Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2016 Ran by Wayne (28-11-2016 23:21:08) Running from C:\Users\Wayne\Downloads Windows 10 Home Version 1607 (X64) (2016-10-01 22:33:11) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2185679930-222367793-746031767-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2185679930-222367793-746031767-503 - Limited - Disabled) Guest (S-1-5-21-2185679930-222367793-746031767-501 - Limited - Disabled) Wayne (S-1-5-21-2185679930-222367793-746031767-1001 - Administrator - Enabled) => C:\Users\Wayne ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated) Adobe Reader XI (11.0.18) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated) Apple Application Support (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS) ASUS Product Demo Kit (HKLM-x32\...\{1714AD6E-D517-40C0-9B19-4CE0078F7694}) (Version: 2.0.0 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS) ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.31 - ASUS) AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.26.1436 - Bitdefender) BurnAware Free 9.4 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware) CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.) DIRECTV Player (HKLM-x32\...\{4a5ad61d-1fe9-48b9-87a8-9235f71120f3}) (Version: 12.1 - DIRECTV) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Hoyle Card Games (HKLM-x32\...\{05F6571A-5205-4C81-8160-683BDCC3B272}) (Version: 1.00.0000 - Encore Software, Inc.) Hoyle Casino Games (HKLM-x32\...\{0DB17436-91DB-4BE0-A9F2-6955BA9D6CE2}) (Version: 1.00.0000 - Encore Software, Inc.) Hoyle Puzzle and Board Games (HKLM-x32\...\{2049C1B1-B5BF-4557-9AF9-2506D835F888}) (Version: 1.00.0000 - Encore Software, Inc.) Infinite HD™ App (HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Octoshape Streaming Services) (Version: - Octoshape ApS) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{92DA2455-E6C9-4EFF-9AFD-07C2C3B185DA}) (Version: 4.2.41.2633 - Intel Corporation) InterActual Player (HKLM-x32\...\InterActual Player) (Version: - ) iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.) Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4875.1001 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 50.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.0 (x86 en-US)) (Version: 50.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.0.6152 - Mozilla) Mozilla Thunderbird 45.5.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 45.5.0 (x86 en-US)) (Version: 45.5.0 - Mozilla) NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - ) Nitro PDF Professional (HKLM\...\{0C7EA81E-F787-4A14-8632-1371AD31C41B}) (Version: 6.2.3.6 - Nitro PDF Software) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4875.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4875.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4875.1001 - Microsoft Corporation) Hidden Plantronics CSR Driver (64-bit) (Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden Plantronics CsrDfu Installer (x32 Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden Plantronics HidDfu Installer (x32 Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden Plantronics MyHeadset Updater (HKLM-x32\...\{f3913714-6d44-49ee-9526-a47d548f2334}) (Version: 3.1.51094.21292 - Plantronics, Inc.) Plantronics MyHeadset Updater (x32 Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden Plantronics MyHeadset Updater Device Handlers (32-bit) (x32 Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden Plantronics MyHeadset Updater DFU Handlers (32-bit) (x32 Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden Plantronics MyHeadset Updater Install Check (x32 Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden Plantronics MyHeadset Updater MLS (Version: 3.0.0.0 - Plantronics, Inc.) Hidden Plantronics MyHeadset Updater Runtime (x32 Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden Plantronics MyHeadset Updater Startup (x32 Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.) Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.9.384 - ASUS Cloud Corporation) WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent) Windows Driver Package - ASUS (ATP) Mouse (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS) Windows Driver Package - Cambridge Silicon Radio (CSRBC) USB (10/26/2012 2.4.0.0) (HKLM\...\20C7EDA3129B3FF8F72F9BF59252B718B554FBDC) (Version: 10/26/2012 2.4.0.0 - Cambridge Silicon Radio) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {083BA6E5-D324-4C77-81FB-7073B6F8EFFE} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-29] (ASUS) Task: {0D4373FB-8C96-4877-937C-0E97B034FEF4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated) Task: {1EA6B8C7-199B-4CDA-80AA-B445F92F48FD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated) Task: {25B20BB9-4D27-491C-8656-B8F8DD73C3CF} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek) Task: {2652F97A-8007-4B71-834E-EA8E656D9B29} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-10-04] (Microsoft Corporation) Task: {2EF25A46-7CD6-4A1C-886E-ABFD4B21A98A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {3DC52A51-1CE6-41FD-A331-F9B51A8F25AE} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] () Task: {4B47D589-C0FD-427B-958D-C5C4DE67E309} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.) Task: {52BC3A6E-BDD5-4FE7-B21B-62534F403D5F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {55B75E72-6173-405D-8CE3-E2ED3239362E} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS) Task: {58E75E8B-BFFE-4398-9487-86C8317DBFC9} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor) Task: {63F1627D-F32C-4A61-9965-0E57FA75EAFE} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.) Task: {6572D44F-1AC9-40DE-B762-416BE30353F4} - System32\Tasks\ASUS Vivokey => C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe [2013-08-23] (ASUSTek Computer Inc.) Task: {845227EA-2E06-4099-AF15-9882D1EF26D0} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.) Task: {8BCCFE26-4E1B-446E-B3F1-B820C72EEF10} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor) Task: {949C7554-A322-49EC-99C6-B1924CC8E9E1} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.) Task: {AFC635D0-7632-4085-83BF-4A4B3E93C3D6} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2013-08-29] () Task: {BD8C044E-FCC1-410F-9AA9-F6146C5F7DB8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-10-04] (Microsoft Corporation) Task: {C00F0DD4-6EF2-4604-8ADE-787C79EDFD47} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] () Task: {C3DD5FB3-FBDB-4E99-80D0-5A76A38726A9} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.) Task: {D24B90CA-A3FD-4C37-884D-F524F9797317} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {E2475731-69F5-4B6B-B406-4C8847D384FA} - System32\Tasks\{5BA814E5-158B-4889-B0DE-71C2AF6961CA} => Firefox.exe hxxp://ui.skype.com/ui/0/7.8.85.102/en/abandoninstall?page=tsPlugin Task: {F5B68330-A492-4B58-9459-95590AEEA7AA} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-10-21] (Bitdefender) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 05:42 - 2016-07-16 05:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-10-02 06:33 - 2016-09-15 11:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-03-18 21:56 - 2016-03-18 21:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-03-18 21:56 - 2016-03-18 21:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-08-02 18:55 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-11-07 18:12 - 2013-11-07 18:12 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2013-11-07 18:12 - 2013-11-07 18:12 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2013-11-07 18:12 - 2013-11-07 18:12 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll 2016-10-02 06:33 - 2016-09-15 11:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-10-02 17:00 - 2016-10-02 17:00 - 01864384 _____ () C:\Users\Wayne\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll 2016-07-25 20:51 - 2016-05-24 10:43 - 08909504 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2013-08-29 17:01 - 2013-08-29 17:01 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2016-10-01 18:52 - 2016-10-01 18:52 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-10-12 20:51 - 2016-10-05 03:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-10-27 21:22 - 2016-10-14 21:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-10-27 21:22 - 2016-10-14 21:34 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-10-27 21:22 - 2016-10-14 21:34 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-10-27 21:22 - 2016-10-14 21:34 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-10-27 21:22 - 2016-10-14 21:34 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-10-27 21:22 - 2016-10-14 21:38 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-05-27 14:50 - 2016-05-27 14:50 - 00402520 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-11-17 20:49 - 2016-11-17 20:50 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2016-11-17 20:49 - 2016-11-17 20:50 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2016-11-17 20:49 - 2016-11-17 20:50 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2016-02-14 08:14 - 2016-02-14 08:14 - 01384168 _____ () C:\Users\Wayne\AppData\Local\DIRECTV Player\NDSPCShowServer.exe 2013-10-08 21:41 - 2013-10-08 21:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2013-09-09 19:23 - 2013-09-09 19:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2016-02-14 08:14 - 2016-02-14 08:14 - 11423968 _____ () C:\Users\Wayne\AppData\Local\DIRECTV Player\PCShowServer.dll 2016-02-14 08:15 - 2016-02-14 08:15 - 00340192 _____ () C:\Users\Wayne\AppData\Local\DIRECTV Player\ndsLogStore.dll 2016-02-14 08:14 - 2016-02-14 08:14 - 03301088 _____ () C:\Users\Wayne\AppData\Local\DIRECTV Player\DrmSingleton.dll 2016-02-14 08:14 - 2016-02-14 08:14 - 02100968 _____ () C:\Users\Wayne\AppData\Local\DIRECTV Player\DiscoveryManager.dll 2016-02-14 08:14 - 2016-02-14 08:14 - 08346848 _____ () C:\Users\Wayne\AppData\Local\DIRECTV Player\gsttspplugin.dll 2016-02-14 08:14 - 2016-02-14 08:14 - 00689904 _____ () C:\Users\Wayne\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll 2016-02-14 08:15 - 2016-02-14 08:15 - 01404128 _____ () C:\Users\Wayne\AppData\Local\DIRECTV Player\libxml2-2.dll 2016-02-14 08:15 - 2016-02-14 08:15 - 00092880 _____ () C:\Users\Wayne\AppData\Local\DIRECTV Player\z.dll 2016-09-23 06:12 - 2016-09-23 06:12 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll 2012-05-24 20:19 - 2012-05-24 20:19 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2011-03-09 13:21 - 2011-03-09 13:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2015-07-14 08:27 - 2015-07-14 08:27 - 00032768 _____ () C:\Program Files (x86)\Plantronics\MyHeadsetUpdater\NativeUsbLib.dll 2014-05-13 08:59 - 2013-10-23 14:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences [0] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\thehartford.com -> hxxps://thehartford.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 07:25 - 2016-08-21 16:29 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2185679930-222367793-746031767-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Wayne\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\umbrella.jpg DNS Servers: 192.168.254.254 - 74.40.74.41 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\StartupFolder: => "Install Webroot FF RunOnce.lnk" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{3C9C768C-EB10-4930-9643-08F98CB2A7E1}C:\users\wayne\appdata\local\directv player\ndspcshowserver.exe] => (Block) C:\users\wayne\appdata\local\directv player\ndspcshowserver.exe FirewallRules: [TCP Query User{B61340C4-1621-4453-8E1F-6FCF0CCFA3C5}C:\users\wayne\appdata\local\directv player\ndspcshowserver.exe] => (Block) C:\users\wayne\appdata\local\directv player\ndspcshowserver.exe FirewallRules: [UDP Query User{22C412C4-99CD-4711-BB30-A5A666533017}C:\users\wayne\appdata\local\directv player\ndspcshowserver.exe] => (Allow) C:\users\wayne\appdata\local\directv player\ndspcshowserver.exe FirewallRules: [TCP Query User{3C29E99D-72D3-4B07-8E6D-B21AAB1441C6}C:\users\wayne\appdata\local\directv player\ndspcshowserver.exe] => (Allow) C:\users\wayne\appdata\local\directv player\ndspcshowserver.exe FirewallRules: [{01C4F2C7-CF6A-4151-9676-82A059C5D0B8}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{18844974-9EFC-4453-B7EF-F5810682CBC5}] => (Allow) C:\Users\Wayne\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [TCP Query User{F2AE7139-8BBD-4054-96D0-022B676B74B1}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{831EAD51-E9D4-45FB-B9FD-9ABBD152E37D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [TCP Query User{55E4531E-17E2-4E5F-B3B0-3F83FD537A67}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe FirewallRules: [UDP Query User{BA48F295-2F4E-4882-B275-2FAD795D80AB}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe FirewallRules: [TCP Query User{017A6B7E-3259-4641-BA02-EE10FB9A67EB}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{7F68565B-C688-40D2-95A9-C9547B25E149}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [TCP Query User{12CD5657-3589-4FA8-9340-25941BCDE315}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe FirewallRules: [UDP Query User{D71BB0F1-B6D3-47AA-94F2-FD7E6F68128F}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe FirewallRules: [{82BEC0F7-AB04-47B9-A9D0-B3B45F28618A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{69AB8632-AE96-41E6-874E-9288F9FC1868}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{C7F8C26A-BC24-49EF-BEFB-1B4687108708}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{20F85993-BEB3-4284-ACD9-76B7E62B670A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{687BA960-D8C7-472C-BC86-7A78BBAA297F}C:\program files (x86)\java\jre1.8.0_45\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\jp2launcher.exe FirewallRules: [UDP Query User{E182C9CB-CF45-46B6-AAF3-808114DE7560}C:\program files (x86)\java\jre1.8.0_45\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\jp2launcher.exe FirewallRules: [{49862507-09F8-4AE9-BB2D-663AE0D2B25C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F7D5A77B-DD46-4649-93E6-BF383EC9AB31}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CDBCDE5E-546A-4651-AF3E-D25F3DACC719}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 11-11-2016 22:29:15 Windows Update 15-11-2016 07:18:56 Windows Update 18-11-2016 20:48:20 Windows Update 21-11-2016 23:20:47 Windows Update 25-11-2016 22:18:11 Windows Update 27-11-2016 07:48:03 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== System errors: ============= ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz Percentage of memory in use: 33% Total physical RAM: 6027.38 MB Available physical RAM: 4034.26 MB Total Virtual: 6987.38 MB Available Virtual: 4751.44 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:444.65 GB) (Free:351.55 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: FAE7D78D) Partition: GPT. ==================== End of Addition.txt ============================