Hi I am trying to help my parents repair their computer.
I'm not entirely sure what they have done to it but they must have some virus. The computer is running very slow. Much slower than should be. It takes a very long time to perform simple tasks. The only information i could get out of my mom as to what happened is she downloaded some new font to try and use...
The slowness hasn't been around for maybe more than a week or two according to them. I have tried using malwarebytes & lavasofts adaware but they run very slow and have not seemed to fix the problem.The computer takes forever to start up and open any programs.
Running Windows 10 64 bit on a Sony VAIO laptop.
Sorry for the delay in getting these logs posted but the scan took over an hour to run and produce the txt files. Thank you so much for your help!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Mark (administrator) on MARK-VAIO (29-03-2017 22:44:13)
Running from C:\Users\Mark\Desktop
Loaded Profiles: UpdatusUser & Mark (Available Profiles: UpdatusUser & Mark & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\n360.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESGfxMgr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
() C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\n360.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
() C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(j2 Global Communications, Inc.) C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Intuit Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2014\QBW32.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Mark\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(j2 Global Communications, Inc.) C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(SkyHawke) C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Mark\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\nacl64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\conathst.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1051_none_7f2bf7ea21d201b2\TiWorker.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\BackgroundTransferHost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-20] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2780776 2011-07-19] (CANON INC.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954368 2015-09-21] (Synaptics Incorporated)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareTray.exe [4461016 2017-02-21] ()
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-09] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [60552 2011-09-20] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [693608 2012-02-21] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1637496 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [439440 2011-09-27] (CANON INC.)
HKLM-x32\...\Run: [PC Meter Connect] => C:\Program Files (x86)\Pitney Bowes\PC Meter Connect\mailstationAssistant.exe [3514368 2012-02-07] (Pitney Bowes, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [362432 2011-12-22] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [CaddieSyncConduit] => C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe [2289096 2016-05-20] (SkyHawke)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [2829624 2013-10-10] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKU\S-1-5-21-3531486194-1994793862-2507083748-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\...\Run: [eFax 4.4] => C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe [95744 2010-07-02] (j2 Global Communications, Inc.)
HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\...\Run: [Dropbox Update] => C:\Users\Mark\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\...\Run: [GoogleChromeAutoLaunch_96D28242BA1FDBE7F82E6712BD4F4597] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [945496 2017-02-01] (Google Inc.)
HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [231936 2016-07-16] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [199072 2016-06-18] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine32\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine32\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine32\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-03-21] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2014-05-04]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2014-05-04]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2014-05-04]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2014\QBW32.EXE (Intuit Inc.)
Startup: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-03-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eFax 4.4.lnk [2012-08-02]
ShortcutTarget: eFax 4.4.lnk -> C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe (j2 Global Communications, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{1477557e-1400-44c8-b51f-3f0abed15b46}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Internet Explorer:
==================
HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony.msn.com/
HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony.msn.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-05-01] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine32\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-05-01] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine32\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {5554DCB0-700B-498D-9B58-4E40E5814405} hxxps://rpt3.brandwise.com/ReportServer/Reserved.ReportViewerWebControl.axd?ExecutionID=hp5kvmm00rslp035cryjtj45&ControlID=a3947785370546379885e3d2fee8fd0b&Culture=1033&UICulture=9&ReportStack=1&OpType=PrintCab&Arch=X86
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T30L10NSP5EP2-10002/event/ieatgpc1.cab
Handler-x32: intu-help-qb7 - {5A03BD9D-766D-47A6-8E87-CD90F60BE245} - C:\Program Files (x86)\Intuit\QuickBooks 2014\HelpAsyncPluggableProtocol.dll [2013-10-10] (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-12-22] (Citrix Systems, Inc.)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.7.0.76\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.7.0.76\coFFAddon [2017-03-29]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.7.0.76\coFFAddon
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [2012-05-01] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-09-21] (CANON INC.)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2011-12-22] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-03-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-03-23] (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll [2012-05-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2011-10-07] (Sony Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2011-08-02] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default [2017-03-29]
CHR Extension: (YouTube) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-11]
CHR Extension: (Norton Security Toolbar) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-02-22]
CHR Extension: (Google Search) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Pinterest Save Button) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-02-25]
CHR Extension: (Norton Identity Safe) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-18]
CHR Extension: (Gmail) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-04]
CHR Extension: (Chrome Media Router) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-22]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\Exts\Chrome.crx [2017-03-29]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\Exts\Chrome.crx [2017-03-29]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ActiveDelayDeviceService; C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe [78472 2011-09-20] (Sony Corporation)
R2 adawareantivirusservice; C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareService.exe [585784 2017-02-21] ()
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe [427432 2013-02-22] ()
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-23] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [162648 2012-03-23] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\N360.exe [326152 2017-03-16] (Symantec Corporation)
R2 PMBDeviceInfoProvider; c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [473960 2012-02-21] (Sony Corporation)
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2013-10-10] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2013-10-10] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2013-10-10] (Intuit Inc.) [File not signed]
S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [258048 2013-03-04] (Sony Corporation) [File not signed]
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2011-09-23] (Sony Corporation) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-09-21] (Synaptics Incorporated)
S2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe [427432 2013-02-22] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [960160 2011-12-29] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ArcSoftKsUFilter; C:\WINDOWS\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.7.0.76\Definitions\BASHDefs\20170327.001\BHDrvx64.sys [1831064 2017-03-17] (Symantec Corporation)
R1 ccSet_N360; C:\WINDOWS\system32\drivers\N360x64\1609010.00C\ccSetx64.sys [174240 2017-02-20] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-25] (Symantec Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.7.0.76\Definitions\IPSDefs\20170329.001\IDSvia64.sys [1038024 2017-03-17] (Symantec Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-29] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-29] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-29] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-29] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-29] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2016-07-16] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2012-11-06] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-09-21] (Synaptics Incorporated)
R1 SRTSP; C:\WINDOWS\System32\Drivers\N360x64\1609010.00C\SRTSP64.SYS [770200 2017-03-16] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\N360x64\1609010.00C\SRTSPX64.SYS [49312 2017-03-16] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\N360x64\1609010.00C\SYMEFASI64.SYS [1716896 2017-02-20] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\N360x64\1609010.00C\SymELAM.sys [24616 2017-02-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-03-08] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\N360x64\1609010.00C\Ironx64.SYS [291480 2017-02-20] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\N360x64\1609010.00C\SYMNETS.SYS [567512 2017-02-20] (Symantec Corporation)
S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [442848 2017-02-08] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 NAVENG; \??\C:\Program Files (x86)\Norton 360\NortonData\22.7.0.76\Definitions\SDSDefs\20170328.019\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton 360\NortonData\22.7.0.76\Definitions\SDSDefs\20170328.019\NAVEX15.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-29 22:44 - 2017-03-29 23:01 - 00035774 _____ C:\Users\Mark\Desktop\FRST.txt
2017-03-29 22:43 - 2017-03-29 22:43 - 02424832 _____ (Farbar) C:\Users\Mark\Desktop\FRST64.exe
2017-03-29 22:27 - 2017-03-29 22:44 - 00000000 ____D C:\FRST
2017-03-29 20:41 - 2017-03-29 20:41 - 00003376 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-03-29 00:01 - 2017-03-29 21:41 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-29 00:00 - 2017-03-29 21:29 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-29 00:00 - 2017-03-29 21:29 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-29 00:00 - 2017-03-29 21:29 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-29 00:00 - 2017-03-29 21:28 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-29 00:00 - 2017-03-29 00:00 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-29 00:00 - 2017-03-29 00:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-29 00:00 - 2017-03-29 00:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-29 00:00 - 2017-03-29 00:00 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-29 00:00 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-28 23:04 - 2017-03-28 23:05 - 57131432 _____ (Malwarebytes ) C:\Users\Mark\Downloads\mb3-setup-SEMFD.100SEM-3.0.6.1469-1075 (1).exe
2017-03-28 23:02 - 2017-03-28 23:05 - 57131432 _____ (Malwarebytes ) C:\Users\Mark\Downloads\mb3-setup-SEMFD.100SEM-3.0.6.1469-1075.exe
2017-03-28 22:21 - 2017-03-28 22:21 - 00000000 ___DC C:\ProgramData\{AA28280A-C4CA-4B4F-9DF1-593032D2F3EC}
2017-03-28 22:20 - 2017-03-28 22:20 - 00004326 _____ C:\WINDOWS\System32\Tasks\Send VAIO® Messenger uninstall message
2017-03-28 20:29 - 2017-03-28 20:29 - 00000000 ____D C:\Users\Mark\AppData\Roaming\adaware
2017-03-28 20:27 - 2017-03-28 20:27 - 00000000 ____D C:\Users\Mark\AppData\Local\AdAwareDesktop
2017-03-28 20:24 - 2017-03-28 20:24 - 00002416 _____ C:\Users\Public\Desktop\adaware antivirus.lnk
2017-03-28 20:24 - 2017-03-28 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\adaware
2017-03-28 20:13 - 2017-03-28 20:13 - 00000000 ____D C:\Program Files\adaware
2017-03-28 20:10 - 2017-03-28 20:10 - 00000000 ____D C:\Users\Mark\AppData\Local\AdAwareUpdater
2017-03-28 20:09 - 2017-03-28 20:09 - 00000000 ____D C:\Program Files\Common Files\adaware
2017-03-28 20:05 - 2017-03-28 20:05 - 00000000 ____D C:\ProgramData\adaware
2017-03-28 20:04 - 2017-03-28 20:04 - 02558896 _____ C:\Users\Mark\Downloads\Adaware_Installer.exe
2017-03-26 17:25 - 2017-03-26 17:25 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-18 01:21 - 2017-03-29 21:32 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360
2017-03-14 21:10 - 2017-03-14 21:10 - 01470553 _____ C:\Users\Mark\Downloads\SharpSharkArticulationFREEBIE.pdf
2017-03-14 21:05 - 2017-03-14 21:05 - 03120894 _____ C:\Users\Mark\Downloads\AprilFoolsArticulation.pdf
2017-03-14 21:03 - 2017-03-14 21:03 - 02112595 _____ C:\Users\Mark\Downloads\LoveBunniesArticulationKandG.pdf
2017-03-14 19:37 - 2017-03-14 19:37 - 00004374 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-08 20:04 - 2017-03-08 20:04 - 00014927 _____ C:\Users\Mark\Downloads\Luggage_Tag (2).studio
2017-03-08 20:01 - 2017-03-08 20:01 - 00014927 _____ C:\Users\Mark\Downloads\Luggage_Tag.studio
2017-03-08 20:01 - 2017-03-08 20:01 - 00014927 _____ C:\Users\Mark\Downloads\Luggage_Tag (1).studio
2017-03-08 18:31 - 2017-03-08 18:31 - 00565172 _____ C:\Users\Mark\Downloads\i-9.pdf
2017-03-08 18:31 - 2017-03-08 18:31 - 00026924 _____ C:\Users\Mark\Downloads\Direct Deposit.pdf
2017-03-08 18:31 - 2017-03-08 18:31 - 00016827 _____ C:\Users\Mark\Downloads\SubstanceAbusePolicy.pdf
2017-03-08 18:26 - 2017-03-08 18:26 - 00112225 _____ C:\Users\Mark\Downloads\W-9.pdf
2017-02-28 19:13 - 2017-02-28 19:13 - 01326804 _____ C:\Users\Mark\Downloads\alit-design_bromello.zip
2017-02-28 19:12 - 2017-02-28 19:12 - 00030814 _____ C:\Users\Mark\Downloads\luna2.zip
2017-02-28 19:11 - 2017-02-28 19:11 - 01458033 _____ C:\Users\Mark\Downloads\remachine_script.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-29 22:20 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-29 22:20 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-29 22:01 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-29 21:46 - 2012-10-22 19:18 - 00000000 ___RD C:\Users\Mark\Dropbox
2017-03-29 21:45 - 2016-10-02 23:31 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-29 21:32 - 2016-10-02 23:48 - 00006848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-29 21:28 - 2016-10-02 23:49 - 00000000 ____D C:\Users\UpdatusUser
2017-03-29 21:28 - 2016-03-08 18:47 - 00000000 __SHD C:\Users\Mark\IntelGraphicsProfiles
2017-03-29 21:25 - 2016-10-03 00:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-29 20:41 - 2014-07-08 12:53 - 00000000 ____D C:\WINDOWS\system32\Drivers\N360x64
2017-03-29 20:35 - 2016-07-09 12:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2017-03-29 20:35 - 2014-07-08 12:57 - 00002302 _____ C:\Users\Public\Desktop\Norton 360.lnk
2017-03-29 19:36 - 2016-03-09 20:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-29 19:02 - 2016-03-09 20:21 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-29 00:44 - 2014-07-08 14:43 - 00000000 ____D C:\Users\Mark\AppData\Local\CrashDumps
2017-03-29 00:43 - 2016-10-03 19:31 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{39A43A5B-4370-4695-915C-044B6369B5C8}
2017-03-28 23:35 - 2012-09-03 18:39 - 00000000 ____D C:\Program Files\Google
2017-03-28 23:35 - 2012-09-03 18:38 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-28 22:20 - 2012-05-02 01:59 - 00000000 ____D C:\ProgramData\DDNi
2017-03-28 22:12 - 2013-05-31 00:44 - 00000000 ____D C:\Program Files (x86)\Sharepod
2017-03-28 22:05 - 2012-05-02 01:59 - 00000000 ____D C:\Program Files (x86)\DDNi
2017-03-28 20:40 - 2012-09-03 18:38 - 00000000 ____D C:\Users\Mark\AppData\Local\Google
2017-03-28 20:40 - 2012-09-03 18:38 - 00000000 ____D C:\ProgramData\Google
2017-03-28 19:43 - 2016-07-16 01:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-26 17:43 - 2012-10-22 19:16 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Dropbox
2017-03-24 09:13 - 2013-03-14 05:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-24 08:59 - 2013-03-14 05:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-24 08:59 - 2013-03-14 05:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-23 18:13 - 2014-07-01 17:07 - 00000000 ____D C:\Users\Mark\Documents\Monogram Wizard
2017-03-20 16:44 - 2016-10-02 23:49 - 00000000 ____D C:\Users\Mark
2017-03-20 16:39 - 2016-07-16 06:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-03-19 19:44 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-18 09:30 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-18 01:15 - 2015-09-20 12:23 - 00000000 ____D C:\Program Files\Common Files\AV
2017-03-18 01:15 - 2014-07-08 12:53 - 00000000 ____D C:\Program Files (x86)\Norton 360
2017-03-18 01:11 - 2015-07-03 08:27 - 00000000 ____D C:\Users\Mark\AppData\Local\Dropbox
2017-03-18 01:06 - 2016-10-02 23:31 - 00344200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-18 01:01 - 2016-07-16 01:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-14 19:23 - 2017-02-14 16:48 - 06847064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-03-14 19:23 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-14 19:23 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-10 00:17 - 2016-07-16 06:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-03-10 00:17 - 2016-07-16 06:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-09 08:44 - 2014-07-01 17:53 - 00000000 ____D C:\Program Files (x86)\Silhouette Studio
2017-03-08 21:19 - 2014-07-08 12:58 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-03-08 21:19 - 2014-07-08 12:58 - 00008298 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
Some files in TEMP:
====================
2017-03-20 17:52 - 2017-03-20 17:52 - 0011776 _____ () C:\Users\Mark\AppData\Local\Temp\02jbt2fs.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-01 21:14
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Mark (29-03-2017 23:17:17)
Running from C:\Users\Mark\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-03 05:41:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3531486194-1994793862-2507083748-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3531486194-1994793862-2507083748-503 - Limited - Disabled)
Guest (S-1-5-21-3531486194-1994793862-2507083748-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3531486194-1994793862-2507083748-1003 - Limited - Enabled)
Mark (S-1-5-21-3531486194-1994793862-2507083748-1002 - Administrator - Enabled) => C:\Users\Mark
UpdatusUser (S-1-5-21-3531486194-1994793862-2507083748-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton 360 (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACID Music Studio 8.0 (x32 Version: 8.0.178 - Sony) Hidden
adaware antivirus (HKLM\...\{BECD7155-DC57-4F89-B1A8-A90B033C6209}_AdAwareUpdater) (Version: 12.0.649.11190 - adaware)
AdAwareInstaller (Version: 12.0.649.11190 - adaware) Hidden
AdAwareUpdater (Version: 12.0.649.11190 - adaware) Hidden
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 3.0.144.0 - adaware) Hidden
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version: - )
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.161 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.457 - ArcSoft)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CaddieSync Express 1.5.135 (HKLM-x32\...\CaddieSync Express) (Version: 1.5.135 - SkyHawke Technologies)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version: - )
Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version: - )
Canon MX430 series On-screen Manual (HKLM-x32\...\Canon MX430 series On-screen Manual) (Version: - )
Canon MX430 series User Registration (HKLM-x32\...\Canon MX430 series User Registration) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: - )
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.1.0.89 - Citrix Systems, Inc.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5009.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\...\Dropbox) (Version: 22.4.24 - Dropbox, Inc.)
DVD Architect Studio 5.0 (x32 Version: 5.0.157 - Sony) Hidden
eFax Messenger (HKLM-x32\...\{DF6DA606-904D-4C18-823F-A4CFC3035E53}) (Version: 4.4.1.528 - j2 Global)
Evernote v. 4.5.2 (HKLM-x32\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version: 4.5.2.5904 - Evernote Corp.)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Officejet Pro 8500 A910 Basic Device Software (HKLM\...\{EE7C94CC-BECB-4000-B5E3-D895307B9D5E}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Help (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® WiDi (HKLM\...\{4E4282C3-F66E-4852-837A-7675527178C2}) (Version: 3.1.26.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0708 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 1 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417001FF}) (Version: 7.0.10 - Oracle)
Java 7 Update 1 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217001FF}) (Version: 7.0.10 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Keyboard_Shortcuts (x32 Version: 1.1.0.12190 - Sony Corporation) Hidden
KUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Media Gallery (HKLM\...\{0EB7792D-EFA2-42AB-9A22-F33D9458E974}) (Version: 2.1.0.13300 - Sony Corporation)
Media Go (x32 Version: 2.0.317 - Sony) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Monogram Wizard + Extended Features (HKLM-x32\...\{95111771-74C5-4D4E-9339-F8A75055E6AC}) (Version: 1.00.0000 - needleheads)
Monogram Wizard Plus V2.5 R15v (HKLM-x32\...\{BD43BF87-2BED-4D95-8187-3E54A05FCAD3}) (Version: 2.05.0013 - needleheads)
Monogram Wizard Product Update 3.0.6 (HKLM-x32\...\{6E4B627B-05AA-4439-9447-97460745D75E}) (Version: 3.06.1600 - needleheads)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Norton 360 (HKLM-x32\...\N360) (Version: 22.9.1.12 - Symantec Corporation)
NVIDIA Graphics Driver 296.18 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.18 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.11.1111 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.1111 - NVIDIA Corporation)
Online Plug-in (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
PC Meter Connect (HKLM-x32\...\{D39BAE47-1B85-41F6-9348-44E965009B56}) (Version: 05.00.0056.0000 - Pitney Bowes)
PlayMemories Home (x32 Version: 6.1.01.14210 - Sony Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayStation®Network Downloader (x32 Version: 2.07.00849 - Sony Computer Entertainment Inc.) Hidden
PlayStation®Store (x32 Version: 4.5.15.13232 - Sony Computer Entertainment Inc.) Hidden
QuickBooks (x32 Version: 24.0.4003.2403 - Intuit Inc.) Hidden
QuickBooks Pro 2014 (HKLM-x32\...\{4A21D17E-2FE8-42CD-88B7-ACF8E8860834}) (Version: 24.0.4003.2403 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Reader for PC (x32 Version: 1.1.02.10070 - Sony Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6570 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Remote Play with PlayStation®3 (x32 Version: 1.1.0.21090 - Sony Corporation) Hidden
Self-service Plug-in (x32 Version: 3.1.0.21744 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Silhouette Studio (HKLM-x32\...\{739394E5-3E62-4DC6-9BD5-A27775E4C9BD}) (Version: 2.7.18 - Aspex Research & Technology)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sound Forge Audio Studio 10.0 (x32 Version: 10.0.176 - Sony) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
TrackID with BRAVIA (x32 Version: 1.2.0.09270 - Sony Corportaion) Hidden
TriDef 3D (Sony) 2.0.5 (HKLM-x32\...\experience-sony-bundle) (Version: 2.0.5 - Dynamic Digital Depth Australia Pty Ltd)
V3DPx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325 (HKLM\...\{34EB42BE-F4D3-44C1-B28E-9740115DB72C}) (Version: 1.0.00.01300 - Sony Corporation)
VAIO - PlayMemories Home Plug-in (HKLM\...\{886C0C18-F905-49B2-90BA-EFC0FEDF27C6}) (Version: 2.0.00.14200 - Sony Corporation)
VAIO - Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
VAIO - Remote Keyboard with PlayStation®3 (x32 Version: 1.2.0.09210 - Sony Corporation) Hidden
VAIO - Remote Play with PlayStation®3 (x32 Version: 1.1.0.21090 - Sony Corporation) Hidden
VAIO - TrackID™ with BRAVIA (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
VAIO 3D Portal (x32 Version: 1.2.0.10131 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{4D95D095-8C6F-4357-BDD8-27E295F37FB1}) (Version: 7.3.1.05290 - Sony Corporation)
VAIO Control Center (x32 Version: 5.2.2.16060 - Sony Corporation) Hidden
VAIO CPU Fan Diagnostic (x32 Version: 1.1.0.09200 - Sony Corporation) Hidden
VAIO Data Restore Tool (x32 Version: 1.9.0.13190 - Sony Corporation) Hidden
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Gate (x32 Version: 2.4.1.09230 - Sony Corporation) Hidden
VAIO Gate Default (x32 Version: 2.5.2.02090 - Sony Corporation) Hidden
VAIO Gesture Control (x32 Version: 1.0.0.12300 - Sony Corporation) Hidden
VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)
VAIO Help and Support (x32 Version: 17.00.0109 - Sony Corporation) Hidden
VAIO Improvement (x32 Version: 1.3.0.12280 - Sony Corporation) Hidden
VAIO Manual (x32 Version: 2.3.0.12300 - Sony Corporation) Hidden
VAIO OOBE (x32 Version: 12.2.1.2483 - Sony Corporation) Hidden
VAIO Sample Contents (x32 Version: 1.4.0.09010 - Sony Corporation) Hidden
VAIO Satisfaction Survey. (x32 Version: 3.0 - Sony Electronics Inc.) Hidden
VAIO Smart Network (x32 Version: 3.11.1.15220 - Sony Corporation) Hidden
VAIO Transfer Support (x32 Version: 1.7.1.06040 - Sony Corporation) Hidden
VBMx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Vegas Movie Studio HD Platinum 11.0 (x32 Version: 11.0.256 - Sony) Hidden
VHD (x32 Version: 1.0.0 - Microsoft) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Driver Package - Pitney Bowes (DM150Drv) USB (07/04/2010 2.0.1.5) (HKLM\...\BD561D5D94E7AFC181BE8A098D2EC2B90BD07068) (Version: 07/04/2010 2.0.1.5 - Pitney Bowes)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3531486194-1994793862-2507083748-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02790F39-008D-4B15-8277-7B918EBE9C6B} - \Sony Corporation\VAIO Control Center\Level4Month -> No File <==== ATTENTION
Task: {05E71031-AFFE-4AE2-8E8B-14FECC41D1B7} - \Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser -> No File <==== ATTENTION
Task: {06B21FE3-DC74-4B18-B100-30187B410D8D} - \Microsoft\Windows\Media Center\UpdateRecordPath -> No File <==== ATTENTION
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 -> No File <==== ATTENTION
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 -> No File <==== ATTENTION
Task: {0C9A0B32-1DCA-4EDA-95D4-DD083424BA9F} - \Microsoft\Windows\MobilePC\HotStart -> No File <==== ATTENTION
Task: {0D32AB8D-71ED-4C2F-BAB7-1939118C8AE5} - \Microsoft\Windows\Media Center\PeriodicScanRetry -> No File <==== ATTENTION
Task: {10B3E878-4839-4B09-BC43-890EFED38181} - \Sony Corporation\VAIO Improvement\VAIOImprovementUploader -> No File <==== ATTENTION
Task: {12C53D86-9AC4-434A-A137-9B5BB61638C0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {13A35294-5058-4133-B84A-BFA3FD9E6195} - \Sony Corporation\VAIO Gesture Control\VCGULogonTask -> No File <==== ATTENTION
Task: {1A030C92-DCF3-44CE-B358-7F07EE3F4B05} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {1A973743-7EA9-4995-9044-81DD851608DE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3531486194-1994793862-2507083748-1002UA => C:\Users\Mark\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {1C8AF8B9-B83F-4172-852C-2A7562A72E44} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks -> No File <==== ATTENTION
Task: {1DCDDEA4-FA8E-43A4-841C-048C401447CC} - \Microsoft\Windows\Media Center\mcupdate -> No File <==== ATTENTION
Task: {221C1277-F908-4BD9-8B92-0766756B2CEC} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
Task: {239F9E5F-0AEC-4211-9537-811EAB4B3D44} - \Microsoft\Windows\Media Center\RegisterSearch -> No File <==== ATTENTION
Task: {23E9023E-4475-42B1-A9AD-4A4F0B51386E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-20] (Google Inc.)
Task: {26D09BB8-F861-4911-904A-C31208067B40} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\SymErr.exe [2017-02-20] (Symantec Corporation)
Task: {2B9ABEC2-DA7B-4762-B050-8F9F99D01939} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> No File <==== ATTENTION
Task: {346D0CE2-7862-4C65-BA6E-5D190AD85418} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {3506D485-B6F6-4487-A750-5A6536DF0739} - \Microsoft\Windows\Media Center\StartRecording -> No File <==== ATTENTION
Task: {3CB6E3A8-E65F-4115-8E8F-871408EBE5BA} - \Sony Corporation\VAIO Update\Installer Task -> No File <==== ATTENTION
Task: {3CC120AF-76E4-4C30-A95A-701736DBAF3F} - \Microsoft_Hardware_Launch_itype_exe -> No File <==== ATTENTION
Task: {3CC3E26B-1944-4EAB-89C4-B5AB0327FECF} - \Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem -> No File <==== ATTENTION
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - \Microsoft\Windows\Shell\WindowsParentalControlsMigration -> No File <==== ATTENTION
Task: {50F995BF-5C61-4110-8554-9BCC595B652F} - \Sony\Keyboard Shortcuts -> No File <==== ATTENTION
Task: {56D7C6C0-F143-44FA-A6B3-FD5A9F9C0FFD} - \Microsoft_Hardware_Launch_mousekeyboardcenter_exe -> No File <==== ATTENTION
Task: {58F491D5-A92C-4E01-BC28-9D7BAB2915F1} - \Microsoft\Windows\Media Center\OCURDiscovery -> No File <==== ATTENTION
Task: {5AC4F5D1-3441-42EF-8B4D-60BA77893CDB} - \Microsoft\Windows\SideShow\GadgetManager -> No File <==== ATTENTION
Task: {5ACD51BC-0684-404E-81D8-833A2D58B185} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - \Microsoft\Windows\Shell\WindowsParentalControls -> No File <==== ATTENTION
Task: {66C53742-1CAE-423E-8ACB-A91E3A8F4AF4} - \Microsoft\Windows\SideShow\SystemDataProviders -> No File <==== ATTENTION
Task: {68F50801-48B8-4EF7-ABB7-1D27BC0EB23A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {703E21F8-BE8A-45CA-8226-1B7D2E83AED7} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 -> No File <==== ATTENTION
Task: {71DE19AE-53B6-4AEB-82DF-05145CB87BE5} - \Microsoft\Windows\Media Center\PvrScheduleTask -> No File <==== ATTENTION
Task: {774ADF0B-A1AE-4732-B9BC-EB1A309DF6B9} - \Microsoft\Windows\SideShow\AutoWake -> No File <==== ATTENTION
Task: {7BC9545D-C733-4748-B87B-12E4BE351283} - \Sony Corporation\VAIO Care\CRMReminder -> No File <==== ATTENTION
Task: {7E42EA35-CA17-447E-B22A-5E125898079A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\WSCStub.exe [2017-03-16] (Symantec Corporation)
Task: {7FEDFBE6-AF22-44A7-9854-17D2621C286D} - \Sony Corporation\VAIO Care\VCCheckIolo -> No File <==== ATTENTION
Task: {835F653F-D346-4AC0-8473-8CF955A08F60} - \Sony Corporation\VAIO Care\VAU -> No File <==== ATTENTION
Task: {839FF886-AB68-487B-A0F5-D755497BB22C} - \Microsoft\Windows\WindowsBackup\Windows Backup Monitor -> No File <==== ATTENTION
Task: {83E60C92-B537-4C09-9CBD-457E2E663D8D} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {84F47B1E-CEFD-413A-8AB8-DE81A4E472A6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {854CF653-153F-43BA-B003-6DBB7661AE12} - \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task -> No File <==== ATTENTION
Task: {862681DF-0A7B-46AA-9C3C-60246411B3AB} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\SymErr.exe [2017-02-20] (Symantec Corporation)
Task: {8637E1F8-CDC4-4826-BE01-04CB8C5B1764} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8C59077C-DAB8-4B4C-B2A1-74B5D870C918} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8E0FDAAE-EFED-42E6-AA6D-6FDEF28DD1BD} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.9.1.12\SymErr.exe [2017-02-20] (Symantec Corporation)
Task: {907BD36E-207B-47EB-B679-BAD3B4A68A36} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3531486194-1994793862-2507083748-1002Core => C:\Users\Mark\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {92732E47-1FDB-4A58-AFFC-4279CC32FB4D} - \Microsoft\Windows\Media Center\PBDADiscovery -> No File <==== ATTENTION
Task: {94851137-905A-4C44-8886-DB73CBF42B06} - \Microsoft\Windows\WindowsBackup\AutomaticBackup -> No File <==== ATTENTION
Task: {95359A56-4327-4D5C-9016-77C644C70D4F} - \Microsoft\Windows\Media Center\ActivateWindowsSearch -> No File <==== ATTENTION
Task: {9995CA4B-EB9E-45E8-8ED8-1B14929B698C} - \Microsoft\Windows\Media Center\InstallPlayReady -> No File <==== ATTENTION
Task: {9A30C1E8-3DC4-44C1-B970-B2E5E74D048B} - \VHDInformationCheck -> No File <==== ATTENTION
Task: {9B60BFF7-B1BB-4D40-B969-CD1BE600D573} - \Microsoft\Windows\Media Center\ehDRMInit -> No File <==== ATTENTION
Task: {9C2B7761-3E9B-4C8D-99F7-328D604BB3DE} - \Apple\AppleSoftwareUpdate -> No File <==== ATTENTION
Task: {A11E4C11-BA4B-4E3D-9C26-821D11B25EFB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A3931A01-E4EE-4C18-B1D4-7B2898A8AD1B} - \USER_ESRV_SVC -> No File <==== ATTENTION
Task: {A78E19C4-F08E-447F-A275-F2E7E4CAB62A} - \Microsoft\Windows\Media Center\ReindexSearchRoot -> No File <==== ATTENTION
Task: {A7D0462A-52F1-466D-AAF2-55D5A240100F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-20] (Google Inc.)
Task: {A9A8879C-8C36-44EE-B696-F453816CF34D} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> No File <==== ATTENTION
Task: {B162B326-318D-4D24-9751-0CA20E4DA098} - \Sony Corporation\VAIO Gate\StartExecuteProxy -> No File <==== ATTENTION
Task: {B1FF82B7-19F3-4669-A7B4-6F5ECB805B00} - \Sony Corporation\VAIO Care\VAIO Care -> No File <==== ATTENTION
Task: {B4032F85-1573-44FB-BC5A-616C55F8B27D} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> No File <==== ATTENTION
Task: {BC4C5D8B-08C4-4783-9A77-8A608F7268CC} - \Microsoft_MKC_Logon_Task_itype.exe -> No File <==== ATTENTION
Task: {BCA244B3-163A-48B8-B69C-683E58A81A78} - \Sony Corporation\VAIO Care\AutoCheckMessage -> No File <==== ATTENTION
Task: {BE6C673C-94D6-49A1-91B6-3A41A23B8B42} - \Microsoft_MKC_Logon_Task_ipoint.exe -> No File <==== ATTENTION
Task: {BEF9843A-9383-4193-878D-21B4CAA37BA4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14] (Adobe Systems Incorporated)
Task: {BF51EFE5-1F7D-4A35-A944-208D34612F6D} - \Microsoft\Windows\Media Center\mcupdate_scheduled -> No File <==== ATTENTION
Task: {C3377505-6AAD-48B2-9C7E-121A113F199F} - \Microsoft\Windows\Media Center\PvrRecoveryTask -> No File <==== ATTENTION
Task: {C43E228E-A63E-4218-A995-ABCE7F039B0E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C538CFF5-066D-4CC6-B0C6-737C86FBFA12} - \WPD\SqmUpload_S-1-5-21-3531486194-1994793862-2507083748-1002 -> No File <==== ATTENTION
Task: {C7A1072F-7F87-4C30-B2C9-126756D2CFA1} - \Sony Corporation\VAIO Power Management\VPM Logon Start -> No File <==== ATTENTION
Task: {C893555B-4C47-4460-9368-6772AD24151E} - \Sony Corporation\VAIO Power Management\VPM Unlock -> No File <==== ATTENTION
Task: {CC4D4393-A441-429D-9DD8-E91C6CB129B9} - \Microsoft_Hardware_Launch_ipoint_exe -> No File <==== ATTENTION
Task: {D0FB9FFA-8BD7-44C8-9EB4-0FC7FABC00D8} - System32\Tasks\Send VAIO® Messenger uninstall message => Iexplore.exe hxxp://redirect.ddni.net/servlets/track?r=tau&sku=6514&oem=0&suid=bf347107-2181-4f51-9477-93afdbd2bcf5&uuid=6e98f378-092b-4da0-aa31-aa2f5d0cd948
Task: {D5F0445E-B264-45D3-A380-A516D942957C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D9FE6874-B587-450A-A289-A93997FD0D59} - \Sony Corporation\VAIO Power Management\VPM Session Change -> No File <==== ATTENTION
Task: {DC064B94-60CE-47DC-8222-A72F12E83E79} - \VAIO Health Report -> No File <==== ATTENTION
Task: {DF02CAE9-EE4E-46E4-ABA9-68E3D594A408} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 -> No File <==== ATTENTION
Task: {E0F7BD64-F923-4BC7-AE5D-8FBA6B48FFD7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E1534025-1767-4270-BE43-F0130298464D} - \Sony Corporation\VAIO Gate\VAIO Gate -> No File <==== ATTENTION
Task: {E4CC2D54-AC93-445D-AF3F-058A816F97FA} - \Microsoft\Windows\Media Center\RecordingRestart -> No File <==== ATTENTION
Task: {E8DCE35D-32E4-449F-95A3-A054BC456A7E} - \Sony Corporation\VAIO Smart Network\VSN Logon Start -> No File <==== ATTENTION
Task: {E9DC1F25-E75C-4A62-924B-84D7F4D254FF} - \Microsoft\Windows\SideShow\SessionAgent -> No File <==== ATTENTION
Task: {EA520EF1-8812-4399-8EE5-8AFD70A9700B} - \Sony Corporation\VAIO Control Center\Level4Daily -> No File <==== ATTENTION
Task: {EC1765E1-8114-408F-89E6-2619768DA383} - \Sony Corporation\VAIO Care\VCMetrics -> No File <==== ATTENTION
Task: {EEDE88B9-A651-42BA-9A1E-9338868B53C3} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService -> No File <==== ATTENTION
Task: {F803FC1A-D80B-4B22-A5EA-4467C5FA8A64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FBDEF626-6485-44FF-AFA4-89849BADE296} - \Microsoft\Windows\Media Center\OCURActivate -> No File <==== ATTENTION
Task: {FDD53CB1-53CC-4331-BF76-DBD7E6D99BC1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3531486194-1994793862-2507083748-1002Core.job => C:\Users\Mark\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3531486194-1994793862-2507083748-1002UA.job => C:\Users\Mark\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 18:39 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-02 23:42 - 2016-05-19 21:08 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-02-21 14:45 - 2017-02-21 14:45 - 00585784 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareService.exe
2017-02-21 14:50 - 2017-02-21 14:50 - 00067544 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_date_time-vc140-mt-1_61.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 00030680 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_system-vc140-mt-1_61.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 00121816 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_thread-vc140-mt-1_61.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 00144856 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_filesystem-vc140-mt-1_61.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 00733144 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_log-vc140-mt-1_61.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 00524760 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_locale-vc140-mt-1_61.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 00039384 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_chrono-vc140-mt-1_61.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 11554264 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\rpc_server.dll
2017-02-21 14:51 - 2017-02-21 14:51 - 03712984 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\RCF.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 01000920 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_regex-vc140-mt-1_61.dll
2017-02-21 14:49 - 2017-02-21 14:49 - 01142232 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareActivation.dll
2017-02-21 14:49 - 2017-02-21 14:49 - 00633816 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareApplicationUpdater.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 00843736 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareGamingMode.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 00120280 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareReset.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 00142296 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareTime.dll
2017-02-21 14:49 - 2017-02-21 14:49 - 01024472 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareDefinitionsUpdater.dll
2017-02-21 14:49 - 2017-02-21 14:49 - 00906712 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareDefinitionsUpdaterScheduler.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 01468376 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareIgnoreList.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 00261080 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareQuarantine.dll
2017-02-21 14:49 - 2017-02-21 14:49 - 01652184 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareAntiMalwareEngine.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 01194456 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareScannerHistory.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 01553880 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareScanner.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 00039384 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_timer-vc140-mt-1_61.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 01032152 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareScannerScheduler.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 01183192 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareRealTimeProtection.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 02887640 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareIncompatibles.dll
2017-02-21 14:49 - 2017-02-21 14:49 - 01525208 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareAntiSpam.dll
2017-02-21 14:49 - 2017-02-21 14:49 - 01456600 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareAntiPhishing.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 03464664 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareParentalControl.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 01653720 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareWebProtection.dll
2017-02-21 14:49 - 2017-02-21 14:49 - 01598936 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareEmailProtection.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 00073176 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\boost_iostreams-vc140-mt-1_61.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 01712088 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareNetworkProtection.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 01067480 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwarePromo.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 00475096 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareFeedback.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 03166168 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareThreatWorkAlliance.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 00667096 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwarePinCode.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 01069528 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareNotice.dll
2017-02-21 14:49 - 2017-02-21 14:49 - 01598424 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareAvcEngine.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 01496536 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareRealTimeProtectionHistory.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 00774104 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareStatistics.dll
2012-05-01 23:22 - 2012-03-23 03:47 - 00127320 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
2017-03-29 00:00 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-29 00:00 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2012-03-20 15:43 - 2012-03-20 15:43 - 00477816 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
2017-02-21 14:50 - 2017-02-21 14:50 - 04461016 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareTray.exe
2017-02-21 14:50 - 2017-02-21 14:50 - 11717592 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\rpc_client.dll
2017-03-13 14:00 - 2017-03-13 14:01 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-13 14:00 - 2017-03-13 14:01 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2011-11-30 20:49 - 2011-11-30 20:49 - 00276992 _____ () C:\Program Files\Sony\VAIO Care\READ\RecoveryPartitionManagerREAD.dll
2016-12-13 18:39 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2017-02-21 14:50 - 2017-02-21 14:50 - 02687960 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareShellExtension.dll
2017-01-11 13:37 - 2016-12-21 01:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 13:37 - 2016-12-21 01:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 13:37 - 2016-12-21 01:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 13:37 - 2016-12-21 01:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 13:37 - 2016-12-21 01:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 13:37 - 2016-12-21 01:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-03 02:21 - 2016-10-03 02:21 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 13:38 - 2016-12-21 02:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-04 21:26 - 2016-09-15 12:29 - 03388256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2016-10-03 02:21 - 2016-10-03 02:21 - 02263904 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2014-02-12 22:58 - 2014-02-12 22:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 22:58 - 2014-02-12 22:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-05-02 00:32 - 2012-04-06 16:37 - 00021128 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll
2012-03-20 15:43 - 2012-03-20 15:43 - 00160376 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\MessageHook.dll
2012-03-20 15:43 - 2012-03-20 15:43 - 00026744 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\Utility.dll
2013-10-10 10:07 - 2013-10-10 10:07 - 00623432 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\boost_regex-vc100-mt-1_47.dll
2013-10-10 10:07 - 2013-10-10 10:07 - 00578376 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\BackupLib.dll
2013-10-10 10:07 - 2013-10-10 10:07 - 00021320 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\QBCompressor.dll
2013-10-10 10:07 - 2013-10-10 10:07 - 00137544 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\QBProActiveCore.dll
2013-10-10 10:07 - 2013-10-10 10:07 - 00621384 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\FtuEngine.dll
2013-10-10 10:07 - 2013-10-10 10:07 - 00147272 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\QBMAPILibrary.dll
2013-10-10 07:21 - 2013-10-10 07:21 - 00059904 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\zlib1.dll
2013-10-10 10:07 - 2013-10-10 10:07 - 00247112 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\boost_serialization-vc100-mt-1_47.dll
2013-10-10 10:07 - 2013-10-10 10:07 - 00757576 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\FeaturesBridge.dll
2013-10-10 10:07 - 2013-10-10 10:07 - 00043848 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2014\mbpopup.dll
2017-03-26 17:23 - 2017-03-21 13:06 - 00842560 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2017-03-09 14:19 - 2017-02-28 15:49 - 00035792 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2017-03-09 14:19 - 2017-02-28 15:49 - 00100296 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2017-03-09 14:19 - 2017-02-28 15:49 - 00018888 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\select.pyd
2017-03-09 14:19 - 2017-03-21 13:10 - 00019776 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2017-03-26 17:23 - 2017-03-21 13:09 - 00020824 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2017-03-09 14:19 - 2017-02-28 15:50 - 00123856 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-03-09 14:19 - 2017-02-28 15:49 - 00694224 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-03-26 17:23 - 2017-03-21 13:09 - 01729360 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-03-26 17:23 - 2017-03-21 13:09 - 00020816 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-03-26 17:23 - 2017-02-28 15:49 - 00145864 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-03-26 17:23 - 2017-02-28 15:50 - 00019408 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-03-26 17:23 - 2017-02-28 15:49 - 00116688 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2017-03-09 14:19 - 2017-02-28 15:52 - 00105928 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32api.pyd
2017-03-09 14:19 - 2017-03-21 13:10 - 00022864 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-03-26 17:23 - 2017-03-21 13:09 - 00060736 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-03-26 17:23 - 2017-03-21 13:09 - 00038712 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-03-09 14:19 - 2017-02-28 15:52 - 00024528 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32event.pyd
2017-03-26 17:23 - 2017-02-28 15:49 - 00392656 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-03-26 17:23 - 2017-02-28 15:52 - 00020936 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2017-03-09 14:19 - 2017-02-28 15:52 - 00116176 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32security.pyd
2017-03-09 14:19 - 2017-03-21 13:10 - 00392512 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2017-03-09 14:19 - 2017-02-28 15:52 - 00124880 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32file.pyd
2017-03-09 14:19 - 2017-03-21 13:10 - 00026456 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-03-09 14:19 - 2017-02-28 15:52 - 00024016 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2017-03-09 14:19 - 2017-02-28 15:52 - 00175560 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32gui.pyd
2017-03-09 14:19 - 2017-02-28 15:52 - 00030160 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2017-03-09 14:19 - 2017-02-28 15:52 - 00043472 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32process.pyd
2017-03-09 14:19 - 2017-02-28 15:52 - 00048592 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32service.pyd
2017-03-09 14:19 - 2017-02-28 15:52 - 00057808 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2017-03-09 14:19 - 2017-02-28 15:52 - 00024016 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-03-26 17:23 - 2017-03-21 13:09 - 00246608 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-03-26 17:23 - 2017-03-21 13:09 - 00027488 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-03-09 14:19 - 2017-02-28 15:51 - 00241104 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-03-26 17:23 - 2017-03-21 13:09 - 00022336 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2017-03-09 14:19 - 2017-03-21 13:10 - 00025432 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-03-09 14:19 - 2017-02-28 15:52 - 00028616 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-03-26 17:23 - 2017-03-21 13:10 - 01826104 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2017-03-09 14:19 - 2017-02-28 15:50 - 00083912 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\sip.pyd
2017-03-26 17:23 - 2017-03-21 13:10 - 01972024 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-03-26 17:23 - 2017-03-21 13:10 - 03928896 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-03-26 17:23 - 2017-03-21 13:10 - 00531264 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-03-09 14:19 - 2017-03-21 13:10 - 00053072 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-03-26 17:23 - 2017-03-21 13:10 - 00133432 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-03-26 17:23 - 2017-03-21 13:10 - 00224064 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-03-26 17:23 - 2017-03-21 13:10 - 00207680 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-03-09 14:19 - 2017-03-21 13:10 - 00022864 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-03-09 14:19 - 2017-03-21 13:10 - 00069968 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2017-03-09 14:19 - 2017-03-21 13:10 - 00022872 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-03-09 14:19 - 2017-03-21 13:10 - 00021848 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-03-09 14:19 - 2017-03-21 13:10 - 00022872 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2017-03-09 14:19 - 2017-02-28 15:52 - 00349128 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-03-26 17:23 - 2017-03-21 13:10 - 00103232 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.pyd
2017-03-09 14:19 - 2017-03-21 13:10 - 00023896 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-03-26 17:23 - 2017-03-21 13:09 - 00025936 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-03-26 17:23 - 2017-02-28 15:47 - 00036296 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\librsync.dll
2017-03-26 17:23 - 2017-03-21 13:09 - 00033112 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2017-03-26 17:23 - 2017-03-10 18:17 - 00293392 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2017-03-26 17:23 - 2017-03-21 13:09 - 00084288 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-03-09 14:19 - 2017-03-21 13:10 - 00030536 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd
2017-03-26 17:23 - 2017-02-28 15:56 - 00017864 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-03-26 17:23 - 2017-02-28 15:56 - 01631184 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-03-26 17:23 - 2017-03-21 13:10 - 00042816 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-03-26 17:23 - 2017-03-21 13:10 - 00171336 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-03-26 17:23 - 2017-03-21 13:10 - 00357688 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2017-03-09 14:19 - 2017-02-28 15:52 - 00060880 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\win32print.pyd
2017-03-09 14:19 - 2017-03-21 13:10 - 00026456 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-26 17:23 - 2017-03-21 13:10 - 00546104 _____ () C:\Users\Mark\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-05-20 09:57 - 2016-05-20 09:57 - 00109568 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\qextserialport1.dll
2009-01-10 13:32 - 2009-01-10 13:32 - 00011362 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\mingwm10.dll
2016-05-20 09:58 - 2016-05-20 09:58 - 00590848 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\qjson0.dll
2009-06-22 21:42 - 2009-06-22 21:42 - 00043008 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\libgcc_s_dw2-1.dll
2016-05-20 10:04 - 2016-05-20 10:04 - 00166856 _____ () C:\Program Files (x86)\SkyGolf\CaddieSync Express\conduitscripting0.dll
2011-12-19 15:27 - 2011-12-19 15:27 - 00011704 _____ () C:\Program Files (x86)\Citrix\SelfServicePlugin\ExtensionSDK.dll
2012-05-01 23:22 - 2012-03-23 03:47 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2017-02-06 18:19 - 2017-02-01 04:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 18:19 - 2017-02-01 04:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\adawareantivirusservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\adawareantivirusservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3531486194-1994793862-2507083748-1000\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-3531486194-1994793862-2507083748-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{DB525453-02BA-4564-B0F1-08FECA1D5445}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{405807E2-AD6E-41B5-AC7B-85032629B3CC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6BBF5D66-89EB-40E4-ABDE-2B615C431C23}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe
FirewallRules: [{D8B7793A-B4C0-45E7-8745-86471A48F9C7}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe
FirewallRules: [{F42D1DCD-6A51-4D48-A37F-042F24AC5719}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe
FirewallRules: [{10259220-E89D-4E64-A28D-D62CE4279960}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{D418F123-83E4-4671-9CED-5F38FF47CCF7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B266D5A4-2609-4491-8905-1CFE1F2527FE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7EF6C2CD-E8FD-4D86-B42E-BE3452124277}] => (Allow) LPort=2869
FirewallRules: [{11E1CD4D-42EE-4919-8D15-D00DA315A72E}] => (Allow) LPort=1900
FirewallRules: [{8C7F86D5-6B83-4FFD-9897-DCD348A72BC9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{79B99110-C903-4EB2-88FA-CDA8D460E252}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{EFCDBB65-A836-4FF1-B2FC-53FE99ABA463}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{1289397D-D65D-4113-B8C5-4B84F04F9C18}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{91B020CD-0D3C-437D-A44A-009B974D3D37}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{9B78FCA4-3CF3-457B-A66D-C512EAE05AB4}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{D757C5E9-84F5-4C66-B0D1-C8190827CBAB}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{DB7C260A-060B-4A13-8380-ED2FA96EAD26}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{B87A4986-B1F6-4EC7-AB47-3EF1BD147504}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{783ACF1B-EEE4-4099-A98F-0F143EFA782B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F5C5F624-E7A6-4EA5-B345-F0CD6A336466}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{01D50184-D604-43CF-A870-D4ED31A7BB93}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{249102EE-3D05-4E3E-B168-DFFE31AC61D3}C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{07BA160C-2E7A-4FDE-9C0F-7FC47A444622}C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe
FirewallRules: [{D38ECD79-575A-45D3-951A-2DDBAFA7E4B3}] => (Allow) C:\Users\Mark\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{988F1FF2-4FDC-4887-BBED-E3E9B633278E}] => (Allow) C:\Users\Mark\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{22A6D8EC-29F0-4E46-B4DD-B7506A5D05EF}C:\users\mark\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mark\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{65B2E81A-5145-4F4A-96C0-552742CA5EEE}C:\users\mark\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mark\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{CEE4E8BD-9E1A-4A55-AC55-291C2BDB5F6E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{4DDDBF00-8634-4B51-A6B2-0A496B977C19}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{C4F384C0-AF50-4BE4-93EB-E67C35D46D83}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{AD40285D-FFB2-4785-80DC-E959039106A0}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{AB80A5BB-AB2B-47EB-9D8F-FC3849AC10E8}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{010947D9-81EB-4E44-9CD8-CAC0D087089C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe] => Enabled:TriDef 3D Media Player
==================== Restore Points =========================
29-03-2017 18:59:10 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/29/2017 10:53:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mark-VAIO)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (03/29/2017 10:32:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mark-VAIO)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (03/29/2017 09:57:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mark-VAIO)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (03/29/2017 09:43:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mark-VAIO)
Description: Activation of app 9E2F88E3.Twitter_wgeqdkkx372wm!x554f661dyd360y462cy8743yf8a99b7d41dbx failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (03/29/2017 09:43:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mark-VAIO)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (03/29/2017 09:43:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Mark-VAIO)
Description: Package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.
Error: (03/29/2017 09:41:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mark-VAIO)
Description: Activation of app Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (03/29/2017 09:39:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Mark-VAIO)
Description: Package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.
Error: (03/29/2017 09:03:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mark-VAIO)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (03/29/2017 08:17:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Mark-VAIO)
Description: Package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.
System errors:
=============
Error: (03/29/2017 11:24:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Software Protection service terminated with the following error:
The parameter is incorrect.
Error: (03/29/2017 10:24:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Software Protection service terminated with the following error:
The parameter is incorrect.
Error: (03/29/2017 10:08:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Energy Server Service service terminated unexpectedly. It has done this 1 time(s).
Error: (03/29/2017 09:57:12 PM) (Source: DCOM) (EventID: 10010) (User: Mark-VAIO)
Description: The server App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.
Error: (03/29/2017 09:56:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VAIO Power Management service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (03/29/2017 09:56:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the VAIO Power Management service to connect.
Error: (03/29/2017 09:55:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CamMonitor service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (03/29/2017 09:55:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the CamMonitor service to connect.
Error: (03/29/2017 09:54:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Software Protection service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (03/29/2017 09:54:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
CodeIntegrity:
===================================
Date: 2017-01-21 19:26:15.213
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-01-21 19:26:15.151
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-01-21 19:26:15.129
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-01-21 19:26:15.080
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-01-21 19:26:15.056
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-01-21 19:26:15.028
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-01-21 19:26:13.446
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-01-21 19:26:13.180
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-01-21 19:24:35.392
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-01-21 19:24:35.360
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i7-3612QM CPU @ 2.10GHz
Percentage of memory in use: 51%
Total physical RAM: 8091.27 MB
Available physical RAM: 3898.68 MB
Total Virtual: 16283.27 MB
Available Virtual: 11174.51 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:678.09 GB) (Free:573.63 GB) NTFS
Drive e: (Monogram Wizard+) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 04AC9C78)
Partition: GPT.
==================== End of Addition.txt ============================
Edited by ptorline, 29 March 2017 - 10:44 PM.