Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Extreme loss in performance after running chkdsk


  • This topic is locked This topic is locked
8 replies to this topic

#1 HealerOfPains

HealerOfPains

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 05 December 2013 - 02:00 PM

I use this laptop exlusively for veterinary school-related things, and have been having problems ever since I ran a prophylactic chkdsk earlier this month. We recieved the laptops from the IT techs local to the school, who "set them up" for us. Network performance has dropped, speed has taken a massive hit, and it seems to lock up way more than it ever should.

 

I am not positive it is anything malware related, but I would like to remove the possibility.

 

I have attached an HJT log along with the DDS log requested.

 

I am relatively experienced at computer maintenance and intricacies, but I really can't find anything wrong with the laptop. I will be hapy to provide any extra information needed.

 

 

 

 

 

 

 

 

 

Attached File  dds.txt   17.8KB   0 downloads

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16736  BrowserJavaVersion: 10.25.2
Run by jbednarz at 12:52:59 on 2013-12-05
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.10085.7236 [GMT -6:00]
.
AV: Trend Micro OfficeScan Antivirus *Enabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92}
SP: Trend Micro OfficeScan Anti-spyware *Enabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Fingerprint Sensor\ATService.exe
C:\Program Files\Softex\OmniPass\OmniServ.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Tablet\ISD\ISD_TouchService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe
C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Tablet\ISD\ISD_Tablet.exe
C:\Windows\System32\svchost.exe -k SysinSrvSvc
C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\Tablet\ISD\ISD_TabletUser.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\Tablet\ISD\ISD_Tablet.exe
C:\Program Files\Softex\OmniPass\opvapp.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Program Files\Fujitsu\AutoRotation\AutoRotation.exe
C:\Program Files\Fujitsu\FDM8\FdmDaemon.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
C:\WINDOWS\PPOPUP.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files (x86)\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe
C:\Program Files\Fujitsu\Utils\FjDspMon.exe
C:\Program Files\Fujitsu\Utils\fjevents.exe
C:\Program Files\Fujitsu\Utils\FjLidMon.exe
C:\Program Files\Fujitsu\Utils\FjMnuIco.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Microsoft Office\Office15\ONENOTE.EXE
C:\Program Files\Fujitsu\utils\fjmenu.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Program Files\Tablet\ISD\ISD_TouchUser.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.vet.k-state.edu/
mWinlogon: Userinit = userinit.exe
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg32.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -update plugin
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [IndicatorUtility] "C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe"
mRun: [StartFujitsuPointingDeviceUtility] "C:\Program Files (x86)\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe"
mRun: [OfficeScanNT Monitor] "C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
StartupFolder: C:\Users\jbednarz\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PPOPUP.lnk - C:\WINDOWS\PPOPUP.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: DisallowRun = dword:1
uPolicies-DisallowRun: 1 = rpcsss.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoAutorun = dword:1
mPolicies-Explorer: DontSetAutoplayCheckbox = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableInstallerDetection = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableSecureUIAPaths = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: legalnoticecaption = K-State Electronic Resource Usage Policy
mPolicies-System: legalnoticetext = Welcome to Kansas State University's information technology
resources. Access to all electronic resources at K-State is restricted
to employees, students, or individuals authorized by the University
or its affiliates. Use of this system, network, and all of its connected
resources constitutes agreement to abide by all relevant K-State
policies. Unauthorized or inappropriate use may result in limitation
or revocation of use privileges and/or administrative, civil, or
criminal penalties.  Please see all policies for computers and related
technology at:  http://www.k-state.edu/policies/ppm/1020.html
mPolicies-System: disablecad = dword:1
mPolicies-System: HideStartupScripts = dword:1
mPolicies-System: HideFastUserSwitching = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
LSP: %systemroot%\system32\MSAFDLsp.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
TCP: NameServer = 129.130.131.10 129.130.131.25 129.130.254.3
TCP: Interfaces\{0D840D9D-ADB7-4403-8FA4-0EE8220496ED} : DHCPNameServer = 129.130.131.10 129.130.131.25 129.130.254.3
TCP: Interfaces\{0D840D9D-ADB7-4403-8FA4-0EE8220496ED}\B6D23747164756E2E65647 : DHCPNameServer = 129.130.131.8 129.130.131.7 129.130.254.3 129.130.254.2
TCP: Interfaces\{0D840D9D-ADB7-4403-8FA4-0EE8220496ED}\D416E68616474716E64354675627 : DHCPNameServer = 192.168.1.1 68.105.28.11 68.105.29.11
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg32.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [LoadFUJ02E3] "C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe"
x64-Run: [FJAutoR] C:\Program Files\Fujitsu\AutoRotation\AutoRotation.exe
x64-Run: [FjStrtAp] C:\Program Files\Fujitsu\Utils\FjStrtAp.exe
x64-Run: [FDM8] C:\Program Files\Fujitsu\FDM8\FdmDaemon.exe
x64-Run: [SSUtility] C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\jbednarz\AppData\Roaming\Mozilla\Firefox\Profiles\wd6842q5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.vet.k-state.edu/
FF - plugin: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R3 acpials;ALS Sensor Filter;C:\Windows\System32\drivers\acpials.sys [2010-11-21 9728]
R3 ATSwpWDF;AuthenTec TruePrint USB Driver;C:\Windows\System32\drivers\ATSwpWDF.sys [2010-6-2 770152]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2012-11-7 163368]
R3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2012-11-7 594472]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-11-7 39976]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2011-4-14 31216]
.
=============== Created Last 30 ================
.
2013-12-03 19:14:30    10285968    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BEBAA60D-7242-490C-9E23-0A46F4F9E70E}\mpengine.dll
2013-11-15 18:04:02    22031984    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\xul.dll
2013-11-13 04:32:48    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-11-13 04:31:15    1474048    ----a-w-    C:\Windows\System32\crypt32.dll
2013-11-13 04:31:15    1168384    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-11-13 04:30:50    497152    ----a-w-    C:\Windows\System32\drivers\afd.sys
2013-11-13 04:03:07    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2013-11-13 04:03:06    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2013-11-13 03:59:53    859648    ----a-w-    C:\Windows\System32\IKEEXT.DLL
2013-11-13 03:59:53    216576    ----a-w-    C:\Windows\SysWow64\FWPUCLNT.DLL
2013-11-13 03:59:52    830464    ----a-w-    C:\Windows\System32\nshwfp.dll
2013-11-13 03:59:52    656896    ----a-w-    C:\Windows\SysWow64\nshwfp.dll
2013-11-13 03:59:52    324096    ----a-w-    C:\Windows\System32\FWPUCLNT.DLL
.
==================== Find3M  ====================
.
2013-11-11 11:50:16    267936    ------w-    C:\Windows\System32\MpSigStub.exe
2013-10-12 08:45:20    2241536    ----a-w-    C:\Windows\System32\wininet.dll
2013-10-12 08:43:37    3959808    ----a-w-    C:\Windows\System32\jscript9.dll
2013-10-12 08:43:32    67072    ----a-w-    C:\Windows\System32\iesetup.dll
2013-10-12 08:43:32    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
2013-10-12 07:03:50    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-10-12 07:02:33    2877952    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-10-12 07:02:29    61440    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2013-10-12 07:02:29    109056    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2013-10-12 06:35:26    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-10-12 05:44:38    89600    ----a-w-    C:\Windows\System32\RegisterIEPKEYs.exe
2013-10-12 05:15:39    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-10-09 16:26:47    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 16:26:47    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-09-25 02:26:40    95680    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40    154560    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33    28672    ----a-w-    C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33    135680    ----a-w-    C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01    28160    ----a-w-    C:\Windows\System32\secur32.dll
2013-09-25 02:22:59    340992    ----a-w-    C:\Windows\System32\schannel.dll
2013-09-25 02:21:50    307200    ----a-w-    C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07    1447936    ----a-w-    C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24    247808    ----a-w-    C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42    220160    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24    30720    ----a-w-    C:\Windows\System32\lsass.exe
2013-09-08 02:30:37    1903552    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14    327168    ----a-w-    C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58    231424    ----a-w-    C:\Windows\SysWow64\mswsock.dll
.
============= FINISH: 12:58:21.65 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:26 PM

Posted 10 December 2013 - 02:05 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/516485 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HealerOfPains

HealerOfPains
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 11 December 2013 - 02:06 PM

I do not currently have my Windows 7 CD available, as these laptops were "setup" by the IT dept at the school. We only received the laptops after we entered the school.

 

Currently, my entire computer lags behind in almost everything it does. Loading videos from files takes forever, stuttering and freezing at random times. Internet load times are atrocious, sometimes taking minutes to load a page. Recovery from any sort of sleep mode takes ~10 minutes, and the computer is completely and utterly useless for the entire period.

 

This all began to occur after I ran a simple chkdsk to check for any diskdrive errors, and has not shown any sign of getting better.

 

Thank you so much for your help!

 

Attached File  dds.txt   17.94KB   0 downloads

Attached Files



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,389 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:26 PM

Posted 11 December 2013 - 09:30 PM

Greetings HealerOfPains and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please run this program for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Farbar's Service Scanner

--------------------
  • Please download Farbar Service Scanner, save it to your desktop, and run it.
  • Make sure the following options are checked:

Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender
Other Services

  • Press Scan
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
===================================================

Farbar's MiniToolBox

--------------------
  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List devices >>(Problem only)<<

  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • Farbar logs (2)

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 HealerOfPains

HealerOfPains
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 13 December 2013 - 01:55 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2013 01
Ran by jbednarz (administrator) on JOHNBEDNARZ on 13-12-2013 12:40:11
Running from C:\Users\jbednarz\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATService.exe
(Softex Inc.) C:\Program Files\Softex\OmniPass\OmniServ.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_TouchService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IFXTCS.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\NTRTScan.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_Tablet.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmListen.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_Tablet.exe
() C:\Program Files\Softex\OmniPass\opvapp.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\AutoRotation\AutoRotation.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM8\FdmDaemon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(A.N.D. Technologies, Inc.) C:\Windows\PPOPUP.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe
(Fujitsu America, Inc.) C:\Program Files\Fujitsu\Utils\FjDspMon.exe
(Fujitsu America, Inc.) C:\Program Files\Fujitsu\Utils\FjEvents.exe
(Fujitsu America, Inc.) C:\Program Files\Fujitsu\Utils\FjLidMon.exe
(Fujitsu America, Inc.) C:\Program Files\Fujitsu\Utils\fjmnuico.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_TouchUser.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\jbednarz\Desktop\FRST64(2).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13353064 2011-11-14] (Realtek Semiconductor)
HKLM\...\Run: [ATSwpNav] - "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-23] (FUJITSU LIMITED)
HKLM\...\Run: [FJAutoR] - C:\Program Files\Fujitsu\AutoRotation\AutoRotation.exe [88944 2012-01-30] (FUJITSU LIMITED)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [FjStrtAp] - C:\Program Files\Fujitsu\Utils\FjStrtAp.exe [22360 2012-02-07] (Fujitsu America, Inc.)
HKLM\...\Run: [FDM8] - C:\Program Files\Fujitsu\FDM8\FdmDaemon.exe [96664 2012-06-08] (FUJITSU LIMITED)
HKLM\...\Run: [SSUtility] - C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe [273776 2011-09-15] (FUJITSU LIMITED)
HKLM Group Policy restriction on software: c:\windows\system32\applayer.exe <====== ATTENTION
HKLM Group Policy restriction on software: %Temp%\Rar*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: c:\windows\system\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %Temp%\*.zip\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *updbrowser*.exe <====== ATTENTION
HKLM Group Policy restriction on software: c:\windows\inf\applayer.exe <====== ATTENTION
HKLM Group Policy restriction on software: %Temp%\wz*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: c:\windows\system\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: c:\windows\system32\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: c:\windows\system32\x5.exe <====== ATTENTION
HKLM Group Policy restriction on software: c:\windows\inf\rpcsss.exe <====== ATTENTION
HKLM Group Policy restriction on software: XS1.exe <====== ATTENTION
HKLM Group Policy restriction on software: %System%\applayer.exe <====== ATTENTION
HKLM Group Policy restriction on software: c:\System Volume Information\*.rar <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %temp%\hostname.bat <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKLM\...\Policies\Explorer: [DontSetAutoplayCheckbox] 1
HKCU\...\Run: [Rainlendar2] - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2598496 2013-03-10] ()
HKCU\...\Policies\system: [RunLogonScriptSync] 1
HKCU\...\Policies\Explorer: [DisallowRun] 1
HKCU\...\Policies\Explorer\DisallowRun: [1] rpcsss.exe
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-29] (FUJITSU LIMITED)
HKLM-x32\...\Run: [StartFujitsuPointingDeviceUtility] - C:\Program Files (x86)\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [89456 2012-06-29] (FUJITSU LIMITED)
HKLM-x32\...\Run: [OfficeScanNT Monitor] - C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe [1836592 2011-08-29] (Trend Micro Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\jbednarz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vet.k-state.edu/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB02C836095BECD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg.dll (Trend Micro Inc.)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmIEPlg32.dll (Trend Micro Inc.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Winsock: Catalog9 02 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Winsock: Catalog9 03 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Winsock: Catalog9 04 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Winsock: Catalog9 05 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Winsock: Catalog9 06 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Winsock: Catalog9 07 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Winsock: Catalog9 08 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Winsock: Catalog9 09 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Winsock: Catalog9 10 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Winsock: Catalog9 22 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Winsock: Catalog9-x64 01 %systemroot%\system32\MSAFDLsp.dll [386048] ()
Winsock: Catalog9-x64 02 %systemroot%\system32\MSAFDLsp.dll [386048] ()
Winsock: Catalog9-x64 03 %systemroot%\system32\MSAFDLsp.dll [386048] ()
Winsock: Catalog9-x64 04 %systemroot%\system32\MSAFDLsp.dll [386048] ()
Winsock: Catalog9-x64 05 %systemroot%\system32\MSAFDLsp.dll [386048] ()
Winsock: Catalog9-x64 06 %systemroot%\system32\MSAFDLsp.dll [386048] ()
Winsock: Catalog9-x64 07 %systemroot%\system32\MSAFDLsp.dll [386048] ()
Winsock: Catalog9-x64 08 %systemroot%\system32\MSAFDLsp.dll [386048] ()
Winsock: Catalog9-x64 09 %systemroot%\system32\MSAFDLsp.dll [386048] ()
Winsock: Catalog9-x64 10 %systemroot%\system32\MSAFDLsp.dll [386048] ()
Winsock: Catalog9-x64 22 %systemroot%\system32\MSAFDLsp.dll [386048] ()
Tcpip\Parameters: [DhcpNameServer] 129.130.131.10 129.130.131.25 129.130.254.3

FireFox:
========
FF ProfilePath: C:\Users\jbednarz\AppData\Roaming\Mozilla\Firefox\Profiles\wd6842q5.default
FF Homepage: hxxp://www.vet.k-state.edu/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\jbednarz\AppData\Roaming\Mozilla\Firefox\Profiles\wd6842q5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files (x86)\Trend Micro\OfficeScan Client\FirefoxExtension
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files (x86)\Trend Micro\OfficeScan Client\FirefoxExtension

==================== Services (Whitelisted) =================

R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-23] (FUJITSU LIMITED)
R2 IFXSpMgtSrv; C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe [1160480 2010-02-23] (Infineon Technologies AG)
R2 IFXTCS; C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe [992544 2010-02-23] (Infineon Technologies AG)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-29] (Intel Corporation)
R2 ntrtscan; C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe [2771856 2011-08-26] (Trend Micro Inc.)
R2 omniserv; C:\Program Files\Softex\OmniPass\OmniServ.exe [42496 2011-02-16] (Softex Inc.)
R2 PersonalSecureDriveService; C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe [214304 2010-02-23] (Infineon Technologies AG)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2011-05-13] ()
R2 SysinSrv; C:\Program Files\DyKnow\Client\DyKnow.Host.dll [49664 2013-05-31] (Dynamic Knowledge Transfer, LLC.)
R2 TabletServiceISD; C:\Program Files\Tablet\ISD\ISD_Tablet.exe [7266720 2012-07-11] (Wacom Technology, Corp.)
R2 tmlisten; C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe [2772096 2011-08-26] (Trend Micro Inc.)
S3 TmProxy; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe [918032 2011-04-15] (Trend Micro Inc.)
R2 TouchServiceISD; C:\Program Files\Tablet\ISD\ISD_TouchService.exe [530336 2012-07-11] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-23] (FUJITSU LIMITED)
R3 Fjbtndrv; C:\Windows\system32\drivers\FjBtnDrv.sys [23040 2009-08-27] (Fujitsu America, Inc.)
R0 FJGSDisk; C:\Windows\System32\DRIVERS\FJGSDisk.sys [15600 2011-07-07] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R3 guardian2; C:\Windows\System32\Drivers\oz776x64.sys [85848 2012-03-13] (O2Micro)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-25] (Infineon Technologies AG)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259176 2011-12-13] (Realtek Semiconductor Corp.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [3052920 2011-12-23] (Sunplus Technology)
S3 swg3knmea03; C:\Windows\system32\drivers\swg3knmea03.sys [259200 2011-08-18] (Sierra Wireless Incorporated)
S3 swg3kser03; C:\Windows\system32\drivers\swg3kser03.sys [259200 2011-08-18] (Sierra Wireless Incorporated)
S3 swibus03; C:\Windows\system32\drivers\swibus03.sys [74752 2011-08-18] (Sierra Wireless Inc.)
S3 swibusflt03; C:\Windows\system32\drivers\swibusflt03.sys [74752 2011-08-18] (Sierra Wireless Inc.)
R2 TmFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [344376 2012-07-17] (Trend Micro Inc.)
R2 TmPreFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys [42808 2012-07-17] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [108624 2010-12-07] (Trend Micro Inc.)
R2 VSApiNt; C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys [2224952 2012-07-17] (Trend Micro Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-13 12:40 - 2013-12-13 12:41 - 00020070 _____ C:\Users\jbednarz\Desktop\FRST.txt
2013-12-13 12:39 - 2013-12-13 12:39 - 00000000 ____D C:\FRST
2013-12-13 12:35 - 2013-12-13 12:37 - 01927462 _____ (Farbar) C:\Users\jbednarz\Desktop\FRST64(2).exe
2013-12-13 12:30 - 2013-12-13 12:31 - 00760937 _____ (Farbar) C:\Users\jbednarz\Desktop\MiniToolBox.exe
2013-12-13 12:29 - 2013-12-13 12:29 - 00708597 _____ (Farbar) C:\Users\jbednarz\Desktop\FSS.exe
2013-12-13 11:35 - 2013-12-13 11:35 - 10726297 _____ C:\Users\jbednarz\Desktop\3D Dog Test 2.pptx
2013-12-12 00:27 - 2013-12-12 00:27 - 00004962 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ADS-jbednarz JOHNBEDNARZ.ads.vet.k-state.edu
2013-12-11 20:11 - 2013-10-29 19:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 20:06 - 2013-10-25 00:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 20:06 - 2013-10-25 00:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 20:06 - 2013-10-25 00:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 20:06 - 2013-10-25 00:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 20:06 - 2013-10-25 00:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 20:06 - 2013-10-25 00:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 20:06 - 2013-10-25 00:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 20:06 - 2013-10-25 00:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 20:06 - 2013-10-25 00:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 20:06 - 2013-10-25 00:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 20:06 - 2013-10-25 00:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 20:06 - 2013-10-25 00:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 20:06 - 2013-10-25 00:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 20:06 - 2013-10-25 00:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 20:06 - 2013-10-24 22:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 20:06 - 2013-10-24 22:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 20:06 - 2013-10-24 22:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 20:06 - 2013-10-24 22:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 20:06 - 2013-10-24 22:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 20:06 - 2013-10-24 22:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 20:06 - 2013-10-24 22:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 20:06 - 2013-10-24 22:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 20:06 - 2013-10-24 22:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 20:06 - 2013-10-24 22:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-11 20:06 - 2013-10-24 22:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-11 20:06 - 2013-10-24 22:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 20:06 - 2013-10-24 22:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-11 20:06 - 2013-10-24 22:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 20:06 - 2013-10-24 21:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 20:06 - 2013-10-24 21:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-11 20:06 - 2013-10-24 20:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-11 19:58 - 2013-10-18 20:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 19:58 - 2013-10-18 19:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 19:57 - 2013-10-03 20:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 19:57 - 2013-10-03 19:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 12:14 - 2013-10-11 20:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 12:14 - 2013-10-11 20:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 12:14 - 2013-10-11 20:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 12:14 - 2013-10-11 20:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 12:14 - 2013-10-11 19:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 12:14 - 2013-10-11 19:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 12:14 - 2013-10-11 19:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 12:14 - 2013-10-11 19:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-10 09:05 - 2013-12-10 09:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-10 08:56 - 2013-12-10 08:56 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2013-12-10 08:55 - 2013-12-10 08:55 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-12-09 09:56 - 2013-12-09 09:56 - 05202944 _____ C:\Users\jbednarz\Desktop\Exam_402.ppt
2013-12-09 09:56 - 2013-12-09 09:56 - 04747264 _____ C:\Users\jbednarz\Desktop\Exam_Final_403.ppt
2013-12-09 09:56 - 2013-12-09 09:56 - 04651520 _____ C:\Users\jbednarz\Desktop\Exam_401.ppt
2013-12-09 09:53 - 2011-12-08 10:52 - 16180736 _____ C:\Users\jbednarz\Desktop\GrossExam4 v2.1.ppt
2013-12-09 09:52 - 2013-12-10 08:22 - 00004960 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for {f99242d5-14a2-4ffe-acb4-093f65022818} JOHNBEDNARZ.ads.vet.k-state.edu
2013-12-08 20:11 - 2013-12-08 22:24 - 02651201 _____ C:\Users\jbednarz\Desktop\Rabies Virus.pptx
2013-12-05 13:31 - 2013-12-12 21:34 - 03016704 _____ C:\Users\jbednarz\AppData\Local\wnc.db
2013-12-05 13:31 - 2013-12-12 21:34 - 00039395 _____ C:\Users\jbednarz\AppData\Local\wnc.log.0
2013-12-05 13:31 - 2013-12-12 21:33 - 00000000 _____ C:\Users\jbednarz\AppData\Local\wnc.log.0.lck
2013-12-05 13:31 - 2013-12-05 13:31 - 00001767 _____ C:\Users\jbednarz\AppData\Local\opensource-licenses.txt
2013-12-05 13:31 - 2013-12-05 13:31 - 00000440 _____ C:\Users\jbednarz\AppData\Local\wnc.properties
2013-12-05 13:30 - 2013-12-05 13:30 - 00000000 ____D C:\Program Files (x86)\RefWorks-COS
2013-12-05 13:16 - 2013-12-05 13:22 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-12-05 12:49 - 2013-12-05 12:52 - 00688992 ____R (Swearware) C:\Users\jbednarz\Desktop\dds.com
2013-12-05 12:36 - 2013-12-05 12:36 - 00388608 _____ (Trend Micro Inc.) C:\Users\jbednarz\Desktop\HijackThis.exe

==================== One Month Modified Files and Folders =======

2013-12-13 12:41 - 2013-12-13 12:40 - 00020070 _____ C:\Users\jbednarz\Desktop\FRST.txt
2013-12-13 12:39 - 2013-12-13 12:39 - 00000000 ____D C:\FRST
2013-12-13 12:37 - 2013-12-13 12:35 - 01927462 _____ (Farbar) C:\Users\jbednarz\Desktop\FRST64(2).exe
2013-12-13 12:31 - 2013-12-13 12:30 - 00760937 _____ (Farbar) C:\Users\jbednarz\Desktop\MiniToolBox.exe
2013-12-13 12:29 - 2013-12-13 12:29 - 00708597 _____ (Farbar) C:\Users\jbednarz\Desktop\FSS.exe
2013-12-13 12:29 - 2013-08-14 10:18 - 00000000 ____D C:\Users\jbednarz\AppData\Roaming\Skype
2013-12-13 12:26 - 2012-11-09 10:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-13 12:11 - 2012-11-09 14:14 - 00035826 _____ C:\Windows\cfgall.ini
2013-12-13 12:00 - 2013-08-14 07:01 - 01690612 _____ C:\Windows\WindowsUpdate.log
2013-12-13 11:50 - 2013-06-13 07:24 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-13 11:50 - 2013-06-13 07:24 - 00000000 ____D C:\ProgramData\Skype
2013-12-13 11:43 - 2013-08-14 07:07 - 00000128 _____ C:\Windows\system32\config\netlogon.ftl
2013-12-13 11:35 - 2013-12-13 11:35 - 10726297 _____ C:\Users\jbednarz\Desktop\3D Dog Test 2.pptx
2013-12-12 21:34 - 2013-12-05 13:31 - 03016704 _____ C:\Users\jbednarz\AppData\Local\wnc.db
2013-12-12 21:34 - 2013-12-05 13:31 - 00039395 _____ C:\Users\jbednarz\AppData\Local\wnc.log.0
2013-12-12 21:33 - 2013-12-05 13:31 - 00000000 _____ C:\Users\jbednarz\AppData\Local\wnc.log.0.lck
2013-12-12 21:32 - 2012-11-09 10:10 - 07090072 _____ C:\Windows\SysWOW64\TmInstall.log
2013-12-12 21:32 - 2012-11-09 10:10 - 03873946 _____ C:\Windows\system32\TmInstall.log
2013-12-12 14:04 - 2009-07-13 22:45 - 00029920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-12 14:04 - 2009-07-13 22:45 - 00029920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-12 13:59 - 2013-08-27 12:05 - 00000000 ____D C:\Users\jbednarz\.rainlendar2
2013-12-12 13:57 - 2013-09-26 06:50 - 00002520 _____ C:\Windows\setupact.log
2013-12-12 13:57 - 2012-11-12 13:02 - 00000000 ____D C:\ProgramData\dyknow
2013-12-12 13:57 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-12 00:38 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache
2013-12-12 00:27 - 2013-12-12 00:27 - 00004962 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ADS-jbednarz JOHNBEDNARZ.ads.vet.k-state.edu
2013-12-11 20:36 - 2009-07-13 23:13 - 00833558 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-11 20:29 - 2009-07-13 22:45 - 00451592 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 20:28 - 2013-10-09 13:54 - 00016748 _____ C:\Windows\PFRO.log
2013-12-11 20:28 - 2012-11-09 10:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-11 20:16 - 2012-11-09 09:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 12:55 - 2012-11-07 13:22 - 00050718 __RSH C:\ProgramData\ntuser.pol
2013-12-11 09:27 - 2012-11-09 10:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 09:27 - 2012-11-09 10:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 09:27 - 2012-11-09 10:22 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 09:06 - 2013-12-10 09:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-10 08:56 - 2013-12-10 08:56 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2013-12-10 08:55 - 2013-12-10 08:55 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-12-10 08:22 - 2013-12-09 09:52 - 00004960 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for {f99242d5-14a2-4ffe-acb4-093f65022818} JOHNBEDNARZ.ads.vet.k-state.edu
2013-12-09 09:56 - 2013-12-09 09:56 - 05202944 _____ C:\Users\jbednarz\Desktop\Exam_402.ppt
2013-12-09 09:56 - 2013-12-09 09:56 - 04747264 _____ C:\Users\jbednarz\Desktop\Exam_Final_403.ppt
2013-12-09 09:56 - 2013-12-09 09:56 - 04651520 _____ C:\Users\jbednarz\Desktop\Exam_401.ppt
2013-12-08 22:24 - 2013-12-08 20:11 - 02651201 _____ C:\Users\jbednarz\Desktop\Rabies Virus.pptx
2013-12-08 19:05 - 2013-08-14 10:18 - 00004474 _____ C:\Users\jbednarz\AppData\Roaming\FjMenu1.XML
2013-12-05 13:31 - 2013-12-05 13:31 - 00001767 _____ C:\Users\jbednarz\AppData\Local\opensource-licenses.txt
2013-12-05 13:31 - 2013-12-05 13:31 - 00000440 _____ C:\Users\jbednarz\AppData\Local\wnc.properties
2013-12-05 13:30 - 2013-12-05 13:30 - 00000000 ____D C:\Program Files (x86)\RefWorks-COS
2013-12-05 13:22 - 2013-12-05 13:16 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-12-05 12:52 - 2013-12-05 12:49 - 00688992 ____R (Swearware) C:\Users\jbednarz\Desktop\dds.com
2013-12-05 12:36 - 2013-12-05 12:36 - 00388608 _____ (Trend Micro Inc.) C:\Users\jbednarz\Desktop\HijackThis.exe
2013-11-28 22:26 - 2013-10-28 21:50 - 00000563 _____ C:\Windows\TMFilter.log

Some content of TEMP:
====================
C:\Users\jbednarz\AppData\Local\Temp\proxy_vole1354293727780931255.dll
C:\Users\jbednarz\AppData\Local\Temp\ShareX-8.2.0.655-setup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-11 21:10

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2013 01
Ran by jbednarz at 2013-12-13 12:44:20
Running from C:\Users\jbednarz\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Trend Micro OfficeScan Antivirus (Disabled - Up to date) {7193B549-236F-55EE-9AEC-F65279E59A92}
AS: Trend Micro OfficeScan Anti-spyware (Disabled - Up to date) {CAF254AD-0555-5A60-A05C-CD200262D02F}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 8.2.1)
Adobe AIR (x32 Version: 3.8.0.870)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
Anytime USB Charge Utility (x32 Version: 1.01.10.005)
Apple Application Support (x32 Version: 2.1.7)
Apple Software Update (x32 Version: 2.1.3.127)
AuthenTec Fingerprint Software (Version: 9.0.8.35)
Auto Rotation Utility (Version: 1.01.01.007)
Auto Rotation Utility (x32 Version: 1.01.01.007)
Battery Utility (x32 Version: 3.01.16.008)
CCleaner (Version: 4.04)
CyberLink MakeDisc (x32 Version: 4.0.3016)
CyberLink PowerDirector (x32 Version: 8.0.4020)
CyberLink PowerDVD 10 (x32 Version: 10.0.3522.02)
CyberLink YouCam (x32 Version: 4.1.2218)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (x32)
FJ Camera (x32 Version: 3.3.9.4)
Fujitsu Display Manager (Version: 8.01.00.010)
Fujitsu Display Manager (x32 Version: 8.01.00.010)
Fujitsu Fingerprint Authentication Library (Version: 1.00.49.1)
Fujitsu Hotkey Utility (x32 Version: 3.70.0.0)
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.002)
Fujitsu MobilityCenter Extension Utility (x32 Version: 3.01.00.002)
Fujitsu System Extension Utility (Version: 3.4.4.0)
Fujitsu System Extension Utility (x32 Version: 3.4.4.0)
Fujitsu System Manager (Version: 8.00.0531.2012)
Infineon TPM Professional Package (Version: 3.7.000)
Inst5672 (Version: 7.00.61)
Intel® Management Engine Components (x32 Version: 8.0.3.1427)
Intel® Network Connections Drivers (Version: 16.8)
Intel® OpenCL CPU Runtime (x32)
Intel® Processor Graphics (x32 Version: 8.15.10.2696)
Intel® Rapid Storage Technology (x32 Version: 11.0.0.1032)
Intel® USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.225)
Intel® PROSet/Wireless WiFi Software (Version: 15.01.0000.0830)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
ISD Tablet (Version: 7.0.9-7)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Junk Mail filter update (x32 Version: 14.0.8117.416)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Access MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Access Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft DCF MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Excel MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Groove MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft InfoPath MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Lync MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Shared Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft OneNote MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Outlook MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Publisher MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Word MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NirSoft BlueScreenView (x32)
O2Micro OZ776 SCR Driver (Version: 2.1.4.216GS)
O2Micro OZ776 SCR Driver (x32 Version: 2.1.4.216GS)
OmniPass (Version: 7.00.61(x64))
OmniPass (x32 Version: 7.00.61(x64))
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017)
Pointing Device Utility (x32 Version: 1.0.3.0)
QuickTime (x32 Version: 7.72.80.56)
Rainlendar2 (remove only) (x32)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealPlayer (x32 Version: 15.0.6)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6505)
Realtek PCIE Card Reader (x32 Version: 6.1.7601.29006)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Roxio Creator LJ (x32 Version: 1.0.511)
Roxio Creator LJ (x32 Version: 12.1.4.11)
Roxio Creator LJ (x32 Version: 5.0.0)
ShareX 8.2.0.655 (Version: 8.2.0.655)
Shock Sensor Driver (Version: 1.01.00.002)
Shock Sensor Driver (x32 Version: 1.01.00.002)
Shock Sensor Utility (Version: 5.01.02.001)
Shock Sensor Utility (x32 Version: 5.01.02.001)
Skype™ 6.11 (x32 Version: 6.11.102)
StarCraft II (x32 Version: 2.0.11.26825)
swMSM (x32 Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.2.11.1)
TeamViewer 9 (x32 Version: 9.0.24482)
Touch Launcher (x32 Version: V1.2L04)
Trend Micro OfficeScan Client (x32 Version: 10.6)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition (x32)
Update for Microsoft Access 2013 (KB2827233) 32-Bit Edition (x32)
Update for Microsoft InfoPath 2013 (KB2837648) 32-Bit Edition (x32)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2837626) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2837637) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2837638) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2837655) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2850066) 32-Bit Edition (x32)
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2013 (KB2767850) 32-Bit Edition (x32)
Update for Microsoft Project 2013 (KB2727085) 32-Bit Edition (x32)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (x32)
Update for Microsoft SkyDrive Pro (KB2817495) 32-Bit Edition (x32)
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition (x32)
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition (x32)
Update for Microsoft Word 2013 (KB2837647) 32-Bit Edition (x32)
Update for Microsoft Word 2013 (KB2850060) 32-Bit Edition (x32)
VetMed Pack Tablet Runtime 5.2 SP1 (Required) (x32 Version: 5.2.11)
VetMedPack (Required) (Version: 5.6.14)
WIDCOMM Bluetooth Software (Version: 6.5.1.2700)
Windows Driver Package - Fujitsu America, Inc. (FjBtnDrv) HIDClass  (08/27/2009 4.2.0827.2009) (Version: 08/27/2009 4.2.0827.2009)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Mail (x32 Version: 14.0.8117.0416)
Windows Live Movie Maker (x32 Version: 14.0.8117.0416)
Windows Live Photo Gallery (x32 Version: 14.0.8117.416)
Windows Live Writer (x32 Version: 14.0.8117.0416)
Write-N-Cite (x32 Version: 4.2.1141)

==================== Restore Points  =========================

18-11-2013 14:00:44 Windows Update
29-11-2013 04:33:49 Windows Update
02-12-2013 10:59:46 Windows Update
05-12-2013 19:24:05 Installed Write-N-Cite.
05-12-2013 19:27:58 Installed Write-N-Cite.
08-12-2013 23:22:03 Windows Update
11-12-2013 18:02:57 Windows Update

==================== Hosts content: ==========================

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1CDFD435-7FCF-4F28-8595-54D0FE5B0E3A} - \RealUpgradeScheduledTaskS-1-5-21-186839882-2101367357-2788254402-1000 No Task File
Task: {1D32B097-8076-46E8-8DBA-89DF2D6E4B57} - System32\Tasks\Microsoft Office 15 Sync Maintenance for {f99242d5-14a2-4ffe-acb4-093f65022818} JOHNBEDNARZ.ads.vet.k-state.edu => C:\Program Files (x86)\Microsoft Office\Office15\MSOSYNC.EXE [2013-11-08] (Microsoft Corporation)
Task: {1FEC62ED-0A0F-496E-B7BF-B11CD7BC0D74} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {2FCD6A2F-D926-44A1-AF17-11FD59F40D2C} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ADS-jbednarz JOHNBEDNARZ.ads.vet.k-state.edu => C:\Program Files (x86)\Microsoft Office\Office15\MSOSYNC.EXE [2013-11-08] (Microsoft Corporation)
Task: {355A61B5-ACC7-4B69-8E30-02C5AF3C58A9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {36854210-EEB6-4DCF-848A-A9DE7C572302} - \WPD\SqmUpload_S-1-5-21-186839882-2101367357-2788254402-1000 No Task File
Task: {49587E90-D32E-462C-9D25-B78DDE77A655} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {7B2B881B-3070-4C62-B9DA-7D5429CF8D38} - \RealUpgradeLogonTaskS-1-5-21-186839882-2101367357-2788254402-1000 No Task File
Task: {CC98869D-16E2-4E84-B22F-40E85F18C260} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {E0B0D82B-A36C-427A-9D34-41F53AA38281} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {FA59BADA-0FDF-4576-9D74-7D4E4CADF718} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-10-17 11:23 - 2013-10-17 11:23 - 08866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-11-07 10:00 - 2012-03-19 00:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-05-31 07:28 - 2013-05-31 07:28 - 00386048 _____ () C:\Windows\system32\MSAFDLsp.dll
2012-11-07 10:05 - 2011-02-03 04:56 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2012-11-07 13:17 - 2012-07-11 15:04 - 01184672 _____ () C:\Program Files\Tablet\ISD\libxml2.dll
2012-05-16 13:01 - 2012-05-16 13:01 - 00140800 _____ () C:\Program Files (x86)\Rainlendar2\lua52.dll
2013-03-10 11:59 - 2013-03-10 11:59 - 00215648 _____ () C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2012-06-17 07:22 - 2012-06-17 07:22 - 00012800 _____ () C:\Program Files (x86)\Rainlendar2\lfs.dll
2012-11-07 10:05 - 2011-02-03 04:56 - 00066856 _____ () C:\Windows\SysWOW64\SynTPEnhPS.dll
2012-11-07 13:16 - 2012-02-29 22:22 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-12-10 09:05 - 2013-12-10 09:06 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/12/2013 01:58:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/12/2013 01:57:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (12/12/2013 01:57:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (12/12/2013 01:57:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

Error: (12/11/2013 08:30:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2013 08:29:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (12/11/2013 08:29:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (12/11/2013 08:29:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

Error: (12/10/2013 08:00:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/10/2013 07:58:44 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0


System errors:
=============
Error: (12/13/2013 11:33:39 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TouchServiceISD service.

Error: (12/12/2013 11:10:51 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TouchServiceISD service.

Error: (12/12/2013 09:31:44 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ADS due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (12/12/2013 09:31:25 PM) (Source: Microsoft-Windows-GroupPolicy) (User: ADS)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (12/12/2013 09:31:25 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (12/12/2013 01:57:28 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (12/12/2013 01:57:14 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
B) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

Error: (12/12/2013 01:57:12 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ADS due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (12/12/2013 01:57:09 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:55:21 PM on ‎12/‎12/‎2013 was unexpected.

Error: (12/12/2013 01:56:05 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the btwdins service.


Microsoft Office Sessions:
=========================
Error: (12/12/2013 01:58:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/12/2013 01:57:11 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name43900

Error: (12/12/2013 01:57:11 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name25900

Error: (12/12/2013 01:57:11 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name17900

Error: (12/11/2013 08:30:13 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2013 08:29:11 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name43900

Error: (12/11/2013 08:29:11 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name25900

Error: (12/11/2013 08:29:11 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name17900

Error: (12/10/2013 08:00:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/10/2013 07:58:44 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name43900


CodeIntegrity Errors:
===================================
  Date: 2013-12-13 09:51:05.710
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-12 23:11:15.524
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-12 14:06:21.790
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-12 13:57:30.841
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-11 21:48:33.165
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-11 20:29:16.056
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-11 20:20:45.942
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-11 13:41:06.435
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-11 11:12:39.791
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-10 11:26:32.677
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 23%
Total physical RAM: 10084.54 MB
Available physical RAM: 7696.1 MB
Total Pagefile: 20169.07 MB
Available Pagefile: 16976.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:281.75 GB) (Free:197.17 GB) NTFS
Drive d: (Backup) (Fixed) (Total:298.09 GB) (Free:247.53 GB) NTFS
Drive m: (PROGRAMS) (Network) (Total:833.21 GB) (Free:696.26 GB) NTFS
Drive o: (GROUPS) (Network) (Total:2043 GB) (Free:1086.77 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: F9849212)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=282 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 367A99A8)
Partition 1: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Farbar Service Scanner Version: 05-12-2013
Ran by jbednarz (administrator) on 13-12-2013 at 12:49:09
Running from "C:\Users\jbednarz\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by jbednarz (administrator) on 13-12-2013 at 12:51:11
Running from "C:\Users\jbednarz\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6205 = Wireless Network Connection (Connected)
Intel® 82579LM Gigabit Network Connection = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?*3 subinterface=ethernet_9 mtu=1477
set subinterface interface=?*3 subinterface=ethernet_10 mtu=1477
set subinterface interface=?*3 subinterface=ethernet_11 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : JOHNBEDNARZ
   Primary Dns Suffix  . . . . . . . : ads.vet.k-state.edu
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : ads.vet.k-state.edu
                                       ksu.edu

Ethernet adapter Bluetooth Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) #3
   Physical Address. . . . . . . . . : 0C-84-DC-DA-5E-49
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : ksu.edu
   Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6205
   Physical Address. . . . . . . . . : 6C-88-14-8A-B0-90
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::7862:82dc:4ff8:b08d%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.130.81.22(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.252.0
   Lease Obtained. . . . . . . . . . : Friday, December 13, 2013 11:33:46 AM
   Lease Expires . . . . . . . . . . : Friday, December 13, 2013 1:18:46 PM
   Default Gateway . . . . . . . . . : 10.130.80.1
   DHCP Server . . . . . . . . . . . : 1.1.1.1
   DHCPv6 IAID . . . . . . . . . . . : 308307744
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-9D-53-2A-E0-18-77-DD-36-84
   DNS Servers . . . . . . . . . . . : 129.130.131.10
                                       129.130.131.25
                                       129.130.254.3
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
   Physical Address. . . . . . . . . : E0-18-77-DD-36-84
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6F0C6466-E5E9-414C-9F57-604F63452A07}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{4242E34A-13C7-4279-A6A2-8CDAC8A9B4C2}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.ksu.edu:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : ksu.edu
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  vetwin-ads.ads.vet.k-state.edu
Address:  129.130.131.10

Name:    google.com
Addresses:  164.113.94.57
      164.113.94.49
      164.113.94.27
      164.113.94.42
      164.113.94.24
      164.113.94.48
      164.113.94.26
      164.113.94.37
      164.113.94.59
      164.113.94.16
      164.113.94.35
      164.113.94.53
      164.113.94.38
      164.113.94.46
      164.113.94.20
      164.113.94.31


Pinging google.com [164.113.94.49] with 32 bytes of data:
Reply from 164.113.94.49: bytes=32 time=5ms TTL=59
Reply from 164.113.94.49: bytes=32 time=6ms TTL=59

Ping statistics for 164.113.94.49:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 5ms, Maximum = 6ms, Average = 5ms
Server:  vetwin-ads.ads.vet.k-state.edu
Address:  129.130.131.10

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=122ms TTL=52
Reply from 98.138.253.109: bytes=32 time=158ms TTL=52

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 122ms, Maximum = 158ms, Average = 140ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 21...0c 84 dc da 5e 49 ......Bluetooth Device (Personal Area Network) #3
 12...6c 88 14 8a b0 90 ......Intel® Centrino® Advanced-N 6205
 11...e0 18 77 dd 36 84 ......Intel® 82579LM Gigabit Network Connection
  1...........................Software Loopback Interface 1
 23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      10.130.80.1     10.130.81.22     25
      10.130.80.0    255.255.252.0         On-link      10.130.81.22    281
     10.130.81.22  255.255.255.255         On-link      10.130.81.22    281
    10.130.83.255  255.255.255.255         On-link      10.130.81.22    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      10.130.81.22    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      10.130.81.22    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    281 fe80::/64                On-link
 12    281 fe80::7862:82dc:4ff8:b08d/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Catalog9 02 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Catalog9 03 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Catalog9 04 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Catalog9 05 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Catalog9 06 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Catalog9 07 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Catalog9 08 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Catalog9 09 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Catalog9 10 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\SysWOW64\MSAFDLsp.dll [292352] ()
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\MSAFDLsp.dll [386048] ()
x64-Catalog9 02 C:\Windows\System32\MSAFDLsp.dll [386048] ()
x64-Catalog9 03 C:\Windows\System32\MSAFDLsp.dll [386048] ()
x64-Catalog9 04 C:\Windows\System32\MSAFDLsp.dll [386048] ()
x64-Catalog9 05 C:\Windows\System32\MSAFDLsp.dll [386048] ()
x64-Catalog9 06 C:\Windows\System32\MSAFDLsp.dll [386048] ()
x64-Catalog9 07 C:\Windows\System32\MSAFDLsp.dll [386048] ()
x64-Catalog9 08 C:\Windows\System32\MSAFDLsp.dll [386048] ()
x64-Catalog9 09 C:\Windows\System32\MSAFDLsp.dll [386048] ()
x64-Catalog9 10 C:\Windows\System32\MSAFDLsp.dll [386048] ()
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 16 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 17 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 18 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 19 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 20 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 21 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 22 C:\Windows\System32\MSAFDLsp.dll [386048] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/12/2013 01:58:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/12/2013 01:57:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (12/12/2013 01:57:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (12/12/2013 01:57:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

Error: (12/11/2013 08:30:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2013 08:29:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (12/11/2013 08:29:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (12/11/2013 08:29:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

Error: (12/10/2013 08:00:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/10/2013 07:58:44 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0


System errors:
=============
Error: (12/13/2013 11:33:39 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TouchServiceISD service.

Error: (12/12/2013 11:10:51 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TouchServiceISD service.

Error: (12/12/2013 09:31:44 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ADS due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (12/12/2013 09:31:25 PM) (Source: Microsoft-Windows-GroupPolicy) (User: ADS)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (12/12/2013 09:31:25 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (12/12/2013 01:57:28 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (12/12/2013 01:57:14 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
B) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

Error: (12/12/2013 01:57:12 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ADS due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (12/12/2013 01:57:09 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:55:21 PM on ?12/?12/?2013 was unexpected.

Error: (12/12/2013 01:56:05 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the btwdins service.


Microsoft Office Sessions:
=========================
Error: (12/12/2013 01:58:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/12/2013 01:57:11 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name43900

Error: (12/12/2013 01:57:11 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name25900

Error: (12/12/2013 01:57:11 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name17900

Error: (12/11/2013 08:30:13 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2013 08:29:11 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name43900

Error: (12/11/2013 08:29:11 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name25900

Error: (12/11/2013 08:29:11 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name17900

Error: (12/10/2013 08:00:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/10/2013 07:58:44 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name43900


CodeIntegrity Errors:
===================================
  Date: 2013-12-13 09:51:05.710
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-12 23:11:15.524
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-12 14:06:21.790
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-12 13:57:30.841
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-11 21:48:33.165
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-11 20:29:16.056
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-11 20:20:45.942
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-11 13:41:06.435
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-11 11:12:39.791
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-10 11:26:32.677
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 8.2.1)
Adobe AIR (Version: 3.8.0.870)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Reader XI (11.0.05) (Version: 11.0.05)
Adobe Shockwave Player 12.0 (Version: 12.0.3.133)
Anytime USB Charge Utility (Version: 1.01.10.005)
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
AuthenTec Fingerprint Software (Version: 9.0.8.35)
Auto Rotation Utility (Version: 1.01.01.007)
Battery Utility (Version: 3.01.16.008)
CCleaner (Version: 4.04)
CyberLink MakeDisc (Version: 4.0.3016)
CyberLink PowerDirector (Version: 8.0.4020)
CyberLink PowerDVD 10 (Version: 10.0.3522.02)
CyberLink YouCam (Version: 4.1.2218)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition
FJ Camera (Version: 3.3.9.4)
Fujitsu Display Manager (Version: 8.01.00.010)
Fujitsu Fingerprint Authentication Library (Version: 1.00.49.1)
Fujitsu Hotkey Utility (Version: 3.70.0.0)
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.002)
Fujitsu System Extension Utility (Version: 3.4.4.0)
Fujitsu System Manager (Version: 8.00.0531.2012)
Infineon TPM Professional Package (Version: 3.7.000)
Inst5672 (Version: 7.00.61)
Intel® Management Engine Components (Version: 8.0.3.1427)
Intel® Network Connections Drivers (Version: 16.8)
Intel® OpenCL CPU Runtime
Intel® Processor Graphics (Version: 8.15.10.2696)
Intel® Rapid Storage Technology (Version: 11.0.0.1032)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.4.225)
Intel® PROSet/Wireless WiFi Software (Version: 15.01.0000.0830)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
ISD Tablet (Version: 7.0.9-7)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Junk Mail filter update (Version: 14.0.8117.416)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (Version: 11.0.51106.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017)
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0)
Mozilla Maintenance Service (Version: 26.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NirSoft BlueScreenView
O2Micro OZ776 SCR Driver (Version: 2.1.4.216GS)
OmniPass (Version: 7.00.61(x64))
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017)
Pointing Device Utility (Version: 1.0.3.0)
QuickTime (Version: 7.72.80.56)
Rainlendar2 (remove only)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
Realtek High Definition Audio Driver (Version: 6.0.1.6505)
Realtek PCIE Card Reader (Version: 6.1.7601.29006)
RealUpgrade 1.1 (Version: 1.1.0)
Roxio Creator LJ (Version: 1.0.511)
Roxio Creator LJ (Version: 12.1.4.11)
Roxio Creator LJ (Version: 5.0.0)
ShareX 8.2.0.655 (Version: 8.2.0.655)
Shock Sensor Driver (Version: 1.01.00.002)
Shock Sensor Utility (Version: 5.01.02.001)
Skype™ 6.11 (Version: 6.11.102)
StarCraft II (Version: 2.0.11.26825)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.2.11.1)
TeamViewer 9 (Version: 9.0.24482)
Touch Launcher (Version: V1.2L04)
Trend Micro OfficeScan Client (Version: 10.6)
Update for Microsoft .NET Framework 4.5 (KB2750147) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (Version: 1)
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition
Update for Microsoft Access 2013 (KB2827233) 32-Bit Edition
Update for Microsoft InfoPath 2013 (KB2837648) 32-Bit Edition
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition
Update for Microsoft Office 2013 (KB2837626) 32-Bit Edition
Update for Microsoft Office 2013 (KB2837637) 32-Bit Edition
Update for Microsoft Office 2013 (KB2837638) 32-Bit Edition
Update for Microsoft Office 2013 (KB2837655) 32-Bit Edition
Update for Microsoft Office 2013 (KB2850066) 32-Bit Edition
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2767850) 32-Bit Edition
Update for Microsoft Project 2013 (KB2727085) 32-Bit Edition
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition
Update for Microsoft SkyDrive Pro (KB2817495) 32-Bit Edition
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition
Update for Microsoft Word 2013 (KB2837647) 32-Bit Edition
Update for Microsoft Word 2013 (KB2850060) 32-Bit Edition
VetMed Pack Tablet Runtime 5.2 SP1 (Required) (Version: 5.2.11)
VetMedPack (Required) (Version: 5.6.14)
WIDCOMM Bluetooth Software (Version: 6.5.1.2700)
Windows Driver Package - Fujitsu America, Inc. (FjBtnDrv) HIDClass  (08/27/2009 4.2.0827.2009) (Version: 08/27/2009 4.2.0827.2009)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Writer (Version: 14.0.8117.0416)
Write-N-Cite (Version: 4.2.1141)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 20%
Total physical RAM: 10084.54 MB
Available physical RAM: 8016.91 MB
Total Pagefile: 20169.07 MB
Available Pagefile: 17322.54 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.45 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:281.75 GB) (Free:197.17 GB) NTFS
2 Drive d: (Backup) (Fixed) (Total:298.09 GB) (Free:247.53 GB) NTFS
3 Drive m: (PROGRAMS) (Network) (Total:833.21 GB) (Free:696.26 GB) NTFS
4 Drive o: (GROUPS) (Network) (Total:2043 GB) (Free:1086.77 GB) NTFS

========================= Users: ========================================

User accounts for \\JOHNBEDNARZ

Administrator            catsadm                  Guest                    

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

18-11-2013 14:00:44 Windows Update
29-11-2013 04:33:49 Windows Update
02-12-2013 10:59:46 Windows Update
05-12-2013 19:24:05 Installed Write-N-Cite.
05-12-2013 19:27:58 Installed Write-N-Cite.
08-12-2013 23:22:03 Windows Update
11-12-2013 18:02:57 Windows Update

**** End of log ****
 



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,389 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:26 PM

Posted 13 December 2013 - 02:28 PM

Greetings,

There are Policy restrictions set on this computer and I am assuming they have been set by whoever provided the computer to you. I don't think those restrictions are the source of your difficulty.

I find no evidence of malicious software on your computer but there are error reports indicating this is a networking issue. For example this entry appears numerous times:

Error: (12/12/2013 01:57:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Although I can muddle through some networking issues I am not specifically trained in that.  I think it is best if you were taken care of in the Networking Forum to make sure things are made better rather than worse.  :)  If you decide to post a Topic there please be sure to reference this topic and let me know.

 

I wish I could resolve your issue but as you first mentioned you realized this might not be a malware issue.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 HealerOfPains

HealerOfPains
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 13 December 2013 - 10:00 PM

Darn. Well, thank you for all of your help. I appreciate your expedience :)

 

I don't think the networking issues would hamper my laptop this much, so I will persue other avenues of repair. Thank you again!



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,389 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:26 PM

Posted 13 December 2013 - 11:05 PM

OK, thanks and good luck.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,389 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:26 PM

Posted 13 December 2013 - 11:05 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users