Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible Virus or Malware affecting my network access


  • This topic is locked This topic is locked

#1
singlre

singlre

    New Member

  • Member
  • Pip
  • 8 posts

Hello,

 

For the past six months I’ve been experiencing very slow and unloadable or unresponsive web pages and downloading errors using (chrome, firefox or internet explorer) browsers on my main computer. This computer is directly connected to my ISP modem/router. The slowness happens even with just this computer on the network. Other devices also have connection problems be it laptop, tablet or cell phone; mine or a visitor. I’ve been through several discussions with my ISP and they always tell me the same thing every time….everything looks fine on their end, I’m getting the appropriate speed for my plan. Now, I admit I do have the lowest internet speed of 768 kbps / 384 kbps but prior to this ISP doing migration of their internet services everything was fine on my DSL with multiple devices…it was slow, but fine. I was able to accomplish things and so could others in my home. I've taken my laptop to work and it was connecting/browsing fine, brought it back home and pages barely load. Speedtest.net can't even come up. I can't drag my desktop to work so I need to know is it the computer.

 

I’m at the end of the patience line and wanted someone else’s point of view because I’ve ran several security, networking and utility tools trying to find out why my internet speed is now so lousy with the one computer on it. Nothing major ever comes up after the scans so now I’m at the point of firing my ISP and getting better service from someone else because if feel my ISP is probably throttling down my speeds but want to be absolutely sure that is the case.

 

Thanks

Attached Files


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

Don't attach logs unless asked, it generates a lot more work for me. I'm posting your logs directly to forum. I need time to look over them.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
Ran by Regevette (administrator) on REGEVETTE-HP (08-11-2015 13:32:04)
Running from C:\Users\Regevette\Desktop
Loaded Profiles: Regevette (Available Profiles: Regevette & Guest & DefaultAppPool)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\NIS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\NIS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\System32\LockAppHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15081.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.21.12.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [568888 2010-01-18] ()
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [241789 2009-07-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [603392 2015-08-26] (NETGEAR Inc.)
HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1826123673-4292494960-549196744-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [31232 2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Regevette\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll [2015-09-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Regevette\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll [2015-09-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Regevette\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll [2015-09-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Regevette\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll [2015-09-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Regevette\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll [2015-09-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Regevette\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncShell.dll [2015-09-10] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{983cce6b-0653-4340-a933-1e5c72d22dcb}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1826123673-4292494960-549196744-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-1826123673-4292494960-549196744-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-29] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-29] (Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-1826123673-4292494960-549196744-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}

FireFox:
========
FF ProfilePath: C:\Users\Regevette\AppData\Roaming\Mozilla\Firefox\Profiles\lenjlni1.default-1446265891707
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-26] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-26] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (GARMIN Corp.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-03-07] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-14] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1826123673-4292494960-549196744-1000: @hulu.com/Hulu Desktop -> C:\Users\Regevette\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll [2010-08-12] (Hulu LLC)
FF Plugin HKU\S-1-5-21-1826123673-4292494960-549196744-1000: @yahoo.com/BrowserPlus,version=2.9.8 -> C:\Users\Regevette\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll [2010-08-04] (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll [2009-02-02] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll [2009-02-02] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll [2009-02-02] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll [2009-02-02] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll [2009-02-02] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll [2009-02-02] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll [2009-02-02] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\msvcm80.dll [2008-02-07] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\msvcp80.dll [2008-02-07] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\msvcr80.dll [2008-02-07] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll [2009-02-02] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-05-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-05-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-05-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-05-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-05-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll [2008-11-06] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll [2009-02-02] (Citrix Systems, Inc.)
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.4.24\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.4.24\coFFAddon [2015-11-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.4.24\coFFAddon

Chrome:
=======
CHR StartupUrls: Default -> ""
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\pdf.dll => No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Google\Chrome\Application\plugins\npMozCouponPrinter.dll => No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll => No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll => No File
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll => No File
CHR Plugin: (Java™ Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll => No File
CHR Plugin: (RocketLife Secure Plug-In Layer) - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
CHR Plugin: (Catalina Savings Printer) - C:\Users\REGEVE~1\AppData\Roaming\CATALI~2\NPBCSK~1.DLL => No File
CHR Plugin: (Hulu Desktop) - C:\Users\Regevette\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Regevette\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll => No File
CHR Profile: C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-12-13]
CHR Extension: (Google Drive) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Facebook) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2013-08-29]
CHR Extension: (Adblock Plus) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-26]
CHR Extension: (Norton Security Toolbar) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-10-24]
CHR Extension: (Adblock for Youtube™) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-10-17]
CHR Extension: (Google Docs Offline) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (AdBlock) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-17]
CHR Extension: (Need for Speed World) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk [2013-08-29]
CHR Extension: (Unblock Car 3D) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndaflanlochpiijbgjgofgmnbgmhgkmd [2015-11-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR Extension: (Fixer for Java) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocoiokalhgfiblapcgelblmeakhidmle [2015-10-29]
CHR Profile: C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Docs) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-10]
CHR Extension: (Google Drive) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-10]
CHR Extension: (YouTube) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-10]
CHR Extension: (Google Search) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-10]
CHR Extension: (Norton Identity Protection) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-03-10]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-03-10]
CHR Extension: (Gmail) - C:\Users\Regevette\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-10]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-23]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-23]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-12-15] (AMD) [File not signed]
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2010-09-15] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2010-09-15] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2015-02-27] (WildTangent)
S4 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2011-03-24] (Alcatel-Lucent) [File not signed]
R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2011-03-24] (Alcatel-Lucent) [File not signed]
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-09-10] (Microsoft Corporation)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2015-08-26] (NETGEAR)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\NIS.exe [282016 2015-09-24] (Symantec Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-10] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-09-11] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\BASHDefs\20151102.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1605040.018\ccSetx64.sys [173808 2015-09-23] (Symantec Corporation)
R3 dvdfab; C:\Windows\System32\drivers\dvdfab.sys [79232 2011-08-15] (Fengtao Software Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-10-23] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-10-23] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\IPSDefs\20151106.001\IDSvia64.sys [767224 2015-10-23] (Symantec Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-09-10] (Microsoft Corporation)
S3 MRENDIS5; C:\Program Files (x86)\Common Files\Motive\MRENDIS5.sys [18003 2004-11-22] (Motive, Inc.) [File not signed]
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\VirusDefs\20151108.004\ENG64.SYS [138488 2015-10-30] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\VirusDefs\20151108.004\EX64.SYS [2148080 2015-10-30] (Symantec Corporation)
R1 networx; C:\Windows\System32\drivers\networx.sys [70120 2015-08-06] (NetFilterSDK.com)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2015-11-06] (CACE Technologies, Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R0 SI3132; C:\Windows\System32\drivers\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22056 2007-10-03] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1605040.018\SRTSPX64.SYS [50936 2015-09-23] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NISx64\1605040.018\SYMEFASI64.SYS [1620720 2015-09-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1605040.018\SymELAM.sys [24192 2015-09-23] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-10-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1605040.018\Ironx64.SYS [297720 2015-09-23] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-08 13:32 - 2015-11-08 13:32 - 00030069 _____ C:\Users\Regevette\Desktop\FRST.txt
2015-11-08 13:17 - 2015-11-08 13:17 - 00016148 _____ C:\WINDOWS\system32\REGEVETTE-HP_Regevette_HistoryPrediction.bin
2015-11-08 12:48 - 2015-11-08 12:48 - 00000226 _____ C:\Users\Regevette\Desktop\GET THESE MOVIES.txt
2015-11-07 18:12 - 2015-11-07 18:12 - 00003584 _____ C:\Users\Regevette\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-07 11:45 - 2015-11-05 23:09 - 00012510 _____ C:\zoek-results2015-11-06-040906.log
2015-11-06 22:10 - 2015-11-07 02:49 - 02198528 _____ (Farbar) C:\Users\Regevette\Desktop\FRST64.exe
2015-11-06 16:38 - 2015-11-06 16:38 - 00281104 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\wpcap.dll
2015-11-06 16:38 - 2015-11-06 16:38 - 00096784 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\packet.dll
2015-11-06 16:38 - 2015-11-06 16:38 - 00035344 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\Drivers\npf.sys
2015-11-06 06:37 - 2015-11-06 16:37 - 42789632 _____ (NETGEAR Inc.) C:\Users\Regevette\Downloads\NETGEARGenie-install.exe
2015-11-05 23:51 - 2015-11-05 23:51 - 00000000 ___DC C:\ProgramData\{68F203DC-6842-40A7-A22F-766FC09F195E}
2015-11-05 21:32 - 2015-11-06 20:31 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-11-05 21:17 - 2015-11-05 21:17 - 00000000 ____D C:\Users\Regevette\AppData\Local\III
2015-11-05 21:17 - 2015-11-05 15:22 - 08947240 _____ (Sutherland Global Services Inc., ) C:\Users\Regevette\Desktop\pctoolbox.exe
2015-11-04 17:54 - 2015-10-27 18:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-04 17:54 - 2015-10-27 18:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-04 17:54 - 2015-10-21 07:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-04 17:54 - 2015-10-21 07:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-04 17:54 - 2015-10-21 07:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-04 17:54 - 2015-10-21 07:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-04 17:54 - 2015-10-21 07:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-04 17:54 - 2015-10-21 07:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-04 17:54 - 2015-10-21 06:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-04 17:54 - 2015-10-21 06:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-04 17:54 - 2015-10-21 06:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-04 17:54 - 2015-10-21 06:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-04 17:54 - 2015-10-21 06:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-04 17:54 - 2015-10-21 06:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-04 17:54 - 2015-10-21 06:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-04 17:54 - 2015-10-21 06:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-04 17:54 - 2015-10-21 06:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-04 17:54 - 2015-10-21 06:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-04 17:54 - 2015-10-21 06:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-04 17:54 - 2015-10-21 06:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-04 17:54 - 2015-10-21 06:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-04 17:54 - 2015-10-21 06:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-04 17:54 - 2015-10-21 06:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-04 17:54 - 2015-10-21 00:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-04 17:54 - 2015-10-21 00:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-04 17:54 - 2015-10-21 00:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-04 17:54 - 2015-10-21 00:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-04 17:54 - 2015-10-21 00:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-04 17:54 - 2015-10-21 00:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-04 17:54 - 2015-10-21 00:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-04 17:54 - 2015-10-21 00:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-04 17:54 - 2015-10-20 23:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-04 17:54 - 2015-10-20 23:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-04 17:54 - 2015-10-20 23:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-04 17:30 - 2015-11-07 11:47 - 00066571 _____ C:\zoek-results.log
2015-11-04 17:27 - 2015-11-05 21:54 - 00000000 ____D C:\zoek_backup
2015-11-04 17:24 - 2015-11-05 19:07 - 00000000 ____D C:\Users\Regevette\Desktop\zoek
2015-11-04 17:24 - 2003-01-24 00:11 - 01309184 _____ C:\Users\Regevette\Desktop\zoek.exe
2015-10-31 22:04 - 2015-10-29 12:34 - 2319440561 _____ C:\Users\Regevette\Desktop\Eric's Trains - Episode 50 - YouTube [720p].mp4
2015-10-31 21:41 - 2015-10-31 22:20 - 910316958 _____ C:\Users\Regevette\Desktop\Eric's Trains - Episode 50 - YouTube [720p].divx
2015-10-30 23:31 - 2015-10-30 23:31 - 00000000 ____D C:\Users\Regevette\Desktop\Old Firefox Data
2015-10-29 15:57 - 2015-10-29 15:57 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-10-29 15:57 - 2015-10-29 15:57 - 00000000 ____D C:\Users\Regevette\AppData\Roaming\Sun
2015-10-29 15:57 - 2015-10-29 15:57 - 00000000 ____D C:\Users\Regevette\.oracle_jre_usage
2015-10-29 15:56 - 2015-10-29 15:56 - 00000000 ____D C:\Program Files\Java
2015-10-29 15:55 - 2015-10-29 10:39 - 56923232 _____ (Oracle Corporation) C:\Users\Regevette\Downloads\jre-8u65-windows-x64.exe
2015-10-28 17:34 - 2015-10-28 17:34 - 00000000 ____D C:\Users\Regevette\AppData\LocalLow\Oracle
2015-10-26 18:39 - 2015-10-26 18:39 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-10-26 18:39 - 2015-10-26 18:39 - 00001078 _____ C:\Users\Public\Desktop\Audacity.lnk
2015-10-26 18:30 - 2015-10-26 18:30 - 00000000 ____D C:\ProgramData\ATI
2015-10-24 09:22 - 2015-10-24 09:22 - 00061917 _____ C:\WINDOWS\SysWOW64\CCCInstall_201510241022544569.log
2015-10-24 09:22 - 2015-10-24 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-10-24 09:22 - 2015-10-24 09:22 - 00000000 ____D C:\Program Files\ATI Technologies
2015-10-24 09:20 - 2015-10-24 09:20 - 00061037 _____ C:\WINDOWS\SysWOW64\CCCInstall_201510241020258967.log
2015-10-24 09:19 - 2015-10-24 09:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2015-10-24 09:19 - 2015-10-24 09:19 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2015-10-24 09:19 - 2015-10-24 09:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2015-10-24 09:19 - 2015-10-24 09:19 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2015-10-24 09:15 - 2015-10-24 09:15 - 30776304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 09355016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-10-24 09:15 - 2015-10-24 09:15 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-10-24 09:15 - 2015-10-24 09:15 - 01196032 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-10-24 09:15 - 2015-10-24 09:15 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-10-24 09:15 - 2015-10-24 09:15 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-10-24 09:15 - 2015-10-24 09:15 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00807424 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-10-24 09:15 - 2015-10-24 09:15 - 00662392 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-10-24 09:15 - 2015-10-24 09:15 - 00662392 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-10-24 09:15 - 2015-10-24 09:15 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-10-24 09:15 - 2015-10-24 09:15 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-10-24 09:15 - 2015-10-24 09:15 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe
2015-10-24 09:15 - 2015-10-24 09:15 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00177344 _____ C:\WINDOWS\system32\ativce03.dat
2015-10-24 09:15 - 2015-10-24 09:15 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe
2015-10-24 09:15 - 2015-10-24 09:15 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-10-24 09:15 - 2015-10-24 09:15 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00103408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00100816 _____ C:\WINDOWS\system32\ativce02.dat
2015-10-24 09:15 - 2015-10-24 09:15 - 00096752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00087992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00083952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00068080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-10-24 09:15 - 2015-10-24 09:15 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00038384 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-10-24 09:15 - 2015-10-24 09:15 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-10-24 09:14 - 2015-10-24 09:15 - 47794160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-10-24 09:14 - 2015-10-24 09:14 - 39712768 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-10-24 09:14 - 2015-10-24 09:14 - 27544560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-10-24 09:14 - 2015-10-24 09:14 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-10-24 09:14 - 2015-10-24 09:14 - 06686192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-10-24 09:14 - 2015-10-24 09:14 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-10-24 09:14 - 2015-10-24 09:14 - 00833800 _____ C:\WINDOWS\system32\amdicdxx.dat
2015-10-24 09:14 - 2015-10-24 09:14 - 00631280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2015-10-24 09:14 - 2015-10-24 09:14 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2015-10-24 09:14 - 2015-10-24 09:14 - 00471312 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-10-24 09:14 - 2015-10-24 09:14 - 00213488 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-10-24 09:14 - 2015-10-24 09:14 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-10-24 09:14 - 2015-10-24 09:14 - 00175648 _____ C:\WINDOWS\system32\amde31a.dat
2015-10-24 09:14 - 2015-10-24 09:14 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-10-24 09:14 - 2015-10-24 09:14 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-10-24 09:14 - 2015-10-24 09:14 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-10-24 09:14 - 2015-10-24 09:14 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-10-23 14:45 - 2015-11-08 12:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2015-10-23 14:43 - 2015-10-23 14:43 - 00111344 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2015-10-23 14:43 - 2015-10-23 14:43 - 00008214 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2015-10-23 14:43 - 2015-10-23 14:43 - 00003404 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-10-23 14:43 - 2015-10-23 14:43 - 00002570 _____ C:\Users\Public\Desktop\Norton Internet Security.LNK
2015-10-23 14:43 - 2015-10-23 14:43 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-10-23 14:42 - 2015-10-23 14:43 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2015-10-23 14:42 - 2015-10-23 14:42 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2015-10-23 14:42 - 2015-10-23 14:42 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2015-10-22 18:37 - 2015-10-22 18:37 - 00001373 _____ C:\Users\Regevette\Desktop\Norton Installation Files.lnk
2015-10-22 17:51 - 2015-10-22 18:37 - 01111008 _____ (Symantec Corporation) C:\Users\Regevette\Downloads\NortonNISDownloader.exe
2015-10-18 08:17 - 2015-10-18 08:17 - 00000000 ____D C:\Users\Regevette\AppData\Roaming\AMD
2015-10-17 21:24 - 2015-10-18 14:05 - 00000000 ____D C:\Users\Regevette\Desktop\TERRELL TDS STUFF
2015-10-17 21:19 - 2015-10-17 21:22 - 00000000 ____D C:\Users\Regevette\Desktop\TAMARA PODCAST STUFF
2015-10-16 12:50 - 2015-10-12 11:57 - 25186399 _____ (Audacity Team ) C:\Users\Regevette\Downloads\audacity-win-2.1.1.exe
2015-10-14 12:55 - 2015-10-05 22:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 12:55 - 2015-10-05 21:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 12:55 - 2015-09-30 23:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 12:55 - 2015-09-24 22:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 12:55 - 2015-09-24 22:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 12:55 - 2015-09-24 22:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 12:55 - 2015-09-24 22:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 12:55 - 2015-09-24 22:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 12:55 - 2015-09-24 22:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 12:55 - 2015-09-24 22:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 12:55 - 2015-09-24 22:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 12:55 - 2015-09-24 22:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 12:55 - 2015-09-24 22:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 12:55 - 2015-09-24 22:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 12:55 - 2015-09-24 21:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 12:55 - 2015-09-24 21:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 12:55 - 2015-09-24 21:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 12:55 - 2015-09-24 21:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 12:55 - 2015-09-24 21:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 12:55 - 2015-09-24 21:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 12:55 - 2015-09-24 21:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 12:55 - 2015-09-24 21:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 12:55 - 2015-09-24 21:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 12:55 - 2015-09-24 21:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 12:55 - 2015-09-24 21:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 12:55 - 2015-09-24 21:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 12:55 - 2015-09-24 21:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 12:55 - 2015-09-24 21:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 12:55 - 2015-09-24 21:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 12:55 - 2015-09-24 21:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 12:55 - 2015-09-24 21:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 12:55 - 2015-09-24 21:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 12:55 - 2015-09-24 21:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-14 12:54 - 2015-09-24 22:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 12:54 - 2015-09-24 22:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 12:54 - 2015-09-24 21:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 12:54 - 2015-09-24 21:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 12:54 - 2015-09-24 21:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 12:54 - 2015-09-24 21:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 12:54 - 2015-09-24 21:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 12:54 - 2015-09-24 21:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 12:52 - 2015-09-24 23:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 12:52 - 2015-09-24 22:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 12:52 - 2015-09-24 22:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 12:52 - 2015-09-24 22:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 12:51 - 2015-10-10 02:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 12:51 - 2015-09-30 23:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 12:51 - 2015-09-30 23:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 12:51 - 2015-09-30 23:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 12:51 - 2015-09-30 23:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 12:51 - 2015-09-30 22:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 12:51 - 2015-09-24 23:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 12:51 - 2015-09-24 22:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 12:51 - 2015-09-24 22:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 12:51 - 2015-09-24 22:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 12:51 - 2015-09-24 22:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 12:51 - 2015-09-24 22:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 12:51 - 2015-09-24 21:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-08 13:32 - 2013-08-07 00:53 - 00000000 ____D C:\FRST
2015-11-08 13:32 - 2012-04-01 10:20 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-08 13:13 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-08 13:05 - 2013-03-07 20:36 - 00000944 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-08 12:39 - 2015-07-10 07:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-07 20:04 - 2015-09-12 16:18 - 00000000 ____D C:\Users\Regevette\AppData\Local\AMD
2015-11-07 20:02 - 2010-10-17 18:54 - 00000000 ____D C:\Users\Regevette\AppData\Local\CrashDumps
2015-11-07 18:15 - 2015-09-10 19:47 - 01005598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-07 18:05 - 2013-03-07 20:36 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-07 17:38 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-06 22:15 - 2015-07-10 04:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-11-06 22:11 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-06 22:10 - 2015-07-10 04:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-06 20:27 - 2015-09-10 19:48 - 00000000 ____D C:\Users\Regevette
2015-11-06 17:27 - 2015-09-10 21:21 - 00000000 ____D C:\Users\DefaultAppPool
2015-11-06 17:21 - 2015-09-10 19:42 - 00880550 _____ C:\WINDOWS\PFRO.log
2015-11-06 16:39 - 2013-08-17 02:54 - 00000000 ____D C:\Users\Regevette\AppData\Local\NETGEARGenie
2015-11-06 16:38 - 2013-10-28 22:30 - 00002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR Genie.lnk
2015-11-06 16:38 - 2013-10-28 22:30 - 00002125 _____ C:\Users\Public\Desktop\NETGEAR Genie.lnk
2015-11-06 16:38 - 2013-10-28 22:30 - 00000000 ____D C:\Program Files (x86)\NETGEAR Genie
2015-11-06 16:38 - 2013-08-17 02:54 - 00369168 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\wpcap.dll
2015-11-06 16:38 - 2013-08-17 02:54 - 00106000 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\packet.dll
2015-11-06 05:13 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-05 21:30 - 2012-03-21 21:28 - 00000000 ____D C:\WINDOWS\pss
2015-11-05 19:16 - 2015-09-21 15:41 - 00000000 ____D C:\Users\Regevette\AppData\LocalLow\Temp
2015-11-05 17:27 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-05 17:25 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-31 22:10 - 2015-08-22 16:44 - 00000000 ____D C:\Users\Regevette\AppData\Local\WiFi Guard
2015-10-31 22:10 - 2015-08-22 16:36 - 00042293 _____ C:\Users\Regevette\Documents\netscan.xml
2015-10-30 22:58 - 2015-09-10 19:48 - 00000000 ____D C:\Users\Guest
2015-10-30 22:58 - 2015-01-03 00:25 - 00000000 ____D C:\Users\Regevette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2015-10-30 22:58 - 2015-01-03 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-10-30 22:58 - 2015-01-03 00:25 - 00000000 ____D C:\Program Files (x86)\Freemake
2015-10-30 22:58 - 2010-09-15 03:43 - 00000000 ____D C:\ProgramData\Norton
2015-10-30 22:47 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\registration
2015-10-29 15:58 - 2014-10-27 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-29 15:58 - 2010-10-10 20:59 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-28 17:46 - 2012-05-05 19:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-28 17:33 - 2013-04-29 20:21 - 00000000 ____D C:\Users\Regevette\Documents\samsung
2015-10-28 17:30 - 2015-07-10 07:20 - 00033868 _____ C:\WINDOWS\setupact.log
2015-10-27 18:25 - 2013-12-21 13:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-26 18:41 - 2010-10-02 13:24 - 00000000 ____D C:\ProgramData\webex
2015-10-26 18:39 - 2013-06-17 18:57 - 00000000 ____D C:\Users\Regevette\AppData\Roaming\Audacity
2015-10-26 18:39 - 2013-06-17 18:56 - 00000000 ____D C:\Program Files (x86)\Audacity
2015-10-24 09:22 - 2015-09-11 21:24 - 00000000 ____D C:\ProgramData\AMD
2015-10-24 09:22 - 2010-09-15 03:14 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-10-24 09:18 - 2015-09-11 21:21 - 00000000 ____D C:\AMD
2015-10-24 09:15 - 2015-09-11 21:18 - 21648880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-10-24 09:15 - 2015-09-11 21:18 - 12088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-10-24 09:15 - 2015-09-11 21:18 - 10211008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-10-24 09:15 - 2015-09-11 21:18 - 08982440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-10-24 09:15 - 2015-09-11 21:18 - 08864920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-10-24 09:15 - 2015-09-11 21:18 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-10-24 09:15 - 2015-09-11 21:18 - 07482552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-10-24 09:15 - 2015-09-11 21:18 - 01479808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-10-24 09:15 - 2015-09-11 21:18 - 01256432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-10-24 09:15 - 2015-09-11 21:18 - 01223552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-10-24 09:15 - 2015-09-11 21:18 - 00874480 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-10-24 09:15 - 2015-09-11 21:18 - 00683504 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-10-24 09:15 - 2015-09-11 21:18 - 00674288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-10-24 09:15 - 2015-09-11 21:18 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-10-24 09:15 - 2015-09-11 21:18 - 00255472 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-10-24 09:15 - 2015-09-11 21:18 - 00162232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-10-24 09:15 - 2015-09-11 21:18 - 00143048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-10-24 09:15 - 2015-09-11 21:18 - 00130072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-10-24 09:15 - 2015-09-11 21:18 - 00112360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-10-23 14:43 - 2015-07-10 06:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-10-22 18:37 - 2010-10-16 19:37 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-10-22 16:10 - 2013-03-07 20:44 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-17 06:10 - 2015-09-10 21:22 - 00000000 ___RD C:\Users\Regevette\OneDrive
2015-10-15 22:10 - 2015-07-10 06:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-15 22:10 - 2015-07-10 06:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 20:09 - 2013-03-04 21:26 - 00000000 ____D C:\Users\Regevette\AppData\Local\NPE
2015-10-14 17:03 - 2011-01-02 15:08 - 00003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForRegevette
2015-10-14 17:03 - 2011-01-02 15:08 - 00000348 _____ C:\WINDOWS\Tasks\HPCeeScheduleForRegevette.job
2015-10-14 16:46 - 2010-10-02 13:38 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-14 16:44 - 2013-08-15 02:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-14 16:38 - 2010-09-21 21:52 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-13 05:49 - 2015-09-10 21:16 - 00000000 ____D C:\Users\Regevette\AppData\Local\Packages
2015-10-09 23:20 - 2015-07-31 22:51 - 00000000 ____D C:\NPE

==================== Files in the root of some directories =======

2015-05-06 21:14 - 2015-05-06 21:17 - 0069752 _____ () C:\Program Files (x86)\INSTALL.LOG
2010-11-25 17:10 - 2010-11-25 17:12 - 0000804 _____ () C:\Users\Regevette\AppData\Roaming\isomaster.ini
2014-11-08 15:47 - 2014-11-08 15:47 - 0007859 _____ () C:\Users\Regevette\AppData\Roaming\pcouffin.cat
2014-11-08 15:47 - 2014-11-08 15:47 - 0001167 _____ () C:\Users\Regevette\AppData\Roaming\pcouffin.inf
2014-11-08 15:47 - 2014-11-08 15:47 - 0000055 _____ () C:\Users\Regevette\AppData\Roaming\pcouffin.log
2014-11-08 15:47 - 2014-11-08 15:47 - 0082816 _____ (VSO Software) C:\Users\Regevette\AppData\Roaming\pcouffin.sys
2015-11-07 18:12 - 2015-11-07 18:12 - 0003584 _____ () C:\Users\Regevette\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-18 11:11 - 2012-11-18 11:14 - 0004096 ____H () C:\Users\Regevette\AppData\Local\keyfile3.drm
2010-10-02 13:24 - 2010-10-02 13:24 - 8673792 _____ () C:\ProgramData\atscie.msi

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-31 06:41

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-11-2015
Ran by Regevette (2015-11-08 13:33:13)
Running from C:\Users\Regevette\Desktop
Windows 10 Home (X64) (2015-09-11 02:11:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1826123673-4292494960-549196744-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1826123673-4292494960-549196744-503 - Limited - Disabled)
Guest (S-1-5-21-1826123673-4292494960-549196744-501 - Limited - Enabled) => C:\Users\Guest
Regevette (S-1-5-21-1826123673-4292494960-549196744-1000 - Administrator - Enabled) => C:\Users\Regevette

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.4.13090 - Adobe Systems Inc.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD USB Filter Driver (HKLM-x32\...\{5BDA2F58-1F21-4D10-9910-92B01EBCC958}) (Version: 1.0.14.91 - Advanced Micro Devices, Inc.)
Any Video Converter 3.5.8 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
AnyRail4EN (HKLM-x32\...\{3FEECA02-D431-4869-9337-75157612A2A5}) (Version: 4.21.0 - DRail Modelspoor Software)
ATI Catalyst Install Manager (HKLM\...\{F9F4430E-80DE-EC0F-BF8E-476352C8F954}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 3.0.1.60 - )
Blackhawk Striker 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.82 - WildTangent) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MX520 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX520_series) (Version: 1.00 - Canon Inc.)
Canon MX520 series On-screen Manual (HKLM-x32\...\Canon MX520 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
ccc-core-static (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Citrix Desktop Receiver (HKLM-x32\...\{9E7EAFCB-12F8-4782-A93A-7C05415679E9}) (Version: 11.1.0.19460 - Citrix Systems, Inc.)
CopyFilenames 3.1 (HKLM\...\CopyFilenames_is1) (Version: 3.1 - ExtraBit Software)
Cradle of Egypt (HKLM-x32\...\BFG-Cradle of Egypt) (Version: - )
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - Creative Technology Limited)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2712 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Dora's Carnival Adventure (x32 Version: 2.2.0.82 - WildTangent) Hidden
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
DVDFab Passkey 8.2.1.2 (12/03/2014) (HKLM-x32\...\DVDFab Passkey 8_is1) (Version: - Fengtao Software Inc.)
eSATA300 TX2 Windows Driver 1.0.0260.38 (HKLM-x32\...\{8014763A-94BD-4CC3-8F86-35BD73C127B9}) (Version: 1.0260.3 - Promise Technology, Inc.)
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
Exorcist (x32 Version: 2.2.0.95 - WildTangent) Hidden
Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version: - )
Freemake Video Converter version 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5418.39 - PC-Doctor, Inc.)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.0.3902 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.0.3910 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.0.3911 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.0.3911 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{F5C7FD70-2C0A-401E-95E9-916363567DDA}) (Version: 1.2.4048.3310 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}) (Version: 5.1.10.7 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Hulu Desktop (HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
HydraVision (x32 Version: 4.2.162.0 - ATI Technologies Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.2.0 - LIGHTNING UK!)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Jewel Quest 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2610 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2610 - CyberLink Corp.) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LightScribe System Software (HKLM-x32\...\{FA8BFB25-BF48-4F8B-8859-B30810745190}) (Version: 1.18.11.1 - LightScribe)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The New York Fortune (x32 Version: 2.2.0.82 - WildTangent) Hidden
Need for Speed Underground 2 Demo (HKLM-x32\...\{C5EB90E1-8A46-4ED5-009D-C793E646C04F}) (Version: - )
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1599 - Electronic Arts)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.16.00 - NETGEAR Inc.)
NetWorx 5.4.1 (HKLM\...\NetWorx_is1) (Version: - Softperfect)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.5.4.24 - Symantec Corporation)
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3810 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.3810 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2704 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2704 - CyberLink Corp.) Hidden
Presto! PageManager 7.15.16 (HKLM-x32\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.16 - NewSoft Technology Corporation)
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.11352 - RocketLife Inc.)
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.10 - AMD)
RAIDXpert (x32 Version: 3.2.1540.10 - AMD) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2719 - CyberLink Corp.) Hidden
Rosetta Stone Version 3 (HKLM-x32\...\{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}) (Version: 3.3.5.2 - Rosetta Stone Ltd.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
ScanSoft OmniPage SE 4 (HKLM-x32\...\{B2F3DBD9-A9D2-4838-B45D-C917DAB32BC3}) (Version: 15.2.0020 - Nuance Communications, Inc.)
SCARM 0.9.25 beta (HKLM-x32\...\{9BF3D390-A0AD-4733-AFC8-18E306B8E219}_is1) (Version: 0.9.25 - Milen Peev)
Seagate SeaTools English Online (HKLM-x32\...\Seagate SeaTools English Online) (Version: - Ontrack Data International, Inc.)
SoftPerfect WiFi Guard version 1.0.6 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 1.0.6 - SoftPerfect)
Sound Blaster X-Fi (HKLM-x32\...\{C93170A0-CBF9-481F-B972-B4FA5AEE0E06}) (Version: 1.0 - Creative Technology Limited)
TextTwist 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
UltraMixer 2.4.4 (HKLM-x32\...\{32E2F180-247C-4077-B06A-20F9868568E0}_is1) (Version: 2.4.4 - UltraMixer Digital Audio Solutions)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WebEx Support Manager for Internet Explorer (HKLM-x32\...\{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}) (Version: 6.5.47 - WebEx Communications Inc.)
Wheel of Fortune 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinISO 5.3 (HKLM-x32\...\WinISO_is1) (Version: - WinISO Computing Inc.)
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
Yahoo! BrowserPlus 2.9.8 (HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\Yahoo! BrowserPlus) (Version: - Yahoo! Inc.)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Zero Assumption Recovery Version 9 (HKLM-x32\...\Zero Assumption Recovery_is1) (Version: - )
Zuma's Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

24-10-2015 09:13:37 Windows Update
29-10-2015 17:22:32 Windows Update
30-10-2015 17:46:07 10/30/15
30-10-2015 22:43:53 Restore Operation
02-11-2015 18:17:08 Restore Point Created by FRST
04-11-2015 17:30:33 zoek.exe restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-19 08:03 - 2015-08-31 17:28 - 00000098 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0614E216-9586-4DC9-9417-9663E71FFA81} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {09DD22EA-249F-4834-94E9-2F324E944E0D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {0CC86EFE-FC4C-40A0-BCF8-2412CC861433} - System32\Tasks\{D8A934C0-19D1-4558-ABF0-F0969226D794} => pcalua.exe -a "C:\Users\Regevette\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YPYDHQSN\jre-6u24-windows-i586-iftw[1].exe" -d C:\Users\Regevette\Desktop
Task: {0E8551ED-005D-40C6-90E3-80D5843F8DBB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {223B7E2D-E7C3-4598-A898-3D9B530775CA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {27C411B7-E322-486B-938E-48EF225CFC07} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2F0B2903-9F5B-4E96-8394-51698C1980DD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {3691FF85-D708-409B-BE7A-284ADA2BCFB2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {38CE32A8-3D39-48C3-88A4-56970E6C51C5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-11-15] (Hewlett-Packard Company)
Task: {392AAB2B-15F7-48B1-B07E-0BE480D834F6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {411FCCB6-9C37-4027-A4E1-EC8B3AD5CBBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4174D0B1-D662-4442-BE05-E74FDA7AB687} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {45ECEE85-E463-4ABB-8B45-A033351B2BFC} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2010-02-01] (PC-Doctor, Inc.)
Task: {4996AD76-CA9D-48C2-ABA5-7A41A1A36104} - System32\Tasks\Norton Internet Security\Norton Autofix => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {6817C892-20A4-42F6-8836-D5D3795DDB86} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {6FBB4214-02FE-42C6-9CC8-811D59121D39} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-11-15] (Hewlett-Packard Company)
Task: {70ACA6AD-F2D7-44EE-BF76-BA98908DC080} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {75E207A5-0575-446A-974A-D178024369F1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {7B0DFFF0-6088-41CF-A75A-878BA845C91F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {8465E2C1-36AD-4EA3-8ECA-5C561635B621} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {8A841A65-0A90-4F45-995E-14C8BA5527AE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {9D39A598-DA5A-4DD4-8E5B-6C9E55B85A5E} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {A10B63BD-2B87-4240-8191-8B455753C8BE} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {A1D35F98-7D4F-4EC2-9239-00601DC46FCE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {A489B528-91C6-4184-A0AF-723508AC6495} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {A894259E-D7D0-41BB-AED3-1D8F66401E39} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {AA83F14B-5D10-47DD-BFCF-CFA79935D08B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-26] (Adobe Systems Incorporated)
Task: {B054FF37-F045-4E36-BD1A-839500BBC46F} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()
Task: {B10439E1-E185-4DB2-807B-DD6AC98B530E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {B2D428BD-E85D-4CFA-84A9-A31CA1EC9726} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {B35BE994-BDA6-4637-91B8-79E7ACE35061} - \PrintProjects Communicator -> No File <==== ATTENTION
Task: {B92A5C1F-2083-497F-B44F-60F380623673} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {C4D5D3CC-58F8-43D2-AC4F-FA91F4439F57} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {DB88891F-A346-4303-93C8-AB56752E29C3} - System32\Tasks\Malwarebytes => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
Task: {DC8CA541-4FF2-4910-8FE9-6343F1682935} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\WSCStub.exe [2015-09-23] (Symantec Corporation)
Task: {E8FA7856-F1C0-48C9-88EE-4613503C97E8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F44578C6-D74D-484A-9C96-EF49C2D00778} - System32\Tasks\HPCeeScheduleForRegevette => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {F809B3DB-23B7-4759-B88C-17638039582F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {FC168DBD-8327-4CC8-BEBE-28B294DC8806} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForRegevette.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe5-fh scripts\monthly.xml

==================== Loaded Modules (Whitelisted) ==============

2015-09-18 05:05 - 2015-07-14 21:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-18 05:05 - 2015-08-11 04:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2009-12-15 19:40 - 2009-12-15 19:40 - 00065536 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
2015-09-30 23:22 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 23:22 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2010-11-15 19:29 - 2008-06-20 00:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2015-09-30 23:22 - 2015-09-17 00:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 05:59 - 2015-07-10 05:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2010-01-18 12:21 - 2010-01-18 12:21 - 00568888 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2015-08-21 21:09 - 2015-08-21 21:09 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2009-12-15 19:40 - 2009-12-15 19:40 - 00122880 _____ () C:\WINDOWS\SysWOW64\WinMsgBalloonServer.exe
2009-12-15 19:41 - 2009-12-15 19:41 - 00139264 _____ () C:\WINDOWS\SysWOW64\WinMsgBalloonClient.exe
2015-10-27 18:16 - 2015-10-27 18:36 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-10-27 18:16 - 2015-10-27 18:36 - 10958848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-10-27 18:16 - 2015-10-27 18:36 - 00245760 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-11-04 17:29 - 2015-11-04 17:36 - 08717824 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.21.12.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-11-04 17:29 - 2015-11-04 17:36 - 02371072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.21.12.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2014-01-10 00:26 - 2014-01-10 00:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-09-30 23:22 - 2015-09-17 00:44 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-09-30 23:21 - 2015-09-17 00:42 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-30 23:21 - 2015-09-17 00:42 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 23:22 - 2015-09-17 00:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 06:00 - 2015-07-10 08:14 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2009-12-16 01:44 - 2009-12-16 01:44 - 00516096 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2014-01-10 00:28 - 2014-01-10 00:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-10-22 16:10 - 2015-10-20 09:08 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-22 16:10 - 2015-10-20 09:08 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1826123673-4292494960-549196744-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Regevette\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CinemaNow Service => 2
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nmservice => 2
MSCONFIG\Services: NU16StartManagerSvc => 2
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PictureMover.lnk => C:\Windows\pss\PictureMover.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Regevette^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: DVDFab Passkey => "C:\Program Files (x86)\DVDFab Passkey\DVDFabPasskey.exe"
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: MotiveReportAgent => "C:\Program Files (x86)\Common Files\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files (x86)\Common Files\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files (x86)\Common Files\Motive\BellSouthBrowser.exe" /hidden
MSCONFIG\startupreg: OpwareSE4 => "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
MSCONFIG\startupreg: SPIRunE => Rundll32 SPIRunE.dll,RunDLLEntry
MSCONFIG\startupreg: SSBkgdUpdate => "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
MSCONFIG\startupreg: WrtMon.exe => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe
HKU\S-1-5-21-1826123673-4292494960-549196744-1000\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{6472743A-FA0A-4E7F-8FE5-C914093BB51D}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [UDP Query User{EA5019CB-F084-439D-A47D-A8EF21CF52A9}E:\emule\emule.exe] => (Allow) E:\emule\emule.exe
FirewallRules: [TCP Query User{7BE4EED6-3D0D-4AE5-9AFE-05CD3A6DC6E5}E:\emule\emule.exe] => (Allow) E:\emule\emule.exe
FirewallRules: [{EA69256A-E17B-4F94-AD11-A4ABE417A590}] => (Allow) LPort=15600
FirewallRules: [{8B090E00-BD42-48FB-B924-01371EB7B175}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5B0E458D-CA3A-4963-952C-C1AC432BFAA1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{EFD1A2E9-B102-4356-BFE8-0BD664CFC912}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [TCP Query User{24962036-30EB-46AF-80D6-A143848F41B2}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{9C92AB7B-5E4A-4017-A950-F090AD0C6738}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [TCP Query User{5AC7C27D-CDD6-424B-A469-BEAD35BBF746}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{28021089-4953-488E-92ED-7CC094C7919E}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{50D28BC1-AF9A-4AAC-904A-EA68C2BC2375}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{DA6A6C95-E779-422C-B504-E77047889701}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/08/2015 12:13:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Regevette-HP)
Description: Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/07/2015 08:52:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program DivX Player.exe version 11.3.4.75 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: b98

Start Time: 01d119c7d4ae61e3

Termination Time: 12

Application Path: C:\Program Files (x86)\DivX\DivX Player\DivX Player.exe

Report Id: 611e71a3-85bb-11e5-9be6-d4856498a390

Faulting package full name:

Faulting package-relative application ID:

Error: (11/07/2015 08:02:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DivXConverterLauncher.exe, version: 10.2.4.155, time stamp: 0x546f13aa
Faulting module name: DivXConverterLauncher.dll, version: 10.2.4.155, time stamp: 0x546f13a2
Exception code: 0xc0000005
Fault offset: 0x0008bade
Faulting process id: 0xfa8
Faulting application start time: 0xDivXConverterLauncher.exe0
Faulting application path: DivXConverterLauncher.exe1
Faulting module path: DivXConverterLauncher.exe2
Report Id: DivXConverterLauncher.exe3
Faulting package full name: DivXConverterLauncher.exe4
Faulting package-relative application ID: DivXConverterLauncher.exe5

Error: (11/07/2015 11:43:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Regevette-HP)
Description: Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/06/2015 11:49:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 10.0.10240.16384, time stamp: 0x559f3a8d
Faulting module name: T3APO64.dll, version: 1.0.4.0, time stamp: 0x4993ecb9
Exception code: 0xc0000005
Fault offset: 0x000000000003722a
Faulting process id: 0x1124
Faulting application start time: 0xAUDIODG.EXE0
Faulting application path: AUDIODG.EXE1
Faulting module path: AUDIODG.EXE2
Report Id: AUDIODG.EXE3
Faulting package full name: AUDIODG.EXE4
Faulting package-relative application ID: AUDIODG.EXE5

Error: (11/06/2015 11:49:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Regevette-HP)
Description: Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/06/2015 10:28:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Regevette-HP)
Description: Activation of app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/06/2015 10:13:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/06/2015 10:12:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Regevette-HP)
Description: Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/06/2015 09:31:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.


System errors:
=============
Error: (11/07/2015 08:24:42 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer LEOVIRGO7068-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{983CCE6B-0653-4340-A933-1E5C72D22DCB}.
The master browser is stopping or an election is being forced.

Error: (11/06/2015 10:20:35 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Xbox Live Auth Manager service terminated with the following service-specific error:
%%0

Error: (11/06/2015 10:11:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:
%%1058

Error: (11/06/2015 10:10:46 PM) (Source: DCOM) (EventID: 10010) (User: Regevette-HP)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (11/06/2015 10:10:46 PM) (Source: DCOM) (EventID: 10005) (User: Regevette-HP)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (11/06/2015 10:10:44 PM) (Source: DCOM) (EventID: 10010) (User: Regevette-HP)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (11/06/2015 10:10:44 PM) (Source: DCOM) (EventID: 10010) (User: Regevette-HP)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (11/06/2015 10:10:44 PM) (Source: DCOM) (EventID: 10010) (User: Regevette-HP)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (11/06/2015 10:10:44 PM) (Source: DCOM) (EventID: 10010) (User: Regevette-HP)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (11/06/2015 10:10:44 PM) (Source: DCOM) (EventID: 10010) (User: Regevette-HP)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


CodeIntegrity:
===================================
Date: 2015-11-06 09:18:24.716
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2015-11-06 09:18:24.624
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2015-11-06 09:18:24.575
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2015-11-06 09:18:24.486
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2015-11-06 09:18:24.453
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2015-11-06 09:18:24.417
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2015-11-06 09:18:23.122
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2015-11-06 09:18:22.571
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2015-11-06 09:11:36.053
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2015-11-06 09:11:36.004
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: AMD Athlon™ II X4 635 Processor
Percentage of memory in use: 37%
Total physical RAM: 6135.89 MB
Available physical RAM: 3859.37 MB
Total Virtual: 18135.89 MB
Available Virtual: 15289.89 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:686.2 GB) (Free:265.9 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.75 GB) (Free:1.39 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: BB7C8AB9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=686.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=11.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


Please do this next

Please download MiniToolBox http://download.blee...MiniToolBox.exe and run it.

Checkmark following boxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List Users, Partitions and Memory size
  • List Restore Points
Click Go and post the result.
  • 0

#3
singlre

singlre

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
MiniToolBox by Farbar  Version: 02-11-2015
Ran by Regevette (administrator) on 08-11-2015 at 17:55:29
Running from "C:\Users\Regevette\Desktop"
Microsoft Windows 10 Home  (X64)
Model: HPE-300z Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
127.0.0.1       localhost
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Regevette-HP
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : D4-85-64-98-A3-90
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2602:304:ab08:73f9:74cd:cbf9:8338:f877(Preferred) 
   Temporary IPv6 Address. . . . . . : 2602:304:ab08:73f9:e4cf:a488:d4c6:e65f(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::74cd:cbf9:8338:f877%6(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.220(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, November 08, 2015 12:13:02 PM
   Lease Expires . . . . . . . . . . : Monday, November 09, 2015 4:10:16 PM
   Default Gateway . . . . . . . . . : fe80::8237:73ff:fe81:e4cb%6
                                       192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 265586020
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-22-37-58-D4-85-64-98-A3-90
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:24e6:3c47:b54f:78c0(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::24e6:3c47:b54f:78c0%3(Preferred) 
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 134217728
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-22-37-58-D4-85-64-98-A3-90
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{983CCE6B-0653-4340-A933-1E5C72D22DCB}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dslrouter
Address:  192.168.1.254
 
Name:    google.com
Addresses:  2607:f8b0:4002:c06::8b
 74.125.21.100
 74.125.21.101
 74.125.21.102
 74.125.21.113
 74.125.21.138
 74.125.21.139
 
 
Pinging google.com [2607:f8b0:4002:c06::8b] with 32 bytes of data:
Request timed out.
Request timed out.
 
Ping statistics for 2607:f8b0:4002:c06::8b:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server:  dslrouter
Address:  192.168.1.254
 
DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [2001:4998:58:c02::a9] with 32 bytes of data:
Request timed out.
Request timed out.
 
Ping statistics for 2001:4998:58:c02::a9:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  6...d4 85 64 98 a3 90 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
  3...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
  2...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.220     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link     192.168.1.220    306
  169.254.255.255  255.255.255.255         On-link     192.168.1.220    276
      192.168.1.0    255.255.255.0         On-link     192.168.1.220    276
    192.168.1.220  255.255.255.255         On-link     192.168.1.220    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.220    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.220    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.220    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  6    276 ::/0                     fe80::8237:73ff:fe81:e4cb
  1    306 ::1/128                  On-link
  3    306 2001::/32                On-link
  3    306 2001:0:9d38:90d7:24e6:3c47:b54f:78c0/128
                                    On-link
  6    276 2602:304:ab08:73f9::/64  On-link
  6    276 2602:304:ab08:73f9:74cd:cbf9:8338:f877/128
                                    On-link
  6    276 2602:304:ab08:73f9:e4cf:a488:d4c6:e65f/128
                                    On-link
  6    276 fe80::/64                On-link
  3    306 fe80::/64                On-link
  3    306 fe80::24e6:3c47:b54f:78c0/128
                                    On-link
  6    276 fe80::74cd:cbf9:8338:f877/128
                                    On-link
  1    306 ff00::/8                 On-link
  6    276 ff00::/8                 On-link
  3    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 43%
Total physical RAM: 6135.89 MB
Available physical RAM: 3475.95 MB
Total Virtual: 18135.89 MB
Available Virtual: 14686.66 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:686.2 GB) (Free:265.58 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.75 GB) (Free:1.39 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\REGEVETTE-HP
 
Administrator            DefaultAccount           Guest                    
Regevette                
 
========================= Restore Points ==================================
 
24-10-2015 14:13:37 Windows Update
29-10-2015 22:22:32 Windows Update
30-10-2015 22:46:07 10/30/15 
31-10-2015 03:43:53 Restore Operation
02-11-2015 23:17:08 Restore Point Created by FRST
04-11-2015 22:30:33 zoek.exe restore point
 
**** End of log ****

  • 0

#4
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hello,

Not seeing to much of any issue here so it is possible a service provider issue.
I would reset the Chrome browser and run this small fix.

To Reset your Chrome browser settings
1.In the top-right corner of the browser window, click the Chrome menu
2.Select Settings.
3.At the bottom, click Show advanced settings.
4.Under the section "Reset settings,” click Reset settings.
5.In the dialog that appears, click Reset.

A few items to fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
 
start
CloseProcesses:
CreateRestorePoint:
Task: {B35BE994-BDA6-4637-91B8-79E7ACE35061} - \PrintProjects Communicator -> No File <==== ATTENTION
CMD: ipconfig /flushdns
Emptytemp:
  • Click Format and ensure Wordwrap is unchecked.
  • Save as Fixlist.txt to your Desktop (Must be in this location)
  • Run FRST/FRST64 and press the Fix button just once and wait.
  • If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
  • The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.



  • 0

#5
singlre

singlre

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Yeah, I figured its probably a provider issue, just wanna be absolutely sure. Anyway, did the chrome reset (done before) and the FRST script. Thanks

 

Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Regevette (2015-11-09 17:38:24) Run:2
Running from C:\Users\Regevette\Desktop
Loaded Profiles: Regevette & DefaultAppPool (Available Profiles: Regevette & Guest & DefaultAppPool)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
CloseProcesses:
CreateRestorePoint:
Task: {B35BE994-BDA6-4637-91B8-79E7ACE35061} - \PrintProjects Communicator -> No File <==== ATTENTION
CMD: ipconfig /flushdns
Emptytemp:
*****************
 
Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B35BE994-BDA6-4637-91B8-79E7ACE35061}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B35BE994-BDA6-4637-91B8-79E7ACE35061}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PrintProjects Communicator" => key removed successfully
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
EmptyTemp: => 6 GB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 17:39:13 ====

  • 0

#6
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hello,

Two follow up scans, ESET could take a long time, some users start the scan an go to bed... If you get this message tonite go ahead an run Security check first an post the log from it...


ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go >>HERE<< then click on: ESET1st.jpg
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the ESETexe.jpg icon to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: ESETsave.jpg
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt).
  • Copy and paste that log as a reply to this topic.
  • Now click on: EOLS4.gif
    (Selecting Uninstall application on close if you so wish)
Next
Download Security Check by screen317 from http://rocketgrannie...curityCheck.exe
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.
  • 0

#7
singlre

singlre

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Sorry for the delay....downloading is nearly impossible. Got Security Check, still working on getting ESET done. Opened in IE but still tells me to download the smart installer so....this also is troublesome.

 

 Results of screen317's Security Check version 1.012 --- 11/09/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Norton Internet Security   
Windows Defender           
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java version 32-bit out of Date! 
  Adobe Flash Player 17.0.0.190 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox 40.0.3 Firefox out of Date!  
 Google Chrome (46.0.2490.71) 
 Google Chrome (46.0.2490.80) 
 Google Chrome (plugins...) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 

  • 0

#8
singlre

singlre

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

I'm just not able to do the ESET online scan. Even tho I figured to download the smart installer (.exe) elsewhere...ESET then wants to download the components and there we go again, it can't get the update and doesn't finish.


  • 0

#9
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hello,

Very busy with work, thus the delay..

Lets talk about the security scan and it shows outdated programs especially flash, need to keep that updated.

First
Out of date Adobe flash player installed!You should ensure you use the latest Adobe flash player and install any security updates that are released. You can download the latest Flashplaye and updates from Here.Please uncheck any optional offers before downloading.


2nd
Your Java is out of date:

Note
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.
I would uninstall it from the programs an Features menu anything called Java. Start > Control Panel > Programs & Features, uninstall all Java.

Last but not least can you up date Firefox.

Let me know and we will go from there.
  • 0

#10
singlre

singlre

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Alright...I got Adobe flash player to update, and just uninstalled Java and Firefox (Firefox would not finish updating so removed it, will do fresh install some other time). New security check log....

 

 

 Results of screen317's Security Check version 1.012 --- 11/09/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Norton Internet Security   
Windows Defender           
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player 19.0.0.245  
 Adobe Reader XI  
 Google Chrome (46.0.2490.80) 
 Google Chrome (46.0.2490.86) 
 Google Chrome (plugins...) 
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

Edited by singlre, 13 November 2015 - 08:46 PM.

  • 0

#11
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hello,

Windows firewall is enabled, Norton Internet Security provides a firewall. You don't want two running, so lets turn it off,

You can do it this way;
Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
CreateRestorePoint:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state Off
Emptytemp:
  • Click Format and ensure Wordwrap is unchecked.
  • Save as Fixlist.txt to your Desktop (Must be in this location)
  • Run FRST/FRST64 and press the Fix button just once and wait.
  • If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
  • The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

    Next
    Go to http://www.speedtest.net/ and click on Begin Test
    When the Test finishes click on Share This Result and then select Forum then Copy then move to a reply and Ctrl + v

    Thanks
    Joe :)

  • 0

#12
singlre

singlre

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Well, still experiencing the same issues. Speedtest.net page loads slow, after page comes up it stops loading but the test either gets stuck at loading 100% or doesn't load at all. Tried it on chrome, IE and Microsoft edge....same results on all three. Will keep trying...

 

Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Regevette (2015-11-14 15:05:34) Run:3
Running from C:\Users\Regevette\Desktop
Loaded Profiles: Regevette (Available Profiles: Regevette & Guest & DefaultAppPool)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state Off
Emptytemp:
*****************
 
Restore point was successfully created.
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state Off =========
 
Ok.
 
 
========= End of CMD: =========
 
EmptyTemp: => 1.3 GB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 15:06:11 ====

  • 0

#13
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Is that the only Internet Service provider available in your area ?
  • 0

#14
singlre

singlre

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

No, I have another major ISP in my area that I'm looking into. I'm tired of holding out for them to have the service in my area as I can't upgrade based on what I have now (discontinued). Just knowing that possibly its not my computer that's the culprit will push me forward to switch.


  • 0

#15
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

Thanks
Joe :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP