All browsers freezing Win7 computer

yellowdog232 · May 17, 2016

Hi - both internet explorer and google chrome consistently crash for no reason on this machine. MBAM scan with updated log today reveals no infections. Here are the FRST logs. Thanks in advance.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-05-2016
Ran by mariaw (administrator) on MW-WORKSTATION (17-05-2016 19:39:46)
Running from C:\Users\mariaw\Downloads
Loaded Profiles: mariaw & QBDataServiceUser23 (Available Profiles: mariaw & QBDataServiceUser23)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Intuit, Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2013\QBDBMgrN.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOCareService.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Dropbox, Inc.) C:\Users\mariaw\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intuit Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Dropbox, Inc.) C:\Users\mariaw\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9636896 2009-12-16] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [208384 2009-11-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [357384 2009-09-12] (Acronis)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre1.8.0_66\bin\jusched.exe"
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-11-20] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SmartWiHelper] => C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe [80384 2009-10-05] (Sony Electronics Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [320880 2009-08-26] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5048488 2009-09-12] (Acronis)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3776824 2015-11-10] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
HKU\S-1-5-21-2718738982-134382734-2047601486-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2718738982-134382734-2047601486-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-01-16] (Google Inc.)
HKU\S-1-5-21-2718738982-134382734-2047601486-1000\...\Run: [Dropbox Update] => C:\Users\mariaw\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2009-12-25]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2016-04-25]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2016-04-25]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2016-04-25]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE (Intuit Inc.)
Startup: C:\Users\mariaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-05-17]
ShortcutTarget: Dropbox.lnk -> C:\Users\mariaw\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6DD0B22D-C026-4940-9700-1362E8BA5673}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{EB67E911-867D-4C13-AE00-E3C7ECA0A89B}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKU\S-1-5-21-2718738982-134382734-2047601486-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
HKU\S-1-5-21-2718738982-134382734-2047601486-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKU\S-1-5-21-2718738982-134382734-2047601486-1000 -> DefaultScope {335B9CC0-B5FC-48C0-B52A-12CE438BCB89} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2718738982-134382734-2047601486-1000 -> {335B9CC0-B5FC-48C0-B52A-12CE438BCB89} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2718738982-134382734-2047601486-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-12] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-12] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-12] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-2718738982-134382734-2047601486-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
DPF: HKLM-x32 {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://www.photogize.com/bponet/ImageUploader5.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
Handler-x32: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll [2016-03-22] (Intuit, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT"
CHR Profile: C:\Users\mariaw\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\mariaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\mariaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (Rapport) - C:\Users\mariaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-02-09]
CHR Extension: (YouTube) - C:\Users\mariaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\mariaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Google Docs Offline) - C:\Users\mariaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mariaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Gmail) - C:\Users\mariaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKU\S-1-5-21-2718738982-134382734-2047601486-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2016-03-22] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2012-10-17] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2012-10-17] (Intuit Inc.) [File not signed]
R3 QuickBooksDB23; C:\Program Files (x86)\Intuit\QuickBooks 2013\QBDBMgrN.exe [679936 2016-03-22] (Intuit, Inc.) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2382832 2016-05-10] (IBM Corp.)
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-08-31] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-08-31] (Sonic Solutions)
S3 SampleCollector; C:\Program Files\Sony\VAIO Care\collsvc.exe [167424 2009-09-17] (Intel Corporation) [File not signed]
S3 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-10-15] (Sony Corporation)
S3 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-10-15] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-09-14] (Sony Corporation) [File not signed]
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [642416 2009-09-14] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [1165680 2009-10-30] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336 2009-09-14] (Sony Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R1 RapportCerberus_1609040; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609040.sys [1157160 2016-05-17] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [544360 2016-05-10] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [215560 2016-05-10] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [470056 2016-05-10] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [525992 2016-05-10] (IBM Corp.)
R0 tdrpman251; C:\Windows\System32\DRIVERS\tdrpm251.sys [1455648 2010-05-12] (Acronis)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-11-12] ()
U2 MSSQL$DDNI; no ImagePath
U2 Oasis2Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-17 19:39 - 2016-05-17 19:40 - 00023646 _____ C:\Users\mariaw\Downloads\FRST.txt
2016-05-17 19:38 - 2016-05-17 19:39 - 00000000 ____D C:\FRST
2016-05-17 19:37 - 2016-05-17 19:37 - 02382336 _____ (Farbar) C:\Users\mariaw\Downloads\FRST64.exe
2016-05-17 17:06 - 2016-05-17 17:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-17 17:06 - 2016-05-17 17:06 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-17 17:06 - 2016-05-17 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-17 17:06 - 2016-05-17 17:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-17 17:06 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-17 17:06 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-17 08:40 - 2016-05-17 08:40 - 00000000 ____D C:\Users\mariaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-12 09:07 - 2016-05-12 09:04 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2016-05-10 14:04 - 2016-05-10 14:04 - 00015025 _____ C:\Users\mariaw\Downloads\Weekly time sheet with breaks 05_02_2016 sean n.xlsx
2016-05-10 14:03 - 2016-05-10 14:03 - 00015106 _____ C:\Users\mariaw\Downloads\Weekly time sheet with breaks b vavrova 05_02_2016.xlsx
2016-05-10 14:02 - 2016-05-10 14:03 - 00531600 _____ C:\Users\mariaw\Downloads\CCF_20160509_120329.pdf
2016-05-10 13:59 - 2016-05-10 13:59 - 00014965 _____ C:\Users\mariaw\Downloads\Weekly time sheet with breaks hermelinda 05_02_2016.xlsx
2016-05-10 13:58 - 2016-05-10 13:58 - 00570221 _____ C:\Users\mariaw\Downloads\CCF_20160509_115419.pdf
2016-05-10 10:09 - 2016-05-10 10:09 - 00025856 _____ C:\Users\mariaw\Downloads\NORTH09-2999.pdf
2016-05-03 13:41 - 2016-05-03 13:41 - 02034901 _____ C:\Users\mariaw\Downloads\Global Policy 15-16.pdf
2016-05-03 11:03 - 2016-05-03 11:03 - 00505647 _____ C:\Users\mariaw\Downloads\CCF_20160502_125947 (1).pdf
2016-05-03 11:01 - 2016-05-03 11:01 - 00014998 _____ C:\Users\mariaw\Downloads\Weekly time sheet with breaks b vavrova 04_25_2016.xlsx
2016-05-03 11:00 - 2016-05-03 11:00 - 00505647 _____ C:\Users\mariaw\Downloads\CCF_20160502_125947.pdf
2016-05-03 10:58 - 2016-05-03 10:58 - 00015018 _____ C:\Users\mariaw\Downloads\Weekly time sheet with breaks michael m 04_25_2016.xlsx
2016-05-03 10:55 - 2016-05-03 10:55 - 00014955 _____ C:\Users\mariaw\Downloads\Weekly time sheet with breaks sean n 04_25_2016.xlsx
2016-05-03 10:54 - 2016-05-03 10:54 - 00552666 _____ C:\Users\mariaw\Downloads\CCF_20160502_123027.pdf
2016-05-03 10:53 - 2016-05-03 10:53 - 00015002 _____ C:\Users\mariaw\Downloads\Weekly time sheet with breaks hermelinda 04_25_2016.xlsx
2016-05-03 08:47 - 2016-05-03 08:47 - 00060244 _____ C:\Users\mariaw\Downloads\Cruise Itinerary.pdf
2016-04-27 11:58 - 2016-04-27 11:58 - 00007004 _____ C:\Users\mariaw\Downloads\report1 (21).xlsx
2016-04-27 11:57 - 2016-04-27 11:57 - 00006079 _____ C:\Users\mariaw\Downloads\report1 (20).xlsx
2016-04-27 11:11 - 2016-04-27 11:11 - 00015014 _____ C:\Users\mariaw\Downloads\Weekly time sheet with breaks hermelinda 04_18_2016.xlsx
2016-04-27 11:10 - 2016-04-27 11:10 - 00581230 _____ C:\Users\mariaw\Downloads\CCF_000008.pdf
2016-04-27 11:07 - 2016-04-27 11:07 - 00015003 _____ C:\Users\mariaw\Downloads\Weekly time sheet with breaks michael m 04_18_2016.xlsx
2016-04-27 11:05 - 2016-04-27 11:05 - 00014921 _____ C:\Users\mariaw\Downloads\Weekly time sheet with breaks sean 04_18_2016.xlsx
2016-04-27 10:54 - 2016-04-27 10:54 - 00122572 _____ C:\Users\mariaw\Downloads\NicolaSDucilleCriminalReport.pdf
2016-04-27 10:53 - 2016-04-27 10:53 - 00146039 _____ C:\Users\mariaw\Downloads\NicolaSDucilleCreditReport.pdf
2016-04-27 10:08 - 2016-04-27 10:08 - 04648282 _____ C:\Users\mariaw\Downloads\CCF_000007.pdf
2016-04-22 11:29 - 2016-04-22 11:29 - 00133359 _____ C:\Users\mariaw\Downloads\BladesRobinCriminalReport.pdf
2016-04-22 11:28 - 2016-04-22 11:28 - 00108221 _____ C:\Users\mariaw\Downloads\BladesRobinCreditReport.pdf
2016-04-21 11:11 - 2016-04-21 11:11 - 00114643 _____ C:\Users\mariaw\Downloads\Application230574524031.pdf
2016-04-21 11:10 - 2016-04-21 11:10 - 00115082 _____ C:\Users\mariaw\Downloads\OnikaWrightCreditReport.pdf
2016-04-21 10:39 - 2016-04-21 10:39 - 00115490 _____ C:\Users\mariaw\Downloads\Application176332249994.pdf
2016-04-21 10:38 - 2016-04-21 10:38 - 00104170 _____ C:\Users\mariaw\Downloads\GregoryHolmesCreditReport (1).pdf
2016-04-21 10:36 - 2016-04-21 10:36 - 00068614 _____ C:\Users\mariaw\Downloads\GregoryHolmesCreditReport.pdf
2016-04-21 10:26 - 2016-04-21 10:26 - 00122665 _____ C:\Users\mariaw\Downloads\LeRenaGrayCriminalReport.pdf
2016-04-21 10:24 - 2016-04-21 10:24 - 00105539 _____ C:\Users\mariaw\Downloads\LeRenaGrayCreditReport.pdf
2016-04-20 11:09 - 2016-04-20 11:09 - 00014907 _____ C:\Users\mariaw\Downloads\Weekly time sheet with breaks sean n 04_11_2016.xlsx
2016-04-20 10:22 - 2016-04-20 10:22 - 00563726 _____ C:\Users\mariaw\Downloads\CCF04182016.pdf
2016-04-20 10:21 - 2016-04-20 10:21 - 00014975 _____ C:\Users\mariaw\Downloads\Weekly time sheet with breaks hermelinda 04_11_2016.xlsx
2016-04-20 10:18 - 2016-04-20 10:18 - 00014980 _____ C:\Users\mariaw\Downloads\Weekly time sheet with breaks michael m 04_11_2016.xlsx
2016-04-19 10:16 - 2016-04-19 10:16 - 00002245 _____ C:\Users\mariaw\Downloads\fldbpr_onlinePaymentSummary_DATE160324102936_4400970332300591077 (1).pdf
2016-04-19 09:30 - 2016-04-19 09:30 - 00151410 _____ C:\Users\mariaw\Downloads\Guest Pay Folio Invoice-04182016--6253388212055142659.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-17 19:39 - 2009-07-14 00:45 - 00013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-17 19:39 - 2009-07-14 00:45 - 00013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-17 19:32 - 2015-06-20 15:21 - 00000922 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2718738982-134382734-2047601486-1000UA.job
2016-05-17 19:20 - 2012-10-22 10:40 - 00000000 ___RD C:\Users\mariaw\Dropbox
2016-05-17 19:18 - 2012-12-04 14:08 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-17 19:18 - 2010-01-16 04:38 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-17 19:18 - 2010-01-16 04:38 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-17 17:51 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-17 17:06 - 2013-12-06 18:37 - 00000000 ____D C:\Users\mariaw\AppData\Roaming\Malwarebytes
2016-05-17 17:06 - 2013-12-06 18:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-17 17:06 - 2013-12-06 18:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2016-05-17 17:01 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-17 14:01 - 2009-07-14 01:13 - 00779266 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-17 14:01 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-05-17 13:52 - 2010-05-18 15:20 - 00000000 ____D C:\Users\mariaw\Documents\Gino Business Documents
2016-05-17 10:32 - 2015-06-20 15:21 - 00000870 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2718738982-134382734-2047601486-1000Core.job
2016-05-17 09:14 - 2011-12-13 17:14 - 00000681 _____ C:\Windows\BRCALIB.INI
2016-05-17 08:41 - 2012-10-22 10:37 - 00000000 ____D C:\Users\mariaw\AppData\Roaming\Dropbox
2016-05-17 08:22 - 2015-09-30 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2016-05-13 10:14 - 2015-03-27 13:58 - 00000000 ____D C:\Windows\Minidump
2016-05-13 10:13 - 2010-01-16 04:38 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-12 09:08 - 2014-11-18 14:14 - 00000000 ____D C:\ProgramData\Oracle
2016-05-12 09:08 - 2010-01-16 04:41 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-12 09:07 - 2014-11-18 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-12 09:07 - 2014-02-13 11:08 - 00002305 _____ C:\Users\mariaw\Desktop\Dale Labs ROES.lnk
2016-05-12 09:07 - 2010-01-16 04:40 - 00000000 ____D C:\Program Files\Java
2016-05-12 09:05 - 2015-12-16 11:23 - 00000000 ____D C:\Users\mariaw\.oracle_jre_usage
2016-05-12 09:04 - 2015-12-16 11:26 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-05-12 09:00 - 2014-11-18 14:15 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-05-11 09:03 - 2010-01-16 04:38 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 09:03 - 2010-01-16 04:38 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-10 20:35 - 2015-09-30 11:56 - 00470056 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKE64.sys
2016-05-10 20:35 - 2015-09-30 11:56 - 00215560 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportHades64.sys
2016-05-03 08:27 - 2010-05-17 14:27 - 00000000 ____D C:\Users\mariaw\Documents\Maria Personal
2016-04-26 08:27 - 2009-07-14 01:08 - 00032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-25 11:40 - 2012-12-04 14:17 - 00000089 _____ C:\Windows\QBChanUtil_Trigger.ini
2016-04-25 11:39 - 2012-12-04 15:04 - 00002111 _____ C:\Users\Public\Desktop\QuickBooks Pro 2013.lnk
2016-04-25 11:39 - 2012-12-04 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickBooks
2016-04-22 03:57 - 2010-05-12 22:55 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-19 08:30 - 2015-06-20 15:21 - 00000000 ____D C:\Users\mariaw\AppData\Local\Dropbox

==================== Files in the root of some directories =======

2010-09-21 11:05 - 2010-09-21 11:05 - 0004096 ____H () C:\Users\mariaw\AppData\Local\keyfile3.drm

Files to move or delete:
====================
C:\Users\mariaw\g2ax_customer_downloadhelper_win32_x86.exe

Some files in TEMP:
====================
C:\Users\mariaw\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\mariaw\AppData\Local\Temp\_is416B.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-05-10 12:52

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:16-05-2016
Ran by mariaw (2016-05-17 19:41:21)
Running from C:\Users\mariaw\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2010-05-13 02:37:47)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2718738982-134382734-2047601486-500 - Administrator - Disabled)
Guest (S-1-5-21-2718738982-134382734-2047601486-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2718738982-134382734-2047601486-1002 - Limited - Enabled)
mariaw (S-1-5-21-2718738982-134382734-2047601486-1000 - Administrator - Enabled) => C:\Users\mariaw
QBDataServiceUser23 (S-1-5-21-2718738982-134382734-2047601486-1003 - Limited - Enabled) => C:\Users\QBDataServiceUser23

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis True Image Home (HKLM-x32\...\{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}) (Version: 13.0.5055 - Acronis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Master Collection (HKLM-x32\...\Adobe_b2d6abde968e6f277ddbfd501383e02) (Version: 4.0 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\{98616875-CF30-4BE5-AAED-36EF4AC6EE27}) (Version: 11.3.300.268 - Adobe Systems Incorporated)
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.1.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.2 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.85 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.193 - ArcSoft)
Brother MFL-Pro Suite MFC-9970CDW (HKLM-x32\...\{979742CC-2CBB-49D8-9BEE-C2F7875F5393}) (Version: 1.1.5.0 - Brother Industries, Ltd.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.1) (Version: 5.0.0.1 - Coupons.com Incorporated)
Dale Labs ROES (HKU\S-1-5-21-2718738982-134382734-2047601486-1000\...\Dale Labs ROES) (Version: - Dale Labs)
Dropbox (HKU\S-1-5-21-2718738982-134382734-2047601486-1000\...\Dropbox) (Version: 3.20.1 - Dropbox, Inc.)
Evernote (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 3.5.0.545 - Evernote Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.4.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.1.1.11200 - Sony Corporation)
Media Gallery (x32 Version: 1.1.1.11200 - Sony Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.0.00.10260 - Sony Corporation)
PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}) (Version: 1.0.00.09250 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.0.00.09250 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.0.01.11230 - Sony Corporation)
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.0.01.11230 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.0.00.10150 - Sony Corporation)
PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.0.00.10150 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.0.01.12010 - Sony Corporation)
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.0.01.12010 - Sony Corporation) Hidden
QuickBooks (x32 Version: 23.0.4017.2305 - Intuit Inc.) Hidden
QuickBooks Financial Center (HKLM-x32\...\{0F962B79-D0DC-40D9-96BA-ED1355120CBA}) (Version: 1.30.0000 - Intuit Inc.)
QuickBooks Pro 2013 (HKLM-x32\...\{3C631966-387E-4054-85D9-BBFFABE32BD8}) (Version: 23.0.4003.2305 - Intuit Inc.)
Rapport (x32 Version: 3.5.1609.56 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5992 - Realtek Semiconductor Corp.)
Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Scansoft PDF Professional (x32 Version: - ) Hidden
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.1.0.11200 - Sony Corporation)
Shutterfly Express Uploader (HKLM-x32\...\com.Shutterfly.ExpressUploader) (Version: 1.2.0.0 - Shutterfly, Inc.)
Shutterfly Express Uploader (x32 Version: 1.2.0 - Shutterfly, Inc.) Hidden
SmartWi Connection Utility (HKLM-x32\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.9.4.20091005.2246 - Sony)
Sony Home Network Library (HKLM-x32\...\{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}) (Version: 2.0.1.10160 - Sony Corporation)
Sony Home Network Library (x32 Version: 2.0.1.10160 - Sony Corporation) Hidden
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1609.56 - Trusteer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 5.0.3.11130 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM-x32\...\{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}) (Version: 3.6.0.09250 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.6.0.09250 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Network Service Manager (HKLM-x32\...\{4427F384-B5BE-4769-B7D0-C784FC321EB1}) (Version: 3.6.0.09080 - Sony Corporation)
VAIO Content Metadata Intelligent Network Service Manager (x32 Version: 3.6.0.09080 - Sony Corporation) Hidden
VAIO Content Metadata Manager Settings (HKLM-x32\...\{12D0BE8D-538C-4AB1-86DE-C540308F50DA}) (Version: 3.6.0.09240 - Sony Corporation)
VAIO Content Metadata Manager Settings (x32 Version: 3.6.0.09240 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}) (Version: 3.6.0.09080 - Sony Corporation)
VAIO Content Metadata XML Interface Library (x32 Version: 3.6.0.09080 - Sony Corporation) Hidden
VAIO Content Monitoring Settings (HKLM-x32\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.4.1.09180 - Sony Corporation)
VAIO Content Monitoring Settings (x32 Version: 2.4.1.09180 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.1.0.10160 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.2.0.09150 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.2.0.09150 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.0.00.09240 - Sony Corporation)
VAIO Entertainment Platform (HKLM-x32\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.6.0.09150 - Sony Corporation)
VAIO Entertainment Platform (x32 Version: 3.6.0.09150 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.1.0.12010 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 3.9.1 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{DB1C9CB7-DF65-4991-BD17-71BF9CD15BA0}) (Version: 10.00.1029 - Sony Corporation)
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.0.1.10160 - Sony Corporation)
VAIO Media plus Opening Movie (HKLM-x32\...\{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}) (Version: 2.0.0.07030 - Sony Corporation)
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.0.00.09240 - Sony Corporation)
VAIO Movie Story Template Data (x32 Version: 2.0.00.09240 - Sony Corporation) Hidden
VAIO OOBE and Startup Assistant (HKLM-x32\...\{1B500D37-E7CF-480B-8054-8A563594EC4E}) (Version: 2.00.1110 - Sony Corporation)
VAIO Original Function Settings (HKLM-x32\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 2.0.0.07010 - Sony Corporation)
VAIO Original Function Settings (x32 Version: 2.0.0.07010 - Sony Corporation) Hidden
VAIO Personalization Manager (HKLM-x32\...\{A95187EF-BCF4-4468-B501-C0BAB976ADD1}) (Version: 2.0.0.06220 - Sony Corporation)
VAIO Personalization Manager (x32 Version: 2.0.0.06220 - Sony Corporation) Hidden
VAIO Power Management (HKLM-x32\...\{803E4FA5-A940-4420-B89D-A8BC2E160247}) (Version: 5.0.0.11300 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.2.2.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.2.2.3 - Sony Corporation) Hidden
VAIO Survey (HKLM-x32\...\{34B37A74-125E-4406-87BA-E4BD3D097AE5}) (Version: 6.00.1028 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.1.0.10200 - Sony Corporation)
VAIO Update 5 (HKLM-x32\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.0.0.10300 - Sony Corporation)
VAIO Wallpaper Contents (HKLM-x32\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 2.0.0.06010 - Sony Corporation)
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405) (HKLM\...\930E4792BDAEAFB62A9514EE7578775658A5D07C) (Version: 09/09/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2718738982-134382734-2047601486-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\mariaw\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2718738982-134382734-2047601486-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2718738982-134382734-2047601486-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2718738982-134382734-2047601486-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2718738982-134382734-2047601486-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2718738982-134382734-2047601486-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2718738982-134382734-2047601486-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2718738982-134382734-2047601486-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2718738982-134382734-2047601486-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2718738982-134382734-2047601486-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2718738982-134382734-2047601486-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\mariaw\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01F72821-EE7A-4061-9123-2CDB171531A0} - System32\Tasks\{C80CAC95-6956-4D6C-9EE5-C9855BE4BD65} => F:\pmw.pro\SETUP.EXE
Task: {02B5400D-0B58-4386-A6BC-740C5B2735A4} - System32\Tasks\{2227FBB9-2D3A-4083-865D-0D4B0F8926F0} => F:\pmw.pro\SETUP.EXE
Task: {09991089-F361-47CB-BE22-5E6FAE60F5B0} - System32\Tasks\{AC0BF6BC-EF8D-4E96-9F32-0472999FCD96} => F:\pmw.pro\SETUP.EXE
Task: {0CAA7FD9-F8EA-40EF-A13F-EB75E00F3E40} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2009-11-30] (Sony Corporation)
Task: {0EF290D6-144D-411A-A85B-61D759C44B2E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {1FC7ED28-9597-48D0-8BF6-C0241CDA77FF} - System32\Tasks\{4B61302F-7814-41B4-8063-F60B300D8E26} => F:\pmw.pro\SETUP.EXE
Task: {2046A153-DFF4-466B-B055-7C275C224D14} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2009-11-30] (Sony Corporation)
Task: {21880BBD-F068-4BB0-920F-778C93FC4744} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2718738982-134382734-2047601486-1000UA => C:\Users\mariaw\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {24145874-DBC1-45B7-A603-DA7C4CEE206D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {2B13CA47-9245-4096-B044-1E5463A91959} - System32\Tasks\{894AFA38-F37B-4F7F-A372-7BDDE624D35F} => F:\pmw.pro\SETUP.EXE
Task: {2B17CEEB-7806-4A03-9B63-594CF315DD81} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2009-10-19] (Sony Corporation)
Task: {2E9983BF-882F-43F5-8948-A638006BC5B8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2718738982-134382734-2047601486-1000Core => C:\Users\mariaw\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {38E67EA2-4FEF-4CED-A209-18BC79498545} - System32\Tasks\SONY\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2009-10-30] (Sony Corporation)
Task: {5060337F-ECC4-4E68-9F1C-9598EF2576FB} - System32\Tasks\{4864794C-115E-4AB2-BD06-84A4E3744660} => F:\pmw.pro\SETUP.EXE
Task: {57F7CA73-A682-4564-A5CA-24437D7448B7} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [2009-10-26] ()
Task: {5CB27E9A-85FF-4034-8E2C-EBBEE3B47C97} - System32\Tasks\Sony\OOBEReminder => C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe [2009-11-05] (Sony Electronics, Inc.)
Task: {748D7223-326C-4471-AF27-46DDDD89744B} - System32\Tasks\{66F2B79A-0C0E-4448-B54A-8D42BE825C93} => F:\pmw.pro\SETUP.EXE
Task: {8F3E3889-001F-4DF4-B98F-D3AE1EE71EDA} - System32\Tasks\VAIO Care Service => C:\Program Files\Sony\VAIO Care\VAIOCareService.exe [2009-10-21] (Sony Corporation)
Task: {98F62BCC-38B7-4E90-BAB8-5A724F2263BD} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2009-11-30] (Sony Corporation)
Task: {9995F05D-D965-452E-949D-D086B07E6D88} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2009-11-20] (Sony Corporation)
Task: {A770D131-A40E-4E1E-B0B4-8741BC68180A} - System32\Tasks\{9580622F-410A-4BA0-B106-481655AFC570} => C:\Users\mariaw\Documents\pmw.pro\SETUP.EXE [1993-04-27] ()
Task: {A92D5392-39F7-4AE8-A880-6AC1E9984972} - System32\Tasks\{1B991736-CC54-43BE-9F63-6B07BC3ACBDB} => F:\pmw.pro\SETUP.EXE
Task: {ABA02570-9F8F-4D1D-80D8-F2A34CD6C62C} - System32\Tasks\{799F0951-8557-496D-BB15-EDAE02FC4B8E} => F:\pmw.pro\SETUP.EXE
Task: {AE3E2D12-A5BA-42EC-B3EE-B8F7A3000315} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2009-11-20] (Sony Corporation)
Task: {DB0F3A5B-CAE9-4517-9E04-AE82A543B396} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe
Task: {E1F6317D-70F3-4585-BAE0-54A443CABEF4} - System32\Tasks\{021A08B7-9B37-4B7D-897E-F625AECD65D8} => C:\Users\mariaw\Documents\pmw.pro\SETUP.EXE [1993-04-27] ()
Task: {F0C5E23D-8105-450E-9C94-E51E7E33682A} - System32\Tasks\Sony\OOBESendInfo => C:\Program Files\Sony\First Experience\OOBESendInfo.exe [2009-11-05] ()
Task: {F2879042-7F59-4026-ADA2-519394A670F4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-04] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2718738982-134382734-2047601486-1000Core.job => C:\Users\mariaw\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2718738982-134382734-2047601486-1000UA.job => C:\Users\mariaw\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2010-01-16 04:57 - 2009-10-05 17:57 - 00016384 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
2010-01-16 04:57 - 2009-10-05 17:42 - 00161080 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
2010-01-16 04:57 - 2009-10-05 17:42 - 00017920 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
2010-01-16 04:57 - 2009-10-05 17:42 - 00033792 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
2010-01-16 05:24 - 2009-09-30 03:50 - 00238080 _____ () C:\Program Files\Sony\VAIO Care\ManagedVAIORecovery.dll
2010-01-16 05:24 - 2009-09-30 03:50 - 00075264 _____ () C:\Program Files\Sony\VAIO Care\VAIORecovery.dll
2010-01-16 05:24 - 2009-09-30 03:50 - 00069632 _____ () C:\Program Files\Sony\VAIO Care\Logging.dll
2010-01-16 05:24 - 2009-09-30 03:50 - 00028672 _____ () C:\Program Files\Sony\VAIO Care\VAIOCommon.dll
2010-01-16 05:24 - 2009-09-30 03:50 - 00206336 _____ () C:\Program Files\Sony\VAIO Care\OsServices.dll
2010-01-16 05:24 - 2009-09-30 03:50 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\PluginFactory.dll
2010-01-16 05:24 - 2009-09-30 03:50 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\XMLTools.dll
2010-01-16 05:24 - 2009-09-30 03:50 - 00059392 _____ () C:\Program Files\Sony\VAIO Care\VAIOInstallAppsDrivers.dll
2010-01-16 05:24 - 2009-09-30 03:50 - 00156160 _____ () C:\Program Files\Sony\VAIO Care\InstallDB.dll
2010-01-16 05:24 - 2009-09-30 03:50 - 00137216 _____ () C:\Program Files\Sony\VAIO Care\InstallationTools.dll
2010-01-16 05:24 - 2009-09-30 03:50 - 00024576 _____ () C:\Program Files\Sony\VAIO Care\VAIOUtility.dll
2010-01-16 05:32 - 2009-12-02 02:03 - 00010752 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2010-01-16 05:32 - 2009-12-02 02:03 - 00009728 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2009-12-25 17:59 - 2009-11-20 19:19 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-06-02 15:51 - 2015-06-02 15:51 - 00545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2016-03-22 21:49 - 2016-03-22 21:49 - 00269080 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2013\boost_regex-vc90-mt-p-1_33.dll
2016-03-22 21:50 - 2016-03-22 21:50 - 00021784 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2013\QBCompressor.dll
2016-03-22 18:49 - 2016-03-22 18:49 - 00059904 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2013\zlib1.dll
2016-03-22 21:50 - 2016-03-22 21:50 - 00141592 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2013\QBMAPILibrary.dll
2016-03-22 21:49 - 2016-03-22 21:49 - 00176920 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2013\boost_serialization-vc90-mt-p-1_33.dll
2016-03-22 21:50 - 2016-03-22 21:50 - 00415512 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2013\FtuEngine.dll
2016-03-22 21:49 - 2016-03-22 21:49 - 00529176 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2013\BackupLib.dll
2016-03-22 21:50 - 2016-03-22 21:50 - 00128792 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2013\QBProActiveCore.dll
2016-03-22 21:50 - 2016-03-22 21:50 - 00578840 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2013\FeaturesBridge.dll
2016-03-22 21:50 - 2016-03-22 21:50 - 00042776 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2013\mbpopup.dll
2016-05-17 08:40 - 2016-04-19 15:47 - 00034768 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-05-17 08:40 - 2016-04-19 15:48 - 00019408 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-05-17 08:40 - 2016-04-19 15:47 - 00116688 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-05-17 08:40 - 2016-04-19 15:47 - 00093640 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-05-17 08:35 - 2016-04-19 15:47 - 00018376 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\select.pyd
2016-05-17 08:35 - 2016-05-06 18:35 - 00019760 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-05-17 08:35 - 2016-04-19 15:49 - 00105928 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-05-17 08:40 - 2016-04-19 15:47 - 00392144 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-05-17 08:35 - 2016-05-06 18:35 - 00381752 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-05-17 08:35 - 2016-04-19 15:47 - 00692688 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-05-17 08:40 - 2016-05-06 18:34 - 00020816 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-05-17 08:40 - 2016-04-19 15:48 - 00121296 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-05-17 08:40 - 2016-05-06 18:34 - 01682760 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-05-17 08:40 - 2016-05-06 18:34 - 00020808 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-05-17 08:40 - 2016-05-06 18:35 - 00021840 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-05-17 08:40 - 2016-05-06 18:34 - 00038696 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-05-17 08:40 - 2016-04-19 15:49 - 00020936 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-05-17 08:35 - 2016-04-19 15:49 - 00024528 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-05-17 08:35 - 2016-04-19 15:49 - 00114640 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-05-17 08:35 - 2016-04-19 15:49 - 00124880 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-05-17 08:40 - 2016-05-06 18:35 - 00021832 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-05-17 08:35 - 2016-04-19 15:49 - 00024016 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-05-17 08:35 - 2016-04-19 15:49 - 00175560 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-05-17 08:35 - 2016-04-19 15:49 - 00030160 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-05-17 08:35 - 2016-04-19 15:49 - 00043472 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-05-17 08:35 - 2016-04-19 15:49 - 00028616 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-05-17 08:35 - 2016-04-19 15:49 - 00048592 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-05-17 08:40 - 2016-05-06 18:34 - 00026456 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-05-17 08:35 - 2016-04-19 15:49 - 00057808 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-05-17 08:35 - 2016-04-19 15:49 - 00024016 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-05-17 08:40 - 2016-05-06 18:34 - 00117056 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-05-17 08:40 - 2016-05-06 18:34 - 00052024 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-05-17 08:40 - 2016-04-19 15:47 - 00134608 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-05-17 08:40 - 2016-04-19 15:47 - 00134088 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-05-17 08:40 - 2016-04-19 15:48 - 00240584 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-05-17 08:35 - 2016-05-06 18:35 - 00020800 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-05-17 08:35 - 2016-05-06 18:35 - 00021824 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-05-17 08:35 - 2016-05-06 18:35 - 00019776 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-05-17 08:35 - 2016-05-06 18:35 - 00020800 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-05-17 08:40 - 2016-05-06 18:34 - 00024392 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-05-17 08:40 - 2016-04-19 15:50 - 00036296 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\librsync.dll
2016-05-17 08:40 - 2016-05-06 18:34 - 00020280 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-05-17 08:35 - 2016-05-06 18:35 - 00023376 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-05-17 08:40 - 2016-04-19 15:49 - 00350152 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-05-17 08:35 - 2016-05-06 18:35 - 00022352 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-05-17 08:40 - 2016-05-06 18:34 - 00084280 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-05-17 08:40 - 2016-05-06 18:34 - 01826096 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-05-17 08:35 - 2016-04-19 15:48 - 00083912 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\sip.pyd
2016-05-17 08:40 - 2016-05-06 18:35 - 03928880 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-05-17 08:40 - 2016-05-06 18:34 - 01971504 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-05-17 08:40 - 2016-05-06 18:34 - 00531248 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-05-17 08:40 - 2016-05-06 18:35 - 00132912 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-05-17 08:40 - 2016-05-06 18:35 - 00223544 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-05-17 08:40 - 2016-05-06 18:34 - 00207672 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-05-17 08:35 - 2016-04-19 15:49 - 00060880 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-05-17 08:40 - 2016-05-06 18:35 - 00024904 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-05-17 08:40 - 2016-05-06 18:35 - 00546096 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-05-17 08:40 - 2016-05-06 18:35 - 00357680 _____ () C:\Users\mariaw\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2010-01-16 04:57 - 2009-10-05 17:42 - 00121856 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll
2010-01-16 04:57 - 2009-10-05 17:42 - 00007680 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll
2010-01-16 04:57 - 2009-10-05 17:42 - 00009728 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll
2010-01-16 04:57 - 2009-10-05 17:42 - 00015360 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll
2010-01-16 04:57 - 2009-10-05 17:42 - 00018944 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll
2010-01-16 04:57 - 2009-10-05 17:42 - 00011264 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll
2013-10-21 14:31 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2010-01-16 04:57 - 2009-10-05 17:42 - 00107008 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DevicePanel.dll
2010-01-16 04:57 - 2009-10-05 17:42 - 00005120 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll
2010-01-16 04:57 - 2009-10-05 17:42 - 00023040 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll
2010-01-16 04:57 - 2009-10-05 17:42 - 00027648 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll
2010-01-16 04:57 - 2009-10-05 17:42 - 00005120 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll
2010-01-16 04:57 - 2009-10-05 17:42 - 00015360 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll
2010-01-16 04:57 - 2009-10-05 17:42 - 00011264 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll
2010-01-16 04:57 - 2009-10-05 17:42 - 00006656 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll
2010-01-16 04:57 - 2009-10-05 17:42 - 00004608 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2718738982-134382734-2047601486-1000\...\bbt.com -> hxxps://cmol.bbt.com
IE trusted site: HKU\S-1-5-21-2718738982-134382734-2047601486-1000\...\intuit.com -> hxxps://qbo.intuit.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2718738982-134382734-2047601486-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\mariaw\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{900DBF97-B66C-4F50-8DF6-0068DCF8DA3E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{40D8DCE0-3BE5-4DF9-A86E-04BF275212A7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6E97C80A-6552-4012-82AE-7D7E61C74C1F}] => (Allow) svchost.exe
FirewallRules: [{CADB0273-5D25-4F22-A187-6B9C74EF5BEF}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{25A863FE-B6FA-4AE1-9B3D-AFCD0D6F7F50}] => (Allow) LPort=5353
FirewallRules: [{6F2911BB-8132-465D-A31A-B600BC8CF2A8}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{8F82295B-CCA7-405B-81FB-42C3247673A4}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{F231175E-CC22-4326-94B6-CC2D723D157D}] => (Allow) LPort=54925
FirewallRules: [{445FEED3-8EFE-4ADD-9828-B199F6D93FDC}] => (Allow) C:\Users\mariaw\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F66A5354-22BC-45FD-85A4-64AF36AACAFC}] => (Allow) C:\Users\mariaw\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{3AC84984-C904-450D-8D5D-D2C77015A67C}C:\users\mariaw\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mariaw\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{488D2C54-310A-4B90-8EDB-EB8079677D7F}C:\users\mariaw\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mariaw\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{993435F0-E085-45F1-9F09-77FB2592128A}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{1CBADB4F-9702-4180-89DF-4020D8E23551}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{E489F374-DDF4-44C0-9AD7-3A34EC46C513}] => (Allow) LPort=54925
FirewallRules: [{D52F04C2-609C-48A7-BFB6-7D5EE7A49F31}] => (Allow) LPort=54926
FirewallRules: [{FB99E007-818E-4F09-B8BE-F9710FAC2391}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10e\FAXRX.exe
FirewallRules: [{1FDFF609-EA1D-493D-9AF9-8C75B1125021}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10e\FAXRX.exe
FirewallRules: [{7EC1791B-52DC-44A2-9B1F-D3E1766FFC11}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

11-04-2016 11:34:19 Windows Update
21-04-2016 11:51:06 Scheduled Checkpoint
25-04-2016 13:25:43 Windows Update
03-05-2016 12:23:35 Scheduled Checkpoint
04-05-2016 10:02:26 Windows Update
17-05-2016 08:19:15 Installed Rapport

==================== Faulty Device Manager Devices =============

Name: Atheros AR9285 Wireless Network Adapter
Description: Atheros AR9285 Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/17/2016 05:52:07 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (05/17/2016 05:52:07 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error code = 0x80042000)

Error: (05/17/2016 04:32:17 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (05/17/2016 04:32:17 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error code = 0x80042000)

Error: (05/17/2016 12:37:25 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (05/17/2016 08:55:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.18124 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 167c

Start Time: 01d1b03b2f0b2335

Termination Time: 70

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (05/17/2016 08:22:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmpnetwk.exe, version: 12.0.7601.17514, time stamp: 0x4ce7ae7f
Faulting module name: ntdll.dll, version: 6.1.7601.19045, time stamp: 0x56259295
Exception code: 0xc0000005
Fault offset: 0x0000000000050ef7
Faulting process id: 0x107c
Faulting application start time: 0xwmpnetwk.exe0
Faulting application path: wmpnetwk.exe1
Faulting module path: wmpnetwk.exe2
Report Id: wmpnetwk.exe3

Error: (05/17/2016 08:18:46 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (05/17/2016 08:18:45 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error code = 0x80042000)

Error: (05/17/2016 08:10:57 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

System errors:
=============
Error: (05/17/2016 06:01:29 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5

Error: (05/17/2016 06:01:25 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (05/17/2016 05:52:12 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (05/17/2016 05:52:13 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%886

Error Code: 0x80070005

Error description: Access is denied.

Reason: %%892

Error: (05/17/2016 05:52:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (05/17/2016 05:51:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:47:38 PM on ‎5/‎17/‎2016 was unexpected.

Error: (05/17/2016 04:32:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (05/17/2016 01:40:56 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

Error: (05/17/2016 01:40:51 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

Error: (05/17/2016 11:29:43 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 43%
Total physical RAM: 3758.1 MB
Available physical RAM: 2124.45 MB
Total Virtual: 7514.4 MB
Available Virtual: 5157.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:289.21 GB) (Free:185.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: FD64E292)
Partition 1: (Not Active) - (Size=8.8 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=289.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

AdvancedSetup · June 8, 2016

We're sorry. It looks like your topic was somehow overlooked. Due to the length of time we'll go ahead and close this topic now but if you still actually need help please send a private message to one of the Moderators and we'll assist you.Thank you and sorry we missed your topic.

Sign In

All browsers freezing Win7 computer

Recommended Posts

yellowdog232

Link to post

Share on other sites

AdvancedSetup

Link to post

Share on other sites

Recently Browsing 0 members

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information