocol=6 | dir=in | app=c:\program files (x86)\steam1\steam.exe |
"{05F9C584-CC2F-433F-9ABE-CF3E5EFB7F67}" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jdupdate.exe |
"{0FBD9BAB-1155-43E3-9C9A-7A04AC1D911F}" = protocol=6 | dir=in | app=c:\program files (x86)\bradford dissolvable agent.exe |
"{12986842-B9DC-421B-96A1-2E2FDD8BE8B5}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{12CFAD18-07F7-4843-ACFE-0D45A46AAFB8}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{16EB5F45-E4B0-4DE0-80C3-3BE87DAC9053}" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jdownloaderportable.exe |
"{18A275E2-2874-4314-A767-50C020C7C989}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{2BEDF813-7E65-4FD4-8308-57678A323CC1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{340CEA2B-E0ED-4D58-8C93-1DF502EFE273}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{3A7B8ADE-E803-42D5-8DFB-6942D0C5F68C}" = protocol=6 | dir=in | app=c:\program files (x86)\qbittorrent\qbittorrent.exe |
"{433A7281-75C3-47D4-99DD-42DA2CC7D90B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{490EDE6C-4E22-4FB2-9619-9A75E15407FC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4E17CC80-1C60-4B59-9D00-9F3FED7AA69B}" = protocol=17 | dir=in | app=c:\users\zach\appdata\roaming\utorrent\utorrent.exe |
"{4F5B8326-0B0A-48EE-917D-D62B0FDCF85C}" = protocol=17 | dir=in | app=c:\program files (x86)\qbittorrent\qbittorrent.exe |
"{5F330A7D-B125-49F7-99F5-6533B4C9F4B5}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{65C39604-521C-42CC-BEE6-48BA0D154A4E}" = dir=in | app=c:\program files (x86)\airport\apagent.exe |
"{6790586D-0CAA-41EF-9F1D-06EE609A78E1}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{70DDFA3A-E971-480A-A162-2B0E61BCC7F1}" = protocol=6 | dir=in | app=c:\program files\kmsnano\data\qemu-system-i386.exe |
"{73743CD5-221D-4A17-9831-5427A87301AA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{809C0060-D287-484B-94E8-EE5162971E5D}" = protocol=17 | dir=in | app=c:\program files\kmsnano\data\qemu-system-i386.exe |
"{85D60093-BEE2-4BA0-BAAB-A2CC43972319}" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jdupdate.exe |
"{8AEB53EC-CC88-4B7C-9CB9-CEE673A82762}" = protocol=6 | dir=in | app=c:\users\zach\appdata\roaming\utorrent\utorrent.exe |
"{8BA40E28-A76D-421C-B678-6B5439106F18}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{9093A09A-4792-4B6D-9FE0-030370227812}" = protocol=17 | dir=in | app=c:\program files (x86)\bradford dissolvable agent.exe |
"{942DFE5B-8E36-4906-A82D-BB29FFCBFB8B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{97E23419-B87A-4D69-8F4A-70E1F546B83A}" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jdownloaderportable.exe |
"{9940C7BA-4DFE-42DA-ABD9-5D0096D6B8BF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{A328F7D8-8B33-4C1C-8A49-6C631EA6D476}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A636601A-C8B4-4744-A4ED-585E9A6B3DDA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AF6E5FD9-F921-4A08-B5BD-F539879FA0FF}" = dir=in | app=%programfiles% (x86)\steam\steam.exe |
"{AFB950EA-50A7-45F8-8E0C-FA1B1743BB25}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AFDAE0B7-B7F8-4993-840D-DB3E1C90D946}" = protocol=6 | dir=in | app=c:\program files (x86)\safeconnect\scclient.exe |
"{B226E207-D7FC-493A-ACD3-233915326027}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{B756F811-FF73-42D5-B478-0E78B8A994B9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{B8AA7512-A0AB-4E10-B682-2081F3E4D178}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C72B7AC3-9275-4F0F-8513-EFFC95F72EB6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam1\steam.exe |
"{CEC21F85-E1E5-4BF3-8FA6-CE3D9ED1BE2E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{D4F7B4A6-36AB-4FC7-9162-4D66F6C8E1B2}" = protocol=17 | dir=in | app=c:\program files (x86)\safeconnect\scclient.exe |
"{D706868D-DB27-41E2-A63E-DBBADCC3968E}" = dir=out | app=%programfiles% (x86)\steam\steam.exe |
"{E1173887-C30F-4935-B697-C861142E0E64}" = protocol=17 | dir=in | app=c:\program files\kmsnano\data\qemu-system-i386.exe |
"{E1D2822F-2CC9-48DF-A438-44CC47F3778A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{E3E2095F-F245-482E-BC80-5A3CFEFEA67E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E72B2EAB-8046-4AB2-B1C5-61443E4CE999}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E877519A-F70E-49AE-AEF2-64989BDD695A}" = protocol=6 | dir=in | app=c:\program files\kmsnano\data\qemu-system-i386.exe |
"{EA41F840-30E0-4CD1-8CE9-CD104D1288C6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{EF3D9F21-3795-424F-9DD2-239F06DD9ED7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{FA23C7E3-398B-470B-B581-D797DDB72EAA}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"TCP Query User{5AA61DC4-B13A-4372-BAEC-90AD329AACA6}C:\program files (x86)\sabnzbd\sabnzbd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sabnzbd\sabnzbd.exe |
"TCP Query User{B25CCDA3-CE95-4E6F-8AAC-5A635D35B7F0}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{CCA276DC-32A3-48D5-B821-46260E6D60E0}C:\program files (x86)\airport\aputil.exe" = protocol=6 | dir=in | app=c:\program files (x86)\airport\aputil.exe |
"TCP Query User{D701142C-0697-447A-A5BB-0AE9A9AC59A8}C:\windows\syswow64\java.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\java.exe |
"UDP Query User{0D9ADEAD-EA70-4DEB-945F-2F62619D8945}C:\program files (x86)\airport\aputil.exe" = protocol=17 | dir=in | app=c:\program files (x86)\airport\aputil.exe |
"UDP Query User{2B518824-CE91-4CDF-8CE3-61BC7EF93FE1}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{3FD66EA8-4FBD-4583-9866-B288F28CBEB5}C:\windows\syswow64\java.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\java.exe |
"UDP Query User{B6BB642F-3B82-4760-8891-2544DCBB81FE}C:\program files (x86)\sabnzbd\sabnzbd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sabnzbd\sabnzbd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel® Rapid Storage Technology
"{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}" = WinPatrol
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7288D4E1-8050-4B81-B9EC-F812D17AD693}" = Intel® PROSet/Wireless for Bluetooth® + High Speed
"{73ca1ddf-9d19-45f2-ad4c-04169ec13342}" = Intel® PRO/Wireless Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D26D58C-3464-4C03-BB61-5695F984EFEF}" = Microsoft Security Client
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}" = Intel® Rapid Storage Technology
"{9798BB87-01B9-4D46-8EA0-6681E72BDE87}" = WD SmartWare
"{9C481E27-751F-48B9-801D-C583F032DA50}" = Intel® PROSet/Wireless WiFi Software
"{A535111D-95C8-487F-869E-CE4C239972D2}" = iTunes
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 326.01
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 8.3.14
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.5
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{FD7DEB7B-8CEA-44E5-AB2D-7C66786C0563}" = Waterfox
"CCleaner" = CCleaner
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.8.0 (64-bit)
"KMSnano 25_is1" = KMSnano 25
"Logitech Gaming Software" = Logitech Gaming Software 8.46
"Logitech Unifying" = Logitech Unifying Software 2.10
"Microsoft Security Client" = Microsoft Security Essentials
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"PotPlayer64" = Daum PotPlayer 1.5.36205 x64 Edition
"sp6" = Logitech SetPoint 6.61
"Speccy" = Speccy
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeraCopy_is1" = TeraCopy 2.3 beta 2
"Unlocker" = Unlocker 1.9.1-x64
"WinRAR archiver" = WinRAR 5.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06D085C8-1F00-11B2-96A7-8f0CE39193ED}" = Intel® SSD Toolbox
"{100C8F3B-82D6-4B14-BB7A-5E8C3FF810C8}_is1" = Driver Fusion
"{164714B6-46BC-4649-9A30-A6ED32F03B5A}" = Hotkey 3.3017
"{1e9b4847-4e73-4d00-91f5-96e0f6ce3e5a}" = Intel® PROSet/Wireless Software
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{3B673B37-EFF7-3BA0-94FF-CE8C46C36DD6}" = Google Chrome
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITE Infrared Transceiver
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6B75BAF2-A67A-418D-A3D4-B27A5C04F2F5}_is1" = Duplicate Video Search version 15.3.3
"{6BF04C63-EAC0-4F19-9E88-9A745493E7BF}" = IconPackager
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{72E40002-8CEC-47C1-A099-83AC8E173BF0}" = WD Drive Utilities
"{78091D68-706D-4893-B287-9F1DFB24F7AF}" = Intel® Update Manager
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{8172B41A-9BB5-4A64-BF28-1FB5FE43C3FF}" = WD Security
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}" = JMicron Ethernet Adapter NDIS Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA68AAAE-41F0-40B5-8896-5947F5FD6889}" = AirPort
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.04)
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{E357C7B4-E337-4E43-84F1-8FDAF1EF4038}" = calibre
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"A-PDF Page Cut_is1" = A-PDF Page Cut
"AsfTools 3.1" = AsfTools 3.1 (remove only)
"BitMeter" = BitMeter
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.4.2 Shizuku Edition
"DAEMON Tools Lite" = DAEMON Tools Lite
"DSMT6" = MathType 6
"Everything" = Everything 1.2.1.371
"Foxit Reader_is1" = Foxit Reader
"IconPackager" = IconPackager
"iFunbox_is1" = iFunbox (v2.6.2375.747), iFunbox DevTeam
"ImgBurn" = ImgBurn
"InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}" = Hotkey 3.3017
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"Internet Download Manager" = Internet Download Manager
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.8.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MiKTeX 2.9" = MiKTeX 2.9
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3Resizer_is1" = MP3Resizer 2.1.0
"Nightly 26.0a1 (x86 en-US)" = Nightly 26.0a1 (x86 en-US)
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"QuickPar" = QuickPar 0.9
"Rainmeter" = Rainmeter
"Revo Uninstaller" = Revo Uninstaller 1.94
"SABnzbd" = SABnzbd 0.7.16
"SafeConnect" = SafeConnect
"SecureW2 Enterprise Client" = SecureW2 Enterprise Client 3.5.9
"SpeedFan" = SpeedFan (remove only)
"Steam App 570" = Dota 2
"SumatraPDF" = SumatraPDF
"Texmaker" = Texmaker
"The KMPlayer" = The KMPlayer (remove only)
"TreeSize Free_is1" = TreeSize Free V2.7
"TrueCrypt" = TrueCrypt
"Tweaking.com - Windows Repair (All in One)" = Tweaking.com - Windows Repair (All in One)
"Urban Trial Freestyle_is1" = Urban Trial Freestyle
"VLC media player" = VLC media player 2.0.8
"WebFerret" = WebFerret
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = CopyTrans Suite Remove Only
"Flux" = F.lux
"Puzzle Pirates" = Puzzle Pirates
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13/10/2013 16
Description = Faulting application name: GameOverlayUI.exe, version: 1.32.20.50,
time stamp: 0x4f46a9bf Faulting module name: libcef.dll_unloaded, version: 0.0.0.0,
time stamp: 0x521bcf8e Exception code: 0xc0000005 Fault offset: 0x5b730a80 Faulting
process id: 0x1bc0 Faulting application start time: 0x01cec83785b000e8 Faulting application
path: C:\Program Files (x86)\Steam\GameOverlayUI.exe Faulting module path: libcef.dll
Report
Id: bf304347-3442-11e3-91e0-0090f5bc5fb2

Error - 14/10/2013 10
Description =

Error - 14/10/2013 10
Description =

Error - 14/10/2013 10
Description =

[ System Events ]
Error - 13/10/2013 12
Description = The Superfetch service terminated with the following error: %%2

Error - 13/10/2013 13
Description =

Error - 13/10/2013 13
Description = The Superfetch service terminated with the following error: %%2

Error - 13/10/2013 20
Description = The Superfetch service terminated with the following error: %%2

Error - 14/10/2013 10
Description = The Superfetch service terminated with the following error: %%2


< End of report >
  • 0

#36
zoltain
Posted 18 October 2013 - 03:00 PM

zoltain

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 137 posts
Hey, it's been 4 days since my last reply and just wondering i your still there.

Also I'm having a new problem. My wireless is gets an error sporadically (happened 4 times in the last hour). I'm not exactly sure what the error is but it still has connection to the wireless network but looses internet connection (the wireless icon in the bottom right gets a yellow warning sign). Since my built in windows troubleshooter still doesn't work, I used Intel's PROSet/Wireless Tool's Diagnostic. I've attached & pasted the log of the scan below but it encounters an error under "Ping Test". It says "Failed: No Response: default gateway, DHCP server".

Now I whenever this happens the only way I can fix it is by turning my wireless card on my computer off and on. Once I do this, i can use the internet again (until the next time it encounters and error). I'm not sure if this is related but it's never happened to me before and now its happening multiple times an hour.


Thanks for the help in advance :),
Zach

#Event Source Time Error Severity Domain User Description
1 Manual Diagnostic 10/18/2013 18:29:25 Warning Unknown Zach Hardware Test - Result : Passed Summary : Wireless Hardware is enabled
2 Manual Diagnostic 10/18/2013 18:29:25 Warning Unknown Zach Hardware Test - Additional Info : Adapter Name :Intel® Centrino® Ultimate-N 6300 AGN MAC Address :00:24:D7:CC:88:CC Version :16711935
3 Manual Diagnostic 10/18/2013 18:29:25 Warning Unknown Zach Hardware Test - Additional Info : sz80211aFirmwareVersion : sz80211aMicroCodeVersion : sz80211bFirmwareVersion : sz80211bMicroCodeVersion :
4 Manual Diagnostic 10/18/2013 18:29:25 Warning Unknown Zach Hardware Test - Additional Info : sz80211gFirmwareVersion : sz80211gMicroCodeVersion :15.9 szDriverVersion :15.9.0.5 szEEPROMUpdateFirmwareVersion :0.0.
5 Manual Diagnostic 10/18/2013 18:29:25 Warning Unknown Zach Driver Test - Result : Passed Summary : Driver is loaded. NETwsw00 Version :15.9.0.4
6 Manual Diagnostic 10/18/2013 18:29:25 Warning Unknown Zach Radio Test - Result : Passed Summary : Radio is ON
7 Manual Diagnostic 10/18/2013 18:29:28 Warning Unknown Zach Scan Test - Result : Passed Summary : There are 10 Networks available to connect
8 Manual Diagnostic 10/18/2013 18:29:28 Warning Unknown Zach Scan Test - Additional Info :
9 Manual Diagnostic 10/18/2013 18:29:28 Warning Unknown Zach Scan Test - List Entry:0 AuthLevel :WPA PSK bEncrypted :True bStealth :False btBssid :90:84:0D:E0:7D:B3 CCXFeatures :0 eBand :802.11g eOpMode :Network (Infrastructure) MulticastEncryptionLevel :4 sRssi :-53 szSsid :Bazarsky UnicastEncryptionLevel :31626184 usChannelId :6
10 Manual Diagnostic 10/18/2013 18:29:28 Warning Unknown Zach Scan Test - List Entry:1 AuthLevel :WPA PSK bEncrypted :True bStealth :False btBssid :20:C9:D0:18:FB:5F CCXFeatures :0 eBand :802.11g eOpMode :Network (Infrastructure) MulticastEncryptionLevel :4 sRssi :-70 szSsid :Bazarsky UnicastEncryptionLevel :31626184 usChannelId :6
11 Manual Diagnostic 10/18/2013 18:29:28 Warning Unknown Zach Scan Test - List Entry:2 AuthLevel :WPA PSK bEncrypted :True bStealth :False btBssid :90:84:0D:DE:AA:43 CCXFeatures :0 eBand :802.11g eOpMode :Network (Infrastructure) MulticastEncryptionLevel :4 sRssi :-79 szSsid :Bazarsky UnicastEncryptionLevel :31626184 usChannelId :6
12 Manual Diagnostic 10/18/2013 18:29:28 Warning Unknown Zach Scan Test - List Entry:3 AuthLevel :RSN PSK bEncrypted :True bStealth :False btBssid :10:9A:DD:8D:A4:DB CCXFeatures :0 eBand :802.11g eOpMode :Network (Infrastructure) MulticastEncryptionLevel :16 sRssi :-66 szSsid :Bazarsky UnicastEncryptionLevel :31626184 usChannelId :11
13 Manual Diagnostic 10/18/2013 18:29:28 Warning Unknown Zach Scan Test - List Entry:4 AuthLevel :WPA PSK bEncrypted :True bStealth :False btBssid :90:84:0D:E0:7D:B4 CCXFeatures :0 eBand :802.11a eOpMode :Network (Infrastructure) MulticastEncryptionLevel :4 sRssi :-67 szSsid :Bazarsky UnicastEncryptionLevel :31626184 usChannelId :149
14 Manual Diagnostic 10/18/2013 18:29:28 Warning Unknown Zach Scan Test - List Entry:5 AuthLevel :WPA PSK bEncrypted :True bStealth :False btBssid :C8:D3:A3:F7:4B:D7 CCXFeatures :0 eBand :802.11g eOpMode :Network (Infrastructure) MulticastEncryptionLevel :4 sRssi :-78 szSsid :dlink-4BD7 UnicastEncryptionLevel :31626184 usChannelId :11
15 Manual Diagnostic 10/18/2013 18:29:28 Warning Unknown Zach Scan Test - List Entry:6 AuthLevel :Open bEncrypted :True bStealth :False btBssid :04:A1:51:0F:F8:E8 CCXFeatures :0 eBand :802.11g eOpMode :Network (Infrastructure) MulticastEncryptionLevel :0 sRssi :-81 szSsid :tims network_EXT UnicastEncryptionLevel :31626184 usChannelId :1
16 Manual Diagnostic 10/18/2013 18:29:28 Warning Unknown Zach Scan Test - List Entry:7 AuthLevel :Open bEncrypted :True bStealth :False btBssid :84:C9:B2:54:46:A4 CCXFeatures :0 eBand :802.11g eOpMode :Network (Infrastructure) MulticastEncryptionLevel :0 sRssi :-83 szSsid :tims network UnicastEncryptionLevel :31626184 usChannelId :1
17 Manual Diagnostic 10/18/2013 18:29:28 Warning Unknown Zach Scan Test - List Entry:8 AuthLevel :RSN PSK bEncrypted :True bStealth :False btBssid :10:9A:DD:8D:A4:DC CCXFeatures :0 eBand :802.11a eOpMode :Network (Infrastructure) MulticastEncryptionLevel :16 sRssi :-83 szSsid :Bazarsky UnicastEncryptionLevel :31626184 usChannelId :157
18 Manual Diagnostic 10/18/2013 18:29:28 Warning Unknown Zach Scan Test - List Entry:9 AuthLevel :RSN PSK bEncrypted :True bStealth :False btBssid :F8:E4:FB:D7:C0:8D CCXFeatures :0 eBand :802.11g eOpMode :Network (Infrastructure) MulticastEncryptionLevel :4 sRssi :-82 szSsid :4SRZP UnicastEncryptionLevel :31626184 usChannelId :11
19 Manual Diagnostic 10/18/2013 18:29:29 Warning Unknown Zach Association Test - Result : Passed Summary : Associated
20 Manual Diagnostic 10/18/2013 18:29:29 Warning Unknown Zach Association Test - Additional Info : szSsid:Bazarsky szProfile :Bazarsky eOpMode :1 btApBssid :69004789 usChannelId :405 SignalQuality :6
21 Manual Diagnostic 10/18/2013 18:29:29 Warning Unknown Zach Authentication Test - Result : Passed Summary : Authenticated
22 Manual Diagnostic 10/18/2013 18:29:29 Warning Unknown Zach Authentication Test - Additional Info : eAuthMode :6 eAlgorithm :7
23 Manual Diagnostic 10/18/2013 18:29:29 Warning Unknown Zach Signal Test - Result : Passed Summary : eVeryGood
24 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach Ping Test - Result : Failed Summary : No Response: default gateway DHCP server
25 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach Ping Test - Additional Info :
26 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach bDHCP_IP...........: 1
27 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach bDNS...............: 0
28 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach bAutoIpEnabled.....: 1
29 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach bIsIpAddressAutoIp.: 0
30 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach bDHCPforWINS.......: 0
31 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach szIPAddress........: 10.0.1.180
32 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach szIPSubnetMask.....: 255.255.255.0
33 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach szDefaultGateway...: 10.0.1.1
34 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach szDhcpServer.......: 10.0.1.1
35 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach szDhcpSubnetMask...: 255.255.255.255
36 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach szDNSPrim..........: 0.0.0.0
37 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach szDNSSec...........: 0.0.0.0
38 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach szWINSPrim.........:
39 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach szWINSSec..........:
40 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach szDomain...........:
41 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach szScopeID..........:

Attached Files


Edited by zoltain, 18 October 2013 - 04:42 PM.

  • 0

#37
RKinner
Posted 18 October 2013 - 07:07 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Sorry. Must have lost your post.

It appears the the required files are there for the diagnostic so that's a dead end. You are still getting these odd gaps in the log. Don't know why.

Your wireless diagnostic appears to show a problem with the DNS server:

36 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach szDNSPrim..........: 0.0.0.0
37 Manual Diagnostic 10/18/2013 18:29:39 Warning Unknown Zach szDNSSec...........: 0.0.0.0

That we can probably fix by setting a manual DNS server.

Click Start, Control Panel, Network and Sharing Center, then click on Wireless Network Connection then
Properties, click on Internet Protocol Version 4 (TCP/IPv4), Properties, Use the following DNS server addresses, put in 8.8.8.8 and 4.2.2.1 then OK.

Let's try Process Explorer

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a full minute then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
  • 0

#38
zoltain
Posted 18 October 2013 - 09:09 PM

zoltain

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 137 posts
Not a problem. Yes my computer is loosing internet connecting quite frequently. I'm estimating I've had to restart the adapter maybe 7 times in the last hour. I tried entering those manual DNS addresses, to no effect.


Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
armsvc.exe 1,312 K 3,984 K 1748 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
audiodg.exe 19,924 K 19,296 K 7040 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
BTHSSecurityMgr.exe 4,628 K 9,504 K 4456 Intel® BlueTooth® HS Security Manager Service Intel® Corporation (Verified) Intel Corporation-Mobile Wireless Group
ComUpdatus.exe 4,384 K 8,732 K 3568 NVIDIA Update COM object NVIDIA Corporation (Verified) NVIDIA Corporation
conhost.exe 2,264 K 5,368 K 3144 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
conhost.exe 1,460 K 3,256 K 1964 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
EvtEng.exe 9,884 K 16,448 K 584 Intel® PROSet/Wireless Event Log Service Intel® Corporation (Verified) Intel Corporation-Mobile Wireless Group
IAStorDataMgrSvc.exe 34,528 K 41,640 K 4152 IAStorDataSvc Intel Corporation (Verified) Intel Corporation - Intel® Rapid Storage Technology
jusched.exe 1,400 K 4,676 K 4388 Java™ Update Scheduler Oracle Corporation (Verified) Oracle America
LogiAppBroker.exe 3,520 K 7,672 K 5584 LogiAppBroker.exe (UNICODE) Logitech, Inc. (Verified) Logitech
lsass.exe 4,968 K 11,724 K 764 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
lsm.exe 3,236 K 5,028 K 772 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
mDNSResponder.exe 3,556 K 7,016 K 1908 Bonjour Service Apple Inc. (Verified) Apple Inc.
msseces.exe 7,052 K 15,396 K 3932 Microsoft Security Client User Interface Microsoft Corporation (Verified) Microsoft Corporation
nvSCPAPISvr.exe 2,732 K 5,912 K 960 Stereo Vision Control Panel API Server NVIDIA Corporation (Verified) NVIDIA Corporation
nvstreamsvc.exe 6,064 K 10,932 K 3136 NVIDIA Streamer Service NVIDIA Corporation (Verified) NVIDIA Corporation
nvstreamsvc.exe 3,944 K 9,492 K 2184 NVIDIA Streamer Service NVIDIA Corporation (Verified) NVIDIA Corporation
NvTmru.exe 4,548 K 8,800 K 3948 NVIDIA NvTmru Application NVIDIA Corporation (Verified) NVIDIA Corporation
nvtray.exe 7,296 K 14,288 K 4980 NVIDIA Settings NVIDIA Corporation (Verified) NVIDIA Corporation
nvvsvc.exe 4,092 K 8,796 K 936 NVIDIA Driver Helper Service, Version 327.23 NVIDIA Corporation (Verified) NVIDIA Corporation
nvxdsync.exe 14,184 K 26,012 K 1996 NVIDIA User Experience Driver Component NVIDIA Corporation (Verified) NVIDIA Corporation
PowerBiosServer.exe 14,732 K 16,280 K 2600 PowerBiosServer (No signature was present in the subject)
procexp_2.exe 2,776 K 8,180 K 5452 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
RegSrvc.exe 3,256 K 7,880 K 2876 Intel® PROSet/Wireless Registry Service Intel® Corporation (Verified) Intel Corporation-Mobile Wireless Group
services.exe 8,688 K 14,264 K 748 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
smss.exe 772 K 1,404 K 356 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 7,320 K 12,844 K 1584 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,784 K 7,792 K 1252 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,704 K 6,472 K 3028 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 17,896 K 27,660 K 1060 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 2,332 K 4,368 K 4040 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Microsoft Windows Hardware Compatibility Publisher
taskeng.exe 3,344 K 7,604 K 2644 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,628 K 5,876 K 5024 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 7,472 K 14,208 K 1164 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
UNS.exe 3,712 K 7,936 K 4868 User Notification Service Intel Corporation (Verified) Intel Corporation
unsecapp.exe 2,456 K 5,844 K 3344 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
WDBackupEngine.exe 15,592 K 4,160 K 3548 WD Backup Engine Western Digital (Verified) Western Digital Technologies
WDRulesEngine.exe 21,456 K 2,864 K 2308 WD Rules Engine Western Digital (Verified) Western Digital Technologies
wininit.exe 2,024 K 4,940 K 700 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 3,860 K 8,104 K 740 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wlanext.exe 8,948 K 18,184 K 1268 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 8,116 K 14,500 K 4712 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 5,660 K 11,816 K 3520 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe 9,564 K 11,200 K 3208 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
ZeroConfigService.exe 9,812 K 19,880 K 3324 Intel® PROSet/Wireless Zero Configure Service Intel® Corporation (Verified) Intel Corporation-Mobile Wireless Group
BTHSAmpPalService.exe < 0.01 2,044 K 4,728 K 5844 Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter Intel Corporation (Verified) Intel Corporation-Mobile Wireless Group
iTunesHelper.exe < 0.01 4,176 K 11,936 K 4416 iTunesHelper Apple Inc. (Verified) Apple Inc.
nvvsvc.exe < 0.01 7,416 K 15,880 K 2004 NVIDIA Driver Helper Service, Version 327.23 NVIDIA Corporation (Verified) NVIDIA Corporation
svchost.exe < 0.01 27,780 K 41,876 K 1128 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SynTPEnh.exe < 0.01 10,608 K 14,084 K 3920 Synaptics TouchPad Enhancements Synaptics Incorporated (Verified) Microsoft Windows Hardware Compatibility Publisher
taskhost.exe < 0.01 13,680 K 14,120 K 2348 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 18,008 K 29,940 K 1096 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
daemonu.exe < 0.01 14,440 K 20,512 K 2380 NVIDIA Settings Update Manager NVIDIA Corporation (Verified) NVIDIA Corporation
update_checker.exe < 0.01 2,596 K 7,928 K 4304 FilesFrog.com Update Checker Somoto (Verified) Somoto Ltd.
csrss.exe < 0.01 2,820 K 5,352 K 592 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 13,904 K 18,364 K 1632 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
NisSrv.exe < 0.01 10,392 K 5,432 K 2952 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation
iPodService.exe < 0.01 3,372 K 7,660 K 3216 iPodService Module (64-bit) Apple Inc. (Verified) Apple Inc.
KHALMNPR.exe < 0.01 10,068 K 16,624 K 4500 Logitech KHAL Main Process Logitech, Inc. (Verified) Logitech
LCore.exe < 0.01 50,084 K 51,252 K 3992 Logitech Gaming Framework Logitech Inc. (Verified) Logitech
IDMan.exe < 0.01 16,220 K 30,484 K 1348 Internet Download Manager (IDM) Tonec Inc. (No signature was present in the subject) Tonec Inc.
svchost.exe < 0.01 7,276 K 11,124 K 1004 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
LMS.exe < 0.01 2,824 K 5,208 K 5680 Local Manageability Service Intel Corporation (Verified) Intel Corporation
SearchIndexer.exe < 0.01 32,884 K 15,984 K 3264 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
notepad++.exe 0.01 18,084 K 24,016 K 6316 Notepad++ : a free (GNU) source code editor Don HO [email protected] (No signature was present in the subject) Don HO [email protected]
AppleMobileDeviceService.exe 0.01 3,732 K 10,020 K 1780 MobileDeviceService Apple Inc. (Verified) Apple Inc.
WinPatrol.exe 0.01 3,052 K 10,648 K 4248 WinPatrol System Monitor BillP Studios (Verified) BillP Studios
explorer.exe 0.01 72,268 K 92,128 K 2524 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.02 7,112 K 10,920 K 4080 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.02 29,232 K 25,512 K 424 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
scManager.sys 0.02 2,920 K 7,260 K 2924 SafeConnect Service Impulse Point, LLC (Verified) Impulse Point LLC
Hotkey.exe 0.04 29,512 K 32,228 K 2912 HotKey (No signature was present in the subject)
WDDriveService.exe 0.04 10,632 K 14,968 K 2256 WD Drive Service Western Digital (Verified) Western Digital Technologies
speedfan.exe 0.04 8,104 K 20,980 K 3904 Almico Software (www.almico.com) (Verified) SOKNO S.R.L.
uTorrent.exe 0.06 25,216 K 33,280 K 2800 µTorrent BitTorrent Inc. (Verified) BitTorrent Inc
SetPoint.exe 0.08 41,028 K 38,352 K 4016 Logitech SetPoint Event Manager (UNICODE) Logitech, Inc. (Verified) Logitech
System 0.08 180 K 1,752 K 4
firefox.exe 0.08 655,052 K 696,596 K 5860 Firefox Mozilla Corporation (Verified) Mozilla Corporation
MsMpEng.exe 0.10 80,328 K 82,604 K 372 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
csrss.exe 0.11 3,592 K 13,520 K 712 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.24 19,020 K 19,152 K 1388 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
dwm.exe 0.24 41,416 K 65,004 K 2460 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
Interrupts 0.44 0 K 0 K n/a Hardware Interrupts and DPCs
Steam.exe 0.55 225,132 K 49,272 K 5612 Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win32@winslave04) Valve Corporation (Verified) Valve
svchost.exe 0.97 6,656 K 11,580 K 876 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
procexp_264.exe 1.05 42,168 K 64,092 K 7012 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
System Idle Process 95.74 0 K 24 K 0
  • 0

#39
RKinner
Posted 18 October 2013 - 11:40 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Process Explorer looks OK. Nothing strange running and nothing eating the CPU.

Next time your wireless fails:

copy the next 6 lines:

ipconfig /all > %userprofile%\desktop\junk.txt
tracert -d 8.8.8.8 >> %userprofile%\desktop\junk.txt
nslookup f1.com >> %userprofile%\desktop\junk.txt
netstat -rn >> %userprofile%\desktop\junk.txt
net start >> %userprofile%\desktop\junk.txt
notepad %userprofile%\desktop\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter.

Copy and paste the text from the notepad that opened into a reply.
  • 0

#40
zoltain
Posted 19 October 2013 - 11:18 AM

zoltain

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 137 posts
Windows IP Configuration

Host Name . . . . . . . . . . . . : Zach-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ri.cox.net

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 00-24-D7-CC-88-CD
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-24-D7-CC-88-CD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : ri.cox.net
Description . . . . . . . . . . . : Intel® Centrino® Ultimate-N 6300 AGN
Physical Address. . . . . . . . . : 00-24-D7-CC-88-CC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.0.1.180(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, October 18, 2013 A
Lease Expires . . . . . . . . . . : Sunday, October 20, 2013 A
Default Gateway . . . . . . . . . : 10.0.1.1
DHCP Server . . . . . . . . . . . : 10.0.1.1
DNS Servers . . . . . . . . . . . : 8.8.8.8
4.2.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : go.salve.edu
Description . . . . . . . . . . . : JMicron PCI Express Gigabit Ethernet Adapter
Physical Address. . . . . . . . . : 00-90-F5-BC-5F-B2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tracing route to 8.8.8.8 over a maximum of 30 hops

1 * * * Request timed out.
2 * * * Request timed out.
3 * * 10.0.1.180 reports: Destination host unreachable.

Trace complete.
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 8.8.8.8

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
===========================================================================
Interface List
14...00 24 d7 cc 88 cd ......Microsoft Virtual WiFi Miniport Adapter #2
13...00 24 d7 cc 88 cd ......Microsoft Virtual WiFi Miniport Adapter
12...00 24 d7 cc 88 cc ......Intel® Centrino® Ultimate-N 6300 AGN
11...00 90 f5 bc 5f b2 ......JMicron PCI Express Gigabit Ethernet Adapter
1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.1.1 10.0.1.180 20
10.0.1.0 255.255.255.0 On-link 10.0.1.180 276
10.0.1.180 255.255.255.255 On-link 10.0.1.180 276
10.0.1.255 255.255.255.255 On-link 10.0.1.180 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.1.180 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.1.180 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
These Windows services are started:

Adobe Acrobat Update Service
Apple Mobile Device
Application Experience
Background Intelligent Transfer Service
Base Filtering Engine
Bonjour Service
CNG Key Isolation
COM+ Event System
Computer Browser
Cryptographic Services
DCOM Server Process Launcher
Desktop Window Manager Session Manager
DHCP Client
Diagnostic Policy Service
Diagnostic Service Host
Distributed Link Tracking Client
DNS Client
Extensible Authentication Protocol
Function Discovery Provider Host
Function Discovery Resource Publication
Group Policy Client
HomeGroup Provider
Human Interface Device Access
IKE and AuthIP IPsec Keying Modules
Intel® Centrino® Wireless Bluetooth® + High Speed Security Service
Intel® Management and Security Application Local Management Service
Intel® Management and Security Application User Notification Service
Intel® PROSet/Wireless Event Log
Intel® PROSet/Wireless Registry Service
Intel® PROSet/Wireless Zero Configuration Service
Intel® Rapid Storage Technology
Intelr Centrinor Wireless Bluetoothr + High Speed Service
IP Helper
iPod Service
Microsoft Antimalware Service
Microsoft Network Inspection
Network Connections
Network List Service
Network Location Awareness
Network Store Interface Service
NVIDIA Display Driver Service
NVIDIA Stereoscopic 3D Driver Service
NVIDIA Streamer Service
NVIDIA Update Service Daemon
Offline Files
Plug and Play
Power
PowerBiosServer
Print Spooler
Remote Procedure Call (RPC)
RPC Endpoint Mapper
SafeConnect Manager
Security Accounts Manager
Security Center
Server
Shell Hardware Detection
SSDP Discovery
System Event Notification Service
Task Scheduler
TCP/IP NetBIOS Helper
Themes
User Profile Service
WD Backup
WD Drive Manager
WD Rules
Windows Audio
Windows Audio Endpoint Builder
Windows Event Log
Windows Firewall
Windows Font Cache Service
Windows Image Acquisition (WIA)
Windows Management Instrumentation
Windows Media Player Network Sharing Service
Windows Search
Windows Update
WinHTTP Web Proxy Auto-Discovery Service
WLAN AutoConfig
Workstation

The command completed successfully.
  • 0

Advertisements

#41
RKinner
Posted 19 October 2013 - 11:55 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Doesn't look like the connection is really there. What encryption are you using on your wireless? I took my HP all-in-one down to my daughters. It worked find with WEP at home but had an awful time with WPA2. Had to replace the built-in adapter with one of the USB type then everything worked fine.

Next time it fails try

ping 10.0.1.1


I went back and looked at your Speccy log again. You have a second hard drive that is in pretty bad shape. It's getting lots of errors. See if you can run a diskcheck on it. 1. Double-click My Computer, and then right-click the hard disk that you want to check. D:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You may receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check
  • 0

#42
zoltain
Posted 19 October 2013 - 03:40 PM

zoltain

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 137 posts
I may have fixed the problem. I was thinking about when this problem started and it was around the time I installed Intel's rapid storage tech. I looked in programs and saw an Intel Pro wireless software. I uninstalled that and for the last 2 hours, I haven't been disconnected.I'll let you know if the problem persists but as for now I'm optimistic :).

I'm still unable to troubleshoot the wireless connection however.

Edited by zoltain, 19 October 2013 - 03:40 PM.

  • 0

#43
RKinner
Posted 19 October 2013 - 03:49 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Great. I wonder if the troubleshooter fail on other things? Click on Start then Devices and Printers then right click on your Printer and Troubleshoot. Does it hang too?
  • 0

#44
zoltain
Posted 20 October 2013 - 04:19 PM

zoltain

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 137 posts
I don't have a printer hooked up but I tried troubleshooting my mouse plus a few others. All tried to detect a problem (obviously didn't find any), so it looks like it's only my wireless troubleshooter that is encountering an error.
  • 0

#45
RKinner
Posted 20 October 2013 - 06:18 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Got smart and ran Process Explorer then started the trouble shooter and it does:

"C:\Windows\System32\msdt.exe" -skip TRUE -path C:\Windows\diagnostics\system\networking -ep NetworkDiagnosticsPNI

which is totally different from the other troubleshooters.


So let's see what these files look like:


Copy the text in the code box:

/md5start
msdt.exe
DiagPackage.diagpkg
DiagPackage.dll
HTInteractiveRes.ps1
InteractiveRes.ps1
NetworkDiagnosticsResolve.ps1
NetworkDiagnosticsTroubleshoot.ps1
NetworkDiagnosticsVerify.ps1
StartDPSService.ps1
UtilityFirewall.ps1
UtilityFunctions.ps1
UtilitySetConstants.ps1
DiagPackage.dll.mui
LocalizationData.psd1
/md5stop

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP