Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Computer is running very slow - think it has virus or malware

Started by ptorline , Mar 29 2017 07:08 PM

Please log in to reply

#1
ptorline

Posted 29 March 2017 - 07:08 PM

Member

Member
17 posts

Hi I am trying to help my parents repair their computer.

I'm not entirely sure what they have done to it but they must have some virus. The computer is running very slow. Much slower than should be. It takes a very long time to perform simple tasks. The only information i could get out of my mom as to what happened is she downloaded some new font to try and use...

The slowness hasn't been around for maybe more than a week or two according to them. I have tried using malwarebytes & lavasofts adaware but they run very slow and have not seemed to fix the problem.The computer takes forever to start up and open any programs.

Running Windows 10 64 bit on a Sony VAIO laptop.

Sorry for the delay in getting these logs posted but the scan took over an hour to run and produce the txt files. Thank you so much for your help!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017

Ran by Mark (administrator) on MARK-VAIO (29-03-2017 22:44:13)

Running from C:\Users\Mark\Desktop

Loaded Profiles: UpdatusUser & Mark (Available Profiles: UpdatusUser & Mark & DefaultAppPool)

Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

() C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareService.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\n360.exe

(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe

(Microsoft Corporation) C:\Windows\System32\mqsvc.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESGfxMgr.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Intel Corporation) C:\Windows\System32\igfxext.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

() C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe

(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe

(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(Intel Corporation) C:\Windows\System32\igfxTray.exe

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\n360.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe

() C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareTray.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(j2 Global Communications, Inc.) C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe

(Intuit Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2014\QBW32.EXE

(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Dropbox, Inc.) C:\Users\Mark\AppData\Roaming\Dropbox\bin\Dropbox.exe

(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe

(j2 Global Communications, Inc.) C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe

(SkyHawke) C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Dropbox, Inc.) C:\Users\Mark\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\nacl64.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\conathst.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1051_none_7f2bf7ea21d201b2\TiWorker.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

(Microsoft Corporation) C:\Windows\System32\browser_broker.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

(Microsoft Corporation) C:\Windows\System32\BackgroundTransferHost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-20] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-20] (Realtek Semiconductor)

HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2780776 2011-07-19] (CANON INC.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954368 2015-09-21] (Synaptics Incorporated)

HKLM\...\Run: [AdAwareTray] => C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareTray.exe [4461016 2017-02-21] ()

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)

HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-09] (Intel Corporation)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [60552 2011-09-20] (Sony Corporation)

HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [693608 2012-02-21] (Sony Corporation)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)

HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1637496 2011-08-04] (CANON INC.)

HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [439440 2011-09-27] (CANON INC.)

HKLM-x32\...\Run: [PC Meter Connect] => C:\Program Files (x86)\Pitney Bowes\PC Meter Connect\mailstationAssistant.exe [3514368 2012-02-07] (Pitney Bowes, Inc.)

HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [362432 2011-12-22] (Citrix Systems, Inc.)

HKLM-x32\...\Run: [CaddieSyncConduit] => C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe [2289096 2016-05-20] (SkyHawke)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

HKU\S-1-5-21-3531486194-1994793862-2507083748-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)

HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\...\Run: [eFax 4.4] => C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe [95744 2010-07-02] (j2 Global Communications, Inc.)

HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\...\Run: [Dropbox Update] => C:\Users\Mark\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)

HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\...\Run: [GoogleChromeAutoLaunch_96D28242BA1FDBE7F82E6712BD4F4597] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [945496 2017-02-01] (Google Inc.)

HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [231936 2016-07-16] (Microsoft Corporation)

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [199072 2016-06-18] (NVIDIA Corporation)

ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)

ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)

ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)

ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine32\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)

ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine32\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)

ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine32\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)

ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2014-05-04]

ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2014-05-04]

ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2014-05-04]

ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2014\QBW32.EXE (Intuit Inc.)

Startup: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-03-09]

ShortcutTarget: Dropbox.lnk -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eFax 4.4.lnk [2012-08-02]

ShortcutTarget: eFax 4.4.lnk -> C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe (j2 Global Communications, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Tcpip\..\Interfaces\{1477557e-1400-44c8-b51f-3f0abed15b46}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Internet Explorer:

==================

HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony.msn.com/

HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony.msn.com

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox

SearchScopes: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-05-01] (Oracle Corporation)

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)

BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)

BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine32\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-05-01] (Oracle Corporation)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation)

Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine32\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation)

Toolbar: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

DPF: HKLM-x32 {5554DCB0-700B-498D-9B58-4E40E5814405} hxxps://rpt3.brandwise.com/ReportServer/Reserved.ReportViewerWebControl.axd?ExecutionID=hp5kvmm00rslp035cryjtj45&ControlID=a3947785370546379885e3d2fee8fd0b&Culture=1033&UICulture=9&ReportStack=1&OpType=PrintCab&Arch=X86

DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T30L10NSP5EP2-10002/event/ieatgpc1.cab

Handler-x32: intu-help-qb7 - {5A03BD9D-766D-47A6-8E87-CD90F60BE245} - C:\Program Files (x86)\Intuit\QuickBooks 2014\HelpAsyncPluggableProtocol.dll [2013-10-10] (Intuit, Inc.)

Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)

Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)

Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)

FireFox:

========

FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.7.0.76\coFFAddon

FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.7.0.76\coFFAddon [2017-03-29]

FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.7.0.76\coFFAddon

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()

FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [2012-05-01] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()

FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-09-21] (CANON INC.)

FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2011-12-22] (Citrix Systems, Inc.)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-03-23] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-03-23] (Intel Corporation)

FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll [2012-05-01] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)

FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)

FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2011-10-07] (Sony Corporation)

FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2011-08-02] (Sony Network Entertainment International LLC)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)

Chrome:

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> "hxxp://www.google.com/"

CHR Profile: C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default [2017-03-29]

CHR Extension: (YouTube) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-11]

CHR Extension: (Norton Security Toolbar) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-02-22]

CHR Extension: (Google Search) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]

CHR Extension: (Pinterest Save Button) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-02-25]

CHR Extension: (Norton Identity Safe) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-16]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-18]

CHR Extension: (Gmail) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-04]

CHR Extension: (Chrome Media Router) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-22]

CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\Exts\Chrome.crx [2017-03-29]

CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\Exts\Chrome.crx [2017-03-29]

CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

R2 ActiveDelayDeviceService; C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe [78472 2011-09-20] (Sony Corporation)

R2 adawareantivirusservice; C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareService.exe [585784 2017-02-21] ()

S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe [427432 2013-02-22] ()

R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-23] ()

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [162648 2012-03-23] (Intel Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)

R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\N360.exe [326152 2017-03-16] (Symantec Corporation)

R2 PMBDeviceInfoProvider; c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [473960 2012-02-21] (Sony Corporation)

R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2013-10-10] (Intuit) [File not signed]

S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2013-10-10] (Intuit Inc.) [File not signed]

R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2013-10-10] (Intuit Inc.) [File not signed]

S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [258048 2013-03-04] (Sony Corporation) [File not signed]

S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2011-09-23] (Sony Corporation) [File not signed]

R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-09-21] (Synaptics Incorporated)

S2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)

S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe [427432 2013-02-22] ()

S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [960160 2011-12-29] (Sony Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\WINDOWS\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.7.0.76\Definitions\BASHDefs\20170327.001\BHDrvx64.sys [1831064 2017-03-17] (Symantec Corporation)

R1 ccSet_N360; C:\WINDOWS\system32\drivers\N360x64\1609010.00C\ccSetx64.sys [174240 2017-02-20] (Symantec Corporation)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-25] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-25] (Symantec Corporation)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()

R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.7.0.76\Definitions\IPSDefs\20170329.001\IDSvia64.sys [1038024 2017-03-17] (Symantec Corporation)

R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-29] (Malwarebytes)

R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-29] (Malwarebytes)

R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-29] (Malwarebytes)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-29] (Malwarebytes)

R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-29] (Malwarebytes)

S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()

R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2016-07-16] (Intel Corporation)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )

R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2012-11-06] ()

R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-09-21] (Synaptics Incorporated)

R1 SRTSP; C:\WINDOWS\System32\Drivers\N360x64\1609010.00C\SRTSP64.SYS [770200 2017-03-16] (Symantec Corporation)

R1 SRTSPX; C:\WINDOWS\system32\drivers\N360x64\1609010.00C\SRTSPX64.SYS [49312 2017-03-16] (Symantec Corporation)

R0 SymEFASI; C:\WINDOWS\System32\drivers\N360x64\1609010.00C\SYMEFASI64.SYS [1716896 2017-02-20] (Symantec Corporation)

S0 SymELAM; C:\WINDOWS\System32\drivers\N360x64\1609010.00C\SymELAM.sys [24616 2017-02-20] (Symantec Corporation)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-03-08] (Symantec Corporation)

R1 SymIRON; C:\WINDOWS\system32\drivers\N360x64\1609010.00C\Ironx64.SYS [291480 2017-02-20] (Symantec Corporation)

R1 SymNetS; C:\WINDOWS\System32\Drivers\N360x64\1609010.00C\SYMNETS.SYS [567512 2017-02-20] (Symantec Corporation)

S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [442848 2017-02-08] (BitDefender S.R.L.)

S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

U3 idsvc; no ImagePath

S3 NAVENG; \??\C:\Program Files (x86)\Norton 360\NortonData\22.7.0.76\Definitions\SDSDefs\20170328.019\NAVENG.SYS [X]

S3 NAVEX15; \??\C:\Program Files (x86)\Norton 360\NortonData\22.7.0.76\Definitions\SDSDefs\20170328.019\NAVEX15.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-29 22:44 - 2017-03-29 23:01 - 00035774 _____ C:\Users\Mark\Desktop\FRST.txt

2017-03-29 22:43 - 2017-03-29 22:43 - 02424832 _____ (Farbar) C:\Users\Mark\Desktop\FRST64.exe

2017-03-29 22:27 - 2017-03-29 22:44 - 00000000 ____D C:\FRST

2017-03-29 20:41 - 2017-03-29 20:41 - 00003376 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration

2017-03-29 00:01 - 2017-03-29 21:41 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys

2017-03-29 00:00 - 2017-03-29 21:29 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys

2017-03-29 00:00 - 2017-03-29 21:29 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys

2017-03-29 00:00 - 2017-03-29 21:29 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2017-03-29 00:00 - 2017-03-29 21:28 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2017-03-29 00:00 - 2017-03-29 00:00 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2017-03-29 00:00 - 2017-03-29 00:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2017-03-29 00:00 - 2017-03-29 00:00 - 00000000 ____D C:\ProgramData\Malwarebytes

2017-03-29 00:00 - 2017-03-29 00:00 - 00000000 ____D C:\Program Files\Malwarebytes

2017-03-29 00:00 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys

2017-03-28 23:04 - 2017-03-28 23:05 - 57131432 _____ (Malwarebytes ) C:\Users\Mark\Downloads\mb3-setup-SEMFD.100SEM-3.0.6.1469-1075 (1).exe

2017-03-28 23:02 - 2017-03-28 23:05 - 57131432 _____ (Malwarebytes ) C:\Users\Mark\Downloads\mb3-setup-SEMFD.100SEM-3.0.6.1469-1075.exe

2017-03-28 22:21 - 2017-03-28 22:21 - 00000000 ___DC C:\ProgramData\{AA28280A-C4CA-4B4F-9DF1-593032D2F3EC}

2017-03-28 22:20 - 2017-03-28 22:20 - 00004326 _____ C:\WINDOWS\System32\Tasks\Send VAIO® Messenger uninstall message

2017-03-28 20:29 - 2017-03-28 20:29 - 00000000 ____D C:\Users\Mark\AppData\Roaming\adaware

2017-03-28 20:27 - 2017-03-28 20:27 - 00000000 ____D C:\Users\Mark\AppData\Local\AdAwareDesktop

2017-03-28 20:24 - 2017-03-28 20:24 - 00002416 _____ C:\Users\Public\Desktop\adaware antivirus.lnk

2017-03-28 20:24 - 2017-03-28 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\adaware

2017-03-28 20:13 - 2017-03-28 20:13 - 00000000 ____D C:\Program Files\adaware

2017-03-28 20:10 - 2017-03-28 20:10 - 00000000 ____D C:\Users\Mark\AppData\Local\AdAwareUpdater

2017-03-28 20:09 - 2017-03-28 20:09 - 00000000 ____D C:\Program Files\Common Files\adaware

2017-03-28 20:05 - 2017-03-28 20:05 - 00000000 ____D C:\ProgramData\adaware

2017-03-28 20:04 - 2017-03-28 20:04 - 02558896 _____ C:\Users\Mark\Downloads\Adaware_Installer.exe

2017-03-26 17:25 - 2017-03-26 17:25 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2017-03-18 01:21 - 2017-03-29 21:32 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360

2017-03-14 21:10 - 2017-03-14 21:10 - 01470553 _____ C:\Users\Mark\Downloads\SharpSharkArticulationFREEBIE.pdf

2017-03-14 21:05 - 2017-03-14 21:05 - 03120894 _____ C:\Users\Mark\Downloads\AprilFoolsArticulation.pdf

2017-03-14 21:03 - 2017-03-14 21:03 - 02112595 _____ C:\Users\Mark\Downloads\LoveBunniesArticulationKandG.pdf

2017-03-14 19:37 - 2017-03-14 19:37 - 00004374 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2017-03-08 20:04 - 2017-03-08 20:04 - 00014927 _____ C:\Users\Mark\Downloads\Luggage_Tag (2).studio

2017-03-08 20:01 - 2017-03-08 20:01 - 00014927 _____ C:\Users\Mark\Downloads\Luggage_Tag.studio

2017-03-08 20:01 - 2017-03-08 20:01 - 00014927 _____ C:\Users\Mark\Downloads\Luggage_Tag (1).studio

2017-03-08 18:31 - 2017-03-08 18:31 - 00565172 _____ C:\Users\Mark\Downloads\i-9.pdf

2017-03-08 18:31 - 2017-03-08 18:31 - 00026924 _____ C:\Users\Mark\Downloads\Direct Deposit.pdf

2017-03-08 18:31 - 2017-03-08 18:31 - 00016827 _____ C:\Users\Mark\Downloads\SubstanceAbusePolicy.pdf

2017-03-08 18:26 - 2017-03-08 18:26 - 00112225 _____ C:\Users\Mark\Downloads\W-9.pdf

2017-02-28 19:13 - 2017-02-28 19:13 - 01326804 _____ C:\Users\Mark\Downloads\alit-design_bromello.zip

2017-02-28 19:12 - 2017-02-28 19:12 - 00030814 _____ C:\Users\Mark\Downloads\luna2.zip

2017-02-28 19:11 - 2017-02-28 19:11 - 01458033 _____ C:\Users\Mark\Downloads\remachine_script.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-29 22:20 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness

2017-03-29 22:20 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp

2017-03-29 22:01 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps

2017-03-29 21:46 - 2012-10-22 19:18 - 00000000 ___RD C:\Users\Mark\Dropbox

2017-03-29 21:45 - 2016-10-02 23:31 - 00000000 ____D C:\WINDOWS\system32\SleepStudy

2017-03-29 21:32 - 2016-10-02 23:48 - 00006848 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2017-03-29 21:28 - 2016-10-02 23:49 - 00000000 ____D C:\Users\UpdatusUser

2017-03-29 21:28 - 2016-03-08 18:47 - 00000000 __SHD C:\Users\Mark\IntelGraphicsProfiles

2017-03-29 21:25 - 2016-10-03 00:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2017-03-29 20:41 - 2014-07-08 12:53 - 00000000 ____D C:\WINDOWS\system32\Drivers\N360x64

2017-03-29 20:35 - 2016-07-09 12:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360

2017-03-29 20:35 - 2014-07-08 12:57 - 00002302 _____ C:\Users\Public\Desktop\Norton 360.lnk

2017-03-29 19:36 - 2016-03-09 20:21 - 00000000 ____D C:\WINDOWS\system32\MRT

2017-03-29 19:02 - 2016-03-09 20:21 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2017-03-29 00:44 - 2014-07-08 14:43 - 00000000 ____D C:\Users\Mark\AppData\Local\CrashDumps

2017-03-29 00:43 - 2016-10-03 19:31 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{39A43A5B-4370-4695-915C-044B6369B5C8}

2017-03-28 23:35 - 2012-09-03 18:39 - 00000000 ____D C:\Program Files\Google

2017-03-28 23:35 - 2012-09-03 18:38 - 00000000 ____D C:\Program Files (x86)\Google

2017-03-28 22:20 - 2012-05-02 01:59 - 00000000 ____D C:\ProgramData\DDNi

2017-03-28 22:12 - 2013-05-31 00:44 - 00000000 ____D C:\Program Files (x86)\Sharepod

2017-03-28 22:05 - 2012-05-02 01:59 - 00000000 ____D C:\Program Files (x86)\DDNi

2017-03-28 20:40 - 2012-09-03 18:38 - 00000000 ____D C:\Users\Mark\AppData\Local\Google

2017-03-28 20:40 - 2012-09-03 18:38 - 00000000 ____D C:\ProgramData\Google

2017-03-28 19:43 - 2016-07-16 01:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM

2017-03-26 17:43 - 2012-10-22 19:16 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Dropbox

2017-03-24 09:13 - 2013-03-14 05:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2017-03-24 08:59 - 2013-03-14 05:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2017-03-24 08:59 - 2013-03-14 05:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2017-03-23 18:13 - 2014-07-01 17:07 - 00000000 ____D C:\Users\Mark\Documents\Monogram Wizard

2017-03-20 16:44 - 2016-10-02 23:49 - 00000000 ____D C:\Users\Mark

2017-03-20 16:39 - 2016-07-16 06:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP

2017-03-19 19:44 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports

2017-03-18 09:30 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF

2017-03-18 01:15 - 2015-09-20 12:23 - 00000000 ____D C:\Program Files\Common Files\AV

2017-03-18 01:15 - 2014-07-08 12:53 - 00000000 ____D C:\Program Files (x86)\Norton 360

2017-03-18 01:11 - 2015-07-03 08:27 - 00000000 ____D C:\Users\Mark\AppData\Local\Dropbox

2017-03-18 01:06 - 2016-10-02 23:31 - 00344200 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2017-03-18 01:01 - 2016-07-16 01:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI

2017-03-14 19:23 - 2017-02-14 16:48 - 06847064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe

2017-03-14 19:23 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed

2017-03-14 19:23 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\Macromed

2017-03-10 00:17 - 2016-07-16 06:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2017-03-10 00:17 - 2016-07-16 06:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2017-03-09 08:44 - 2014-07-01 17:53 - 00000000 ____D C:\Program Files (x86)\Silhouette Studio

2017-03-08 21:19 - 2014-07-08 12:58 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS

2017-03-08 21:19 - 2014-07-08 12:58 - 00008298 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT

Some files in TEMP:

====================

2017-03-20 17:52 - 2017-03-20 17:52 - 0011776 _____ () C:\Users\Mark\AppData\Local\Temp\02jbt2fs.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-01 21:14

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017

Ran by Mark (29-03-2017 23:17:17)

Running from C:\Users\Mark\Desktop

Windows 10 Home Version 1607 (X64) (2016-10-03 05:41:07)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3531486194-1994793862-2507083748-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-3531486194-1994793862-2507083748-503 - Limited - Disabled)

Guest (S-1-5-21-3531486194-1994793862-2507083748-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3531486194-1994793862-2507083748-1003 - Limited - Enabled)

Mark (S-1-5-21-3531486194-1994793862-2507083748-1002 - Administrator - Enabled) => C:\Users\Mark

UpdatusUser (S-1-5-21-3531486194-1994793862-2507083748-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Norton 360 (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Norton 360 (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}

FW: Norton 360 (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACID Music Studio 8.0 (x32 Version: 8.0.178 - Sony) Hidden

adaware antivirus (HKLM\...\{BECD7155-DC57-4F89-B1A8-A90B033C6209}_AdAwareUpdater) (Version: 12.0.649.11190 - adaware)

AdAwareInstaller (Version: 12.0.649.11190 - adaware) Hidden

AdAwareUpdater (Version: 12.0.649.11190 - adaware) Hidden

Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)

Adobe Reader X (10.1.4) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)

AntimalwareEngine (Version: 3.0.144.0 - adaware) Hidden

Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version: - )

ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.161 - ArcSoft)

ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.457 - ArcSoft)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

CaddieSync Express 1.5.135 (HKLM-x32\...\CaddieSync Express) (Version: 1.5.135 - SkyHawke Technologies)

Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )

Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )

Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )

Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )

Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version: - )

Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version: - )

Canon MX430 series On-screen Manual (HKLM-x32\...\Canon MX430 series On-screen Manual) (Version: - )

Canon MX430 series User Registration (HKLM-x32\...\Canon MX430 series User Registration) (Version: - )

Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )

Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )

Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: - )

Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)

Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.1.0.89 - Citrix Systems, Inc.)

CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5009.52 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)

Dropbox (HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\...\Dropbox) (Version: 22.4.24 - Dropbox, Inc.)

DVD Architect Studio 5.0 (x32 Version: 5.0.157 - Sony) Hidden

eFax Messenger (HKLM-x32\...\{DF6DA606-904D-4C18-823F-A4CFC3035E53}) (Version: 4.4.1.528 - j2 Global)

Evernote v. 4.5.2 (HKLM-x32\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version: 4.5.2.5904 - Evernote Corp.)

FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden

HP Officejet Pro 8500 A910 Basic Device Software (HKLM\...\{EE7C94CC-BECB-4000-B5E3-D895307B9D5E}) (Version: 22.50.231.0 - Hewlett-Packard Co.)

HP Officejet Pro 8500 A910 Help (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)

iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)

Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)

Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)

Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)

Intel® WiDi (HKLM\...\{4E4282C3-F66E-4852-837A-7675527178C2}) (Version: 3.1.26.0 - Intel Corporation)

Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )

Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0708 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)

iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)

Java™ 7 Update 1 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417001FF}) (Version: 7.0.10 - Oracle)

Java™ 7 Update 1 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217001FF}) (Version: 7.0.10 - Oracle)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Keyboard_Shortcuts (x32 Version: 1.1.0.12190 - Sony Corporation) Hidden

KUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden

Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)

Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)

Media Gallery (HKLM\...\{0EB7792D-EFA2-42AB-9A22-F33D9458E974}) (Version: 2.1.0.13300 - Sony Corporation)

Media Go (x32 Version: 2.0.317 - Sony) Hidden

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)

Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Monogram Wizard + Extended Features (HKLM-x32\...\{95111771-74C5-4D4E-9339-F8A75055E6AC}) (Version: 1.00.0000 - needleheads)

Monogram Wizard Plus V2.5 R15v (HKLM-x32\...\{BD43BF87-2BED-4D95-8187-3E54A05FCAD3}) (Version: 2.05.0013 - needleheads)

Monogram Wizard Product Update 3.0.6 (HKLM-x32\...\{6E4B627B-05AA-4439-9447-97460745D75E}) (Version: 3.06.1600 - needleheads)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

Norton 360 (HKLM-x32\...\N360) (Version: 22.9.1.12 - Symantec Corporation)

NVIDIA Graphics Driver 296.18 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.18 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.11.1111 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.1111 - NVIDIA Corporation)

Online Plug-in (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden

PC Meter Connect (HKLM-x32\...\{D39BAE47-1B85-41F6-9348-44E965009B56}) (Version: 05.00.0056.0000 - Pitney Bowes)

PlayMemories Home (x32 Version: 6.1.01.14210 - Sony Corporation) Hidden

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

PlayStation®Network Downloader (x32 Version: 2.07.00849 - Sony Computer Entertainment Inc.) Hidden

PlayStation®Store (x32 Version: 4.5.15.13232 - Sony Computer Entertainment Inc.) Hidden

QuickBooks (x32 Version: 24.0.4003.2403 - Intuit Inc.) Hidden

QuickBooks Pro 2014 (HKLM-x32\...\{4A21D17E-2FE8-42CD-88B7-ACF8E8860834}) (Version: 24.0.4003.2403 - Intuit Inc.)

QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)

QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)

Reader for PC (x32 Version: 1.1.02.10070 - Sony Corporation) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6570 - Realtek Semiconductor Corp.)

Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)

Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden

Remote Play with PlayStation®3 (x32 Version: 1.1.0.21090 - Sony Corporation) Hidden

Self-service Plug-in (x32 Version: 3.1.0.21744 - Citrix Systems, Inc.) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)

Silhouette Studio (HKLM-x32\...\{739394E5-3E62-4DC6-9BD5-A27775E4C9BD}) (Version: 2.7.18 - Aspex Research & Technology)

Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)

Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)

Sound Forge Audio Studio 10.0 (x32 Version: 10.0.176 - Sony) Hidden

SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden

SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)

TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)

TrackID™ with BRAVIA (x32 Version: 1.2.0.09270 - Sony Corportaion) Hidden

TriDef 3D (Sony) 2.0.5 (HKLM-x32\...\experience-sony-bundle) (Version: 2.0.5 - Dynamic Digital Depth Australia Pty Ltd)

V3DPx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden

VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325 (HKLM\...\{34EB42BE-F4D3-44C1-B28E-9740115DB72C}) (Version: 1.0.00.01300 - Sony Corporation)

VAIO - PlayMemories Home Plug-in (HKLM\...\{886C0C18-F905-49B2-90BA-EFC0FEDF27C6}) (Version: 2.0.00.14200 - Sony Corporation)

VAIO - Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden

VAIO - Remote Keyboard with PlayStation®3 (x32 Version: 1.2.0.09210 - Sony Corporation) Hidden

VAIO - Remote Play with PlayStation®3 (x32 Version: 1.1.0.21090 - Sony Corporation) Hidden

VAIO - TrackID™ with BRAVIA (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden

VAIO 3D Portal (x32 Version: 1.2.0.10131 - Sony Corporation) Hidden

VAIO Care (HKLM\...\{4D95D095-8C6F-4357-BDD8-27E295F37FB1}) (Version: 7.3.1.05290 - Sony Corporation)

VAIO Control Center (x32 Version: 5.2.2.16060 - Sony Corporation) Hidden

VAIO CPU Fan Diagnostic (x32 Version: 1.1.0.09200 - Sony Corporation) Hidden

VAIO Data Restore Tool (x32 Version: 1.9.0.13190 - Sony Corporation) Hidden

VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden

VAIO Gate (x32 Version: 2.4.1.09230 - Sony Corporation) Hidden

VAIO Gate Default (x32 Version: 2.5.2.02090 - Sony Corporation) Hidden

VAIO Gesture Control (x32 Version: 1.0.0.12300 - Sony Corporation) Hidden

VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)

VAIO Help and Support (x32 Version: 17.00.0109 - Sony Corporation) Hidden

VAIO Improvement (x32 Version: 1.3.0.12280 - Sony Corporation) Hidden

VAIO Manual (x32 Version: 2.3.0.12300 - Sony Corporation) Hidden

VAIO OOBE (x32 Version: 12.2.1.2483 - Sony Corporation) Hidden

VAIO Sample Contents (x32 Version: 1.4.0.09010 - Sony Corporation) Hidden

VAIO Satisfaction Survey. (x32 Version: 3.0 - Sony Electronics Inc.) Hidden

VAIO Smart Network (x32 Version: 3.11.1.15220 - Sony Corporation) Hidden

VAIO Transfer Support (x32 Version: 1.7.1.06040 - Sony Corporation) Hidden

VBMx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden

VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden

VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

Vegas Movie Studio HD Platinum 11.0 (x32 Version: 11.0.256 - Sony) Hidden

VHD (x32 Version: 1.0.0 - Microsoft) Hidden

Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)

Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)

VIx64 (Version: 1.0.0 - Sony Corporation) Hidden

VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden

VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden

VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden

VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden

VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden

VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden

VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

Windows Driver Package - Pitney Bowes (DM150Drv) USB (07/04/2010 2.0.1.5) (HKLM\...\BD561D5D94E7AFC181BE8A098D2EC2B90BD07068) (Version: 07/04/2010 2.0.1.5 - Pitney Bowes)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02790F39-008D-4B15-8277-7B918EBE9C6B} - \Sony Corporation\VAIO Control Center\Level4Month -> No File <==== ATTENTION

Task: {05E71031-AFFE-4AE2-8E8B-14FECC41D1B7} - \Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser -> No File <==== ATTENTION

Task: {06B21FE3-DC74-4B18-B100-30187B410D8D} - \Microsoft\Windows\Media Center\UpdateRecordPath -> No File <==== ATTENTION

Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 -> No File <==== ATTENTION

Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 -> No File <==== ATTENTION

Task: {0C9A0B32-1DCA-4EDA-95D4-DD083424BA9F} - \Microsoft\Windows\MobilePC\HotStart -> No File <==== ATTENTION

Task: {0D32AB8D-71ED-4C2F-BAB7-1939118C8AE5} - \Microsoft\Windows\Media Center\PeriodicScanRetry -> No File <==== ATTENTION

Task: {10B3E878-4839-4B09-BC43-890EFED38181} - \Sony Corporation\VAIO Improvement\VAIOImprovementUploader -> No File <==== ATTENTION

Task: {12C53D86-9AC4-434A-A137-9B5BB61638C0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION

Task: {13A35294-5058-4133-B84A-BFA3FD9E6195} - \Sony Corporation\VAIO Gesture Control\VCGULogonTask -> No File <==== ATTENTION

Task: {1A030C92-DCF3-44CE-B358-7F07EE3F4B05} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION

Task: {1A973743-7EA9-4995-9044-81DD851608DE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3531486194-1994793862-2507083748-1002UA => C:\Users\Mark\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)

Task: {1C8AF8B9-B83F-4172-852C-2A7562A72E44} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks -> No File <==== ATTENTION

Task: {1DCDDEA4-FA8E-43A4-841C-048C401447CC} - \Microsoft\Windows\Media Center\mcupdate -> No File <==== ATTENTION

Task: {221C1277-F908-4BD9-8B92-0766756B2CEC} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION

Task: {239F9E5F-0AEC-4211-9537-811EAB4B3D44} - \Microsoft\Windows\Media Center\RegisterSearch -> No File <==== ATTENTION

Task: {23E9023E-4475-42B1-A9AD-4A4F0B51386E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-20] (Google Inc.)

Task: {26D09BB8-F861-4911-904A-C31208067B40} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\SymErr.exe [2017-02-20] (Symantec Corporation)

Task: {2B9ABEC2-DA7B-4762-B050-8F9F99D01939} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> No File <==== ATTENTION

Task: {346D0CE2-7862-4C65-BA6E-5D190AD85418} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION

Task: {3506D485-B6F6-4487-A750-5A6536DF0739} - \Microsoft\Windows\Media Center\StartRecording -> No File <==== ATTENTION

Task: {3CB6E3A8-E65F-4115-8E8F-871408EBE5BA} - \Sony Corporation\VAIO Update\Installer Task -> No File <==== ATTENTION

Task: {3CC120AF-76E4-4C30-A95A-701736DBAF3F} - \Microsoft_Hardware_Launch_itype_exe -> No File <==== ATTENTION

Task: {3CC3E26B-1944-4EAB-89C4-B5AB0327FECF} - \Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem -> No File <==== ATTENTION

Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - \Microsoft\Windows\Shell\WindowsParentalControlsMigration -> No File <==== ATTENTION

Task: {50F995BF-5C61-4110-8554-9BCC595B652F} - \Sony\Keyboard Shortcuts -> No File <==== ATTENTION

Task: {56D7C6C0-F143-44FA-A6B3-FD5A9F9C0FFD} - \Microsoft_Hardware_Launch_mousekeyboardcenter_exe -> No File <==== ATTENTION

Task: {58F491D5-A92C-4E01-BC28-9D7BAB2915F1} - \Microsoft\Windows\Media Center\OCURDiscovery -> No File <==== ATTENTION

Task: {5AC4F5D1-3441-42EF-8B4D-60BA77893CDB} - \Microsoft\Windows\SideShow\GadgetManager -> No File <==== ATTENTION

Task: {5ACD51BC-0684-404E-81D8-833A2D58B185} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - \Microsoft\Windows\Shell\WindowsParentalControls -> No File <==== ATTENTION

Task: {66C53742-1CAE-423E-8ACB-A91E3A8F4AF4} - \Microsoft\Windows\SideShow\SystemDataProviders -> No File <==== ATTENTION

Task: {68F50801-48B8-4EF7-ABB7-1D27BC0EB23A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION

Task: {703E21F8-BE8A-45CA-8226-1B7D2E83AED7} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 -> No File <==== ATTENTION

Task: {71DE19AE-53B6-4AEB-82DF-05145CB87BE5} - \Microsoft\Windows\Media Center\PvrScheduleTask -> No File <==== ATTENTION

Task: {774ADF0B-A1AE-4732-B9BC-EB1A309DF6B9} - \Microsoft\Windows\SideShow\AutoWake -> No File <==== ATTENTION

Task: {7BC9545D-C733-4748-B87B-12E4BE351283} - \Sony Corporation\VAIO Care\CRMReminder -> No File <==== ATTENTION

Task: {7E42EA35-CA17-447E-B22A-5E125898079A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\WSCStub.exe [2017-03-16] (Symantec Corporation)

Task: {7FEDFBE6-AF22-44A7-9854-17D2621C286D} - \Sony Corporation\VAIO Care\VCCheckIolo -> No File <==== ATTENTION

Task: {835F653F-D346-4AC0-8473-8CF955A08F60} - \Sony Corporation\VAIO Care\VAU -> No File <==== ATTENTION

Task: {839FF886-AB68-487B-A0F5-D755497BB22C} - \Microsoft\Windows\WindowsBackup\Windows Backup Monitor -> No File <==== ATTENTION

Task: {83E60C92-B537-4C09-9CBD-457E2E663D8D} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION

Task: {84F47B1E-CEFD-413A-8AB8-DE81A4E472A6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

Task: {854CF653-153F-43BA-B003-6DBB7661AE12} - \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task -> No File <==== ATTENTION

Task: {862681DF-0A7B-46AA-9C3C-60246411B3AB} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\SymErr.exe [2017-02-20] (Symantec Corporation)

Task: {8637E1F8-CDC4-4826-BE01-04CB8C5B1764} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

Task: {8C59077C-DAB8-4B4C-B2A1-74B5D870C918} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

Task: {8E0FDAAE-EFED-42E6-AA6D-6FDEF28DD1BD} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\SymErr.exe [2017-02-20] (Symantec Corporation)

Task: {907BD36E-207B-47EB-B679-BAD3B4A68A36} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3531486194-1994793862-2507083748-1002Core => C:\Users\Mark\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)

Task: {92732E47-1FDB-4A58-AFFC-4279CC32FB4D} - \Microsoft\Windows\Media Center\PBDADiscovery -> No File <==== ATTENTION

Task: {94851137-905A-4C44-8886-DB73CBF42B06} - \Microsoft\Windows\WindowsBackup\AutomaticBackup -> No File <==== ATTENTION

Task: {95359A56-4327-4D5C-9016-77C644C70D4F} - \Microsoft\Windows\Media Center\ActivateWindowsSearch -> No File <==== ATTENTION

Task: {9995CA4B-EB9E-45E8-8ED8-1B14929B698C} - \Microsoft\Windows\Media Center\InstallPlayReady -> No File <==== ATTENTION

Task: {9A30C1E8-3DC4-44C1-B970-B2E5E74D048B} - \VHDInformationCheck -> No File <==== ATTENTION

Task: {9B60BFF7-B1BB-4D40-B969-CD1BE600D573} - \Microsoft\Windows\Media Center\ehDRMInit -> No File <==== ATTENTION

Task: {9C2B7761-3E9B-4C8D-99F7-328D604BB3DE} - \Apple\AppleSoftwareUpdate -> No File <==== ATTENTION

Task: {A11E4C11-BA4B-4E3D-9C26-821D11B25EFB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

Task: {A3931A01-E4EE-4C18-B1D4-7B2898A8AD1B} - \USER_ESRV_SVC -> No File <==== ATTENTION

Task: {A78E19C4-F08E-447F-A275-F2E7E4CAB62A} - \Microsoft\Windows\Media Center\ReindexSearchRoot -> No File <==== ATTENTION

Task: {A7D0462A-52F1-466D-AAF2-55D5A240100F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-20] (Google Inc.)

Task: {A9A8879C-8C36-44EE-B696-F453816CF34D} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> No File <==== ATTENTION

Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> No File <==== ATTENTION

Task: {B162B326-318D-4D24-9751-0CA20E4DA098} - \Sony Corporation\VAIO Gate\StartExecuteProxy -> No File <==== ATTENTION

Task: {B1FF82B7-19F3-4669-A7B4-6F5ECB805B00} - \Sony Corporation\VAIO Care\VAIO Care -> No File <==== ATTENTION

Task: {B4032F85-1573-44FB-BC5A-616C55F8B27D} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> No File <==== ATTENTION

Task: {BC4C5D8B-08C4-4783-9A77-8A608F7268CC} - \Microsoft_MKC_Logon_Task_itype.exe -> No File <==== ATTENTION

Task: {BCA244B3-163A-48B8-B69C-683E58A81A78} - \Sony Corporation\VAIO Care\AutoCheckMessage -> No File <==== ATTENTION

Task: {BE6C673C-94D6-49A1-91B6-3A41A23B8B42} - \Microsoft_MKC_Logon_Task_ipoint.exe -> No File <==== ATTENTION

Task: {BEF9843A-9383-4193-878D-21B4CAA37BA4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14] (Adobe Systems Incorporated)

Task: {BF51EFE5-1F7D-4A35-A944-208D34612F6D} - \Microsoft\Windows\Media Center\mcupdate_scheduled -> No File <==== ATTENTION

Task: {C3377505-6AAD-48B2-9C7E-121A113F199F} - \Microsoft\Windows\Media Center\PvrRecoveryTask -> No File <==== ATTENTION

Task: {C43E228E-A63E-4218-A995-ABCE7F039B0E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

Task: {C538CFF5-066D-4CC6-B0C6-737C86FBFA12} - \WPD\SqmUpload_S-1-5-21-3531486194-1994793862-2507083748-1002 -> No File <==== ATTENTION

Task: {C7A1072F-7F87-4C30-B2C9-126756D2CFA1} - \Sony Corporation\VAIO Power Management\VPM Logon Start -> No File <==== ATTENTION

Task: {C893555B-4C47-4460-9368-6772AD24151E} - \Sony Corporation\VAIO Power Management\VPM Unlock -> No File <==== ATTENTION

Task: {CC4D4393-A441-429D-9DD8-E91C6CB129B9} - \Microsoft_Hardware_Launch_ipoint_exe -> No File <==== ATTENTION

Task: {D0FB9FFA-8BD7-44C8-9EB4-0FC7FABC00D8} - System32\Tasks\Send VAIO® Messenger uninstall message => Iexplore.exe hxxp://redirect.ddni.net/servlets/track?r=tau&sku=6514&oem=0&suid=bf347107-2181-4f51-9477-93afdbd2bcf5&uuid=6e98f378-092b-4da0-aa31-aa2f5d0cd948

Task: {D5F0445E-B264-45D3-A380-A516D942957C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

Task: {D9FE6874-B587-450A-A289-A93997FD0D59} - \Sony Corporation\VAIO Power Management\VPM Session Change -> No File <==== ATTENTION

Task: {DC064B94-60CE-47DC-8222-A72F12E83E79} - \VAIO Health Report -> No File <==== ATTENTION

Task: {DF02CAE9-EE4E-46E4-ABA9-68E3D594A408} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 -> No File <==== ATTENTION

Task: {E0F7BD64-F923-4BC7-AE5D-8FBA6B48FFD7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

Task: {E1534025-1767-4270-BE43-F0130298464D} - \Sony Corporation\VAIO Gate\VAIO Gate -> No File <==== ATTENTION

Task: {E4CC2D54-AC93-445D-AF3F-058A816F97FA} - \Microsoft\Windows\Media Center\RecordingRestart -> No File <==== ATTENTION

Task: {E8DCE35D-32E4-449F-95A3-A054BC456A7E} - \Sony Corporation\VAIO Smart Network\VSN Logon Start -> No File <==== ATTENTION

Task: {E9DC1F25-E75C-4A62-924B-84D7F4D254FF} - \Microsoft\Windows\SideShow\SessionAgent -> No File <==== ATTENTION

Task: {EA520EF1-8812-4399-8EE5-8AFD70A9700B} - \Sony Corporation\VAIO Control Center\Level4Daily -> No File <==== ATTENTION

Task: {EC1765E1-8114-408F-89E6-2619768DA383} - \Sony Corporation\VAIO Care\VCMetrics -> No File <==== ATTENTION

Task: {EEDE88B9-A651-42BA-9A1E-9338868B53C3} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService -> No File <==== ATTENTION

Task: {F803FC1A-D80B-4B22-A5EA-4467C5FA8A64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

Task: {FBDEF626-6485-44FF-AFA4-89849BADE296} - \Microsoft\Windows\Media Center\OCURActivate -> No File <==== ATTENTION

Task: {FDD53CB1-53CC-4331-BF76-DBD7E6D99BC1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3531486194-1994793862-2507083748-1002Core.job => C:\Users\Mark\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3531486194-1994793862-2507083748-1002UA.job => C:\Users\Mark\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll

2016-12-13 18:39 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2016-10-02 23:42 - 2016-05-19 21:08 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2017-02-21 14:45 - 2017-02-21 14:45 - 00585784 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareService.exe

2017-02-21 14:50 - 2017-02-21 14:50 - 00067544 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_date_time-vc140-mt-1_61.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 00030680 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_system-vc140-mt-1_61.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 00121816 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_thread-vc140-mt-1_61.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 00144856 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_filesystem-vc140-mt-1_61.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 00733144 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_log-vc140-mt-1_61.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 00524760 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_locale-vc140-mt-1_61.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 00039384 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_chrono-vc140-mt-1_61.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 11554264 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\rpc_server.dll

2017-02-21 14:51 - 2017-02-21 14:51 - 03712984 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\RCF.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 01000920 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_regex-vc140-mt-1_61.dll

2017-02-21 14:49 - 2017-02-21 14:49 - 01142232 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareActivation.dll

2017-02-21 14:49 - 2017-02-21 14:49 - 00633816 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareApplicationUpdater.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 00843736 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareGamingMode.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 00120280 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareReset.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 00142296 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareTime.dll

2017-02-21 14:49 - 2017-02-21 14:49 - 01024472 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareDefinitionsUpdater.dll

2017-02-21 14:49 - 2017-02-21 14:49 - 00906712 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareDefinitionsUpdaterScheduler.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 01468376 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareIgnoreList.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 00261080 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareQuarantine.dll

2017-02-21 14:49 - 2017-02-21 14:49 - 01652184 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareAntiMalwareEngine.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 01194456 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareScannerHistory.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 01553880 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareScanner.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 00039384 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_timer-vc140-mt-1_61.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 01032152 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareScannerScheduler.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 01183192 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareRealTimeProtection.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 02887640 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareIncompatibles.dll

2017-02-21 14:49 - 2017-02-21 14:49 - 01525208 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareAntiSpam.dll

2017-02-21 14:49 - 2017-02-21 14:49 - 01456600 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareAntiPhishing.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 03464664 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareParentalControl.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 01653720 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareWebProtection.dll

2017-02-21 14:49 - 2017-02-21 14:49 - 01598936 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareEmailProtection.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 00073176 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_iostreams-vc140-mt-1_61.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 01712088 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareNetworkProtection.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 01067480 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwarePromo.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 00475096 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareFeedback.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 03166168 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareThreatWorkAlliance.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 00667096 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwarePinCode.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 01069528 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareNotice.dll

2017-02-21 14:49 - 2017-02-21 14:49 - 01598424 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareAvcEngine.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 01496536 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareRealTimeProtectionHistory.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 00774104 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareStatistics.dll

2012-05-01 23:22 - 2012-03-23 03:47 - 00127320 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

2017-03-29 00:00 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll

2017-03-29 00:00 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll

2012-03-20 15:43 - 2012-03-20 15:43 - 00477816 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe

2017-02-21 14:50 - 2017-02-21 14:50 - 04461016 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareTray.exe

2017-02-21 14:50 - 2017-02-21 14:50 - 11717592 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\rpc_client.dll

2017-03-13 14:00 - 2017-03-13 14:01 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe

2017-03-13 14:00 - 2017-03-13 14:01 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll

2011-11-30 20:49 - 2011-11-30 20:49 - 00276992 _____ () C:\Program Files\Sony\VAIO Care\READ\RecoveryPartitionManagerREAD.dll

2016-12-13 18:39 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll

2017-02-21 14:50 - 2017-02-21 14:50 - 02687960 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareShellExtension.dll

2017-01-11 13:37 - 2016-12-21 01:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2017-01-11 13:37 - 2016-12-21 01:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2017-01-11 13:37 - 2016-12-21 01:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll

2017-01-11 13:37 - 2016-12-21 01:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll

2017-01-11 13:37 - 2016-12-21 01:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2017-01-11 13:37 - 2016-12-21 01:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2016-10-03 02:21 - 2016-10-03 02:21 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll

2017-01-11 13:38 - 2016-12-21 02:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll

2016-10-04 21:26 - 2016-09-15 12:29 - 03388256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll

2016-10-03 02:21 - 2016-10-03 02:21 - 02263904 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll

2014-02-12 22:58 - 2014-02-12 22:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-12 22:58 - 2014-02-12 22:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2012-05-02 00:32 - 2012-04-06 16:37 - 00021128 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll

2012-03-20 15:43 - 2012-03-20 15:43 - 00160376 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\MessageHook.dll

2012-03-20 15:43 - 2012-03-20 15:43 - 00026744 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\Utility.dll

2013-10-10 10:07 - 2013-10-10 10:07 - 00623432 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\boost_regex-vc100-mt-1_47.dll

2013-10-10 10:07 - 2013-10-10 10:07 - 00578376 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\BackupLib.dll

2013-10-10 10:07 - 2013-10-10 10:07 - 00021320 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\QBCompressor.dll

2013-10-10 10:07 - 2013-10-10 10:07 - 00137544 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\QBProActiveCore.dll

2013-10-10 10:07 - 2013-10-10 10:07 - 00621384 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\FtuEngine.dll

2013-10-10 10:07 - 2013-10-10 10:07 - 00147272 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\QBMAPILibrary.dll

2013-10-10 07:21 - 2013-10-10 07:21 - 00059904 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\zlib1.dll

2013-10-10 10:07 - 2013-10-10 10:07 - 00247112 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\boost_serialization-vc100-mt-1_47.dll

2013-10-10 10:07 - 2013-10-10 10:07 - 00757576 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\FeaturesBridge.dll

2013-10-10 10:07 - 2013-10-10 10:07 - 00043848 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\mbpopup.dll

2017-03-26 17:23 - 2017-03-21 13:06 - 00842560 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll

2017-03-09 14:19 - 2017-02-28 15:49 - 00035792 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd

2017-03-09 14:19 - 2017-02-28 15:49 - 00100296 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\_ctypes.pyd

2017-03-09 14:19 - 2017-02-28 15:49 - 00018888 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\select.pyd

2017-03-09 14:19 - 2017-03-21 13:10 - 00019776 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd

2017-03-26 17:23 - 2017-03-21 13:09 - 00020824 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd

2017-03-09 14:19 - 2017-02-28 15:50 - 00123856 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd

2017-03-09 14:19 - 2017-02-28 15:49 - 00694224 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\unicodedata.pyd

2017-03-26 17:23 - 2017-03-21 13:09 - 01729360 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd

2017-03-26 17:23 - 2017-03-21 13:09 - 00020816 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd

2017-03-26 17:23 - 2017-02-28 15:49 - 00145864 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\pyexpat.pyd

2017-03-26 17:23 - 2017-02-28 15:50 - 00019408 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\faulthandler.pyd

2017-03-26 17:23 - 2017-02-28 15:49 - 00116688 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\pywintypes27.dll

2017-03-09 14:19 - 2017-02-28 15:52 - 00105928 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32api.pyd

2017-03-09 14:19 - 2017-03-21 13:10 - 00022864 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd

2017-03-26 17:23 - 2017-03-21 13:09 - 00060736 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd

2017-03-26 17:23 - 2017-03-21 13:09 - 00038712 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\fastpath.pyd

2017-03-09 14:19 - 2017-02-28 15:52 - 00024528 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32event.pyd

2017-03-26 17:23 - 2017-02-28 15:49 - 00392656 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\pythoncom27.dll

2017-03-26 17:23 - 2017-02-28 15:52 - 00020936 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\mmapfile.pyd

2017-03-09 14:19 - 2017-02-28 15:52 - 00116176 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32security.pyd

2017-03-09 14:19 - 2017-03-21 13:10 - 00392512 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd

2017-03-09 14:19 - 2017-02-28 15:52 - 00124880 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32file.pyd

2017-03-09 14:19 - 2017-03-21 13:10 - 00026456 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd

2017-03-09 14:19 - 2017-02-28 15:52 - 00024016 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32clipboard.pyd

2017-03-09 14:19 - 2017-02-28 15:52 - 00175560 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32gui.pyd

2017-03-09 14:19 - 2017-02-28 15:52 - 00030160 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32pipe.pyd

2017-03-09 14:19 - 2017-02-28 15:52 - 00043472 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32process.pyd

2017-03-09 14:19 - 2017-02-28 15:52 - 00048592 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32service.pyd

2017-03-09 14:19 - 2017-02-28 15:52 - 00057808 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32evtlog.pyd

2017-03-09 14:19 - 2017-02-28 15:52 - 00024016 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32profile.pyd

2017-03-26 17:23 - 2017-03-21 13:09 - 00246608 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd

2017-03-26 17:23 - 2017-03-21 13:09 - 00027488 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd

2017-03-09 14:19 - 2017-02-28 15:51 - 00241104 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\_jpegtran.pyd

2017-03-26 17:23 - 2017-03-21 13:09 - 00022336 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd

2017-03-09 14:19 - 2017-03-21 13:10 - 00025432 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd

2017-03-09 14:19 - 2017-02-28 15:52 - 00028616 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32ts.pyd

2017-03-26 17:23 - 2017-03-21 13:10 - 01826104 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd

2017-03-09 14:19 - 2017-02-28 15:50 - 00083912 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\sip.pyd

2017-03-26 17:23 - 2017-03-21 13:10 - 01972024 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd

2017-03-26 17:23 - 2017-03-21 13:10 - 03928896 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd

2017-03-26 17:23 - 2017-03-21 13:10 - 00531264 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd

2017-03-09 14:19 - 2017-03-21 13:10 - 00053072 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd

2017-03-26 17:23 - 2017-03-21 13:10 - 00133432 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd

2017-03-26 17:23 - 2017-03-21 13:10 - 00224064 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd

2017-03-26 17:23 - 2017-03-21 13:10 - 00207680 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd

2017-03-09 14:19 - 2017-03-21 13:10 - 00022864 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd

2017-03-09 14:19 - 2017-03-21 13:10 - 00069968 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd

2017-03-09 14:19 - 2017-03-21 13:10 - 00022872 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd

2017-03-09 14:19 - 2017-03-21 13:10 - 00021848 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd

2017-03-09 14:19 - 2017-03-21 13:10 - 00022872 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd

2017-03-09 14:19 - 2017-02-28 15:52 - 00349128 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winxpgui.pyd

2017-03-26 17:23 - 2017-03-21 13:10 - 00103232 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.pyd

2017-03-09 14:19 - 2017-03-21 13:10 - 00023896 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd

2017-03-26 17:23 - 2017-03-21 13:09 - 00025936 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd

2017-03-26 17:23 - 2017-02-28 15:47 - 00036296 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\librsync.dll

2017-03-26 17:23 - 2017-03-21 13:09 - 00033112 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd

2017-03-26 17:23 - 2017-03-10 18:17 - 00293392 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll

2017-03-26 17:23 - 2017-03-21 13:09 - 00084288 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL

2017-03-09 14:19 - 2017-03-21 13:10 - 00030536 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd

2017-03-26 17:23 - 2017-02-28 15:56 - 00017864 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\libEGL.dll

2017-03-26 17:23 - 2017-02-28 15:56 - 01631184 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\libGLESv2.dll

2017-03-26 17:23 - 2017-03-21 13:10 - 00042816 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd

2017-03-26 17:23 - 2017-03-21 13:10 - 00171336 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd

2017-03-26 17:23 - 2017-03-21 13:10 - 00357688 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd

2017-03-09 14:19 - 2017-02-28 15:52 - 00060880 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32print.pyd

2017-03-09 14:19 - 2017-03-21 13:10 - 00026456 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd

2017-03-26 17:23 - 2017-03-21 13:10 - 00546104 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd

2016-05-20 09:57 - 2016-05-20 09:57 - 00109568 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\qextserialport1.dll

2009-01-10 13:32 - 2009-01-10 13:32 - 00011362 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\mingwm10.dll

2016-05-20 09:58 - 2016-05-20 09:58 - 00590848 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\qjson0.dll

2009-06-22 21:42 - 2009-06-22 21:42 - 00043008 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\libgcc_s_dw2-1.dll

2016-05-20 10:04 - 2016-05-20 10:04 - 00166856 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\conduitscripting0.dll

2011-12-19 15:27 - 2011-12-19 15:27 - 00011704 _____ () C:\Program Files (x86)\Citrix\SelfServicePlugin\ExtensionSDK.dll

2012-05-01 23:22 - 2012-03-23 03:47 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

2017-02-06 18:19 - 2017-02-01 04:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll

2017-02-06 18:19 - 2017-02-01 04:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\adawareantivirusservice => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\adawareantivirusservice => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3531486194-1994793862-2507083748-1000\Control Panel\Desktop\\Wallpaper ->

HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\Control Panel\Desktop\\Wallpaper ->

DNS Servers: 68.105.28.11 - 68.105.29.11

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808

FirewallRules: [{DB525453-02BA-4564-B0F1-08FECA1D5445}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{405807E2-AD6E-41B5-AC7B-85032629B3CC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{6BBF5D66-89EB-40E4-ABDE-2B615C431C23}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe

FirewallRules: [{D8B7793A-B4C0-45E7-8745-86471A48F9C7}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe

FirewallRules: [{F42D1DCD-6A51-4D48-A37F-042F24AC5719}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe

FirewallRules: [{10259220-E89D-4E64-A28D-D62CE4279960}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE

FirewallRules: [{D418F123-83E4-4671-9CED-5F38FF47CCF7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{B266D5A4-2609-4491-8905-1CFE1F2527FE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{7EF6C2CD-E8FD-4D86-B42E-BE3452124277}] => (Allow) LPort=2869

FirewallRules: [{11E1CD4D-42EE-4919-8D15-D00DA315A72E}] => (Allow) LPort=1900

FirewallRules: [{8C7F86D5-6B83-4FFD-9897-DCD348A72BC9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{79B99110-C903-4EB2-88FA-CDA8D460E252}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe

FirewallRules: [{EFCDBB65-A836-4FF1-B2FC-53FE99ABA463}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe

FirewallRules: [{1289397D-D65D-4113-B8C5-4B84F04F9C18}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

FirewallRules: [{91B020CD-0D3C-437D-A44A-009B974D3D37}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe

FirewallRules: [{9B78FCA4-3CF3-457B-A66D-C512EAE05AB4}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe

FirewallRules: [{D757C5E9-84F5-4C66-B0D1-C8190827CBAB}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe

FirewallRules: [{DB7C260A-060B-4A13-8380-ED2FA96EAD26}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe

FirewallRules: [{B87A4986-B1F6-4EC7-AB47-3EF1BD147504}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{783ACF1B-EEE4-4099-A98F-0F143EFA782B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{F5C5F624-E7A6-4EA5-B345-F0CD6A336466}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{01D50184-D604-43CF-A870-D4ED31A7BB93}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [TCP Query User{249102EE-3D05-4E3E-B168-DFFE31AC61D3}C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe

FirewallRules: [UDP Query User{07BA160C-2E7A-4FDE-9C0F-7FC47A444622}C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe

FirewallRules: [{D38ECD79-575A-45D3-951A-2DDBAFA7E4B3}] => (Allow) C:\Users\Mark\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{988F1FF2-4FDC-4887-BBED-E3E9B633278E}] => (Allow) C:\Users\Mark\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [TCP Query User{22A6D8EC-29F0-4E46-B4DD-B7506A5D05EF}C:\users\mark\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mark\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [UDP Query User{65B2E81A-5145-4F4A-96C0-552742CA5EEE}C:\users\mark\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mark\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [{CEE4E8BD-9E1A-4A55-AC55-291C2BDB5F6E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe

FirewallRules: [{4DDDBF00-8634-4B51-A6B2-0A496B977C19}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe

FirewallRules: [{C4F384C0-AF50-4BE4-93EB-E67C35D46D83}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

FirewallRules: [{AD40285D-FFB2-4785-80DC-E959039106A0}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

FirewallRules: [{AB80A5BB-AB2B-47EB-9D8F-FC3849AC10E8}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe

FirewallRules: [{010947D9-81EB-4E44-9CD8-CAC0D087089C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe] => Enabled:TriDef 3D Media Player

==================== Restore Points =========================

29-03-2017 18:59:10 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (03/29/2017 10:53:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mark-VAIO)

Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/29/2017 10:32:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mark-VAIO)

Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/29/2017 09:57:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mark-VAIO)

Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/29/2017 09:43:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mark-VAIO)

Description: Activation of app 9E2F88E3.Twitter_wgeqdkkx372wm!x554f661dyd360y462cy8743yf8a99b7d41dbx failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/29/2017 09:43:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mark-VAIO)

Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/29/2017 09:43:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Mark-VAIO)

Description: Package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.

Error: (03/29/2017 09:41:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mark-VAIO)

Description: Activation of app Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/29/2017 09:39:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Mark-VAIO)

Description: Package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.

Error: (03/29/2017 09:03:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mark-VAIO)

Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/29/2017 08:17:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Mark-VAIO)

Description: Package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.

System errors:

=============

Error: (03/29/2017 11:24:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Software Protection service terminated with the following error:

The parameter is incorrect.

Error: (03/29/2017 10:24:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Software Protection service terminated with the following error:

The parameter is incorrect.

Error: (03/29/2017 10:08:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Energy Server Service service terminated unexpectedly. It has done this 1 time(s).

Error: (03/29/2017 09:57:12 PM) (Source: DCOM) (EventID: 10010) (User: Mark-VAIO)

Description: The server App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.

Error: (03/29/2017 09:56:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The VAIO Power Management service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Error: (03/29/2017 09:56:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the VAIO Power Management service to connect.

Error: (03/29/2017 09:55:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The CamMonitor service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Error: (03/29/2017 09:55:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the CamMonitor service to connect.

Error: (03/29/2017 09:54:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Software Protection service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Error: (03/29/2017 09:54:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.

CodeIntegrity:

===================================

Date: 2017-01-21 19:26:15.213

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-21 19:26:15.151

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-21 19:26:15.129

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-21 19:26:15.080

Date: 2017-01-21 19:26:15.056

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-21 19:26:15.028

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-21 19:26:13.446

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-21 19:26:13.180

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-21 19:24:35.392

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-21 19:24:35.360

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel® Core™ i7-3612QM CPU @ 2.10GHz

Percentage of memory in use: 51%

Total physical RAM: 8091.27 MB

Available physical RAM: 3898.68 MB

Total Virtual: 16283.27 MB

Available Virtual: 11174.51 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:678.09 GB) (Free:573.63 GB) NTFS

Drive e: (Monogram Wizard+) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 698.6 GB) (Disk ID: 04AC9C78)

Partition: GPT.

==================== End of Addition.txt ============================

Edited by ptorline, 29 March 2017 - 10:44 PM.

#2
zep516

Posted 29 March 2017 - 08:10 PM

Trusted Helper

Malware Removal
8,090 posts

Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

I see you made an edit 19 minutes ago, I do not see any log reports.

#3
ptorline

Posted 29 March 2017 - 08:14 PM

Member

Topic Starter
Member
17 posts

Thank you! I'm still working on getting the logs! trying to get FRST installed on the computer, it is very slow...i'll try and have it uploaded asap.

Thank you again for your help!!!! Logs have now been put in the first original post

Edited by ptorline, 29 March 2017 - 11:11 PM.

#4
zep516

Posted 29 March 2017 - 11:19 PM

Trusted Helper

Malware Removal
8,090 posts

Please remove this program now!

adaware antivirus

#5
ptorline

Posted 29 March 2017 - 11:39 PM

Member

Topic Starter
Member
17 posts

Program has been removed.

#6
zep516

Posted 29 March 2017 - 11:48 PM

Trusted Helper

Malware Removal
8,090 posts

I have to sign off so I'm giving you a few things to do, so you have something to do. I did not see any malware, but a lot of left over junk. I have 2 scans to run for you and a fix using FRST (Farber Recovery Scan Tool) Remember download the fixlist to the desktop once there, right click on FRST64, the icon on your desktop, choose "Run as administrator" FRST will open, you click on FIX. Instructions to follow:

Remove these programs too at some point, you can do it later if you want
Java 7 Update 1 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417001FF}) (Version: 7.0.10 - Oracle)
Java 7 Update 1 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217001FF}) (Version: 7.0.10 - Oracle)
Old versions of java are an infection risk

Next

Download the enclosed => file-->

fixlist.txt 13.7KB 171 downloads Save it in the location FRST64 is your desktop Then Run FRST and click on the Fix button. Wait until finished.
The tool will make a log in the location FRST is, your desktop called-> (Fixlog.txt). Please post it to your reply.

Next

Please download adwCleaner to your desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the Scan button and wait for the process to complete.
Click the logfile button and the log will open in Notepad.
Click on the Clean button follow the prompts.
A log file will automatically open after the scan has finished and the PC has rebooted.
Please post the content of that log file with your next answer.
The report will be saved in the C:\AdwCleaner folder.

Next
Please download Junkware Removal Tool to your Desktop.
Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete, depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
Please post the contents of JRT.txt into your reply.

Next

Post the fix log found on your desktop after running the fix.
Post the AdwCleaner log.
Post the Junkware Removal Tool log.

Then after you completed all of the above

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.
- Double-click to run it. When the tool opens click Yes to disclaimer.
- Make sure you checkmark Addition.txt box.
- Press Scan button.
- Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

#7
ptorline

Posted 30 March 2017 - 11:10 AM

Member

Topic Starter
Member
17 posts

I am sorry, but I think this may be a separate issue other than malware. I have just noticed upon opening the tsk manager that my disc usage is at 100% always. I don't know what is causing this but this must be the reason for the absolute slowness.

I have google searched for fixes of this for Windows 10 and tried all of the highlighted fixes (disabling windows search and superfetch but) but nothing has worked.

Will you be able to help me out with this or will I need to post in another forum?

#8
zep516

Posted 30 March 2017 - 11:29 AM

Trusted Helper

Malware Removal
8,090 posts

Hello,

I kind of figured that, high disc usage can be an issue with win 10. So your best option is to post in the win10 forum and a tech will help you. I'd still like to see you run through the exercises in my last instructions though if possible

#9
ptorline

Posted 30 March 2017 - 09:23 PM

Member

Topic Starter
Member
17 posts

Okay i have found what the problem is for the disc usage. It was Norton 360 and Windows Defender. I have uninstalled Norton 360 and turned off Windows Defender and Disc usage is great. Do you have another recommended program to use now that Windows Defender is turned off? If i don't have one Windows Defender will turn on automatically every time the computer restarts and will cause the same issue. My parents will not know how to turn it off.

Files requested below:

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017

Ran by Mark (30-03-2017 22:09:36) Run:1

Running from C:\Users\Mark\Desktop

Loaded Profiles: UpdatusUser & Mark (Available Profiles: UpdatusUser & Mark & DefaultAppPool)

Boot Mode: Normal

==============================================

fixlist content:

*****************

CloseProcesses:

CreateRestorePoint:

HKLM\...\Run: [AdAwareTray] => C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareTray.exe [4461016 2017-02-21] ()

AdAwareInstaller (Version: 12.0.649.11190 - adaware) Hidden

AdAwareUpdater (Version: 12.0.649.11190 - adaware) Hidden

AntimalwareEngine (Version: 3.0.144.0 - adaware) Hidden

HKLM-x32\...\Run: [] => [X]

SearchScopes: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

Toolbar: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

R2 adawareantivirusservice; C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareService.exe [585784 2017-02-21] ()

3 idsvc; no ImagePath