Thanks again for the help. I never knew why I needed Java or Bonjours. Deleting them doesn't hurt my feelings at all.
Before posting the logs I want to mention that last night after posting here I could no longer open Chrome at all. Your fixes today took care of that. However my original issue is still here. When I search this macafee secure search comes up in Yahoo. I can't delete it. I deleted. I deleted yahoo and it is still there.
Here are the logs:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2016
Ran by Wayne (administrator) on WAYNE (27-11-2016 15:49:28)
Running from C:\Users\Wayne\Downloads
Loaded Profiles: Wayne (Available Profiles: Wayne)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-09-11] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [402520 2016-05-27] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.9.384\ASUSWSLoader.exe [63296 2014-07-17] ()
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Plantronics MyHeadset Updater] => C:\Program Files (x86)\Plantronics\MyHeadsetUpdater\MyHeadsetUpdater.exe [80384 2015-07-14] (Plantronics)
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Run: [Power2GoExpress] => 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Run: [PCShowServer] => C:\Users\Wayne\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe [1632504 2016-02-14] (Cisco)
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Run: [Octoshape Streaming Services] => C:\Users\Wayne\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [500016 2014-08-01] (Octoshape ApS)
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Run: [Chromium] => c:\users\wayne\appdata\local\chromium\application\chrome.exe [1044480 2016-01-25] (The Chromium Authors)
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\RunOnce: [Uninstall C:\Users\Wayne\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Wayne\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Wayne\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-10-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Wayne\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-10-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Wayne\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-10-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.9.384\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.9.384\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.9.384\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Wayne\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-10-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Wayne\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-10-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Wayne\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-10-02] (Microsoft Corporation)
Startup: C:\Users\Wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2014-09-23]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254 74.40.74.41
Tcpip\..\Interfaces\{85ca883e-d6c7-48a7-9343-a28d600f30a3}: [DhcpNameServer] 192.168.254.254 74.40.74.41
Tcpip\..\Interfaces\{a2173767-5295-477c-9b93-609793b8211b}: [DhcpNameServer] 40.52.1.201 40.52.1.203
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2185679930-222367793-746031767-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-2185679930-222367793-746031767-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-10-11] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-27] (Microsoft Corporation)
DPF: HKLM-x32 {A4110378-789B-455F-AE86-3A1BFC402853} hxxp://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Wayne\AppData\Roaming\Philips-Songbird\Profiles\atviq4na.default [2015-04-12]
FF NetworkProxy: Philips-Songbird\Profiles\atviq4na.default -> no_proxies_on", "*.local"
FF NetworkProxy: Philips-Songbird\Profiles\atviq4na.default -> type", 4
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\[email protected] [not found]
FF SearchPlugin: C:\Users\Wayne\AppData\Roaming\Philips-Songbird\Profiles\atviq4na.default\searchplugins\7digital.xml [2014-08-05]
FF SearchPlugin: C:\Users\Wayne\AppData\Roaming\Philips-Songbird\Profiles\atviq4na.default\searchplugins\d8686a0c-81ee-4ec1-979c-61950edf4860.xml [2014-08-05]
FF ProfilePath: C:\Users\Wayne\AppData\Roaming\Mozilla\Firefox\Profiles\bngh0j09.default [2016-11-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2013-08-05] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2185679930-222367793-746031767-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Wayne\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1411300-0-npoctoshape.dll [2014-11-30] (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Wayne\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2016-05-30] (Octoshape ApS)
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.malwarebytes.com/restorebrowser/index.html","hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=C210US91088D20161008&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Wayne\AppData\Local\Google\Chrome\User Data\Default [2016-11-27]
CHR Extension: (Google Slides) - C:\Users\Wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-06]
CHR Extension: (Google Docs) - C:\Users\Wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Google Drive) - C:\Users\Wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Sheets) - C:\Users\Wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-06]
CHR Extension: (Google Docs Offline) - C:\Users\Wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-28]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3040496 2016-10-04] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [115632 2013-09-11] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [116656 2013-09-11] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [148688 2013-09-11] (Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [124880 2013-09-11] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-08-03] (WildTangent)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [374360 2016-05-27] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel® Corporation) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-11-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 NitroDriverReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [341312 2011-09-24] (Nitro PDF Software)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
S3 CSRBC; C:\WINDOWS\System32\Drivers\csrbcx64.sys [38400 2015-07-14] (CSR plc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [143568 2013-09-11] (Intel Corporation)
R3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [114680 2013-09-11] (Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [287160 2013-09-11] (Intel Corporation)
R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [494272 2013-09-11] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows ® Win 7 DDK provider)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-27 15:49 - 2016-11-27 15:49 - 00025839 _____ C:\Users\Wayne\Downloads\FRST.txt
2016-11-27 15:48 - 2016-11-27 15:48 - 00023482 _____ C:\Users\Wayne\Downloads\fixlist.txt
2016-11-27 15:30 - 2016-11-27 15:48 - 00000000 ____D C:\Users\Wayne\Downloads\FRST-OlderVersion
2016-11-27 08:06 - 2016-11-27 15:49 - 00000000 ____D C:\FRST
2016-11-27 07:59 - 2016-11-27 15:30 - 02411520 _____ (Farbar) C:\Users\Wayne\Downloads\FRST64.exe
2016-11-27 07:54 - 2016-11-27 07:54 - 00000821 _____ C:\Users\Wayne\Desktop\JRT.txt
2016-11-27 07:47 - 2016-11-27 07:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-27 07:47 - 2016-11-27 07:47 - 01631928 _____ (Malwarebytes) C:\Users\Wayne\Downloads\JRT.exe
2016-11-27 07:45 - 2016-11-27 07:45 - 00002366 _____ C:\Users\Wayne\Desktop\AdwCleaner[C0].txt
2016-11-27 07:35 - 2016-11-27 07:40 - 00000000 ____D C:\AdwCleaner
2016-11-27 07:35 - 2016-11-27 07:35 - 03910208 _____ C:\Users\Wayne\Downloads\AdwCleaner.exe
2016-11-24 19:50 - 2016-11-25 07:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-11-23 21:58 - 2016-11-23 21:58 - 00000735 _____ C:\Users\Wayne\Documents\Videos - Shortcut.lnk
2016-11-19 10:20 - 2016-11-19 10:20 - 00338164 _____ C:\Users\Wayne\Desktop\Marine letter.pdf
2016-11-10 07:23 - 2016-11-10 07:23 - 00000000 ____D C:\Program Files\McAfee
2016-11-07 17:30 - 2016-11-07 17:31 - 00543020 _____ C:\WINDOWS\Minidump\110716-29546-01.dmp
2016-11-04 06:39 - 2016-11-04 06:39 - 00028755 _____ C:\ProgramData\agent.1478263154.bdinstall.bin
2016-11-03 21:12 - 2016-11-03 21:14 - 00551212 _____ C:\WINDOWS\Minidump\110316-75218-01.dmp
2016-10-29 12:27 - 2016-10-29 12:29 - 00411796 _____ C:\WINDOWS\Minidump\102916-37234-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-27 15:19 - 2016-03-20 19:16 - 00000000 ____D C:\Users\Wayne\AppData\Roaming\Sun
2016-11-27 15:19 - 2015-02-04 07:47 - 00000000 ____D C:\Users\Wayne\AppData\LocalLow\Oracle
2016-11-27 15:19 - 2014-09-09 06:17 - 00000000 ____D C:\Users\Wayne\AppData\Roaming\Oracle
2016-11-27 15:19 - 2014-08-03 16:18 - 00000000 ____D C:\ProgramData\Oracle
2016-11-27 15:19 - 2014-08-03 16:16 - 00000000 ____D C:\Users\Wayne\AppData\LocalLow\Sun
2016-11-27 15:08 - 2016-10-01 15:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-27 15:08 - 2016-05-10 22:05 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-11-27 13:27 - 2016-10-01 16:20 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-11-27 13:27 - 2016-10-01 16:20 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-11-27 08:24 - 2016-07-16 05:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-27 07:57 - 2014-08-28 21:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-27 07:48 - 2016-03-10 00:17 - 01586246 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-27 07:46 - 2014-09-05 18:22 - 00000000 ____D C:\Users\Wayne\Documents\Church
2016-11-27 07:45 - 2016-07-16 00:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-11-27 07:44 - 2014-08-02 15:27 - 00000074 _____ C:\Users\Wayne\AppData\Roaming\sp_data.sys
2016-11-27 07:43 - 2016-08-10 17:44 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-11-27 07:42 - 2016-10-01 16:00 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-11-27 07:42 - 2016-03-10 07:12 - 00000000 __SHD C:\Users\Wayne\IntelGraphicsProfiles
2016-11-27 07:41 - 2016-10-01 16:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-27 07:41 - 2016-07-16 00:04 - 01835008 _____ C:\WINDOWS\system32\config\BBI
2016-11-26 18:08 - 2014-09-01 18:42 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-24 20:17 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-23 22:16 - 2016-10-08 19:51 - 00000000 ____D C:\ProgramData\McAfee
2016-11-23 22:15 - 2016-10-01 16:04 - 00000000 ____D C:\Users\Wayne
2016-11-23 19:49 - 2016-07-16 05:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-22 08:24 - 2016-07-16 05:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-22 08:23 - 2014-08-02 18:55 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-11-17 06:40 - 2014-08-02 18:10 - 00000707 _____ C:\Users\Wayne\AppData\Roaming\burnaware.ini
2016-11-16 15:11 - 2014-08-28 21:24 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-11-14 20:04 - 2014-08-28 21:06 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-14 20:04 - 2014-08-28 21:06 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-13 00:37 - 2016-07-09 09:04 - 00000000 ____D C:\Users\Wayne\Desktop\New folder
2016-11-11 21:36 - 2014-08-04 19:00 - 00000000 ____D C:\Users\Wayne\AppData\Roaming\Nitro PDF
2016-11-08 22:05 - 2014-08-05 21:23 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-08 22:02 - 2014-08-05 21:23 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-08 21:22 - 2016-10-01 16:20 - 00003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-11-08 21:22 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-08 21:22 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-07 21:31 - 2016-10-01 16:20 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-11-07 17:30 - 2016-10-04 21:41 - 00000000 ____D C:\WINDOWS\Minidump
2016-11-07 17:30 - 2014-10-04 09:21 - 684400863 _____ C:\WINDOWS\MEMORY.DMP
2016-11-03 21:15 - 2016-07-16 05:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-01 06:27 - 2014-08-28 20:56 - 00000000 ____D C:\Users\Wayne\AppData\Local\Google
2016-10-30 18:08 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-29 12:37 - 2014-08-03 06:49 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-29 12:34 - 2016-10-01 15:57 - 00231288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-29 12:33 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-29 12:33 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-10-29 12:33 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-29 12:32 - 2016-07-16 05:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-29 12:31 - 2016-07-16 05:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-10-28 23:07 - 2016-03-10 19:38 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2014-08-02 16:05 - 2014-11-15 23:00 - 10395072 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe
2014-08-02 18:10 - 2016-11-17 06:40 - 0000707 _____ () C:\Users\Wayne\AppData\Roaming\burnaware.ini
2015-12-15 21:39 - 2015-12-15 22:11 - 0000115 _____ () C:\Users\Wayne\AppData\Roaming\LogFile.txt
2015-02-27 07:39 - 2015-02-27 07:39 - 0000021 _____ () C:\Users\Wayne\AppData\Roaming\my_intel.sys
2014-08-02 15:27 - 2016-11-27 07:44 - 0000074 _____ () C:\Users\Wayne\AppData\Roaming\sp_data.sys
2016-09-19 21:23 - 2016-09-19 21:23 - 0026705 _____ () C:\ProgramData\agent.1474341804.bdinstall.bin
2016-11-04 06:39 - 2016-11-04 06:39 - 0028755 _____ () C:\ProgramData\agent.1478263154.bdinstall.bin
2016-10-01 15:59 - 2016-10-01 15:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-13 14:22 - 2012-09-07 05:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-13 14:22 - 2009-07-22 04:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-13 14:22 - 2012-09-07 05:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2014-08-02 17:03 - 2014-08-02 17:04 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-08-02 17:03 - 2014-08-02 17:03 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Some files in TEMP:
====================
C:\Users\Wayne\AppData\Local\Temp\jre-8u111-windows-au.exe
C:\Users\Wayne\AppData\Local\Temp\libeay32.dll
C:\Users\Wayne\AppData\Local\Temp\msvcr120.dll
C:\Users\Wayne\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-11-26 18:20
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2016
Ran by Wayne (27-11-2016 15:50:44)
Running from C:\Users\Wayne\Downloads
Windows 10 Home Version 1607 (X64) (2016-10-01 22:33:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2185679930-222367793-746031767-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2185679930-222367793-746031767-503 - Limited - Disabled)
Guest (S-1-5-21-2185679930-222367793-746031767-501 - Limited - Disabled)
Wayne (S-1-5-21-2185679930-222367793-746031767-1001 - Administrator - Enabled) => C:\Users\Wayne
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS)
ASUS Product Demo Kit (HKLM-x32\...\{1714AD6E-D517-40C0-9B19-4CE0078F7694}) (Version: 2.0.0 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.31 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.26.1436 - Bitdefender)
BurnAware Free 9.4 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)
DIRECTV Player (HKLM-x32\...\{4a5ad61d-1fe9-48b9-87a8-9235f71120f3}) (Version: 12.1 - DIRECTV)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hoyle Card Games (HKLM-x32\...\{05F6571A-5205-4C81-8160-683BDCC3B272}) (Version: 1.00.0000 - Encore Software, Inc.)
Hoyle Casino Games (HKLM-x32\...\{0DB17436-91DB-4BE0-A9F2-6955BA9D6CE2}) (Version: 1.00.0000 - Encore Software, Inc.)
Hoyle Puzzle and Board Games (HKLM-x32\...\{2049C1B1-B5BF-4557-9AF9-2506D835F888}) (Version: 1.00.0000 - Encore Software, Inc.)
Infinite HD™ App (HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{92DA2455-E6C9-4EFF-9AFD-07C2C3B185DA}) (Version: 4.2.41.2633 - Intel Corporation)
InterActual Player (HKLM-x32\...\InterActual Player) (Version: - )
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4875.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 49.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 en-US)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
Mozilla Thunderbird 45.5.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 45.5.0 (x86 en-US)) (Version: 45.5.0 - Mozilla)
Nitro PDF Professional (HKLM\...\{0C7EA81E-F787-4A14-8632-1371AD31C41B}) (Version: 6.2.3.6 - Nitro PDF Software)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4875.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4875.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4875.1001 - Microsoft Corporation) Hidden
Plantronics CSR Driver (64-bit) (Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden
Plantronics CsrDfu Installer (x32 Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden
Plantronics HidDfu Installer (x32 Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater (HKLM-x32\...\{f3913714-6d44-49ee-9526-a47d548f2334}) (Version: 3.1.51094.21292 - Plantronics, Inc.)
Plantronics MyHeadset Updater (x32 Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater Device Handlers (32-bit) (x32 Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater DFU Handlers (32-bit) (x32 Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater Install Check (x32 Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater MLS (Version: 3.0.0.0 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater Runtime (x32 Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden
Plantronics MyHeadset Updater Startup (x32 Version: 3.1.51094.21292 - Plantronics, Inc.) Hidden
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.9.384 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
Windows Driver Package - Cambridge Silicon Radio (CSRBC) USB (10/26/2012 2.4.0.0) (HKLM\...\20C7EDA3129B3FF8F72F9BF59252B718B554FBDC) (Version: 10/26/2012 2.4.0.0 - Cambridge Silicon Radio)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {075EE61D-4CF4-4051-A8D4-D60D40E0740C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {083BA6E5-D324-4C77-81FB-7073B6F8EFFE} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-29] (ASUS)
Task: {0D4373FB-8C96-4877-937C-0E97B034FEF4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {1BD135A6-9AE2-426B-9C84-B2E99B6B4DE3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {1EA6B8C7-199B-4CDA-80AA-B445F92F48FD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {25B20BB9-4D27-491C-8656-B8F8DD73C3CF} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {2652F97A-8007-4B71-834E-EA8E656D9B29} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-10-04] (Microsoft Corporation)
Task: {2DFC572E-3052-4284-98AF-B8DA9358AFCF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {2EF25A46-7CD6-4A1C-886E-ABFD4B21A98A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {357CF99C-6A16-482C-A69F-8CB039AD0D69} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3598E908-EBD8-4318-850A-AB20AAA1EC78} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3DC52A51-1CE6-41FD-A331-F9B51A8F25AE} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {45A110AB-27AE-48B9-A1A7-CF79BF668B12} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4B47D589-C0FD-427B-958D-C5C4DE67E309} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {52BC3A6E-BDD5-4FE7-B21B-62534F403D5F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {55B75E72-6173-405D-8CE3-E2ED3239362E} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {58E75E8B-BFFE-4398-9487-86C8317DBFC9} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor)
Task: {5EF0C01D-34EA-471C-ADDD-5D4603AE242A} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {60F8EE3B-7A30-487A-B7D0-404FA95BE173} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6572D44F-1AC9-40DE-B762-416BE30353F4} - System32\Tasks\ASUS Vivokey => C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe [2013-08-23] (ASUSTek Computer Inc.)
Task: {68BA1CDB-4B3F-48E4-8A42-6D9972FCC67D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {845227EA-2E06-4099-AF15-9882D1EF26D0} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {8BCCFE26-4E1B-446E-B3F1-B820C72EEF10} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {949C7554-A322-49EC-99C6-B1924CC8E9E1} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {AFC635D0-7632-4085-83BF-4A4B3E93C3D6} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2013-08-29] ()
Task: {B16E8525-74A5-4FA7-BB50-3E766D28C705} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {BD8C044E-FCC1-410F-9AA9-F6146C5F7DB8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-10-04] (Microsoft Corporation)
Task: {BDDC9910-5923-402D-A04F-27B568E84304} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C00F0DD4-6EF2-4604-8ADE-787C79EDFD47} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {C0E19812-0814-4198-90ED-46690324A5E6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CCF70460-4C8F-4FE9-A190-940C0DA67AFB} - \WPD\SqmUpload_S-1-5-21-2185679930-222367793-746031767-1001 -> No File <==== ATTENTION
Task: {D19F0BAB-7A6A-4589-B046-497478293616} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {D24B90CA-A3FD-4C37-884D-F524F9797317} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E2475731-69F5-4B6B-B406-4C8847D384FA} - System32\Tasks\{5BA814E5-158B-4889-B0DE-71C2AF6961CA} => Firefox.exe hxxp://ui.skype.com/ui/0/7.8.85.102/en/abandoninstall?page=tsPlugin
Task: {E8297EDF-2388-4E3A-90F3-F11F9702CA38} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {F5B68330-A492-4B58-9459-95590AEEA7AA} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-10-21] (Bitdefender)
Task: {F99356EE-B551-412D-A3D9-5067EF63EBC1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 05:42 - 2016-07-16 05:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-02 06:33 - 2016-09-15 11:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-18 21:56 - 2016-03-18 21:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 21:56 - 2016-03-18 21:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-07 18:12 - 2013-11-07 18:12 - 00198120 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-11-07 18:12 - 2013-11-07 18:12 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-11-07 18:12 - 2013-11-07 18:12 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-02 18:55 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-10-02 06:33 - 2016-09-15 11:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-02 17:00 - 2016-10-02 17:00 - 01864384 _____ () C:\Users\Wayne\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-07-25 20:51 - 2016-05-24 10:43 - 08909504 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-11-17 20:49 - 2016-11-17 20:50 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-17 20:49 - 2016-11-17 20:50 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-17 20:49 - 2016-11-17 20:50 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-10-01 18:52 - 2016-10-01 18:52 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-12 20:51 - 2016-10-05 03:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-27 21:22 - 2016-10-14 21:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-27 21:22 - 2016-10-14 21:34 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-27 21:22 - 2016-10-14 21:34 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-27 21:22 - 2016-10-14 21:34 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-10-27 21:22 - 2016-10-14 21:34 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-27 21:22 - 2016-10-14 21:38 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-23 19:48 - 2016-11-23 19:49 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 19:48 - 2016-11-23 19:49 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-02 17:56 - 2016-06-02 17:58 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 19:48 - 2016-11-23 19:49 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 19:48 - 2016-11-23 19:49 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2014-05-13 08:59 - 2013-10-23 14:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2013-04-27 09:24 - 2013-04-27 09:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2185679930-222367793-746031767-1001\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-21-2185679930-222367793-746031767-1001\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2185679930-222367793-746031767-1001\...\thehartford.com -> hxxps://thehartford.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 07:25 - 2016-08-21 16:29 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2185679930-222367793-746031767-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Wayne\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\umbrella.jpg
DNS Servers: 192.168.254.254 - 74.40.74.41
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "Install Webroot FF RunOnce.lnk"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{3C9C768C-EB10-4930-9643-08F98CB2A7E1}C:\users\wayne\appdata\local\directv player\ndspcshowserver.exe] => (Block) C:\users\wayne\appdata\local\directv player\ndspcshowserver.exe
FirewallRules: [TCP Query User{B61340C4-1621-4453-8E1F-6FCF0CCFA3C5}C:\users\wayne\appdata\local\directv player\ndspcshowserver.exe] => (Block) C:\users\wayne\appdata\local\directv player\ndspcshowserver.exe
FirewallRules: [UDP Query User{22C412C4-99CD-4711-BB30-A5A666533017}C:\users\wayne\appdata\local\directv player\ndspcshowserver.exe] => (Allow) C:\users\wayne\appdata\local\directv player\ndspcshowserver.exe
FirewallRules: [TCP Query User{3C29E99D-72D3-4B07-8E6D-B21AAB1441C6}C:\users\wayne\appdata\local\directv player\ndspcshowserver.exe] => (Allow) C:\users\wayne\appdata\local\directv player\ndspcshowserver.exe
FirewallRules: [{01C4F2C7-CF6A-4151-9676-82A059C5D0B8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{18844974-9EFC-4453-B7EF-F5810682CBC5}] => (Allow) C:\Users\Wayne\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{F2AE7139-8BBD-4054-96D0-022B676B74B1}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{831EAD51-E9D4-45FB-B9FD-9ABBD152E37D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{55E4531E-17E2-4E5F-B3B0-3F83FD537A67}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{BA48F295-2F4E-4882-B275-2FAD795D80AB}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe
FirewallRules: [TCP Query User{017A6B7E-3259-4641-BA02-EE10FB9A67EB}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{7F68565B-C688-40D2-95A9-C9547B25E149}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{12CD5657-3589-4FA8-9340-25941BCDE315}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{D71BB0F1-B6D3-47AA-94F2-FD7E6F68128F}C:\program files (x86)\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre7\bin\jp2launcher.exe
FirewallRules: [{82BEC0F7-AB04-47B9-A9D0-B3B45F28618A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{69AB8632-AE96-41E6-874E-9288F9FC1868}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C7F8C26A-BC24-49EF-BEFB-1B4687108708}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{20F85993-BEB3-4284-ACD9-76B7E62B670A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{687BA960-D8C7-472C-BC86-7A78BBAA297F}C:\program files (x86)\java\jre1.8.0_45\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\jp2launcher.exe
FirewallRules: [UDP Query User{E182C9CB-CF45-46B6-AAF3-808114DE7560}C:\program files (x86)\java\jre1.8.0_45\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\jp2launcher.exe
FirewallRules: [{49862507-09F8-4AE9-BB2D-663AE0D2B25C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F7D5A77B-DD46-4649-93E6-BF383EC9AB31}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CDBCDE5E-546A-4651-AF3E-D25F3DACC719}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
11-11-2016 22:29:15 Windows Update
15-11-2016 07:18:56 Windows Update
18-11-2016 20:48:20 Windows Update
21-11-2016 23:20:47 Windows Update
25-11-2016 22:18:11 Windows Update
27-11-2016 07:48:03 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/27/2016 03:08:10 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CAgentState::ResetBIOS Reset SASD failed, error=0
Error: (11/27/2016 09:16:20 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CAgentState::ResetBIOS Reset SASD failed, error=0
Error: (11/27/2016 07:49:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UpdateChecker.exe, version: 0.0.0.0, time stamp: 0x54dc4378
Faulting module name: alvupdt.dll, version: 1.0.0.10, time stamp: 0x5510b8fc
Exception code: 0xc0000005
Fault offset: 0x00016eb6
Faulting process id: 0x18d4
Faulting application start time: 0x01d248b4c05c77ba
Faulting application path: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Faulting module path: C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
Report Id: 9b1594f0-3281-4cfd-bb95-b273c39bb592
Faulting package full name:
Faulting package-relative application ID:
Error: (11/27/2016 07:48:44 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (11/27/2016 07:43:02 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Wayne\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 50.0.2631.0,language="*",type="win32",version="50.0.2631.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2016 07:41:58 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CAgentState::ResetBIOS Reset SASD failed, error=0
Error: (11/27/2016 07:32:58 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CAgentState::ResetBIOS Reset SASD failed, error=0
Error: (11/27/2016 07:18:52 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 904906
Error: (11/27/2016 07:18:52 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 904906
Error: (11/27/2016 07:18:52 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (11/27/2016 09:32:55 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/27/2016 09:14:14 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/27/2016 08:24:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073701: Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3200970).
Error: (11/27/2016 07:42:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/27/2016 07:42:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/27/2016 07:42:13 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/27/2016 07:41:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Apple Mobile Device Service service failed to start due to the following error:
The pipe has been ended.
Error: (11/27/2016 07:40:45 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
An instance of the service is already running.
Error: (11/27/2016 07:40:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).
Error: (11/27/2016 07:40:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® ME Service service terminated unexpectedly. It has done this 1 time(s).
CodeIntegrity:
===================================
Date: 2016-10-30 19:07:12.841
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 19:07:12.824
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 19:07:12.773
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 19:07:12.756
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 19:07:12.731
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 19:07:12.703
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 19:07:12.670
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 19:07:12.655
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 19:07:12.611
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 19:07:12.594
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 42%
Total physical RAM: 6027.38 MB
Available physical RAM: 3474.52 MB
Total Virtual: 6987.38 MB
Available Virtual: 4470.28 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:444.65 GB) (Free:352.24 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: FAE7D78D)
Partition: GPT.
==================== End of Addition.txt ============================
==================================================
Dump File : 110716-29546-01.dmp
Crash Time : 11/7/2016 5:29:54 PM
Bug Check String :
Bug Check Code : 0x0000012b
Parameter 1 : ffffffff`c00002c4
Parameter 2 : 00000000`00000428
Parameter 3 : 00000000`0165f340
Parameter 4 : ffffe601`5208b000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14a3b0
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+14a3b0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\110716-29546-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 14393
Dump File Size : 543,020
Dump File Time : 11/7/2016 5:31:06 PM
==================================================
==================================================
Dump File : 110316-75218-01.dmp
Crash Time : 11/3/2016 9:10:53 PM
Bug Check String :
Bug Check Code : 0x0000012b
Parameter 1 : ffffffff`c00002c4
Parameter 2 : 00000000`000006d0
Parameter 3 : 00000000`0ae750f0
Parameter 4 : ffffbf81`78333000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14a3b0
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+14a3b0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\110316-75218-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 14393
Dump File Size : 551,212
Dump File Time : 11/3/2016 9:14:33 PM
==================================================
==================================================
Dump File : 102916-37234-01.dmp
Crash Time : 10/29/2016 12:26:08 PM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : ffffffff`c0000005
Parameter 2 : fffff801`246ca037
Parameter 3 : ffff8000`ccb992a8
Parameter 4 : ffff8000`ccb98ad0
Caused By Driver : WdFilter.sys
Caused By Address : WdFilter.sys+251f8
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+24b037
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\102916-37234-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 14393
Dump File Size : 411,796
Dump File Time : 10/29/2016 12:29:40 PM
==================================================
==================================================
Dump File : 100416-45718-01.dmp
Crash Time : 10/4/2016 9:40:32 PM
Bug Check String :
Bug Check Code : 0x0000012b
Parameter 1 : ffffffff`c00002c4
Parameter 2 : 00000000`000008d8
Parameter 3 : 00000000`18db0000
Parameter 4 : ffffb781`8077e000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14a2b0
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+14a2b0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\100416-45718-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 14393
Dump File Size : 543,012
Dump File Time : 10/4/2016 9:41:59 PM
==================================================