Inactive-A Sony Vaio computer running slow and locks up

Brent25 · Feb 25, 2016

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016
Ran by Brent (administrator) on BRENT (25-02-2016 00:16:42)
Running from C:\Users\Brent\Downloads
Loaded Profiles: Brent (Available Profiles: Brent)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\n360.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\n360.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dropbox, Inc.) C:\Users\Brent\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc.) C:\Users\Brent\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
() C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
Failed to access process -> IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2419512 2012-11-04] (Logitech, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16161536 2015-08-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-30] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945672 2015-10-06] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2362392 2013-11-21] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)
HKLM-x32\...\Run: [ROC_roc_ssl_v12] => "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2015-12-17] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [1596096 2009-08-05] (Leader Technologies Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJHE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [761056 2015-12-17] (Adobe Systems Incorporated)
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\Run: [Dropbox Update] => C:\Users\Brent\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-13] (Dropbox, Inc.)
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\Run: [GoogleChromeAutoLaunch_723B7423F2BABCAECDF43AE1343EA9C3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [746648 2016-02-17] (Google Inc.)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJHE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk [2014-02-04]
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-01-12]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PlutoTV.lnk [2015-10-31]
ShortcutTarget: PlutoTV.lnk -> C:\Program Files (x86)\Pluto TV\PlutoTV.exe ()
Startup: C:\Users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-24]
ShortcutTarget: Dropbox.lnk -> C:\Users\Brent\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a8d81477-9018-4e87-9b81-0431ce93603b}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggVd1gLVwpJFRgXdApdTA0XFQcOeAoLAhRIEwIQdltdVgsUFwQFIk0FA1ADB0VXfVBdFElXTwhxJUpNDU0CaUBB
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=US&userid=8fdfb7bf-61d3-4fe8-92b0-0081c8e1a188&searchtype=ds&q={searchTerms}
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=US&userid=8fdfb7bf-61d3-4fe8-92b0-0081c8e1a188&searchtype=ds&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8PAApHEg0XbQ0MUlxcFVMXchQAUgoSDAwRdwoOA1xGE1AVcR9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKLM -> OldSearch URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=78&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=4217026139594434&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8PAApHEg0XbQ0MUlxcFVMXchQAUgoSDAwRdwoOA1xGE1AVcR9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=78&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=4217026139594434&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=US&userid=8fdfb7bf-61d3-4fe8-92b0-0081c8e1a188&searchtype=ds&q={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=78&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=4217026139594434&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2549116610-987113267-4104036400-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8PAApHEg0XbQ0MUlxcFVMXchQAUgoSDAwRdwoOA1xGE1AVcR9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2549116610-987113267-4104036400-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=US&userid=8fdfb7bf-61d3-4fe8-92b0-0081c8e1a188&searchtype=ds&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2549116610-987113267-4104036400-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8PAApHEg0XbQ0MUlxcFVMXchQAUgoSDAwRdwoOA1xGE1AVcR9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2549116610-987113267-4104036400-1001 -> {59991BE0-737F-4E3F-B03F-82D844F7E04B} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-dd__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2549116610-987113267-4104036400-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=78&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=4217026139594434&q={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll => No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-15] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2012-11-04] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-15] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2549116610-987113267-4104036400-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated)
DPF: HKLM-x32 {297DE2B6-509A-4B36-93C5-A65276606900} hxxp://www.in.honda.com/rraaapps/rraasec/codebase/RRAAINAX/RraainAX.CAB
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll No File
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-10-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-15] (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll [No File]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF HKLM\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1115\7.5.1115\firefoxextension => not found
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2016-02-19]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-01-12]
FF HKLM-x32\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1115\7.5.1115\firefoxextension => not found
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension => not found
FF HKLM-x32\...\Firefox\Extensions: [{21541D23-FDA1-4bf3-8AF2-8F623BF70B07}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension => not found
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2012-12-09] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon

Chrome:
=======
CHR HomePage: Default -> hxxp://id%3Dm8dd4efae-69cd-48f8-bfee-1a38ea5ccc63%26searchsource%3D55%26cui%3D%26um%3D6%26up%3Dsp745fda4d-79de-4d37-a607-a194f050622e%26sspv%3D%26tid%3D1035/
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggVd1gLVwpJFRgXdApdTA0XFQcOeAoLAhRIEwIQdltdVgsUFwQFIk0FA1oDB0VXfV5bFElXTwhxJUpNDU0CaUBB"
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Trend Micro Titanium) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll => No File
CHR Profile: C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Google Drive) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-06]
CHR Extension: (Google Search) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Logitech SetPoint) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd [2013-08-19]
CHR Extension: (Adobe Acrobat) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-12-14]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-02-09]
CHR Extension: (Google Docs Offline) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-14]
CHR Extension: (Norton Identity Safe) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-02-09]
CHR Extension: (Norton Safe) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-02-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-30]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2013-12-28]
CHR Extension: (Gmail) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-09]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1115\7.5.1115\chrome_tmbep.crx <not found>
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\Exts\Chrome.crx [2016-02-01]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1115\7.5.1115\chrome_tmbep.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\Exts\Chrome.crx [2016-02-01]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2012-12-09]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-12-17]
CHR HKLM-x32\...\Chrome\Extension: [heoldelcflnigdllmlopiefhkkobendj] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\chromeextension.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-12-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-12-14] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-24] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\N360.exe [282016 2015-11-20] (Symantec Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639576 2013-05-10] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-11-21] (Sony Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-10-06] (Synaptics Incorporated)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-11-07] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [File not signed]
S2 Service Mgr ResultsHub; "C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugincontainer.exe" [X] <==== ATTENTION
S2 Update Mgr ResultsHub; "C:\Program Files (x86)\Common Files\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\updater.exe" [X] <==== ATTENTION

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-05-23] (Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\BASHDefs\20160213.003\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-12] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-12] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\IPSDefs\20160224.001\IDSvia64.sys [767224 2016-02-18] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20160224.022\ENG64.SYS [138488 2016-02-19] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20160224.022\EX64.SYS [2148080 2016-02-19] (Symantec Corporation)
R3 rimssne; C:\Windows\System32\drivers\rimssne64.sys [103424 2012-08-22] (REDC)
R3 risdsnxc; C:\Windows\System32\drivers\risdsnxc64.sys [104960 2012-08-22] (REDC)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [29352 2015-11-17] ()
S3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2014-12-26] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-10-06] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-10] (Sony Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1605050.00F\SRTSP64.SYS [928496 2015-11-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605050.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605050.00F\SymELAM.sys [24192 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2016-01-12] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS [577768 2015-11-11] (Symantec Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [285696 2007-06-17] (Jungo)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-25 00:16 - 2016-02-25 00:16 - 00039561 _____ C:\Users\Brent\Downloads\FRST.txt
2016-02-25 00:16 - 2016-02-25 00:16 - 00000000 ____D C:\FRST
2016-02-25 00:15 - 2016-02-25 00:15 - 02371072 _____ (Farbar) C:\Users\Brent\Downloads\FRST64.exe
2016-02-25 00:09 - 2016-02-25 00:09 - 00016148 _____ C:\WINDOWS\system32\BRENT_Brent_HistoryPrediction.bin
2016-02-25 00:06 - 2016-02-25 00:06 - 00000000 _____ C:\WINDOWS\Minidump\022516-54921-01.dmp
2016-02-25 00:02 - 2016-02-25 00:04 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-25 00:02 - 2016-02-25 00:02 - 00002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-02-24 23:59 - 2016-02-24 23:59 - 01098961 _____ (Igor Pavlov) C:\Users\Brent\Downloads\7z1514.exe
2016-02-24 23:59 - 2016-02-24 23:59 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-02-24 23:35 - 2016-02-24 23:36 - 00000000 ____D C:\Users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-19 16:28 - 2016-02-19 16:54 - 2010809045 _____ C:\Users\Brent\Downloads\Global53.zip
2016-02-19 16:12 - 2016-02-19 16:12 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-02-19 16:12 - 2016-02-19 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-02-19 16:11 - 2016-02-19 16:12 - 00000000 ____D C:\Program Files\iTunes
2016-02-19 16:11 - 2016-02-19 16:11 - 00000000 ____D C:\Program Files\iPod
2016-02-19 16:11 - 2016-02-19 16:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-02-19 16:03 - 2016-02-19 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-02-09 12:09 - 2016-02-25 00:14 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-25 00:15 - 2015-07-10 06:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-25 00:14 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-25 00:11 - 2013-08-19 10:16 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-25 00:11 - 2012-11-02 21:45 - 00000000 ___RD C:\Users\Brent\Dropbox
2016-02-25 00:11 - 2012-11-02 21:41 - 00000000 ____D C:\Users\Brent\AppData\Roaming\Dropbox
2016-02-25 00:10 - 2014-08-22 11:25 - 00000000 __SHD C:\Users\Brent\IntelGraphicsProfiles
2016-02-25 00:09 - 2015-08-30 22:25 - 00000000 ____D C:\Users\Brent
2016-02-25 00:08 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-25 00:06 - 2013-01-09 19:22 - 829815401 _____ C:\WINDOWS\MEMORY.DMP
2016-02-25 00:04 - 2015-08-30 21:49 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-02-25 00:02 - 2012-11-04 21:37 - 00000000 ____D C:\Users\Brent\AppData\Local\Adobe
2016-02-25 00:02 - 2012-10-19 12:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-02-24 23:42 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-24 23:42 - 2014-01-03 22:54 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F58BE7DF-8EAC-49CA-9BD6-A90B3FED1ABC}
2016-02-24 23:42 - 2013-08-19 09:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-24 23:42 - 2012-12-13 03:03 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-24 23:38 - 2015-08-30 22:21 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-24 23:34 - 2012-11-02 22:20 - 00000000 ____D C:\Users\Brent\AppData\Local\CrashDumps
2016-02-19 17:18 - 2015-07-10 04:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-19 17:07 - 2015-08-31 02:15 - 00000000 ___DC C:\WINDOWS\Panther
2016-02-19 17:06 - 2013-08-19 10:16 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-19 17:02 - 2015-10-30 04:42 - 00000000 ___HD C:\$WINDOWS.~BT
2016-02-19 16:55 - 2013-08-19 10:17 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 16:55 - 2013-08-19 10:17 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-19 16:11 - 2012-11-02 21:22 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-02-19 16:06 - 2012-11-02 21:23 - 00000000 ____D C:\Users\Brent\AppData\Roaming\Apple Computer
2016-02-19 16:06 - 2012-11-02 21:23 - 00000000 ____D C:\Users\Brent\AppData\Local\Apple Computer
2016-02-19 15:58 - 2014-06-10 07:26 - 00000000 __SHD C:\Users\Brent\AppData\LocalLow\EmieUserList
2016-02-19 15:58 - 2014-05-03 01:42 - 00000000 __SHD C:\Users\Brent\AppData\LocalLow\EmieSiteList
2016-02-19 15:58 - 2013-01-06 14:43 - 00003484 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
2016-02-19 15:54 - 2015-08-30 22:46 - 00889430 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-19 15:54 - 2015-07-10 06:02 - 00000000 ____D C:\WINDOWS\INF
2016-02-19 15:50 - 2015-07-10 04:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-19 15:49 - 2016-01-12 22:52 - 00000000 ____D C:\WINDOWS\system32\Drivers\N360x64
2016-02-19 15:49 - 2015-07-10 06:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-02-09 12:03 - 2016-01-12 22:54 - 00003398 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2016-02-09 12:03 - 2016-01-12 22:54 - 00002435 _____ C:\Users\Public\Desktop\Norton Security Suite.LNK
2016-02-09 12:03 - 2016-01-12 22:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2016-02-09 12:03 - 2015-08-30 22:21 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2016-02-01 22:01 - 2013-08-19 10:16 - 00003976 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-01 22:01 - 2013-08-19 10:16 - 00003744 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2015-10-03 10:46 - 2015-10-03 10:46 - 6420480 _____ () C:\Program Files (x86)\GUTA385.tmp
2012-11-02 21:32 - 2012-11-02 21:32 - 0000093 _____ () C:\Users\Brent\AppData\Local\fusioncache.dat
2012-11-18 12:55 - 2012-11-18 12:55 - 0000036 _____ () C:\Users\Brent\AppData\Local\housecall.guid.cache
2013-10-16 11:43 - 2013-11-13 23:42 - 0000125 ___SH () C:\ProgramData\.zreglib
2012-10-19 11:36 - 2012-10-19 11:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-01-12 22:14

==================== End of FRST.txt ============================

Brent25 · Feb 25, 2016

It is a Sony Vaio SVE14AE13L

Broni · Feb 25, 2016

Welcome aboard

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

============================

I still need Addition.txt log from FRST.

Brent25 · Feb 25, 2016

Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-02-2016
Ran by Brent (2016-02-25 22:34:16)
Running from C:\Users\Brent\Downloads
Windows 10 Home Version 1511 (X64) (2016-02-25 09:48:54)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2549116610-987113267-4104036400-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2549116610-987113267-4104036400-1004 - Limited - Enabled)
Brent (S-1-5-21-2549116610-987113267-4104036400-1001 - Administrator - Enabled) => C:\Users\Brent
DefaultAccount (S-1-5-21-2549116610-987113267-4104036400-503 - Limited - Disabled)
Guest (S-1-5-21-2549116610-987113267-4104036400-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2549116610-987113267-4104036400-1006 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security Suite (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security Suite (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.14 (HKLM-x32\...\7-Zip) (Version: 15.14 - Igor Pavlov)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.14 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe CS6 Design and Web Premium (HKLM-x32\...\{402F6F2E-5683-491C-977D-0CA599A07CAF}) (Version: 6 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
AMD Catalyst Install Manager (HKLM\...\{CC608842-EFFB-2528-BE17-98B97F22FD5D}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArtRage Studio (HKLM-x32\...\{5A9FE63F-F201-4D55-9F5F-06DDB239AC4F}) (Version: 3.5.5 - Ambient Design)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Circle Track Analyzer v3.6 (HKLM-x32\...\{B51137C7-B662-4776-A85C-501CCA70955E}) (Version: 3.6 - Performance Trends)
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1923 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)
DownloadX ActiveX Download Control 1.6.7 (HKLM-x32\...\CA17A131-B7D9-41D6-868F-29A9BD9FCC8E_is1) (Version: - DownloadXCtrl.com)
Dropbox (HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
EDIABAS 7.3.0 (HKLM-x32\...\{083933AF-00A2-4CFC-BE59-19DC385E8761}) (Version: 7.3.0 - BMW Group)
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.30.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WF-3540 Series Printer Uninstall (HKLM\...\EPSON WF-3540 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
E-Sys 3.26.1 (build 42487) (HKLM-x32\...\E-Sys_is1) (Version: 3.26.1 - ESG GmbH)
E-Sys Launcher Premium (HKLM-x32\...\{C29E2985-DD21-4C7C-8264-56ADFC3893AD}) (Version: 1.0.7.26 - TokenMaster)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
ForceDistance version 2.0.0.0 (HKLM-x32\...\{5AB6E9B0-48C4-4F46-8D35-049368930705}_is1) (Version: 2.0.0.0 - Delosphere Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech SetPoint 6.51 (HKLM\...\sp6) (Version: 6.51.8 - Logitech)
LTCM Client (HKLM-x32\...\LTCM Client) (Version: - Leader Technologies Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden
Norton Security Suite (HKLM-x32\...\N360) (Version: 22.5.5.15 - Symantec Corporation)
Oracle VM VirtualBox 4.2.6 (HKLM\...\{A8A0B1C1-FBC7-4790-8E26-9DA1A6A95452}) (Version: 4.2.6 - Oracle Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Piolet 3.1.1 (HKLM-x32\...\Piolet) (Version: 3.1.1 - MP2P Technologies)
PlayMemories Home (HKLM-x32\...\{4C93E894-BE17-463B-A789-4CAB706987A0}) (Version: 8.0.21.11211 - Sony Corporation)
Pluto TV version 0.1.5 (HKLM-x32\...\Pluto TV_is1) (Version: 0.1.5 - Pluto TV)
PodLift (HKLM-x32\...\PodLift) (Version: - Marc Saint)
PodLift (x32 Version: 1.0.2.1 - Marc Saint) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
RLC Race Analyzer (HKLM-x32\...\{A9189902-E297-41FA-B8FC-A6E272CCB3F4}) (Version: 3.60.0481 - RLC Enterprises)
SCS Shortcut (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Software Updater (HKLM-x32\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION)
SOHLib for PlayMemories Home (Version: 1.0.1.11110 - Sony Corporation) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Store App Support Utility (HKLM\...\{B93C07D4-49FF-440D-8A6A-054A42AEA960}) (Version: 1.0.0.02240 - Sony Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
Techstream Software (HKLM-x32\...\{937CA58A-0212-431C-8F0B-0D8305225476}) (Version: 7.00.020 - DENSO CORPORATION)
Techstream Software (x32 Version: 7.00.020 - DENSO CORPORATION) Hidden
Trend Micro Titanium (Version: 6.00 - Trend Micro Inc.) Hidden
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 6.0 - Trend Micro Inc.)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.2.07020 - Sony Corporation)
VAIO Care (HKLM\...\{036400BD-B717-4D50-ACDC-96480C99EDD3}) (Version: 8.4.4.09186 - Sony Corporation)
VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11220 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.4.4.07220 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.1.02270 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden
VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.2.11060 - Sony Corporation)
VAIO Movie Creator Template Data (HKLM-x32\...\InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}) (Version: 4.0.00.08170 - Sony Corporation)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation)
VCCMMX64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.4 (HKLM-x32\...\VLC media player) (Version: 2.0.4 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net (07/15/2013 10.0.0.260) (HKLM\...\FF9ECD00DD25FDB7D3208607214790302878ACBE) (Version: 07/15/2013 10.0.0.260 - Qualcomm Atheros Communications Inc.)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
ZiggyTV (HKLM-x32\...\ZiggyTV) (Version: 5.1.2 - ZiggyTV)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Brent\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Brent\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll => No File
CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll => No File
CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll => No File
CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01B0D548-77B9-4A86-A246-77E2359ECE08} - System32\Tasks\Norton 360\Norton Autofix => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {033B7978-B4E3-4EC7-9455-7A133B7AE788} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {07901E19-8EFD-4939-AFA6-6E9F5D2479A5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0C147655-2200-471A-BA61-65C656FF7603} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {0E8F642C-F1FC-4D9B-BD27-782E146D1C1C} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2015-08-06] (Sony Corporation)
Task: {17D16274-31ED-48E4-951D-4D58416FB0AE} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe [2013-06-20] (Sony Electronics)
Task: {18A26D95-7673-4225-8C36-2A91FF9B7C60} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {1993264A-2D63-480C-952F-3F5252197ED9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {1A2DC034-6F26-46E5-911D-130FA5E155FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1DB6A878-BC97-4B51-A9E5-C7F16678A415} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2015-07-23] (Sony Corporation)
Task: {20C55F78-6FA9-4C76-A489-A27ABCE3449B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-24] (Microsoft Corporation)
Task: {2386B3AA-799A-4830-AD1B-477245BDEFCA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {25C1155B-716E-4A25-8415-47C7FD818B5E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\WSCStub.exe [2015-11-20] (Symantec Corporation)
Task: {2AC88BF6-D676-4108-99D8-425CE6A884F7} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2015-07-31] (Sony Corporation)
Task: {2C11C05A-9199-469E-A557-676EB1504830} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-03] (Sony Corporation)
Task: {31BC3981-6769-4302-B7A9-B4E2C1AA5B2B} - System32\Tasks\Sony Corporation\VAIO Care\UpdateConfig => C:\ProgramData\Sony Corporation\VCM Data\UpdateConfig.exe [2015-03-03] (Sony Corporation)
Task: {3437ED00-0A80-4DC1-9721-5356B1C9B19B} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {3796F43B-8649-4F3A-B3D0-6C98D469B546} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3AC30E92-AF71-49D6-A426-8974AC4EC86B} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {3E84F071-FAEF-4E57-B1F3-0EA28C19B9CF} - System32\Tasks\Sony Corporation\Store App Support Utility\Store App Support Utility Logon Start => C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe [2014-02-24] (Sony Corporation)
Task: {418B664B-AAFD-4512-B13C-B02C2D85AA87} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {52F37F55-E4FA-4905-932B-A35E116CC565} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {561C8875-9484-4312-B142-B241FC94DE4E} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {58C73B8B-84B9-4473-B330-C4352FA4DFFA} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {593758B7-B3CD-45E7-968D-424C2132E842} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2549116610-987113267-4104036400-1001
Task: {62228252-6EF1-4925-9115-095D8DFCA9CA} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-21] (Sony Corporation)
Task: {6569AB29-C860-42E0-A575-19821B8BE512} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {6AFD6D0E-79D5-43A1-AB5F-B08D9919F3F3} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2015-07-31] (Sony Corporation)
Task: {7853376E-B9BA-46AB-A3F9-E76F5688DB50} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7B32430A-2DC2-4E6C-9606-532985C98CCE} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-fastgtp25@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {7E05BC59-6169-447B-8435-4283A1D55C98} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {81EB304F-F0AA-4A83-84E3-35B052D51686} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {849BCD55-7D56-47FD-8C36-9204468668F7} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {869DD878-754F-4FAE-BA49-3ECA2F9EC259} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {8E49A5B5-42CC-4C33-A080-0CA2DB96A3D7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {91408369-92FD-40E5-B31B-0B5649266B4C} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {92AB8EA1-659A-4068-954B-867367CF56F7} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {930F0AA3-2A77-4FD5-8BA4-63798FFFC9A1} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {9402FA66-0E41-4591-B2DC-D2760D867A81} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => C:\ProgramData\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {A2B952D8-DC8A-4C59-877C-2D8B09E30605} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {AB0D45A3-567A-4F43-971F-B55240E6D96E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {B93B4F01-83F8-4725-BBD4-5099367F3BD5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {BB7D677E-D79A-40F0-8438-1DE6496BBD76} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C23E131E-0E36-4416-89EC-B2A01C49F342} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {CCDD60D2-8CFF-44E1-9D42-D248AF4B117B} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2015-02-04] (Sony Corporation)
Task: {CE3F44F9-BF08-4B0B-BC84-09EB0C97CCA5} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-12-01] (Apple Inc.)
Task: {D2FCA361-324B-43EE-BA13-89178590F824} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {DA07FEC4-016D-4628-ACFD-AC8D2BE8006C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {DC7323E9-0C27-46D9-B0DD-A7BF8B5C2BF9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DDD7F852-D1C5-4FEB-B99C-230CF230C49D} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {DE3C914C-8439-46D2-AD96-DAA32E80C002} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {DF701159-B8DD-40C4-92C3-F71251A73DFD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E08CCE6B-F939-4D42-85BF-14703AF43399} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {EE1D534E-6C05-4483-BD2A-3603A57DDB43} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {F10F6BC7-9021-4451-A201-CACF070ADA85} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {F3D40B42-F344-45C5-9335-BF65D24B112B} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {F505836D-26DC-423A-9334-2122B46D3066} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {F5BFFA22-7020-4290-83C5-9DA0710F6483} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2013-11-07] (Sony Corporation)
Task: {F7467E2C-0AE9-49B9-ABCE-1FE99E4B9EAC} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {FFB465A8-A4B5-4DD1-A6CE-D0E40D168B7F} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2549116610-987113267-4104036400-1001Core1d0df9fc452f15e.job => C:\Users\Brent\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Brent\Desktop\E-Sys (BMW Coding Software).lnk -> C:\EC-Apps\ESG\E-Sys\E-Sys.bat ()

==================== Loaded Modules (Whitelisted) ==============

2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00413336 _____ () C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
2015-08-26 13:11 - 2015-08-26 13:11 - 00709272 _____ () C:\Program Files\Sony\VAIO Care\ESRV\intel_modeler.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00130712 _____ () C:\Program Files\Sony\VAIO Care\ESRV\intel_process_input.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00025752 _____ () C:\Program Files\Sony\VAIO Care\ESRV\intel_system_power_state_input.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00059544 _____ () C:\Program Files\Sony\VAIO Care\ESRV\intel_quality_and_reliability_input.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00194712 _____ () C:\Program Files\Sony\VAIO Care\ESRV\acpi_battery_input.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00159896 _____ () C:\Program Files\Sony\VAIO Care\ESRV\sema_thermal_input.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00158360 _____ () C:\Program Files\Sony\VAIO Care\ESRV\wifi_input.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00050840 _____ () C:\Program Files\Sony\VAIO Care\ESRV\devices_use_input.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00032920 _____ () C:\Program Files\Sony\VAIO Care\ESRV\intel_disktrace_input.dll
2015-10-30 02:18 - 2015-10-30 02:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00458904 _____ () C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
2015-08-26 13:11 - 2015-08-26 13:11 - 00185496 _____ () C:\Program Files\Sony\VAIO Care\ESRV\foreground_window_input.dll
2016-02-25 11:21 - 2016-02-25 11:22 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2012-10-19 11:44 - 2012-07-24 21:52 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-02-24 23:35 - 2016-01-12 13:44 - 00034768 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-24 23:35 - 2016-01-12 13:45 - 00019408 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-01-12 22:22 - 2016-01-12 13:44 - 00116688 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-02-24 23:35 - 2016-01-12 13:44 - 00093640 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-02-24 23:35 - 2016-01-12 13:44 - 00018376 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\select.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00019760 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-02-24 23:35 - 2016-01-12 13:46 - 00105928 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-01-12 22:22 - 2016-01-12 13:44 - 00392144 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-02-24 23:35 - 2016-02-16 13:39 - 00381752 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-02-24 23:35 - 2016-01-12 13:44 - 00692688 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-24 23:35 - 2016-02-16 13:38 - 00020816 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-02-24 23:35 - 2016-01-12 13:45 - 00112592 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-24 23:35 - 2016-02-16 13:38 - 01682760 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-24 23:35 - 2016-02-16 13:38 - 00020808 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00020800 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00021840 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00038696 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-01-12 22:22 - 2016-01-12 13:46 - 00020936 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-02-24 23:35 - 2016-01-12 13:46 - 00024528 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-02-24 23:35 - 2016-01-12 13:47 - 00114640 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-02-24 23:35 - 2016-01-12 13:46 - 00124880 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00021832 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-02-24 23:35 - 2016-01-12 13:46 - 00024016 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-02-24 23:35 - 2016-01-12 13:46 - 00175560 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-02-24 23:35 - 2016-01-12 13:47 - 00030160 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-02-24 23:35 - 2016-01-12 13:47 - 00043472 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-02-24 23:35 - 2016-01-12 13:47 - 00028616 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-02-24 23:35 - 2016-01-12 13:47 - 00048592 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00026456 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-02-24 23:35 - 2016-01-12 13:46 - 00057808 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-02-24 23:35 - 2016-01-12 13:47 - 00024016 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-24 23:35 - 2016-02-16 13:38 - 00117056 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 00024392 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-24 23:35 - 2016-01-12 13:47 - 00036296 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\librsync.dll
2016-02-24 23:35 - 2016-02-16 13:39 - 00031568 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2016-02-24 23:35 - 2015-11-04 19:04 - 00293392 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2016-02-24 23:35 - 2016-02-16 13:39 - 00023376 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-24 23:35 - 2016-01-12 13:44 - 00134608 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-01-12 22:22 - 2016-01-12 13:44 - 00134088 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-24 23:35 - 2016-01-12 13:45 - 00240584 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 00052024 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00020800 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00021824 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00019776 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00020800 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-24 23:35 - 2016-02-16 13:38 - 00020280 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-02-24 23:35 - 2016-01-12 13:47 - 00350152 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00022352 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00084792 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-01-12 22:22 - 2016-02-16 13:39 - 01826096 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-02-24 23:35 - 2016-01-12 13:45 - 00083912 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\sip.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 03928880 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 01971504 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 00531248 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 00132912 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 00223544 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 00207672 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00158008 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00042808 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-24 23:35 - 2016-01-12 13:49 - 00017864 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-24 23:35 - 2016-01-12 13:49 - 01631184 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-02-24 23:35 - 2016-02-16 13:39 - 00024904 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 00546096 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 00357680 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-01-12 22:22 - 2016-01-12 13:52 - 00697304 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2012-10-19 12:31 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-02-19 16:38 - 2016-02-17 23:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-19 16:30 - 2016-02-17 23:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
2016-02-19 16:54 - 2016-02-17 23:15 - 16808600 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll
2016-02-25 11:21 - 2016-02-25 11:22 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-25 11:21 - 2016-02-25 11:22 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll

Brent25 · Feb 25, 2016

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2016-01-12 22:36 - 00000854 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2549116610-987113267-4104036400-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Brent\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\alpinestars.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "CineForm Status.lnk"
HKLM\...\StartupApproved\StartupFolder: => "ResultsHubDesktopSearch.lnk"
HKLM\...\StartupApproved\StartupFolder: => "PlutoTV.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "FUFAXRCV"
HKLM\...\StartupApproved\Run32: => "FUFAXSTM"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "LTCM Client"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "ROC_roc_ssl_v12"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\StartupApproved\Run: => "AnyDVD"
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_723B7423F2BABCAECDF43AE1343EA9C3"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{80059107-A63D-4AC2-A9B9-2BAB9187CD64}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F7277556-2325-43B4-9F4E-C31918E8B87D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9A8EF062-5F54-4350-A2E4-D59683179E6B}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{D589E31E-CC1A-4601-BB46-BB36A5C20659}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{AFBEFF0C-CC59-47E2-A7FD-A901C05DDC22}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{EEEFF742-0592-4057-8BCB-5E6EC9685584}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [UDP Query User{7049A74B-545D-4F60-B709-6FA62FBC65D2}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{18DDAA28-FFB5-4E65-9B04-75EC25A52C76}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{05D77DD2-30DD-41E5-BD04-A2C5E87BFE3D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D15C700A-A4F4-4F45-A077-DA445B646E44}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{75EDEE90-0212-462B-B5EE-F93C27B091DD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{72E7D6E6-75AA-48CD-A738-0C3573E4C25D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FB65BD8C-0069-4521-9F54-88222F8F67EA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{E776E579-EF00-43A5-AF5C-3C88C85C5F0B}] => (Allow) C:\Users\Brent\AppData\Local\Temp\WZSE2.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{B3A9F499-97F8-40A9-9BD5-2FD231B2113A}] => (Allow) C:\Users\Brent\AppData\Local\Temp\WZSE2.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{9B5207B7-64C2-4FB8-AF92-DAB2A3851835}] => (Allow) C:\Users\Brent\AppData\Local\Temp\WZSE1.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{2AB9BAE2-8F33-4325-9820-C39BFEBAFF12}] => (Allow) C:\Users\Brent\AppData\Local\Temp\WZSE1.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{995E35F5-E772-489D-B71B-52FB226FD18F}] => (Allow) C:\Users\Brent\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{DA80940F-55E2-4C9E-9491-6063FE7DCC23}] => (Allow) C:\Users\Brent\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{04A57FDE-5AB2-4531-AF8B-A5C4F206ABC0}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{A96454F3-BF2C-42BD-A261-8ACDD8FC00DA}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [UDP Query User{6DBEECE1-D083-49CD-8632-E415D2E39DA7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{8F3850C8-2D57-43BA-935A-3315ACA83E2D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{7DFF6E51-B898-41E2-8A45-4AC48393CD99}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{0D60F436-36AD-480C-B333-F9F2D45A3D1A}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [UDP Query User{C3ACEC3B-B53B-4C93-AB6E-A95A702CE10C}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{496BEC26-6529-483D-838B-0358E9079CEB}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{60E668C3-438A-40FD-89AB-A532FC700B4E}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{C787F44C-C977-42EB-BB31-93B7326CC814}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [UDP Query User{96A3EF14-C5EF-4A3C-81CC-73731DE13149}C:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{712853F8-1508-4D2D-BBA4-76A2A3FC77E6}C:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{9800DB76-66D2-447F-A6C2-4518F0774088}] => (Allow) C:\Users\Brent\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5F89C45A-957A-4B7A-914C-290D37BA9848}] => (Allow) C:\Users\Brent\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{B71C4FF3-B41C-40C6-BA18-68C9E204FABD}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{08D1B835-ED18-49E2-975E-6F49D1E8B28A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{082F02C8-004D-419D-A13B-5AA915CD3E31}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{D7EB7246-3A40-4A8A-BD63-DBFC53F92EC5}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{B2FA4137-1409-48C2-953A-6869A0E10A74}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
FirewallRules: [{370EE625-6817-48F0-80F3-22ADB8E11AB4}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{BDEB19E2-2E30-4598-924F-851F919FC529}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [TCP Query User{525BC080-AA75-4274-8CF2-C557004DCA37}C:\ec-apps\esg\e-sys\jre\bin\javaw.exe] => (Allow) C:\ec-apps\esg\e-sys\jre\bin\javaw.exe
FirewallRules: [UDP Query User{67417F41-D665-445E-94D3-2B08EE2B3E9B}C:\ec-apps\esg\e-sys\jre\bin\javaw.exe] => (Allow) C:\ec-apps\esg\e-sys\jre\bin\javaw.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7

==================== Restore Points =========================

25-02-2016 11:11:32 Installed EDIABAS 7.3.0

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/25/2016 12:12:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 12.8.0.1016, time stamp: 0x51fb0c50
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x03ad7275
Faulting process id: 0x1fcc
Faulting application start time: 0xIAStorDataMgrSvc.exe0
Faulting application path: IAStorDataMgrSvc.exe1
Faulting module path: IAStorDataMgrSvc.exe2
Report Id: IAStorDataMgrSvc.exe3
Faulting package full name: IAStorDataMgrSvc.exe4
Faulting package-relative application ID: IAStorDataMgrSvc.exe5

Error: (02/25/2016 12:12:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (02/25/2016 11:37:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SpfService64.exe, version: 1.3.0.9090, time stamp: 0x4e684dec
Faulting module name: ntdll.dll, version: 10.0.10586.103, time stamp: 0x56a8483f
Exception code: 0xc0000005
Fault offset: 0x00000000000161aa
Faulting process id: 0x6e8
Faulting application start time: 0xSpfService64.exe0
Faulting application path: SpfService64.exe1
Faulting module path: SpfService64.exe2
Report Id: SpfService64.exe3
Faulting package full name: SpfService64.exe4
Faulting package-relative application ID: SpfService64.exe5

Error: (02/25/2016 11:31:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 12.8.0.1016, time stamp: 0x51fb0c50
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x04657275
Faulting process id: 0x2688
Faulting application start time: 0xIAStorDataMgrSvc.exe0
Faulting application path: IAStorDataMgrSvc.exe1
Faulting module path: IAStorDataMgrSvc.exe2
Report Id: IAStorDataMgrSvc.exe3
Faulting package full name: IAStorDataMgrSvc.exe4
Faulting package-relative application ID: IAStorDataMgrSvc.exe5

Error: (02/25/2016 11:31:05 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (02/25/2016 11:26:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BRENT)
Description: Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/25/2016 11:20:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (02/25/2016 11:18:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BRENT)
Description: Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/25/2016 11:12:12 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (02/25/2016 11:06:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BRENT)
Description: Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information.

System errors:
=============
Error: (02/25/2016 10:28:40 PM) (Source: DCOM) (EventID: 10016) (User: BRENT)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}BrentBrentS-1-5-21-2549116610-987113267-4104036400-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/25/2016 12:13:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_572ec service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/25/2016 12:13:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_572ec service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/25/2016 12:13:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_572ec service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/25/2016 12:13:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_572ec service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/25/2016 12:13:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/25/2016 12:12:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).

Error: (02/25/2016 12:05:05 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}

Error: (02/25/2016 12:05:05 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}

Error: (02/25/2016 12:04:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_d4a48 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

CodeIntegrity:
===================================
Date: 2016-02-25 11:25:46.041
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-25 11:18:17.844
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-25 04:37:03.988
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-25 04:33:17.930
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-25 04:06:47.403
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Percentage of memory in use: 33%
Total physical RAM: 8064.39 MB
Available physical RAM: 5364.37 MB
Total Virtual: 9344.39 MB
Available Virtual: 6652.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:892.5 GB) (Free:683.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 60BF1AB5)

Partition: GPT.

==================== End of Addition.txt ============================

Broni · Feb 25, 2016

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

Close all the running programs
Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
Otherwise just double-click on RogueKiller.exe
Pre-scan will start. Let it finish.
Click on SCAN button.
Wait until the Status box shows Scan Finished
Click on Delete.
Wait until the Status box shows Deleting Finished.
Click on Report and copy/paste the content of the Notepad into your next reply.
RKreport.txt could also be found on your desktop.
If more than one log is produced post all logs.
If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
Launch Malwarebytes Anti-Malware
A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.
On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

If you already have MBAM 2.0 installed:

On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs:
(Export log to save as txt)

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the Scan Log which shows the Date and time of the scan just performed.
Click 'Export'.
Click 'Text file (*.txt)'
In the Save File dialog box which appears, click on Desktop.
In the File name: box type a name for your scan log.
A message box named 'File Saved' should appear stating "Your file has been successfully exported".
Click Ok
Attach that saved log to your next reply.

(Copy to clipboard for pasting into forum replies or tickets)

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the Scan Log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Scan button.
When the scan has finished click on Clean button.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Brent25 · Feb 25, 2016

RogueKiller V11.0.13.0 [Feb 22 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.10586) 64 bits version
Started in : Normal mode
User : Brent [Administrator]
Started from : C:\Users\Brent\Downloads\RogueKiller.exe
Mode : Delete -- Date : 02/25/2016 23:37:03

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 19 ¤¤¤
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Partner -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Conduit -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Vittalia -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {ae07101b-46d4-4a98-af68-0333ea26e113} : Smartbar -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {ae07101b-46d4-4a98-af68-0333ea26e113} : Smartbar -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | ROC_roc_ssl_v12 : "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 [x][-][x][x] -> Not selected
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://searchinterneat-a.akamaihd.n...dVgsUFwQFIk0FA1ADB0VXfVBdFElXTwhxJUpNDU0CaUBB -> Not selected
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/s...epage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15 -> Not selected
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/s...epage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15 -> Not selected
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2549116610-987113267-4104036400-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/s...epage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15 -> Not selected
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2549116610-987113267-4104036400-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/s...epage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15 -> Not selected
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/s...epage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15 -> Not selected
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/s...epage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15 -> Not selected
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2549116610-987113267-4104036400-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://sony13.msn.com -> Not selected
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2549116610-987113267-4104036400-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://sony13.msn.com -> Not selected
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2549116610-987113267-4104036400-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://feed.snap.do/?publisher=Down...b0-0081c8e1a188&searchtype=ds&q={searchTerms} -> Not selected
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2549116610-987113267-4104036400-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://feed.snap.do/?publisher=Down...b0-0081c8e1a188&searchtype=ds&q={searchTerms} -> Not selected
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2549116610-987113267-4104036400-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : http://feed.snap.do/?publisher=Down...b0-0081c8e1a188&searchtype=ds&q={searchTerms} -> Not selected
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2549116610-987113267-4104036400-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : http://feed.snap.do/?publisher=Down...b0-0081c8e1a188&searchtype=ds&q={searchTerms} -> Not selected

¤¤¤ Tasks : 1 ¤¤¤
[Suspicious.Path] \Sony Corporation\VAIO Care\UpdateContacts -- "%ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe" (taskschedule) -> Not selected

¤¤¤ Files : 3 ¤¤¤
[PUP][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PodLift\Uninstall PodLift.lnk [LNK@] C:\PROGRA~3\{B6AD7~1\PODLIF~1.EXE -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523} -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\instance.dat -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\mia.lib -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\mDotNetExec.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\mMSIExec.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\netfx.msi -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Program Files\Common Files\Microsoft Shared\MSEnv\vsansi.dll -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Program Files\Common Files\Microsoft Shared\MSEnv -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Program Files\Common Files\Microsoft Shared -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Program Files\Common Files -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Program Files\Internet Explorer\MUI\0409\mscorier.dll -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Program Files\Internet Explorer\MUI\0409 -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Program Files\Internet Explorer\MUI -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Program Files\Internet Explorer -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Program Files -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\NETFXSBS10.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\NETFXSBS10.hkf -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\sbscmp10.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\sbs_diasymreader.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\sbs_iehost.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\sbs_microsoft.jscript.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\sbs_mscordbi.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\sbs_mscorrc.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\sbs_mscorsec.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\sbs_system.configuration.install.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\sbs_system.data.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\sbs_VsaVb7rt.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\sbs_wminet_utils.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\1033\alinkui.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\1033\cscompui.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\1033\repairRedist.htm -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\1033\SetupENU1.txt -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\1033\SetupENU2.txt -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\1033\vbc7ui.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\1033\Vsavb7rtUI.dll -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\1033 -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\Accessibility.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\alink.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\ASP.NETClientFiles\SmartNav.htm -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\ASP.NETClientFiles\SmartNav.js -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\ASP.NETClientFiles\WebUIValidation.js -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\ASP.NETClientFiles -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\aspnet.config -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\aspnet.mof -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\aspnet.mof.uninstall -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\aspnet_filter.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\aspnet_isapi.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\aspnet_perf.h -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\aspnet_perf.ini -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\aspnet_perf2.ini -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\aspnet_rc.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\aspnet_regiis.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\aspnet_state.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\aspnet_wp.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\big5.nlp -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\bopomofo.nlp -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\CasPol.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\caspol.exe.config -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\CharInfo.nlp -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\CONFIG\DefaultWsdlHelpGenerator.aspx -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\CONFIG\machine.config -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\CONFIG\web_hightrust.config -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\CONFIG\web_hightrust.config.default -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\CONFIG\web_lowtrust.config -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\CONFIG\web_lowtrust.config.default -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\CONFIG\web_mediumtrust.config -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\CONFIG\web_mediumtrust.config.default -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\CONFIG\web_minimaltrust.config -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\CONFIG\web_minimaltrust.config.default -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\CONFIG -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\ConfigWizards.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\ConfigWizards.exe.config -> Deleted

Brent25 · Feb 25, 2016

[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\ConsumerCommands.xml -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\CORPerfMonExt.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\CORPerfMonSymbols.h -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\corperfmonsymbols.ini -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\csc.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\csc.exe.config -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\csc.rsp -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\cscomp.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\cscompmgd.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\ctype.nlp -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\culture.nlp -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\CustomMarshalers.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\cvtres.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\cvtres.exe.config -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\c_g18030.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\diasymreader.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\EULA.rtf -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\EventLogMessages.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\fusion.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\Accessibility.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\cscompmgd.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\CustomMarshalers.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\IEExecRemote.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\IEHost.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\IIEHost.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\ISymWrapper.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\Microsoft.JScript.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\Microsoft.VisualBasic.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\Microsoft.VisualBasic.Vsa.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\Microsoft.VisualC.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\Microsoft.Vsa.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\Microsoft_VsaVb.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\mscorcfg.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\RegCode.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Configuration.Install.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Data.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Data.OracleClient.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Design.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.DirectoryServices.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Drawing.Design.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Drawing.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.EnterpriseServices.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.EnterpriseServices.Thunk.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Management.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Messaging.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Runtime.Remoting.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Runtime.Serialization.Formatters.Soap.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Security.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.ServiceProcess.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Web.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Web.Mobile.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Web.RegularExpressions.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Web.Services.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Windows.Forms.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC\System.Xml.dll -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\GAC -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\gacutil.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\gdiplus.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\IEExec.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\ieexec.exe.config -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\IEExecRemote.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\IEHost.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\IIEHost.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\ilasm.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\ilasm.exe.config -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\InstallPersistSqlState.sql -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\InstallSqlState.sql -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\InstallSqlStateTemplate.sql -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\InstallUtil.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\InstallUtilLib.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\ISymWrapper.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\jsc.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\jsc.exe.config -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\ksc.nlp -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\l_except.nlp -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\l_intl.nlp -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\Microsoft.JScript.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\Microsoft.JScript.tlb -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\Microsoft.VisualBasic.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\Microsoft.VisualBasic.Vsa.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\Microsoft.VisualC.Dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\Microsoft.Vsa.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\Microsoft.Vsa.tlb -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\Microsoft.Vsa.Vb.CodeDOMProcessor.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\Microsoft_VsaVb.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\MigPol.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\MigPolWin.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscorcfg.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscorcfg.msc -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscordbc.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscordbi.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscoree.tlb -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscorie.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscorjit.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscorld.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscorlib.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscorlib.ldo -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscorlib.tlb -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscormmc.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscormmc11.cfg -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscorpe.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscorrc.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscorsec.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscorsn.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscorsvr.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscortim.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mscorwks.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\msvcr71.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\mtxoci8.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\MUI\0409\mscorsecr.dll -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\MUI\0409 -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\MUI -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\ndpsetup.ico -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\netfxupdate.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\ngen.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\PerfCounter.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\prc.nlp -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\prcp.nlp -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\RegAsm.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\regasm.exe.config -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\RegCode.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\region.nlp -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\RegSvcs.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\regsvcs.exe.config -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\shfusion.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\shfusres.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\sortkey.nlp -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\sorttbls.nlp -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\SOS.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Configuration.Install.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Data.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Data.OracleClient.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Design.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Design.ldo -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.DirectoryServices.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Drawing.Design.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Drawing.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\system.drawing.ldo -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Drawing.tlb -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.EnterpriseServices.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.EnterpriseServices.Thunk.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.EnterpriseServices.tlb -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.ldo -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Management.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Messaging.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Runtime.Remoting.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Runtime.Serialization.Formatters.Soap.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Security.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.ServiceProcess.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.tlb -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Web.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Web.Mobile.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Web.RegularExpressions.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Web.Services.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Windows.Forms.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Windows.Forms.ldo -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Windows.Forms.tlb -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.XML.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\System.Xml.ldo -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\UninstallPersistSqlState.sql -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\UninstallSqlState.sql -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\UnInstallSqlStateTemplate.sql -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\Updates\hotfix.exe -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\Updates -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\vbc.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\vbc.exe.config -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\vsavb7.olb -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\VsaVb7rt.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\WMINet_Utils.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\xjis.nlp -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\XPThemes.manifest -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\_dataperfcounters.h -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\_dataperfcounters.ini -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\_NetworkingPerfCounters.h -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath\_Networkingperfcounters.ini -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\URTInstallPath -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\v1.0.3705\installutil.exe.config -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\v1.0.3705\mscormmc.cfg -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\v1.0.3705\regsvcs.exe.rtm.config -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework\v1.0.3705 -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET\Framework -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\Microsoft.NET -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\System\mscoree.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\System\mscorier.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\System\mscories.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\System\MUI\0409\mscoreer.dll -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\System\MUI\0409 -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\System\MUI -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\System\ndphlpr.vxd -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\System\netfxperf.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\System\psapi.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\System\URTTEMP\regtlib.exe -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\System\URTTEMP -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\System\WBEM\wbemDC.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\System\WBEM\Wmidcad.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\System\WBEM\wmiutils.dll -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\System\WBEM -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win\System -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll\Win -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\mDotNet.dll -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523} -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\microsoft_.net_framework_1.1_with_service_pack_1 -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\1C1EED69\A3DA1491\Interop.iTunesLib.dll -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\1C1EED69\A3DA1491 -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\1C1EED69 -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\30A75A34\A3DA1491\Interop.QTOLibrary.dll -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\30A75A34\A3DA1491 -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\30A75A34 -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\5447228F\A3DA1491\C1.Win.C1Command.dll -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\5447228F\A3DA1491 -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\5447228F -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\61DCDE6C\7D1516D4\readme.rtf -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\61DCDE6C\7D1516D4 -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\61DCDE6C -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\6EA6EC5A\A3DA1491\PodLift.chm -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\6EA6EC5A\A3DA1491 -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\6EA6EC5A -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\81192B76\A3DA1491\Interop.QTOControlLib.dll -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\81192B76\A3DA1491 -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\81192B76 -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\AB8B3971\A3DA1491\AxInterop.QTOControlLib.dll -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\AB8B3971\A3DA1491 -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\AB8B3971 -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\BEF542A0\A3DA1491\C1.Common.dll -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\BEF542A0\A3DA1491 -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\BEF542A0 -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\C6EF6048\A3DA1491\PodLift.exe -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\C6EF6048\A3DA1491 -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\C6EF6048 -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\F7955ABD\A3DA1491\PodLift.mp3 -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\F7955ABD\A3DA1491 -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\F7955ABD -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523} -> Deleted
[PUP][Folder] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\offline -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\PodLift_Setup.dat -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\PodLift_Setup.exe -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\PodLift_Setup.msi -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\PodLift_Setup.par -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\PodLift_Setup.res -> Deleted
[PUP][File] C:\ProgramData\{B6AD7B5C-A363-423B-8D6B-8A4EC3E85523}\{BEF742F6-2011-4494-8A08-9594ADC11BDC} -> Deleted
[PUP][Folder] C:\Program Files (x86)\iMesh Applications -> Deleted

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD10JPVT-55A1YT0 +++++
--- User ---
[MBR] 30406e2a8ec1020f7f90d4c902ce85da
[BSP] d3f65f8eccb18add4bde1581a4b074d5 : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 260 MB
1 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 534528 | Size: 1474 MB
2 - [MAN-MOUNT] EFI system partition | Offset (sectors): 3553280 | Size: 260 MB
3 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 4085760 | Size: 128 MB
4 - Basic data partition | Offset (sectors): 4347904 | Size: 913922 MB
5 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1876060160 | Size: 350 MB
6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1876776960 | Size: 37474 MB
User = LL1 ... OK
User = LL2 ... OK

Brent25 · Feb 26, 2016

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2/25/2016
Scan Time: 11:42 PM
Logfile:
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.02.26.01
Rootkit Database: v2016.02.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Brent

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 446711
Time Elapsed: 27 min, 35 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 13
PUP.Optional.SnapDo, HKU\S-1-5-21-2549116610-987113267-4104036400-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, Quarantined, [133674f1475221154ac4c6dfc33fa35d],
PUP.Optional.SnapDo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, Quarantined, [133674f1475221154ac4c6dfc33fa35d],
PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\DataMngr, Quarantined, [c584c4a132670e28d31ac2977193bf41],
PUP.Optional.SearchResults, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\OLDSEARCH, Quarantined, [a3a6db8aaced95a192cefa1322e207f9],
PUP.Optional.Yontoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}, Quarantined, [1930a3c2ff9af145663393911ee613ed],
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{31D8407C-62E4-4125-A4A9-717EFB1A56AE}, Quarantined, [91b8e87d5742261017c1ff5a689cef11],
PUP.Optional.SearchResults, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}, Quarantined, [84c5b8ad40594beb6bf5010cd92bae52],
PUP.Optional.BundleInstaller, HKLM\SOFTWARE\WOW6432NODE\VITTALIA\AxtanInstaller, Quarantined, [113865005f3a88ae5c2123c09c677c84],
PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-2549116610-987113267-4104036400-1001\SOFTWARE\Datamngr, Quarantined, [3f0a9fc6c0d99a9c7d6eaaaf4fb556aa],
PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-2549116610-987113267-4104036400-1001\SOFTWARE\DataMngr_Toolbar, Quarantined, [0346abba8217f541ac4071e8788ca45c],
PUP.Optional.BDYahoo, HKU\S-1-5-21-2549116610-987113267-4104036400-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{59991BE0-737F-4E3F-B03F-82D844F7E04B}, Quarantined, [71d8c69fc3d6df577df1a53a51b233cd],
PUP.Optional.SearchResults, HKU\S-1-5-21-2549116610-987113267-4104036400-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}, Quarantined, [3514273ec4d5171f144b6f9ebe464cb4],
PUP.Optional.Yontoo, HKU\S-1-5-21-2549116610-987113267-4104036400-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [2e1b80e57b1e1323a3f59f85a75d1ce4],

Registry Values: 16
PUP.Optional.Yontoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DoNotAskAgain, searchinterneat-a.akamaihd.net, Quarantined, [0e3bda8b0e8b84b291e7fc2a39cb629e]
PUP.Optional.SearchResults, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\OldSearch|URL, http://dts.search-results.com/sr?sr...0653&apn_uid=4217026139594434&q={searchTerms}, Quarantined, [a3a6db8aaced95a192cefa1322e207f9]
PUP.Optional.SearchQu, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\OldSearch|SuggestionsURL_JSON, http://www.searchqu.com/suggest.php...uid=4217026139594434&qu={searchTerms}&ft=json, Quarantined, [06436005a1f8b97da0bd030a63a152ae]
PUP.Optional.Yontoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}|URL, http://searchinterneat-a.akamaihd.n...FME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}, Quarantined, [1930a3c2ff9af145663393911ee613ed]
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, Quarantined, [a9a0263f8613f145554a8a8bc73c3cc4]
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{31d8407c-62e4-4125-a4a9-717efb1a56ae}|AppPath, C:\Program Files (x86)\iMesh Applications\Mediabar\Datamngr\SRTOOL~1, Quarantined, [91b8e87d5742261017c1ff5a689cef11]
PUP.Optional.SnapDo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, http://feed.snap.do/?publisher=Down...b0-0081c8e1a188&searchtype=ds&q={searchTerms}, Quarantined, [af9acc99b2e72115167338d81de71ee2]
PUP.Optional.SearchResults, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}|URL, http://dts.search-results.com/sr?sr...0653&apn_uid=4217026139594434&q={searchTerms}, Quarantined, [84c5b8ad40594beb6bf5010cd92bae52]
PUP.Optional.SearchQu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}|SuggestionsURL_JSON, http://www.searchqu.com/suggest.php...uid=4217026139594434&qu={searchTerms}&ft=json, Quarantined, [87c2ec79980175c1dc81729b0afad828]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, Quarantined, [9aaf0c594851290db4ebcd48877c3ec2]
PUP.Optional.Yontoo, HKU\S-1-5-21-2549116610-987113267-4104036400-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DoNotAskAgain, searchinterneat-a.akamaihd.net, Quarantined, [f851e184c1d85dd9cbe9988d12f27987]
PUP.Optional.SnapDo, HKU\S-1-5-21-2549116610-987113267-4104036400-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, http://feed.snap.do/?publisher=Down...b0-0081c8e1a188&searchtype=ds&q={searchTerms}, Quarantined, [f0593d288a0f55e1c8bdf917867ee31d]
PUP.Optional.BDYahoo, HKU\S-1-5-21-2549116610-987113267-4104036400-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{59991BE0-737F-4E3F-B03F-82D844F7E04B}|URL, http://search.yahoo.com/yhs/search?...l-bir-dd__alt__ddc_dss_bd_com&p={searchTerms}, Quarantined, [71d8c69fc3d6df577df1a53a51b233cd]
PUP.Optional.SearchResults, HKU\S-1-5-21-2549116610-987113267-4104036400-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}|URL, http://dts.search-results.com/sr?sr...0653&apn_uid=4217026139594434&q={searchTerms}, Quarantined, [3514273ec4d5171f144b6f9ebe464cb4]
PUP.Optional.SearchQu, HKU\S-1-5-21-2549116610-987113267-4104036400-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}|SuggestionsURL_JSON, http://www.searchqu.com/suggest.php...uid=4217026139594434&qu={searchTerms}&ft=json, Quarantined, [9daca7beadecf73fc39769a451b34fb1]
PUP.Optional.Yontoo, HKU\S-1-5-21-2549116610-987113267-4104036400-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://searchinterneat-a.akamaihd.n...FME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}, Quarantined, [2e1b80e57b1e1323a3f59f85a75d1ce4]

Registry Data: 3
PUP.Optional.Yontoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://searchinterneat-a.akamaihd.n...dVgsUFwQFIk0FA1ADB0VXfVBdFElXTwhxJUpNDU0CaUBB, Good: (www.google.com), Bad: (http://searchinterneat-a.akamaihd.n...k0FA1ADB0VXfVBdFElXTwhxJUpNDU0CaUBB),Replaced,[3910f96cc4d5fc3abab054a6ea1a8080]
PUP.Optional.SnapDo, HKU\S-1-5-21-2549116610-987113267-4104036400-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://feed.snap.do/?publisher=Down...b0-0081c8e1a188&searchtype=ds&q={searchTerms}, Good: (www.google.com), Bad: (http://feed.snap.do/?publisher=Down...1a188&searchtype=ds&q={searchTerms}),Replaced,[2524fa6bb0e953e31db26a8d47bd6c94]
PUP.Optional.SnapDo, HKU\S-1-5-21-2549116610-987113267-4104036400-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://feed.snap.do/?publisher=Down...b0-0081c8e1a188&searchtype=ds&q={searchTerms}, Good: (www.google.com), Bad: (http://feed.snap.do/?publisher=Down...1a188&searchtype=ds&q={searchTerms}),Replaced,[d77266ffe8b10234e3ec46b105ffd927]

Folders: 2
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, Quarantined, [51f8570e18816fc74e33f9d38b771ee2],
PUP.Optional.DataMngr.AppFlsh, C:\Users\Brent\AppData\LocalLow\DataMngr, Quarantined, [3019da8b3d5c300678abbf3c8c7608f8],

Files: 3
PUP.Optional.Yontoo, C:\Users\Brent\AppData\Roaming\Temp\990BC927BB914261852A057030DD227F\setup.exe, Quarantined, [4702e97c5e3bd75f48c4094952af1ae6],
PUP.Optional.DataMngr.AppFlsh, C:\Users\Brent\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}, Quarantined, [3019da8b3d5c300678abbf3c8c7608f8],
PUP.Optional.Yontoo, C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Good: ("session":{"restore_on_startup":4,"startup_urls":["https://www.malwarebytes.org/restorebrowser/"]}}), Bad: ("session":{"restore_on_startup":4,"restore_on_startup_migrated":true,"startup_urls":["https://www.google.com/"],"urls_to_restore_on_startup":["http://searchinterneat-a.akamaihd.n...dVgsUFwQFIk0FA1oDB0VXfV5bFElXTwhxJUpNDU0CaUBB"]},"sync":{"remaining_rollback_tries":0}}), Replaced,[5aef79ec3069cb6bbd2ff43255b009f7]

Physical Sectors: 0
(No malicious items detected)

(end)

Brent25 · Feb 26, 2016

# AdwCleaner v5.036 - Logfile created 26/02/2016 at 00:25:10
# Updated 22/02/2016 by Xplode
# Database : 2016-02-24.1 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Brent - BRENT
# Running from : C:\Users\Brent\Downloads\adwcleaner_5.036.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\Users\Brent\AppData\Local\PackageAware
[-] Folder Deleted : C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31D8407C-62E4-4125-A4A9-717EFB1A56AE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D8407C-62E4-4125-A4A9-717EFB1A56AE}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D8407C-62E4-4125-A4A9-717EFB1A56AE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Imesh
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\iMeshSRTB
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\Vittalia
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ROC_roc_ssl_v12]

***** [ Web browsers ] *****

[-] [C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : bopakagnckmlgajfccecajhnimjiiedh
[-] [C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : cmclajginlihohopoeofghddnhpplhom
[-] [C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : edaibbiobngpbmeonadpbfafbkimjbdd
[-] [C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ocifcogajbgikalbpphmoedjlcfjkhgh

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4192 bytes] - [26/02/2016 00:25:10]
C:\AdwCleaner\AdwCleaner[S1].txt - [4439 bytes] - [26/02/2016 00:21:03]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4338 bytes] ##########

Brent25 · Feb 26, 2016

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 10 Home x64
Ran by Brent (Administrator) on Fri 02/26/2016 at 0:32:48.39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 6

Successfully deleted: C:\ProgramData\Start Menu\Programs\pluto tv (Folder)
Successfully deleted: C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal (File)
Successfully deleted: C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage (File)
Successfully deleted: C:\Users\Brent\AppData\Local\nico mak computing (Folder)
Successfully deleted: C:\Users\Public\Desktop\plutotv.lnk (Shortcut)
Successfully deleted: C:\Program Files (x86)\GUTA385.tmp (File)

Registry: 2

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_723B7423F2BABCAECDF43AE1343EA9C3 (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 02/26/2016 at 0:38:38.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Broni · Feb 26, 2016

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

Double click to run it.
Make sure you checkmark Addition.txt box.
Press Scan button.
Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

Brent25 · Feb 26, 2016

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016
Ran by Brent (administrator) on BRENT (26-02-2016 23:30:01)
Running from C:\Users\Brent\Downloads
Loaded Profiles: Brent (Available Profiles: Brent)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\n360.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\n360.exe
(Sony Corporation) C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dropbox, Inc.) C:\Users\Brent\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe
(Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Brent\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
() C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16161536 2015-08-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-30] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2419512 2012-11-04] (Logitech, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-30] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945672 2015-10-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2362392 2013-11-21] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2015-12-17] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [1596096 2009-08-05] (Leader Technologies Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJHE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [761056 2015-12-17] (Adobe Systems Incorporated)
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\Run: [Dropbox Update] => C:\Users\Brent\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-13] (Dropbox, Inc.)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJHE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk [2014-02-04]
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-02-25]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-01-12]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PlutoTV.lnk [2015-10-31]
ShortcutTarget: PlutoTV.lnk -> C:\Program Files (x86)\Pluto TV\PlutoTV.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-02-25]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-02-25]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-24]
ShortcutTarget: Dropbox.lnk -> C:\Users\Brent\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a8d81477-9018-4e87-9b81-0431ce93603b}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=22.5.2.15
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll => No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-25] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2012-11-04] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-25] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2549116610-987113267-4104036400-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated)
DPF: HKLM-x32 {297DE2B6-509A-4B36-93C5-A65276606900} hxxp://www.in.honda.com/rraaapps/rraasec/codebase/RRAAINAX/RraainAX.CAB
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll No File
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-10-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-25] (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll [No File]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF HKLM\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1115\7.5.1115\firefoxextension => not found
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2016-02-19]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-01-12]
FF HKLM-x32\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1115\7.5.1115\firefoxextension => not found
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension => not found
FF HKLM-x32\...\Firefox\Extensions: [{21541D23-FDA1-4bf3-8AF2-8F623BF70B07}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension => not found
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2012-12-09] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon

Chrome:
=======
CHR HomePage: Default -> hxxp://id%3Dm8dd4efae-69cd-48f8-bfee-1a38ea5ccc63%26searchsource%3D55%26cui%3D%26um%3D6%26up%3Dsp745fda4d-79de-4d37-a607-a194f050622e%26sspv%3D%26tid%3D1035/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Trend Micro Titanium) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll => No File
CHR Profile: C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Google Drive) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-06]
CHR Extension: (Google Search) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Adobe Acrobat) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-12-14]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-02-09]
CHR Extension: (Google Docs Offline) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-14]
CHR Extension: (Norton Identity Safe) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-02-09]
CHR Extension: (Norton Safe) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-02-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-30]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2013-12-28]
CHR Extension: (Gmail) - C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-09]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1115\7.5.1115\chrome_tmbep.crx <not found>
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\Exts\Chrome.crx [2016-02-01]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\Exts\Chrome.crx [2016-02-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-12-17]
CHR HKLM-x32\...\Chrome\Extension: [heoldelcflnigdllmlopiefhkkobendj] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\chromeextension.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-12-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-12-14] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-24] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\N360.exe [282016 2015-11-20] (Symantec Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639576 2013-05-10] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-11-21] (Sony Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-10-06] (Synaptics Incorporated)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-11-07] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-05-23] (Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\BASHDefs\20160213.003\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-10-30] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-12] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-12] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\IPSDefs\20160226.002\IDSvia64.sys [767224 2016-02-18] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20160226.020\ENG64.SYS [138488 2016-02-19] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20160226.020\EX64.SYS [2148080 2016-02-19] (Symantec Corporation)
R3 rimssne; C:\Windows\System32\drivers\rimssne64.sys [103424 2012-08-22] (REDC)
R3 risdsnxc; C:\Windows\System32\drivers\risdsnxc64.sys [104960 2012-08-22] (REDC)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [29352 2015-11-17] ()
S3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2014-12-26] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-10-06] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-10] (Sony Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1605050.00F\SRTSP64.SYS [928496 2015-11-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605050.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605050.00F\SymELAM.sys [24192 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2016-01-12] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS [577768 2015-11-11] (Symantec Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-02-25] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [285696 2007-06-17] (Jungo)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Brent25 · Feb 26, 2016

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-26 23:30 - 2016-02-26 23:30 - 00035545 _____ C:\Users\Brent\Downloads\FRST.txt
2016-02-26 10:58 - 2016-02-26 10:58 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-02-26 09:49 - 2016-02-26 09:49 - 00000000 ____D C:\Users\Brent\AppData\Local\Nico Mak Computing
2016-02-26 00:32 - 2016-02-26 00:32 - 01609216 _____ (Malwarebytes) C:\Users\Brent\Downloads\JRT.exe
2016-02-26 00:20 - 2016-02-26 00:25 - 00000000 ____D C:\AdwCleaner
2016-02-25 23:41 - 2016-02-26 00:17 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-25 23:41 - 2016-02-25 23:41 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-25 23:41 - 2016-02-25 23:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-25 23:41 - 2016-02-25 23:41 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-25 23:41 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-25 23:41 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-02-25 23:41 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-25 22:57 - 2016-02-25 23:02 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-02-25 22:57 - 2016-02-25 22:58 - 00000000 ____D C:\ProgramData\RogueKiller
2016-02-25 22:52 - 2016-02-26 10:55 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-25 12:03 - 2016-02-25 12:03 - 01371668 _____ (Igor Pavlov) C:\Users\Brent\Downloads\7z1514-x64.exe
2016-02-25 11:31 - 2016-02-25 11:32 - 00000000 ____D C:\Users\Brent\Documents\Work
2016-02-25 11:29 - 2016-02-25 22:48 - 00000000 ____D C:\Program Files (x86)\Rheingold
2016-02-25 11:15 - 2016-02-25 11:41 - 00000000 ____D C:\Users\Brent\.oracle_jre_usage
2016-02-25 11:15 - 2016-02-25 11:15 - 00000000 ____D C:\Users\Brent\AppData\Roaming\Sun
2016-02-25 11:14 - 2016-02-25 11:14 - 00000000 ____D C:\Users\Brent\AppData\LocalLow\Oracle
2016-02-25 11:14 - 2016-01-26 23:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-25 11:13 - 2016-02-25 11:13 - 00001682 _____ C:\Users\Public\Desktop\ifhsrv32.lnk
2016-02-25 11:13 - 2016-02-25 11:13 - 00000000 ____D C:\EDIABAS
2016-02-25 11:13 - 2016-01-29 01:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-25 11:13 - 2016-01-29 01:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-25 11:13 - 2016-01-27 01:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-25 11:13 - 2016-01-27 01:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-25 11:13 - 2016-01-27 01:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-25 11:13 - 2016-01-27 01:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-25 11:13 - 2016-01-27 01:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-25 11:13 - 2016-01-27 00:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-25 11:13 - 2016-01-27 00:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-25 11:13 - 2016-01-27 00:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-25 11:13 - 2016-01-27 00:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-25 11:13 - 2016-01-27 00:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-25 11:13 - 2016-01-27 00:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-25 11:13 - 2016-01-27 00:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-25 11:13 - 2016-01-27 00:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-25 11:13 - 2016-01-27 00:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-25 11:13 - 2016-01-27 00:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-25 11:13 - 2016-01-27 00:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-25 11:13 - 2016-01-27 00:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-25 11:13 - 2016-01-27 00:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-25 11:13 - 2016-01-27 00:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-25 11:13 - 2016-01-27 00:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-25 11:13 - 2016-01-27 00:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-25 11:13 - 2016-01-27 00:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-25 11:13 - 2016-01-27 00:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-25 11:13 - 2016-01-27 00:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-25 11:13 - 2016-01-27 00:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-25 11:13 - 2016-01-27 00:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-25 11:13 - 2016-01-27 00:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-25 11:13 - 2016-01-27 00:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-25 11:13 - 2016-01-27 00:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-25 11:13 - 2016-01-27 00:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-25 11:13 - 2016-01-27 00:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-25 11:13 - 2016-01-27 00:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-25 11:13 - 2016-01-27 00:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-25 11:13 - 2016-01-27 00:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-25 11:13 - 2016-01-27 00:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-25 11:13 - 2016-01-27 00:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-25 11:13 - 2016-01-27 00:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-25 11:13 - 2016-01-27 00:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-25 11:13 - 2016-01-27 00:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-25 11:13 - 2016-01-27 00:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-25 11:13 - 2016-01-27 00:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-25 11:13 - 2016-01-26 23:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-25 11:13 - 2016-01-26 23:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-25 11:13 - 2016-01-26 23:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-25 11:13 - 2016-01-26 23:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-25 11:13 - 2016-01-26 23:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-25 11:13 - 2016-01-26 23:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-25 11:13 - 2016-01-26 23:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-25 11:13 - 2016-01-26 23:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-25 11:13 - 2016-01-26 23:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-25 11:13 - 2016-01-26 23:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-25 11:13 - 2016-01-26 23:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-25 11:13 - 2016-01-26 23:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-25 11:13 - 2016-01-26 23:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-25 11:13 - 2016-01-26 23:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-25 11:13 - 2016-01-26 23:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-25 11:13 - 2016-01-26 23:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-25 11:13 - 2016-01-26 23:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-25 11:13 - 2016-01-26 23:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-25 11:13 - 2016-01-26 23:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-25 11:13 - 2016-01-26 23:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-25 11:13 - 2016-01-26 23:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-25 11:09 - 2016-02-25 11:32 - 00000000 ____D C:\Users\Brent\AppData\Local\WinZip
2016-02-25 11:09 - 2016-02-25 11:10 - 00000000 ____D C:\ProgramData\WinZip
2016-02-25 11:09 - 2016-02-25 11:09 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2016-02-25 11:09 - 2016-02-25 11:09 - 00002181 _____ C:\Users\Public\Desktop\WinZip.lnk
2016-02-25 11:09 - 2016-02-25 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-02-25 11:09 - 2016-02-25 11:09 - 00000000 ____D C:\Program Files\WinZip
2016-02-25 11:08 - 2016-02-25 11:08 - 00000000 ____D C:\ProgramData\UniqueId
2016-02-25 10:00 - 2016-02-25 10:00 - 00000000 ____D C:\Users\Brent\AppData\Local\ActiveSync
2016-02-25 09:58 - 2016-02-25 09:58 - 00000020 ___SH C:\Users\Brent\ntuser.ini
2016-02-25 06:59 - 2016-02-26 10:55 - 00000000 ____D C:\Windows.old
2016-02-25 06:58 - 2016-02-25 06:58 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-02-25 06:58 - 2016-02-25 06:58 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-02-25 06:58 - 2016-02-25 06:58 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-02-25 06:58 - 2016-02-25 06:58 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-02-25 06:58 - 2016-02-25 06:58 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-02-25 06:58 - 2016-02-25 06:58 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-02-25 06:58 - 2016-02-25 06:58 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-02-25 06:58 - 2016-02-25 06:58 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-02-25 06:58 - 2016-02-25 06:58 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-02-25 06:58 - 2016-02-25 06:58 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-02-25 06:58 - 2016-02-25 06:58 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-02-25 06:58 - 2016-02-25 06:58 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-02-25 06:58 - 2016-02-25 06:58 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-02-25 06:58 - 2016-02-25 06:58 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-02-25 06:58 - 2016-02-25 06:58 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-02-25 06:58 - 2016-02-25 06:58 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-02-25 06:58 - 2016-02-25 06:58 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-02-25 06:58 - 2016-02-25 06:58 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-02-25 06:58 - 2016-02-25 06:58 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-02-25 06:58 - 2016-02-25 06:58 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-02-25 06:58 - 2016-02-25 06:58 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-02-25 06:58 - 2016-02-25 06:58 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-02-25 06:58 - 2016-02-25 06:58 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-02-25 06:58 - 2016-02-25 06:58 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-02-25 06:58 - 2016-02-25 06:58 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-02-25 06:58 - 2016-02-25 06:58 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-02-25 06:58 - 2016-02-25 06:58 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-02-25 06:58 - 2016-02-25 06:58 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-02-25 06:58 - 2016-02-25 06:58 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-02-25 06:58 - 2016-02-25 06:58 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-02-25 06:58 - 2016-02-25 06:58 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-02-25 06:58 - 2016-02-25 06:58 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll

Brent25 · Feb 26, 2016

2016-02-25 06:58 - 2016-02-25 06:58 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-02-25 06:58 - 2016-02-25 06:58 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-02-25 06:58 - 2016-02-25 06:58 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-02-25 06:58 - 2016-02-25 06:58 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-02-25 06:58 - 2016-02-25 06:58 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-02-25 06:58 - 2016-02-25 06:58 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-02-25 06:54 - 2016-02-25 06:54 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-02-25 06:50 - 2016-02-25 06:50 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-02-25 06:50 - 2016-02-25 06:50 - 00000000 ____D C:\Program Files\MSBuild
2016-02-25 06:50 - 2016-02-25 06:50 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-02-25 06:50 - 2016-02-25 04:27 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-02-25 06:50 - 2015-10-23 20:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-02-25 06:50 - 2015-10-23 20:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-02-25 06:50 - 2015-10-23 20:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-02-25 06:50 - 2015-10-23 20:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-02-25 06:50 - 2015-10-23 20:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-02-25 06:50 - 2015-10-23 20:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-02-25 04:48 - 2016-02-25 04:48 - 00000000 _SHDL C:\Users\Default\My Documents
2016-02-25 04:48 - 2016-02-25 04:48 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-02-25 04:48 - 2016-02-25 04:48 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-02-25 04:48 - 2016-02-25 04:48 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-02-25 04:48 - 2016-02-25 04:48 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-02-25 04:48 - 2016-02-25 04:48 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-02-25 04:48 - 2016-02-25 04:48 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-02-25 04:37 - 2016-02-26 23:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-25 04:24 - 2016-02-25 04:24 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-02-25 04:24 - 2016-02-25 04:24 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-02-25 04:24 - 2016-02-25 04:24 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-02-25 04:24 - 2016-02-25 04:24 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-02-25 04:24 - 2016-02-25 04:24 - 00000000 ____D C:\Program Files\AMD
2016-02-25 04:23 - 2016-02-25 04:23 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-02-25 04:23 - 2016-02-25 04:23 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2016-02-25 04:23 - 2016-02-25 04:23 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2016-02-25 04:23 - 2016-02-25 04:23 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2016-02-25 04:23 - 2016-02-25 04:23 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2016-02-25 04:16 - 2016-02-25 04:27 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-02-25 04:14 - 2016-02-26 00:12 - 00000000 ____D C:\Users\Brent
2016-02-25 04:14 - 2016-02-25 04:14 - 00000000 _SHDL C:\Users\Brent\My Documents
2016-02-25 04:14 - 2016-02-25 04:14 - 00000000 _SHDL C:\Users\Brent\Documents\My Videos
2016-02-25 04:14 - 2016-02-25 04:14 - 00000000 _SHDL C:\Users\Brent\Documents\My Pictures
2016-02-25 04:14 - 2016-02-25 04:14 - 00000000 _SHDL C:\Users\Brent\Documents\My Music
2016-02-25 04:11 - 2016-02-25 04:11 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2016-02-25 04:10 - 2016-02-25 11:18 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-25 04:10 - 2016-02-25 04:23 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-02-25 04:10 - 2016-02-25 04:17 - 00000000 ____D C:\Program Files\Intel
2016-02-25 04:10 - 2016-02-25 04:10 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-02-25 04:09 - 2016-02-25 04:09 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2016-02-25 04:09 - 2016-02-25 04:09 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-02-25 04:09 - 2016-02-25 04:09 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-02-25 04:09 - 2016-02-25 04:09 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-02-25 04:09 - 2016-02-25 04:09 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-02-25 04:09 - 2016-02-25 04:09 - 00000000 ____D C:\Program Files\Realtek
2016-02-25 04:09 - 2016-02-25 04:09 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-02-25 04:08 - 2016-02-25 04:08 - 00000000 ____D C:\Program Files\Synaptics
2016-02-25 04:06 - 2015-10-30 02:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-02-25 04:04 - 2016-02-25 04:31 - 04954192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-25 00:16 - 2016-02-26 23:30 - 00000000 ____D C:\FRST
2016-02-25 00:15 - 2016-02-25 00:15 - 02371072 _____ (Farbar) C:\Users\Brent\Downloads\FRST64.exe
2016-02-25 00:02 - 2016-02-25 00:04 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-25 00:02 - 2016-02-25 00:02 - 00002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-02-24 23:59 - 2016-02-24 23:59 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-02-24 23:35 - 2016-02-25 04:27 - 00000000 ____D C:\Users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-19 16:28 - 2016-02-25 11:10 - 2010809045 _____ C:\Users\Brent\Downloads\Global53.zip
2016-02-19 16:12 - 2016-02-25 04:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-02-19 16:12 - 2016-02-19 16:12 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-02-19 16:11 - 2016-02-19 16:12 - 00000000 ____D C:\Program Files\iTunes
2016-02-19 16:11 - 2016-02-19 16:11 - 00000000 ____D C:\Program Files\iPod
2016-02-19 16:11 - 2016-02-19 16:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-02-19 16:03 - 2016-02-25 04:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-02-09 12:09 - 2016-02-26 23:08 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-26 23:24 - 2012-11-02 21:41 - 00000000 ____D C:\Users\Brent\AppData\Roaming\Dropbox
2016-02-26 23:21 - 2012-11-02 21:45 - 00000000 ___RD C:\Users\Brent\Dropbox
2016-02-26 23:15 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-26 23:10 - 2013-01-06 14:43 - 00003484 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
2016-02-26 23:10 - 2012-11-06 20:06 - 00000000 ____D C:\Users\Brent\AppData\Local\Google
2016-02-26 23:09 - 2014-01-03 22:54 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F58BE7DF-8EAC-49CA-9BD6-A90B3FED1ABC}
2016-02-26 23:07 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-26 23:07 - 2015-08-30 22:46 - 00893524 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-26 23:07 - 2013-08-19 10:16 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-26 23:06 - 2013-08-19 10:16 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-26 23:04 - 2014-08-22 11:25 - 00000000 __SHD C:\Users\Brent\IntelGraphicsProfiles
2016-02-26 11:27 - 2015-10-30 01:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-26 10:59 - 2013-05-27 17:06 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2016-02-26 10:14 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-26 09:55 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-02-26 03:32 - 2012-11-04 21:37 - 00000000 ____D C:\Users\Brent\AppData\Local\Adobe
2016-02-26 00:37 - 2015-10-30 01:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-26 00:32 - 2012-11-02 22:20 - 00000000 ____D C:\Users\Brent\AppData\Local\CrashDumps
2016-02-26 00:13 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\PLA
2016-02-25 23:36 - 2012-11-02 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PodLift
2016-02-25 12:05 - 2013-02-12 00:35 - 00000000 ____D C:\Program Files\7-Zip
2016-02-25 11:52 - 2013-10-16 12:07 - 00000000 ____D C:\CloneDVDTemp
2016-02-25 11:42 - 2014-11-09 16:22 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-25 11:42 - 2013-10-17 08:28 - 00000000 ____D C:\ProgramData\Oracle
2016-02-25 11:41 - 2014-11-09 16:22 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-02-25 11:41 - 2013-10-17 08:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-25 11:27 - 2012-11-02 19:08 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-25 11:21 - 2015-10-30 04:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-25 11:20 - 2013-12-23 08:56 - 00000000 __RDO C:\Users\Brent\SkyDrive
2016-02-25 11:20 - 2012-11-02 20:12 - 00000000 ____D C:\Users\Brent\AppData\Local\Packages
2016-02-25 11:17 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-25 10:34 - 2015-08-30 23:26 - 00002398 _____ C:\Users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-25 10:32 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-02-25 10:30 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-02-25 10:30 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-02-25 09:59 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-02-25 09:59 - 2015-08-30 23:19 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-02-25 07:03 - 2015-10-30 02:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-02-25 06:59 - 2015-10-30 02:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-02-25 06:59 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-02-25 06:59 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-02-25 06:59 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-02-25 06:59 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-02-25 06:59 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-02-25 06:59 - 2015-10-30 01:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-02-25 06:59 - 2015-10-30 01:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-02-25 04:48 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-25 04:47 - 2013-12-19 00:57 - 00045723 _____ C:\WINDOWS\diagwrn.xml
2016-02-25 04:47 - 2013-12-19 00:57 - 00045723 _____ C:\WINDOWS\diagerr.xml
2016-02-25 04:44 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-02-25 04:44 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\Registration
2016-02-25 04:37 - 2016-01-12 22:54 - 00002634 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2016-02-25 04:37 - 2015-11-17 22:48 - 00002244 _____ C:\WINDOWS\System32\Tasks\USER_ESRV_SVC
2016-02-25 04:37 - 2015-08-30 21:49 - 00002954 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-02-25 04:37 - 2014-06-23 10:33 - 00002420 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2016-02-25 04:37 - 2014-06-23 10:33 - 00002394 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2016-02-25 04:37 - 2014-06-23 10:33 - 00002392 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2016-02-25 04:37 - 2014-06-23 10:33 - 00002378 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2016-02-25 04:37 - 2014-06-23 10:33 - 00002376 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2016-02-25 04:37 - 2013-12-19 01:18 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-02-25 04:37 - 2013-08-19 10:16 - 00003430 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-25 04:37 - 2013-08-19 10:16 - 00003206 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-25 04:37 - 2013-07-14 23:24 - 00002896 _____ C:\WINDOWS\System32\Tasks\VAIO Health Report
2016-02-25 04:37 - 2012-12-07 21:44 - 00002764 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-fastgtp25@hotmail.com
2016-02-25 04:37 - 2012-11-02 20:20 - 00002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2549116610-987113267-4104036400-1001
2016-02-25 04:37 - 2012-10-19 12:31 - 00002534 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2016-02-25 04:37 - 2012-10-19 12:31 - 00002534 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2016-02-25 04:37 - 2012-10-19 11:46 - 00002246 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2016-02-25 04:36 - 2015-10-30 02:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-02-25 04:36 - 2012-11-02 21:27 - 00879220 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-02-25 04:27 - 2016-01-12 22:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2016-02-25 04:27 - 2016-01-12 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-02-25 04:27 - 2015-11-17 22:48 - 00000000 __RHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2016-02-25 04:27 - 2015-10-31 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZiggyTV
2016-02-25 04:27 - 2015-10-30 04:07 - 00000000 ____D C:\WINDOWS\ShellNew
2016-02-25 04:27 - 2015-10-30 02:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-02-25 04:27 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-02-25 04:27 - 2015-07-09 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-02-25 04:27 - 2015-02-13 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E-Sys Launcher Premium
2016-02-25 04:27 - 2015-02-13 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E-Sys
2016-02-25 04:27 - 2014-08-22 11:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-02-25 04:27 - 2014-08-22 10:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2016-02-25 04:27 - 2014-06-23 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2016-02-25 04:27 - 2013-12-28 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-25 04:27 - 2013-11-18 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2016-02-25 04:27 - 2013-11-13 23:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2016-02-25 04:27 - 2013-09-07 09:35 - 00000000 ____D C:\Users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON Software
2016-02-25 04:27 - 2013-08-09 10:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cool Edit Pro 2.1
2016-02-25 04:27 - 2013-07-14 23:24 - 00000000 ____D C:\Users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VAIO Health Report
2016-02-25 04:27 - 2013-03-19 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2016-02-25 04:27 - 2013-03-19 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-02-25 04:27 - 2013-02-12 01:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-02-25 04:27 - 2013-02-12 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-02-25 04:27 - 2012-12-09 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perf.Trends
2016-02-25 04:27 - 2012-12-09 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ForceDistance
2016-02-25 04:27 - 2012-11-15 01:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Design and Web Premium CS6
2016-02-25 04:27 - 2012-11-15 00:15 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-02-25 04:27 - 2012-11-14 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-02-25 04:27 - 2012-11-14 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-02-25 04:27 - 2012-11-10 00:09 - 00000000 ____D C:\Users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mead & Company
2016-02-25 04:27 - 2012-11-06 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownloadX ActiveX Download Control 1.6
2016-02-25 04:27 - 2012-11-04 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2016-02-25 04:27 - 2012-11-04 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2016-02-25 04:27 - 2012-11-04 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RLC Racing
2016-02-25 04:27 - 2012-11-02 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Piolet
2016-02-25 04:27 - 2012-11-02 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2016-02-25 04:27 - 2012-11-02 20:13 - 00000000 ____D C:\WINDOWS\SysWOW64\VAIO Startup Setting Tool
2016-02-25 04:27 - 2012-10-19 12:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8
2016-02-25 04:27 - 2012-10-19 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtRage Studio
2016-02-25 04:24 - 2015-07-10 04:05 - 00000000 ____D C:\Users\Default.migrated
2016-02-25 04:19 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-02-25 04:19 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-02-25 04:19 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\spool
2016-02-25 04:19 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-02-25 04:19 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-25 04:19 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-02-25 04:19 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\IME
2016-02-25 04:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-02-25 04:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-02-25 04:19 - 2013-08-19 09:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-25 04:19 - 2012-10-19 11:45 - 00000000 ____D C:\WINDOWS\SysWOW64\SDA
2016-02-25 04:18 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-02-25 04:18 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\Resources
2016-02-25 04:18 - 2012-10-19 12:46 - 00000000 ____D C:\WINDOWS\system32\%AppData%
2016-02-25 04:17 - 2015-10-30 02:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-02-25 04:17 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\InputMethod
2016-02-25 04:17 - 2015-10-30 02:24 - 00000000 ____D C:\ProgramData\USOPrivate
2016-02-25 04:17 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-25 04:17 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-02-25 04:17 - 2014-02-04 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro
2016-02-25 04:17 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\ADFS
2016-02-25 04:17 - 2012-12-02 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-02-25 04:16 - 2012-11-18 12:58 - 00000000 ____D C:\Users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2016-02-25 04:13 - 2015-10-30 01:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-02-25 04:09 - 2014-08-22 10:35 - 00000000 ____D C:\AMD
2016-02-25 04:05 - 2015-10-30 04:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-02-25 00:30 - 2012-07-26 00:26 - 00000196 _____ C:\WINDOWS\win.ini
2016-02-25 00:02 - 2012-10-19 12:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-02-24 23:42 - 2012-12-13 03:03 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-19 16:55 - 2013-08-19 10:17 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 16:55 - 2013-08-19 10:17 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-19 16:11 - 2012-11-02 21:22 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-02-19 16:06 - 2012-11-02 21:23 - 00000000 ____D C:\Users\Brent\AppData\Roaming\Apple Computer
2016-02-19 16:06 - 2012-11-02 21:23 - 00000000 ____D C:\Users\Brent\AppData\Local\Apple Computer
2016-02-19 15:58 - 2014-06-10 07:26 - 00000000 __SHD C:\Users\Brent\AppData\LocalLow\EmieUserList
2016-02-19 15:58 - 2014-05-03 01:42 - 00000000 __SHD C:\Users\Brent\AppData\LocalLow\EmieSiteList
2016-02-19 15:49 - 2016-01-12 22:52 - 00000000 ____D C:\WINDOWS\system32\Drivers\N360x64
2016-02-09 12:03 - 2016-01-12 22:54 - 00002435 _____ C:\Users\Public\Desktop\Norton Security Suite.LNK
2016-02-03 14:01 - 2015-10-30 02:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 14:01 - 2015-10-30 02:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2012-11-02 21:32 - 2012-11-02 21:32 - 0000093 _____ () C:\Users\Brent\AppData\Local\fusioncache.dat
2012-11-18 12:55 - 2012-11-18 12:55 - 0000036 _____ () C:\Users\Brent\AppData\Local\housecall.guid.cache
2013-10-16 11:43 - 2013-11-13 23:42 - 0000125 ___SH () C:\ProgramData\.zreglib
2016-02-25 04:09 - 2016-02-25 04:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Brent\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Brent\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Brent\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-02-25 04:04

==================== End of FRST.txt ============================

Brent25 · Feb 26, 2016

Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-02-2016
Ran by Brent (2016-02-26 23:31:12)
Running from C:\Users\Brent\Downloads
Windows 10 Home Version 1511 (X64) (2016-02-25 09:48:54)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2549116610-987113267-4104036400-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2549116610-987113267-4104036400-1004 - Limited - Enabled)
Brent (S-1-5-21-2549116610-987113267-4104036400-1001 - Administrator - Enabled) => C:\Users\Brent
DefaultAccount (S-1-5-21-2549116610-987113267-4104036400-503 - Limited - Disabled)
Guest (S-1-5-21-2549116610-987113267-4104036400-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2549116610-987113267-4104036400-1006 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security Suite (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security Suite (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.14 (HKLM-x32\...\7-Zip) (Version: 15.14 - Igor Pavlov)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.14 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe CS6 Design and Web Premium (HKLM-x32\...\{402F6F2E-5683-491C-977D-0CA599A07CAF}) (Version: 6 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
AMD Catalyst Install Manager (HKLM\...\{CC608842-EFFB-2528-BE17-98B97F22FD5D}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArtRage Studio (HKLM-x32\...\{5A9FE63F-F201-4D55-9F5F-06DDB239AC4F}) (Version: 3.5.5 - Ambient Design)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Circle Track Analyzer v3.6 (HKLM-x32\...\{B51137C7-B662-4776-A85C-501CCA70955E}) (Version: 3.6 - Performance Trends)
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1923 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)
DownloadX ActiveX Download Control 1.6.7 (HKLM-x32\...\CA17A131-B7D9-41D6-868F-29A9BD9FCC8E_is1) (Version: - DownloadXCtrl.com)
Dropbox (HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
EDIABAS 7.3.0 (HKLM-x32\...\{083933AF-00A2-4CFC-BE59-19DC385E8761}) (Version: 7.3.0 - BMW Group)
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.30.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WF-3540 Series Printer Uninstall (HKLM\...\EPSON WF-3540 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
E-Sys 3.26.1 (build 42487) (HKLM-x32\...\E-Sys_is1) (Version: 3.26.1 - ESG GmbH)
E-Sys Launcher Premium (HKLM-x32\...\{C29E2985-DD21-4C7C-8264-56ADFC3893AD}) (Version: 1.0.7.26 - TokenMaster)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
ForceDistance version 2.0.0.0 (HKLM-x32\...\{5AB6E9B0-48C4-4F46-8D35-049368930705}_is1) (Version: 2.0.0.0 - Delosphere Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech SetPoint 6.51 (HKLM\...\sp6) (Version: 6.51.8 - Logitech)
LTCM Client (HKLM-x32\...\LTCM Client) (Version: - Leader Technologies Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden
Norton Security Suite (HKLM-x32\...\N360) (Version: 22.5.5.15 - Symantec Corporation)
Oracle VM VirtualBox 4.2.6 (HKLM\...\{A8A0B1C1-FBC7-4790-8E26-9DA1A6A95452}) (Version: 4.2.6 - Oracle Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Piolet 3.1.1 (HKLM-x32\...\Piolet) (Version: 3.1.1 - MP2P Technologies)
PlayMemories Home (HKLM-x32\...\{4C93E894-BE17-463B-A789-4CAB706987A0}) (Version: 8.0.21.11211 - Sony Corporation)
Pluto TV version 0.1.5 (HKLM-x32\...\Pluto TV_is1) (Version: 0.1.5 - Pluto TV)
PodLift (HKLM-x32\...\PodLift) (Version: - Marc Saint)
PodLift (x32 Version: 1.0.2.1 - Marc Saint) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
RLC Race Analyzer (HKLM-x32\...\{A9189902-E297-41FA-B8FC-A6E272CCB3F4}) (Version: 3.60.0481 - RLC Enterprises)
SCS Shortcut (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Software Updater (HKLM-x32\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION)
SOHLib for PlayMemories Home (Version: 1.0.1.11110 - Sony Corporation) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Store App Support Utility (HKLM\...\{B93C07D4-49FF-440D-8A6A-054A42AEA960}) (Version: 1.0.0.02240 - Sony Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
Techstream Software (HKLM-x32\...\{937CA58A-0212-431C-8F0B-0D8305225476}) (Version: 7.00.020 - DENSO CORPORATION)
Techstream Software (x32 Version: 7.00.020 - DENSO CORPORATION) Hidden
Trend Micro Titanium (Version: 6.00 - Trend Micro Inc.) Hidden
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 6.0 - Trend Micro Inc.)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.2.07020 - Sony Corporation)
VAIO Care (HKLM\...\{036400BD-B717-4D50-ACDC-96480C99EDD3}) (Version: 8.4.4.09186 - Sony Corporation)
VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11220 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.4.4.07220 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.1.02270 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden
VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.2.11060 - Sony Corporation)
VAIO Movie Creator Template Data (HKLM-x32\...\InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}) (Version: 4.0.00.08170 - Sony Corporation)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation)
VCCMMX64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.4 (HKLM-x32\...\VLC media player) (Version: 2.0.4 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net (07/15/2013 10.0.0.260) (HKLM\...\FF9ECD00DD25FDB7D3208607214790302878ACBE) (Version: 07/15/2013 10.0.0.260 - Qualcomm Atheros Communications Inc.)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
ZiggyTV (HKLM-x32\...\ZiggyTV) (Version: 5.1.2 - ZiggyTV)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Brent\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Brent\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll => No File
CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll => No File
CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll => No File
CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {033B7978-B4E3-4EC7-9455-7A133B7AE788} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {07901E19-8EFD-4939-AFA6-6E9F5D2479A5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0C147655-2200-471A-BA61-65C656FF7603} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {17D16274-31ED-48E4-951D-4D58416FB0AE} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe [2013-06-20] (Sony Electronics)
Task: {18A26D95-7673-4225-8C36-2A91FF9B7C60} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {1993264A-2D63-480C-952F-3F5252197ED9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {1A2DC034-6F26-46E5-911D-130FA5E155FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1DB6A878-BC97-4B51-A9E5-C7F16678A415} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2015-07-23] (Sony Corporation)
Task: {2386B3AA-799A-4830-AD1B-477245BDEFCA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {25C1155B-716E-4A25-8415-47C7FD818B5E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\WSCStub.exe [2015-11-20] (Symantec Corporation)
Task: {2AC88BF6-D676-4108-99D8-425CE6A884F7} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2015-07-31] (Sony Corporation)
Task: {2C11C05A-9199-469E-A557-676EB1504830} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-03] (Sony Corporation)
Task: {31BC3981-6769-4302-B7A9-B4E2C1AA5B2B} - System32\Tasks\Sony Corporation\VAIO Care\UpdateConfig => C:\ProgramData\Sony Corporation\VCM Data\UpdateConfig.exe [2015-03-03] (Sony Corporation)
Task: {3437ED00-0A80-4DC1-9721-5356B1C9B19B} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {3796F43B-8649-4F3A-B3D0-6C98D469B546} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3AC30E92-AF71-49D6-A426-8974AC4EC86B} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {3E84F071-FAEF-4E57-B1F3-0EA28C19B9CF} - System32\Tasks\Sony Corporation\Store App Support Utility\Store App Support Utility Logon Start => C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe [2014-02-24] (Sony Corporation)
Task: {418B664B-AAFD-4512-B13C-B02C2D85AA87} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {4F844BBA-39EE-42CE-A9B1-E9316147EEE6} - System32\Tasks\Norton 360\Norton Autofix => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {50CF9E1D-D41B-4941-A0B9-2BC1B32FD145} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-24] (Microsoft Corporation)
Task: {52F37F55-E4FA-4905-932B-A35E116CC565} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {561C8875-9484-4312-B142-B241FC94DE4E} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {58C73B8B-84B9-4473-B330-C4352FA4DFFA} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {593758B7-B3CD-45E7-968D-424C2132E842} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2549116610-987113267-4104036400-1001
Task: {62228252-6EF1-4925-9115-095D8DFCA9CA} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-21] (Sony Corporation)
Task: {6569AB29-C860-42E0-A575-19821B8BE512} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {6AFD6D0E-79D5-43A1-AB5F-B08D9919F3F3} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2015-07-31] (Sony Corporation)
Task: {7853376E-B9BA-46AB-A3F9-E76F5688DB50} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7B32430A-2DC2-4E6C-9606-532985C98CCE} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-fastgtp25@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {7E05BC59-6169-447B-8435-4283A1D55C98} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {81EB304F-F0AA-4A83-84E3-35B052D51686} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {849BCD55-7D56-47FD-8C36-9204468668F7} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {869DD878-754F-4FAE-BA49-3ECA2F9EC259} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {8E49A5B5-42CC-4C33-A080-0CA2DB96A3D7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {91408369-92FD-40E5-B31B-0B5649266B4C} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {92AB8EA1-659A-4068-954B-867367CF56F7} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {930F0AA3-2A77-4FD5-8BA4-63798FFFC9A1} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {9402FA66-0E41-4591-B2DC-D2760D867A81} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => C:\ProgramData\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {A2B952D8-DC8A-4C59-877C-2D8B09E30605} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {AB0D45A3-567A-4F43-971F-B55240E6D96E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {B93B4F01-83F8-4725-BBD4-5099367F3BD5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {BB7D677E-D79A-40F0-8438-1DE6496BBD76} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C23E131E-0E36-4416-89EC-B2A01C49F342} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {CCDD60D2-8CFF-44E1-9D42-D248AF4B117B} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2015-02-04] (Sony Corporation)
Task: {CE3F44F9-BF08-4B0B-BC84-09EB0C97CCA5} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-12-01] (Apple Inc.)
Task: {D2FCA361-324B-43EE-BA13-89178590F824} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {D424945F-C688-4EA7-BDE2-F72EFFF0CFB7} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2015-08-06] (Sony Corporation)
Task: {DA07FEC4-016D-4628-ACFD-AC8D2BE8006C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {DC7323E9-0C27-46D9-B0DD-A7BF8B5C2BF9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DDD7F852-D1C5-4FEB-B99C-230CF230C49D} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {DE3C914C-8439-46D2-AD96-DAA32E80C002} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {DF701159-B8DD-40C4-92C3-F71251A73DFD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E08CCE6B-F939-4D42-85BF-14703AF43399} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {EE1D534E-6C05-4483-BD2A-3603A57DDB43} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)
Task: {F10F6BC7-9021-4451-A201-CACF070ADA85} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {F3D40B42-F344-45C5-9335-BF65D24B112B} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {F505836D-26DC-423A-9334-2122B46D3066} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {F5BFFA22-7020-4290-83C5-9DA0710F6483} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2013-11-07] (Sony Corporation)
Task: {F7467E2C-0AE9-49B9-ABCE-1FE99E4B9EAC} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {FFB465A8-A4B5-4DD1-A6CE-D0E40D168B7F} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2549116610-987113267-4104036400-1001Core1d0df9fc452f15e.job => C:\Users\Brent\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Brent\Desktop\E-Sys (BMW Coding Software).lnk -> C:\EC-Apps\ESG\E-Sys\E-Sys.bat ()

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 02:18 - 2015-10-30 02:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-25 06:58 - 2016-02-25 06:58 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00413336 _____ () C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
2015-08-26 13:11 - 2015-08-26 13:11 - 00709272 _____ () C:\Program Files\Sony\VAIO Care\ESRV\intel_modeler.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00130712 _____ () C:\Program Files\Sony\VAIO Care\ESRV\intel_process_input.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00025752 _____ () C:\Program Files\Sony\VAIO Care\ESRV\intel_system_power_state_input.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00059544 _____ () C:\Program Files\Sony\VAIO Care\ESRV\intel_quality_and_reliability_input.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00194712 _____ () C:\Program Files\Sony\VAIO Care\ESRV\acpi_battery_input.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00159896 _____ () C:\Program Files\Sony\VAIO Care\ESRV\sema_thermal_input.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00158360 _____ () C:\Program Files\Sony\VAIO Care\ESRV\wifi_input.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00050840 _____ () C:\Program Files\Sony\VAIO Care\ESRV\devices_use_input.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00032920 _____ () C:\Program Files\Sony\VAIO Care\ESRV\intel_disktrace_input.dll
2015-08-26 13:11 - 2015-08-26 13:11 - 00458904 _____ () C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
2015-08-26 13:11 - 2015-08-26 13:11 - 00185496 _____ () C:\Program Files\Sony\VAIO Care\ESRV\foreground_window_input.dll
2016-02-25 11:21 - 2016-02-25 11:22 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2012-10-19 12:31 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-02-24 23:35 - 2016-01-12 13:44 - 00034768 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-24 23:35 - 2016-01-12 13:45 - 00019408 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-01-12 22:22 - 2016-01-12 13:44 - 00116688 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-02-24 23:35 - 2016-01-12 13:44 - 00093640 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-02-24 23:35 - 2016-01-12 13:44 - 00018376 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\select.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00019760 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-02-24 23:35 - 2016-01-12 13:46 - 00105928 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-01-12 22:22 - 2016-01-12 13:44 - 00392144 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-02-24 23:35 - 2016-02-16 13:39 - 00381752 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-02-24 23:35 - 2016-01-12 13:44 - 00692688 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-24 23:35 - 2016-02-16 13:38 - 00020816 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-02-24 23:35 - 2016-01-12 13:45 - 00112592 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-24 23:35 - 2016-02-16 13:38 - 01682760 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-24 23:35 - 2016-02-16 13:38 - 00020808 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00020800 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00021840 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00038696 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-01-12 22:22 - 2016-01-12 13:46 - 00020936 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-02-24 23:35 - 2016-01-12 13:46 - 00024528 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-02-24 23:35 - 2016-01-12 13:47 - 00114640 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-02-24 23:35 - 2016-01-12 13:46 - 00124880 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00021832 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-02-24 23:35 - 2016-01-12 13:46 - 00024016 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-02-24 23:35 - 2016-01-12 13:46 - 00175560 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-02-24 23:35 - 2016-01-12 13:47 - 00030160 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-02-24 23:35 - 2016-01-12 13:47 - 00043472 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-02-24 23:35 - 2016-01-12 13:47 - 00028616 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-02-24 23:35 - 2016-01-12 13:47 - 00048592 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00026456 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-02-24 23:35 - 2016-01-12 13:46 - 00057808 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-02-24 23:35 - 2016-01-12 13:47 - 00024016 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-24 23:35 - 2016-02-16 13:38 - 00117056 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 00024392 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-24 23:35 - 2016-01-12 13:47 - 00036296 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\librsync.dll
2016-02-24 23:35 - 2016-02-16 13:39 - 00031568 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2016-02-24 23:35 - 2015-11-04 19:04 - 00293392 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2016-02-24 23:35 - 2016-02-16 13:39 - 00023376 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-24 23:35 - 2016-01-12 13:44 - 00134608 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-01-12 22:22 - 2016-01-12 13:44 - 00134088 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-24 23:35 - 2016-01-12 13:45 - 00240584 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 00052024 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00020800 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00021824 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00019776 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00020800 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-24 23:35 - 2016-02-16 13:38 - 00020280 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-02-24 23:35 - 2016-01-12 13:47 - 00350152 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00022352 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00084792 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-01-12 22:22 - 2016-02-16 13:39 - 01826096 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-02-24 23:35 - 2016-01-12 13:45 - 00083912 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\sip.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 03928880 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 01971504 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 00531248 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 00132912 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 00223544 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 00207672 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00158008 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-24 23:35 - 2016-02-16 13:39 - 00042808 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-24 23:35 - 2016-01-12 13:49 - 00017864 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-24 23:35 - 2016-01-12 13:49 - 01631184 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-02-24 23:35 - 2016-02-16 13:39 - 00024904 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 00546096 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-01-12 22:22 - 2016-02-16 13:39 - 00357680 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-01-12 22:22 - 2016-01-12 13:52 - 00697304 _____ () C:\Users\Brent\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-02-25 11:21 - 2016-02-25 11:22 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-25 11:21 - 2016-02-25 11:22 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2012-10-19 11:44 - 2012-07-24 21:52 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS

Brent25 · Feb 26, 2016

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2016-01-12 22:36 - 00000854 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2549116610-987113267-4104036400-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Brent\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\alpinestars.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "CineForm Status.lnk"
HKLM\...\StartupApproved\StartupFolder: => "ResultsHubDesktopSearch.lnk"
HKLM\...\StartupApproved\StartupFolder: => "PlutoTV.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "FUFAXRCV"
HKLM\...\StartupApproved\Run32: => "FUFAXSTM"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "LTCM Client"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "ROC_roc_ssl_v12"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\StartupApproved\Run: => "AnyDVD"
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2549116610-987113267-4104036400-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_723B7423F2BABCAECDF43AE1343EA9C3"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{80059107-A63D-4AC2-A9B9-2BAB9187CD64}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F7277556-2325-43B4-9F4E-C31918E8B87D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9A8EF062-5F54-4350-A2E4-D59683179E6B}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{D589E31E-CC1A-4601-BB46-BB36A5C20659}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{AFBEFF0C-CC59-47E2-A7FD-A901C05DDC22}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{EEEFF742-0592-4057-8BCB-5E6EC9685584}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [UDP Query User{7049A74B-545D-4F60-B709-6FA62FBC65D2}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{18DDAA28-FFB5-4E65-9B04-75EC25A52C76}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{05D77DD2-30DD-41E5-BD04-A2C5E87BFE3D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D15C700A-A4F4-4F45-A077-DA445B646E44}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{75EDEE90-0212-462B-B5EE-F93C27B091DD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{72E7D6E6-75AA-48CD-A738-0C3573E4C25D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FB65BD8C-0069-4521-9F54-88222F8F67EA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{E776E579-EF00-43A5-AF5C-3C88C85C5F0B}] => (Allow) C:\Users\Brent\AppData\Local\Temp\WZSE2.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{B3A9F499-97F8-40A9-9BD5-2FD231B2113A}] => (Allow) C:\Users\Brent\AppData\Local\Temp\WZSE2.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{9B5207B7-64C2-4FB8-AF92-DAB2A3851835}] => (Allow) C:\Users\Brent\AppData\Local\Temp\WZSE1.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{2AB9BAE2-8F33-4325-9820-C39BFEBAFF12}] => (Allow) C:\Users\Brent\AppData\Local\Temp\WZSE1.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{995E35F5-E772-489D-B71B-52FB226FD18F}] => (Allow) C:\Users\Brent\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{DA80940F-55E2-4C9E-9491-6063FE7DCC23}] => (Allow) C:\Users\Brent\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{04A57FDE-5AB2-4531-AF8B-A5C4F206ABC0}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{A96454F3-BF2C-42BD-A261-8ACDD8FC00DA}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [UDP Query User{6DBEECE1-D083-49CD-8632-E415D2E39DA7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{8F3850C8-2D57-43BA-935A-3315ACA83E2D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{7DFF6E51-B898-41E2-8A45-4AC48393CD99}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{0D60F436-36AD-480C-B333-F9F2D45A3D1A}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [UDP Query User{C3ACEC3B-B53B-4C93-AB6E-A95A702CE10C}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{496BEC26-6529-483D-838B-0358E9079CEB}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{60E668C3-438A-40FD-89AB-A532FC700B4E}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{C787F44C-C977-42EB-BB31-93B7326CC814}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [UDP Query User{96A3EF14-C5EF-4A3C-81CC-73731DE13149}C:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{712853F8-1508-4D2D-BBA4-76A2A3FC77E6}C:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{9800DB76-66D2-447F-A6C2-4518F0774088}] => (Allow) C:\Users\Brent\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5F89C45A-957A-4B7A-914C-290D37BA9848}] => (Allow) C:\Users\Brent\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{B71C4FF3-B41C-40C6-BA18-68C9E204FABD}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{08D1B835-ED18-49E2-975E-6F49D1E8B28A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{082F02C8-004D-419D-A13B-5AA915CD3E31}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{D7EB7246-3A40-4A8A-BD63-DBFC53F92EC5}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{B2FA4137-1409-48C2-953A-6869A0E10A74}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
FirewallRules: [{370EE625-6817-48F0-80F3-22ADB8E11AB4}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{BDEB19E2-2E30-4598-924F-851F919FC529}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [TCP Query User{525BC080-AA75-4274-8CF2-C557004DCA37}C:\ec-apps\esg\e-sys\jre\bin\javaw.exe] => (Allow) C:\ec-apps\esg\e-sys\jre\bin\javaw.exe
FirewallRules: [UDP Query User{67417F41-D665-445E-94D3-2B08EE2B3E9B}C:\ec-apps\esg\e-sys\jre\bin\javaw.exe] => (Allow) C:\ec-apps\esg\e-sys\jre\bin\javaw.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7

==================== Restore Points =========================

25-02-2016 11:11:32 Installed EDIABAS 7.3.0
26-02-2016 00:32:52 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/26/2016 11:10:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 12.8.0.1016, time stamp: 0x51fb0c50
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x006cd13d
Faulting process id: 0x2e08
Faulting application start time: 0xIAStorDataMgrSvc.exe0
Faulting application path: IAStorDataMgrSvc.exe1
Faulting module path: IAStorDataMgrSvc.exe2
Report Id: IAStorDataMgrSvc.exe3
Faulting package full name: IAStorDataMgrSvc.exe4
Faulting package-relative application ID: IAStorDataMgrSvc.exe5

Error: (02/26/2016 11:10:32 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (02/26/2016 10:13:46 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (02/26/2016 10:13:46 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: ASP.NET_1.1.43228

Error: (02/26/2016 09:52:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 12.8.0.1016, time stamp: 0x51fb0c50
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0101d13d
Faulting process id: 0x2990
Faulting application start time: 0xIAStorDataMgrSvc.exe0
Faulting application path: IAStorDataMgrSvc.exe1
Faulting module path: IAStorDataMgrSvc.exe2
Report Id: IAStorDataMgrSvc.exe3
Faulting package full name: IAStorDataMgrSvc.exe4
Faulting package-relative application ID: IAStorDataMgrSvc.exe5

Error: (02/26/2016 09:52:50 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (02/26/2016 03:29:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BRENT)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/26/2016 12:47:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SpfService64.exe, version: 1.3.0.9090, time stamp: 0x4e684dec
Faulting module name: ntdll.dll, version: 10.0.10586.103, time stamp: 0x56a8483f
Exception code: 0xc0000005
Fault offset: 0x000000000000dd05
Faulting process id: 0x1ec4
Faulting application start time: 0xSpfService64.exe0
Faulting application path: SpfService64.exe1
Faulting module path: SpfService64.exe2
Report Id: SpfService64.exe3
Faulting package full name: SpfService64.exe4
Faulting package-relative application ID: SpfService64.exe5

Error: (02/26/2016 12:36:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 12.8.0.1016, time stamp: 0x51fb0c50
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x03d9d13d
Faulting process id: 0x2050
Faulting application start time: 0xIAStorDataMgrSvc.exe0
Faulting application path: IAStorDataMgrSvc.exe1
Faulting module path: IAStorDataMgrSvc.exe2
Report Id: IAStorDataMgrSvc.exe3
Faulting package full name: IAStorDataMgrSvc.exe4
Faulting package-relative application ID: IAStorDataMgrSvc.exe5

Error: (02/26/2016 12:36:45 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

System errors:
=============
Error: (02/26/2016 11:15:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).

Error: (02/26/2016 11:04:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
%%1053

Error: (02/26/2016 11:04:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Error: (02/26/2016 11:26:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_53fa1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/26/2016 11:26:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_53fa1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/26/2016 11:26:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_53fa1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/26/2016 11:26:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_53fa1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/26/2016 11:26:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/26/2016 10:58:31 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (02/26/2016 10:48:17 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

CodeIntegrity:
===================================
Date: 2016-02-25 11:25:46.041
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-25 11:18:17.844
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-25 04:37:03.988
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-25 04:33:17.930
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-25 04:06:47.403
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Percentage of memory in use: 29%
Total physical RAM: 8064.39 MB
Available physical RAM: 5710.27 MB
Total Virtual: 9344.39 MB
Available Virtual: 7041.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:892.5 GB) (Free:688.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 60BF1AB5)

Partition: GPT.

==================== End of Addition.txt ============================

Broni · Feb 27, 2016

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Brent25 · Feb 28, 2016

Fix result of Farbar Recovery Scan Tool (x64) Version:24-02-2016
Ran by Brent (2016-02-28 20:56:42) Run:1
Running from C:\Users\Brent\Downloads
Loaded Profiles: Brent (Available Profiles: Brent)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL =
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll => No File
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll No File
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll [No File]
FF HKLM\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1115\7.5.1115\firefoxextension => not found
FF HKLM-x32\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1115\7.5.1115\firefoxextension => not found
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension => not found
FF HKLM-x32\...\Firefox\Extensions: [{21541D23-FDA1-4bf3-8AF2-8F623BF70B07}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension => not found
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll => No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Trend Micro Titanium) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll => No File
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1115\7.5.1115\chrome_tmbep.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [heoldelcflnigdllmlopiefhkkobendj] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\chromeextension.crx <not found>
2012-11-02 21:32 - 2012-11-02 21:32 - 0000093 _____ () C:\Users\Brent\AppData\Local\fusioncache.dat
2012-11-18 12:55 - 2012-11-18 12:55 - 0000036 _____ () C:\Users\Brent\AppData\Local\housecall.guid.cache
2013-10-16 11:43 - 2013-11-13 23:42 - 0000125 ___SH () C:\ProgramData\.zreglib
2016-02-25 04:09 - 2016-02-25 04:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
C:\Users\Brent\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Brent\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Brent\AppData\Local\Temp\sqlite3.dll
CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll => No File
CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll => No File
CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll => No File
CustomCLSID: HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll => No File
Task: {033B7978-B4E3-4EC7-9455-7A133B7AE788} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {07901E19-8EFD-4939-AFA6-6E9F5D2479A5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {1A2DC034-6F26-46E5-911D-130FA5E155FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3796F43B-8649-4F3A-B3D0-6C98D469B546} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {52F37F55-E4FA-4905-932B-A35E116CC565} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7853376E-B9BA-46AB-A3F9-E76F5688DB50} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8E49A5B5-42CC-4C33-A080-0CA2DB96A3D7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {BB7D677E-D79A-40F0-8438-1DE6496BBD76} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {DA07FEC4-016D-4628-ACFD-AC8D2BE8006C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {DC7323E9-0C27-46D9-B0DD-A7BF8B5C2BF9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DF701159-B8DD-40C4-92C3-F71251A73DFD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => key removed successfully
"HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => key removed successfully
"HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => key removed successfully
"HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => key removed successfully
"HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => key removed successfully
"HKCR\Wow6432Node\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => key removed successfully
"HKCR\Wow6432Node\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => key removed successfully
"HKCR\Wow6432Node\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => key removed successfully
"HKCR\PROTOCOLS\Handler\tmtb" => key removed successfully
HKCR\CLSID\{04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} => key not found.
"HKCR\PROTOCOLS\Handler\tmtbim" => key removed successfully
HKCR\CLSID\{0B37915C-8B98-4B9E-80D4-464D2C830D10} => key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@TrendMicro.com/FFExtension" => key removed successfully
HKLM\Software\Mozilla\Firefox\Extensions\\tmbepff-7.5@trendmicro.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\tmbepff-7.5@trendmicro.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc} => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{21541D23-FDA1-4bf3-8AF2-8F623BF70B07} => value removed successfully
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => not found.
C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll => not found.
C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => not found.
C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll => not found.
C:\Windows\SysWOW64\npDeployJava1.dll => not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\heoldelcflnigdllmlopiefhkkobendj" => key removed successfully
C:\Users\Brent\AppData\Local\fusioncache.dat => moved successfully
C:\Users\Brent\AppData\Local\housecall.guid.cache => moved successfully
C:\ProgramData\.zreglib => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Users\Brent\AppData\Local\Temp\dllnt_dump.dll => moved successfully
C:\Users\Brent\AppData\Local\Temp\jre-8u73-windows-au.exe => moved successfully
C:\Users\Brent\AppData\Local\Temp\sqlite3.dll => moved successfully
HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found.
HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found.
HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found.
HKU\S-1-5-21-2549116610-987113267-4104036400-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{033B7978-B4E3-4EC7-9455-7A133B7AE788}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{033B7978-B4E3-4EC7-9455-7A133B7AE788}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07901E19-8EFD-4939-AFA6-6E9F5D2479A5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07901E19-8EFD-4939-AFA6-6E9F5D2479A5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A2DC034-6F26-46E5-911D-130FA5E155FD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A2DC034-6F26-46E5-911D-130FA5E155FD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3796F43B-8649-4F3A-B3D0-6C98D469B546}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3796F43B-8649-4F3A-B3D0-6C98D469B546}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52F37F55-E4FA-4905-932B-A35E116CC565}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52F37F55-E4FA-4905-932B-A35E116CC565}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7853376E-B9BA-46AB-A3F9-E76F5688DB50}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7853376E-B9BA-46AB-A3F9-E76F5688DB50}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8E49A5B5-42CC-4C33-A080-0CA2DB96A3D7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E49A5B5-42CC-4C33-A080-0CA2DB96A3D7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB7D677E-D79A-40F0-8438-1DE6496BBD76}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB7D677E-D79A-40F0-8438-1DE6496BBD76}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA07FEC4-016D-4628-ACFD-AC8D2BE8006C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA07FEC4-016D-4628-ACFD-AC8D2BE8006C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DC7323E9-0C27-46D9-B0DD-A7BF8B5C2BF9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC7323E9-0C27-46D9-B0DD-A7BF8B5C2BF9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF701159-B8DD-40C4-92C3-F71251A73DFD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF701159-B8DD-40C4-92C3-F71251A73DFD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully

==== End of Fixlog 20:56:43 ====

Brent25 · Feb 28, 2016

Also my computer just went to a blue screen and said Driver Power State Failure hasn't done that before until now.

Broni · Feb 28, 2016

One BSOD shouldn't be a reason for any concern.

Last scans...

Download Security Check from here or here and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:

Internet Services
Windows Firewall
System Restore
Security Center
Windows Update
Windows Defender
Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

Download Sophos Free Virus Removal Tool and save it to your desktop.

Double click the icon and select Run
Click Next
Select I accept the terms in this license agreement, then click Next twice
Click Install
Click Finish to launch the program
Once the virus database has been updated click Start Scanning
If any threats are found click Details, then View log file... (bottom left hand corner)
Copy and paste the results in your reply
Close the Notepad document, close the Threat Details screen, then click Start cleanup
Click Exit to close the program

Broni · Mar 4, 2016

Still with me?

Broni · Mar 8, 2016

This topic is marked as abandoned and closed due to inactivity.

This member will NOT be eligible to receive any more help in malware removal forum.

Inactive-A Sony Vaio computer running slow and locks up

Posts: 16 +0

Posts: 16 +0

Posts: 56,041 +516

Posts: 16 +0

Posts: 16 +0

Posts: 56,041 +516

Posts: 16 +0

Posts: 16 +0

Posts: 16 +0

Posts: 16 +0

Posts: 16 +0

Posts: 56,041 +516

Posts: 16 +0

Posts: 16 +0

Posts: 16 +0

Posts: 16 +0

Posts: 16 +0

Posts: 56,041 +516

Attachments

Posts: 16 +0

Posts: 16 +0

Posts: 56,041 +516

Posts: 56,041 +516

Posts: 56,041 +516

Similar threads