Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Mother's computer infected with adaware


  • Please log in to reply

#1
isolationary

isolationary

    Member

  • Member
  • PipPip
  • 51 posts

Hello!

My mother's computer wasn't loading up the desktop at all and after fiddling a while I got it to load enough so that I could come here for help. She downloaded a virus parading around as an antivirus/blocker tool called adaware and I cannot find it through traditional routes to uninstall it its making the laptop chug at a snails pace and keeps trying to download updates. Here is my Farbar log.

 

Thank you very much for your help!

 

Ames

 

Attached Files


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)


Next

Download AdwCleaner from here. Save the file to the desktop.
NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.
Close all open windows and browsers.
  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:
iO5EZayK.png
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be moved to Quarantine.
  • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this
adwcleaner_delete_restart.jpg
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[C0].txt
Post a new set of FRST logs directly into a reply. Don't attach logs this time.
  • 0

#3
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#4
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts
This topic has been re opened per user request.
  • 0

#5
isolationary

isolationary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Thank you for all your help!

 

 

Here is the ADW Log:

 

# AdwCleaner 7.0.5.0 - Logfile created on Tue Dec 12 21:10:13 2017
# Updated on 2017/29/11 by Malwarebytes
# Database: 12-11-2017.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

PUP.Optional.Legacy, WCAssistantService


***** [ Folders ] *****

PUP.Optional.Legacy, C:\Users\All Users\Documents\Downloaded Installers
PUP.Optional.Legacy, C:\Users\Public\Documents\Downloaded Installers
PUP.Optional.Legacy, C:\ProgramData\lavasoft\web companion
PUP.Optional.Legacy, C:\ProgramData\Application Data\lavasoft\web companion
PUP.Optional.Legacy, C:\Program Files (x86)\lavasoft\web companion
PUP.Optional.Legacy, C:\Users\All Users\lavasoft\web companion
PUP.Optional.Legacy, C:\Users\Lorraine\AppData\Roaming\lavasoft\web companion
PUP.Optional.WebCompanion, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion


***** [ Files ] *****

PUP.Optional.Legacy, C:\Users\Lorraine\AppData\Roaming\Mozilla\Firefox\Profiles\uv4j5qfq.default\invalidprefs.js
PUP.Optional.Legacy, C:\Users\Lorraine\AppData\Roaming\Mozilla\Firefox\Profiles\uv4j5qfq.default\searchplugins\bing-lavasoft.xml


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\OutfoxTV
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3240821568-1653635036-208495454-1005\Software\OutfoxTV
PUP.Optional.Legacy, [Key] - HKCU\Software\OutfoxTV
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3240821568-1653635036-208495454-1005\Software\Lavasoft\Web Companion
PUP.Optional.Legacy, [Key] - HKCU\Software\Lavasoft\Web Companion
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\CLSID\{BEBBC426-4F16-4567-8FE1-BE198C982027}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\50D2BAFD096C90345A82B25A790BDF69
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\50D2BAFD096C90345A82B25A790BDF69
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-3240821568-1653635036-208495454-1005\Software\Microsoft\Windows\CurrentVersion\Run | Web Companion
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run | Web Companion
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | WeatherBug.exe
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.SlimCleanerPlus, [Key] - HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
PUP.Optional.DriverAgent, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\DriverSupport.exe
PUP.Optional.MoviesToolBar.AppFlsh, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {19B50193-9DE7-4BA5-9614-C6245EC89175}
PUP.Optional.MoviesToolBar.AppFlsh, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5C7AE38C-6EDF-49C4-B742-20D65492D96E}
PUP.Optional.AuslogicsDriverUpdater, [Key] - HKLM\SOFTWARE\Auslogics


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [7824 B] - [2015/9/18 21:20:49]
C:/AdwCleaner/AdwCleaner[S1].txt - [7254 B] - [2015/9/18 21:19:46]


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########

 

======================================================================================================================

Here is the FRST LOG:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2017
Ran by Lorraine (administrator) on KITS-COMPUTER (13-12-2017 16:33:55)
Running from C:\Users\Lorraine\Desktop
Loaded Profiles: Lorraine (Available Profiles: Lorraine)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccsvchst.exe
(Interactive Brands) C:\ProgramData\Interactive Brands\PDF Suite 2017 Manager\PDF Suite 2017\PDF Suite Manager.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccsvchst.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
() C:\Users\Lorraine\AppData\Local\Amazon Music\Amazon Music Helper.exe
(HP Inc.) C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe
(Noteburner.com) C:\Program Files (x86)\NoteBurner\VTBurnerGUI.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe
(HP Inc.) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Digital Delivery Networks, Inc.) C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2010-11-03] (Alps Electric Co., Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [NoteBurner] => C:\Program Files (x86)\NoteBurner\VTBurnerGUI.exe [5694792 2011-06-08] (Noteburner.com)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Run: [Google Update] => C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-16] (Google Inc.)
HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Run: [Amazon Music] => C:\Users\Lorraine\AppData\Local\Amazon Music\Amazon Music Helper.exe [3494376 2016-12-14] ()
HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (HP Inc.)
HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Policies\Explorer: [HideSCAHealth] 1
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\Users\Lorraine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-10-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{0BA8891A-38AC-4DD2-B432-8836DD878CBB}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{90C2DFB1-2AAB-4463-BDED-F724585427B0}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Internet Explorer:
==================
HKU\S-1-5-21-3240821568-1653635036-208495454-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony.msn.com
HKU\S-1-5-21-3240821568-1653635036-208495454-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.com/?gws_rd=ssl
HKU\S-1-5-21-3240821568-1653635036-208495454-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D080117-A9C56F9C6EA&form=CONMHP&conlogo=CT3335737
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3240821568-1653635036-208495454-1005 -> DefaultScope {225C635E-5492-47A8-B23D-82876111F9CC} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3240821568-1653635036-208495454-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D080117-A9C56F9C6EA&form=CONBDF&conlogo=CT3335737&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3240821568-1653635036-208495454-1005 -> {225C635E-5492-47A8-B23D-82876111F9CC} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05] (McAfee, Inc.)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-07] (Intel Security)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\coIEPlg.dll [2014-11-28] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\IPS\IPSBHO.DLL [2013-04-08] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-14] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-14] (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\coIEPlg.dll [2014-11-28] (Symantec Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-07] (Intel Security)
Toolbar: HKU\S-1-5-21-3240821568-1653635036-208495454-1005 -> No Name - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} -  No File

FireFox:
========
FF ProfilePath: C:\Users\Lorraine\AppData\Roaming\Mozilla\Firefox\Profiles\uv4j5qfq.default [2017-12-13]
FF Homepage: Mozilla\Firefox\Profiles\uv4j5qfq.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\uv4j5qfq.default -> hxxp://www.bing.com/?pc=COSP&ptag=D080117-A9C56F9C6EA&form=CONMHP&conlogo=CT3335737
FF NetworkProxy: Mozilla\Firefox\Profiles\uv4j5qfq.default -> type", 4
FF Extension: (AmazonSmile 1Button for Firefox) - C:\Users\Lorraine\AppData\Roaming\Mozilla\Firefox\Profiles\uv4j5qfq.default\Extensions\[email protected] [2016-04-27] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Lorraine\AppData\Roaming\Mozilla\Firefox\Profiles\uv4j5qfq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-12]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn
FF Extension: (Norton Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn [2017-12-13] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFFPlgn
FF Extension: (Norton Vulnerability Protection) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFFPlgn [2015-09-21] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll [2017-10-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-14] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll [2013-02-05] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-02-17] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3240821568-1653635036-208495454-1005: @tools.google.com/Google Update;version=3 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3240821568-1653635036-208495454-1005: @tools.google.com/Google Update;version=9 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\dsengine.js [2017-12-09] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\dsengine.cfg [2017-12-09] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default [2017-12-12]
CHR Extension: (Norton Security Toolbar) - C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2015-09-21]
CHR Extension: (Norton Identity Safe) - C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-09-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-19]
CHR Extension: (Chrome Media Router) - C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-11]
CHR HKLM\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx [2014-12-11]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx [2014-12-11]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - chrome.exe
StartMenuInternet: Google Chrome.OW4SEEFYUCK62RIVQQAD3IP7MU - C:\Users\Lorraine\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S4 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
R2 PDF Suite 2017 Manager; C:\ProgramData\Interactive Brands\PDF Suite 2017 Manager\PDF Suite 2017\PDF Suite Manager.exe [986496 2016-07-12] (Interactive Brands)
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996824 2017-02-06] (McAfee, Inc.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-02-06] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-02-06] (McAfee, Inc.)
S4 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S4 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20130322.001\BHDrvx64.sys [1387608 2013-03-21] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1406000.01B\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-13] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-01-13] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20130412.001\IDSvia64.sys [513184 2013-01-13] (Symantec Corporation)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-12-13] (Malwarebytes)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130413.016\ENG64.SYS [126192 2013-01-16] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130413.016\EX64.SYS [2087664 2013-01-16] (Symantec Corporation)
R0 ntcdrdrv; C:\Windows\System32\DRIVERS\ntcdrdrv.sys [25680 2011-01-06] (NoteBurn Software)
U5 SDBus; C:\Windows\System32\Drivers\SDBus.sys [109056 2010-11-20] (Microsoft Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1406000.01B\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1406000.01B\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1406000.01B\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1406000.01B\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1406000.01B\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1406000.01B\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
S3 semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-13 16:30 - 2017-12-13 16:30 - 000000000 ____D C:\Users\Lorraine\Desktop\FRST-OlderVersion
2017-12-12 14:08 - 2017-12-12 14:08 - 008187336 _____ (Malwarebytes) C:\Users\Lorraine\Desktop\adwcleaner_7.0.5.0(1).exe
2017-12-12 14:06 - 2017-12-12 14:06 - 001931575 _____ C:\Users\Lorraine\Downloads\Unconfirmed 558562.crdownload
2017-12-12 14:04 - 2017-12-12 14:04 - 008187336 _____ (Malwarebytes) C:\Users\Lorraine\Downloads\adwcleaner_7.0.5.0.exe
2017-12-11 16:52 - 2017-12-13 16:26 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-11-26 12:13 - 2017-11-26 12:15 - 000074469 _____ C:\Users\Lorraine\Desktop\Addition.txt
2017-11-26 12:10 - 2017-12-13 16:34 - 000019973 _____ C:\Users\Lorraine\Desktop\FRST.txt
2017-11-26 12:09 - 2017-12-13 16:30 - 002392064 _____ (Farbar) C:\Users\Lorraine\Desktop\FRST64.exe
2017-11-26 12:04 - 2017-11-26 12:04 - 000067240 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2017-11-26 11:44 - 2017-11-26 11:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-20 12:41 - 2017-10-18 00:31 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-11-20 12:41 - 2017-10-17 23:45 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-11-20 12:41 - 2017-10-17 19:06 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-11-20 12:41 - 2017-10-17 19:06 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-11-20 12:41 - 2017-10-17 19:06 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-11-20 12:41 - 2017-10-17 19:06 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-11-20 12:41 - 2017-10-17 19:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-11-20 12:41 - 2017-10-17 19:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-11-20 12:41 - 2017-10-17 19:06 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-11-20 12:41 - 2017-10-16 16:07 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-11-20 12:41 - 2017-10-16 15:34 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-11-20 12:41 - 2017-10-16 14:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-11-20 12:41 - 2017-10-14 01:38 - 025731584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-11-20 12:41 - 2017-10-14 01:23 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-11-20 12:41 - 2017-10-14 01:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-11-20 12:41 - 2017-10-14 01:13 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-11-20 12:41 - 2017-10-14 01:12 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-11-20 12:41 - 2017-10-14 01:11 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-11-20 12:41 - 2017-10-14 01:11 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-11-20 12:41 - 2017-10-14 01:11 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-11-20 12:41 - 2017-10-14 01:11 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-11-20 12:41 - 2017-10-14 01:09 - 005979648 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-11-20 12:41 - 2017-10-14 01:05 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-11-20 12:41 - 2017-10-14 01:04 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-11-20 12:41 - 2017-10-14 01:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-11-20 12:41 - 2017-10-14 01:01 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-11-20 12:41 - 2017-10-14 01:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-11-20 12:41 - 2017-10-14 01:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-11-20 12:41 - 2017-10-14 01:00 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-11-20 12:41 - 2017-10-14 00:55 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-11-20 12:41 - 2017-10-14 00:53 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-11-20 12:41 - 2017-10-14 00:47 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-11-20 12:41 - 2017-10-14 00:47 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-20 12:41 - 2017-10-14 00:46 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-11-20 12:41 - 2017-10-14 00:43 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-11-20 12:41 - 2017-10-14 00:43 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-11-20 12:41 - 2017-10-14 00:41 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-11-20 12:41 - 2017-10-14 00:40 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-11-20 12:41 - 2017-10-14 00:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-11-20 12:41 - 2017-10-14 00:30 - 015266816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-11-20 12:41 - 2017-10-14 00:30 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-11-20 12:41 - 2017-10-14 00:29 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-11-20 12:41 - 2017-10-14 00:28 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-11-20 12:41 - 2017-10-14 00:27 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-11-20 12:41 - 2017-10-14 00:21 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-11-20 12:41 - 2017-10-14 00:14 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-11-20 12:41 - 2017-10-14 00:09 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-11-20 12:41 - 2017-10-14 00:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-11-20 12:41 - 2017-10-13 23:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-11-20 12:41 - 2017-10-13 23:53 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-11-20 12:41 - 2017-10-13 23:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-11-20 12:41 - 2017-10-13 23:52 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-11-20 12:41 - 2017-10-13 23:52 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-11-20 12:41 - 2017-10-13 23:51 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-11-20 12:41 - 2017-10-13 23:50 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-11-20 12:41 - 2017-10-13 23:47 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-11-20 12:41 - 2017-10-13 23:47 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-11-20 12:41 - 2017-10-13 23:46 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-11-20 12:41 - 2017-10-13 23:45 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-11-20 12:41 - 2017-10-13 23:45 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-11-20 12:41 - 2017-10-13 23:45 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-11-20 12:41 - 2017-10-13 23:38 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-11-20 12:41 - 2017-10-13 23:35 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-11-20 12:41 - 2017-10-13 23:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-11-20 12:41 - 2017-10-13 23:34 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-11-20 12:41 - 2017-10-13 23:33 - 004542464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-11-20 12:41 - 2017-10-13 23:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-11-20 12:41 - 2017-10-13 23:32 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-11-20 12:41 - 2017-10-13 23:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-11-20 12:41 - 2017-10-13 23:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-11-20 12:41 - 2017-10-13 23:28 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-11-20 12:41 - 2017-10-13 23:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-11-20 12:41 - 2017-10-13 23:24 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-11-20 12:41 - 2017-10-13 23:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-11-20 12:41 - 2017-10-13 23:23 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-11-20 12:41 - 2017-10-13 23:10 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-11-20 12:41 - 2017-10-13 23:07 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-11-20 12:41 - 2017-10-13 23:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-11-20 12:41 - 2017-10-11 17:58 - 000382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 014635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-11-20 12:41 - 2017-10-11 17:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-11-20 12:41 - 2017-10-11 17:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-11-20 12:41 - 2017-10-11 17:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-11-20 12:41 - 2017-10-11 17:39 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-11-20 12:41 - 2017-10-11 17:38 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-11-20 12:41 - 2017-10-11 17:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-11-20 12:41 - 2017-10-11 17:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-11-20 12:41 - 2017-10-11 17:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-11-20 12:41 - 2017-10-11 17:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-11-20 12:41 - 2017-10-11 17:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-11-20 12:41 - 2017-10-11 17:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-11-20 12:41 - 2017-10-11 17:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-11-20 12:41 - 2017-10-11 17:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-11-20 12:41 - 2017-10-11 17:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-11-20 12:41 - 2017-10-11 17:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-11-20 12:41 - 2017-10-11 17:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2017-11-20 12:41 - 2017-10-11 17:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-16 07:21 - 2017-10-17 19:34 - 000134376 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-11-16 07:21 - 2017-10-17 19:30 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-11-16 07:21 - 2017-10-15 15:04 - 000407392 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-11-16 07:21 - 2017-10-04 06:04 - 002023936 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-11-16 07:21 - 2017-10-04 06:04 - 001570304 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-11-16 07:21 - 2017-10-04 06:04 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-11-16 07:21 - 2017-10-04 06:04 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-11-16 07:21 - 2017-10-04 06:04 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-11-16 07:21 - 2017-10-04 06:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-11-16 07:21 - 2017-10-04 06:04 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-11-16 07:15 - 2017-11-16 07:15 - 000000244 _____ C:\Prefs.js

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-13 16:34 - 2009-07-13 21:45 - 000036576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-13 16:34 - 2009-07-13 21:45 - 000036576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-13 16:30 - 2015-09-18 13:11 - 000000000 ____D C:\FRST
2017-12-13 16:28 - 2015-07-31 12:33 - 000000000 ____D C:\Windows\System32\Tasks\Remediation
2017-12-13 16:25 - 2016-11-19 16:47 - 000000000 ____D C:\Users\Lorraine\AppData\LocalLow\Mozilla
2017-12-13 16:25 - 2016-07-12 19:20 - 000000000 ____D C:\ProgramData\NoteBurner
2017-12-13 16:25 - 2015-09-18 14:19 - 000000000 ____D C:\AdwCleaner
2017-12-13 16:24 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-12 21:44 - 2012-01-11 15:25 - 000003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{3B70E440-F19E-41A1-BC51-AB275B5CC28E}
2017-12-12 14:13 - 2017-08-01 14:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2017-12-12 14:13 - 2017-08-01 14:19 - 000000000 ____D C:\Users\Lorraine\AppData\Roaming\Lavasoft
2017-12-12 14:13 - 2017-08-01 14:19 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2017-12-12 14:13 - 2017-08-01 14:18 - 000000000 ____D C:\ProgramData\Lavasoft
2017-12-12 14:08 - 2012-05-29 21:27 - 000002408 _____ C:\Users\Lorraine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-12 14:03 - 2012-06-02 07:49 - 000000000 ____D C:\Users\Lorraine\AppData\Local\CrashDumps
2017-12-11 16:51 - 2012-05-06 23:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-09 18:08 - 2016-11-19 11:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-12-06 07:10 - 2009-07-13 21:45 - 000298624 _____ C:\Windows\system32\FNTCACHE.DAT
2017-12-03 08:39 - 2016-10-27 20:12 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-12-03 08:23 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\inf
2017-11-26 12:58 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\rescache
2017-11-26 12:09 - 2017-04-11 16:32 - 000103936 ___SH C:\Users\Lorraine\Desktop\Thumbs.db
2017-11-26 12:03 - 2012-01-04 08:24 - 000000000 ____D C:\Program Files (x86)\Sony
2017-11-26 12:02 - 2015-09-30 17:02 - 000067240 _____ C:\Users\Lorraine\AppData\Local\GDIPFONTCACHEV1.DAT
2017-11-26 11:44 - 2017-10-21 20:07 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-22 09:35 - 2009-07-13 22:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2017-11-22 09:35 - 2009-07-13 21:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-11-20 14:54 - 2015-09-22 16:57 - 000000000 ____D C:\Windows\system32\appraiser
2017-11-20 12:31 - 2012-01-11 15:28 - 000000000 ____D C:\Users\Lorraine\AppData\Roaming\Mozilla
2017-11-16 07:13 - 2015-11-01 16:41 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-16 06:55 - 2016-12-16 15:35 - 000003240 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d1ea937625a875
2017-11-16 06:55 - 2012-05-29 21:27 - 000003512 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005UA

==================== Files in the root of some directories =======

2014-03-20 09:10 - 2014-07-20 17:02 - 000000111 _____ () C:\Users\Lorraine\AppData\Roaming\WB.CFG
2017-10-21 20:04 - 2017-10-21 20:04 - 000007606 _____ () C:\Users\Lorraine\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2017-11-26 12:04 - 2017-11-26 12:04 - 000937664 _____ (adaware) C:\Users\Lorraine\AppData\Local\Temp\WCU008_FF.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-03 08:23

==================== End of FRST.txt ============================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2017
Ran by Lorraine (administrator) on KITS-COMPUTER (13-12-2017 16:33:55)
Running from C:\Users\Lorraine\Desktop
Loaded Profiles: Lorraine (Available Profiles: Lorraine)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccsvchst.exe
(Interactive Brands) C:\ProgramData\Interactive Brands\PDF Suite 2017 Manager\PDF Suite 2017\PDF Suite Manager.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccsvchst.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
() C:\Users\Lorraine\AppData\Local\Amazon Music\Amazon Music Helper.exe
(HP Inc.) C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe
(Noteburner.com) C:\Program Files (x86)\NoteBurner\VTBurnerGUI.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe
(HP Inc.) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Digital Delivery Networks, Inc.) C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2010-11-03] (Alps Electric Co., Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [NoteBurner] => C:\Program Files (x86)\NoteBurner\VTBurnerGUI.exe [5694792 2011-06-08] (Noteburner.com)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Run: [Google Update] => C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-16] (Google Inc.)
HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Run: [Amazon Music] => C:\Users\Lorraine\AppData\Local\Amazon Music\Amazon Music Helper.exe [3494376 2016-12-14] ()
HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (HP Inc.)
HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Policies\Explorer: [HideSCAHealth] 1
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\Users\Lorraine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-10-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{0BA8891A-38AC-4DD2-B432-8836DD878CBB}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{90C2DFB1-2AAB-4463-BDED-F724585427B0}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Internet Explorer:
==================
HKU\S-1-5-21-3240821568-1653635036-208495454-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony.msn.com
HKU\S-1-5-21-3240821568-1653635036-208495454-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.com/?gws_rd=ssl
HKU\S-1-5-21-3240821568-1653635036-208495454-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D080117-A9C56F9C6EA&form=CONMHP&conlogo=CT3335737
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3240821568-1653635036-208495454-1005 -> DefaultScope {225C635E-5492-47A8-B23D-82876111F9CC} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3240821568-1653635036-208495454-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D080117-A9C56F9C6EA&form=CONBDF&conlogo=CT3335737&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3240821568-1653635036-208495454-1005 -> {225C635E-5492-47A8-B23D-82876111F9CC} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05] (McAfee, Inc.)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-07] (Intel Security)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\coIEPlg.dll [2014-11-28] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\IPS\IPSBHO.DLL [2013-04-08] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-14] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-14] (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\coIEPlg.dll [2014-11-28] (Symantec Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-07] (Intel Security)
Toolbar: HKU\S-1-5-21-3240821568-1653635036-208495454-1005 -> No Name - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} -  No File

FireFox:
========
FF ProfilePath: C:\Users\Lorraine\AppData\Roaming\Mozilla\Firefox\Profiles\uv4j5qfq.default [2017-12-13]
FF Homepage: Mozilla\Firefox\Profiles\uv4j5qfq.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\uv4j5qfq.default -> hxxp://www.bing.com/?pc=COSP&ptag=D080117-A9C56F9C6EA&form=CONMHP&conlogo=CT3335737
FF NetworkProxy: Mozilla\Firefox\Profiles\uv4j5qfq.default -> type", 4
FF Extension: (AmazonSmile 1Button for Firefox) - C:\Users\Lorraine\AppData\Roaming\Mozilla\Firefox\Profiles\uv4j5qfq.default\Extensions\[email protected] [2016-04-27] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Lorraine\AppData\Roaming\Mozilla\Firefox\Profiles\uv4j5qfq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-12]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn
FF Extension: (Norton Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn [2017-12-13] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFFPlgn
FF Extension: (Norton Vulnerability Protection) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFFPlgn [2015-09-21] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll [2017-10-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-14] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll [2013-02-05] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-02-17] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3240821568-1653635036-208495454-1005: @tools.google.com/Google Update;version=3 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3240821568-1653635036-208495454-1005: @tools.google.com/Google Update;version=9 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\dsengine.js [2017-12-09] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\dsengine.cfg [2017-12-09] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default [2017-12-12]
CHR Extension: (Norton Security Toolbar) - C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2015-09-21]
CHR Extension: (Norton Identity Safe) - C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-09-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-19]
CHR Extension: (Chrome Media Router) - C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-11]
CHR HKLM\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx [2014-12-11]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx [2014-12-11]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - chrome.exe
StartMenuInternet: Google Chrome.OW4SEEFYUCK62RIVQQAD3IP7MU - C:\Users\Lorraine\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S4 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
R2 PDF Suite 2017 Manager; C:\ProgramData\Interactive Brands\PDF Suite 2017 Manager\PDF Suite 2017\PDF Suite Manager.exe [986496 2016-07-12] (Interactive Brands)
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996824 2017-02-06] (McAfee, Inc.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-02-06] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-02-06] (McAfee, Inc.)
S4 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S4 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20130322.001\BHDrvx64.sys [1387608 2013-03-21] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1406000.01B\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-13] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-01-13] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20130412.001\IDSvia64.sys [513184 2013-01-13] (Symantec Corporation)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-12-13] (Malwarebytes)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130413.016\ENG64.SYS [126192 2013-01-16] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130413.016\EX64.SYS [2087664 2013-01-16] (Symantec Corporation)
R0 ntcdrdrv; C:\Windows\System32\DRIVERS\ntcdrdrv.sys [25680 2011-01-06] (NoteBurn Software)
U5 SDBus; C:\Windows\System32\Drivers\SDBus.sys [109056 2010-11-20] (Microsoft Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1406000.01B\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1406000.01B\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1406000.01B\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1406000.01B\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1406000.01B\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1406000.01B\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
S3 semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-13 16:30 - 2017-12-13 16:30 - 000000000 ____D C:\Users\Lorraine\Desktop\FRST-OlderVersion
2017-12-12 14:08 - 2017-12-12 14:08 - 008187336 _____ (Malwarebytes) C:\Users\Lorraine\Desktop\adwcleaner_7.0.5.0(1).exe
2017-12-12 14:06 - 2017-12-12 14:06 - 001931575 _____ C:\Users\Lorraine\Downloads\Unconfirmed 558562.crdownload
2017-12-12 14:04 - 2017-12-12 14:04 - 008187336 _____ (Malwarebytes) C:\Users\Lorraine\Downloads\adwcleaner_7.0.5.0.exe
2017-12-11 16:52 - 2017-12-13 16:26 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-11-26 12:13 - 2017-11-26 12:15 - 000074469 _____ C:\Users\Lorraine\Desktop\Addition.txt
2017-11-26 12:10 - 2017-12-13 16:34 - 000019973 _____ C:\Users\Lorraine\Desktop\FRST.txt
2017-11-26 12:09 - 2017-12-13 16:30 - 002392064 _____ (Farbar) C:\Users\Lorraine\Desktop\FRST64.exe
2017-11-26 12:04 - 2017-11-26 12:04 - 000067240 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2017-11-26 11:44 - 2017-11-26 11:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-20 12:41 - 2017-10-18 00:31 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-11-20 12:41 - 2017-10-17 23:45 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-11-20 12:41 - 2017-10-17 19:06 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-11-20 12:41 - 2017-10-17 19:06 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-11-20 12:41 - 2017-10-17 19:06 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-11-20 12:41 - 2017-10-17 19:06 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-11-20 12:41 - 2017-10-17 19:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-11-20 12:41 - 2017-10-17 19:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-11-20 12:41 - 2017-10-17 19:06 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-11-20 12:41 - 2017-10-16 16:07 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-11-20 12:41 - 2017-10-16 15:34 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-11-20 12:41 - 2017-10-16 14:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-11-20 12:41 - 2017-10-14 01:38 - 025731584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-11-20 12:41 - 2017-10-14 01:23 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-11-20 12:41 - 2017-10-14 01:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-11-20 12:41 - 2017-10-14 01:13 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-11-20 12:41 - 2017-10-14 01:12 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-11-20 12:41 - 2017-10-14 01:11 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-11-20 12:41 - 2017-10-14 01:11 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-11-20 12:41 - 2017-10-14 01:11 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-11-20 12:41 - 2017-10-14 01:11 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-11-20 12:41 - 2017-10-14 01:09 - 005979648 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-11-20 12:41 - 2017-10-14 01:05 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-11-20 12:41 - 2017-10-14 01:04 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-11-20 12:41 - 2017-10-14 01:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-11-20 12:41 - 2017-10-14 01:01 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-11-20 12:41 - 2017-10-14 01:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-11-20 12:41 - 2017-10-14 01:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-11-20 12:41 - 2017-10-14 01:00 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-11-20 12:41 - 2017-10-14 00:55 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-11-20 12:41 - 2017-10-14 00:53 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-11-20 12:41 - 2017-10-14 00:47 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-11-20 12:41 - 2017-10-14 00:47 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-20 12:41 - 2017-10-14 00:46 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-11-20 12:41 - 2017-10-14 00:43 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-11-20 12:41 - 2017-10-14 00:43 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-11-20 12:41 - 2017-10-14 00:41 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-11-20 12:41 - 2017-10-14 00:40 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-11-20 12:41 - 2017-10-14 00:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-11-20 12:41 - 2017-10-14 00:30 - 015266816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-11-20 12:41 - 2017-10-14 00:30 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-11-20 12:41 - 2017-10-14 00:29 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-11-20 12:41 - 2017-10-14 00:28 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-11-20 12:41 - 2017-10-14 00:27 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-11-20 12:41 - 2017-10-14 00:21 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-11-20 12:41 - 2017-10-14 00:14 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-11-20 12:41 - 2017-10-14 00:09 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-11-20 12:41 - 2017-10-14 00:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-11-20 12:41 - 2017-10-13 23:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-11-20 12:41 - 2017-10-13 23:53 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-11-20 12:41 - 2017-10-13 23:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-11-20 12:41 - 2017-10-13 23:52 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-11-20 12:41 - 2017-10-13 23:52 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-11-20 12:41 - 2017-10-13 23:51 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-11-20 12:41 - 2017-10-13 23:50 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-11-20 12:41 - 2017-10-13 23:47 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-11-20 12:41 - 2017-10-13 23:47 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-11-20 12:41 - 2017-10-13 23:46 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-11-20 12:41 - 2017-10-13 23:45 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-11-20 12:41 - 2017-10-13 23:45 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-11-20 12:41 - 2017-10-13 23:45 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-11-20 12:41 - 2017-10-13 23:38 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-11-20 12:41 - 2017-10-13 23:35 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-11-20 12:41 - 2017-10-13 23:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-11-20 12:41 - 2017-10-13 23:34 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-11-20 12:41 - 2017-10-13 23:33 - 004542464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-11-20 12:41 - 2017-10-13 23:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-11-20 12:41 - 2017-10-13 23:32 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-11-20 12:41 - 2017-10-13 23:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-11-20 12:41 - 2017-10-13 23:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-11-20 12:41 - 2017-10-13 23:28 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-11-20 12:41 - 2017-10-13 23:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-11-20 12:41 - 2017-10-13 23:24 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-11-20 12:41 - 2017-10-13 23:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-11-20 12:41 - 2017-10-13 23:23 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-11-20 12:41 - 2017-10-13 23:10 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-11-20 12:41 - 2017-10-13 23:07 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-11-20 12:41 - 2017-10-13 23:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-11-20 12:41 - 2017-10-11 17:58 - 000382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 014635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-11-20 12:41 - 2017-10-11 17:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-11-20 12:41 - 2017-10-11 17:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-11-20 12:41 - 2017-10-11 17:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-11-20 12:41 - 2017-10-11 17:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-11-20 12:41 - 2017-10-11 17:39 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-11-20 12:41 - 2017-10-11 17:38 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-11-20 12:41 - 2017-10-11 17:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-11-20 12:41 - 2017-10-11 17:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-11-20 12:41 - 2017-10-11 17:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-11-20 12:41 - 2017-10-11 17:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-11-20 12:41 - 2017-10-11 17:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-11-20 12:41 - 2017-10-11 17:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-11-20 12:41 - 2017-10-11 17:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-11-20 12:41 - 2017-10-11 17:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-11-20 12:41 - 2017-10-11 17:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-11-20 12:41 - 2017-10-11 17:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-11-20 12:41 - 2017-10-11 17:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-11-20 12:41 - 2017-10-11 17:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2017-11-20 12:41 - 2017-10-11 17:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-20 12:41 - 2017-09-07 06:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-16 07:21 - 2017-10-17 19:34 - 000134376 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-11-16 07:21 - 2017-10-17 19:30 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-11-16 07:21 - 2017-10-15 15:04 - 000407392 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-11-16 07:21 - 2017-10-04 06:04 - 002023936 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-11-16 07:21 - 2017-10-04 06:04 - 001570304 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-11-16 07:21 - 2017-10-04 06:04 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-11-16 07:21 - 2017-10-04 06:04 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-11-16 07:21 - 2017-10-04 06:04 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-11-16 07:21 - 2017-10-04 06:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-11-16 07:21 - 2017-10-04 06:04 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-11-16 07:15 - 2017-11-16 07:15 - 000000244 _____ C:\Prefs.js

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-13 16:34 - 2009-07-13 21:45 - 000036576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-13 16:34 - 2009-07-13 21:45 - 000036576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-13 16:30 - 2015-09-18 13:11 - 000000000 ____D C:\FRST
2017-12-13 16:28 - 2015-07-31 12:33 - 000000000 ____D C:\Windows\System32\Tasks\Remediation
2017-12-13 16:25 - 2016-11-19 16:47 - 000000000 ____D C:\Users\Lorraine\AppData\LocalLow\Mozilla
2017-12-13 16:25 - 2016-07-12 19:20 - 000000000 ____D C:\ProgramData\NoteBurner
2017-12-13 16:25 - 2015-09-18 14:19 - 000000000 ____D C:\AdwCleaner
2017-12-13 16:24 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-12 21:44 - 2012-01-11 15:25 - 000003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{3B70E440-F19E-41A1-BC51-AB275B5CC28E}
2017-12-12 14:13 - 2017-08-01 14:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2017-12-12 14:13 - 2017-08-01 14:19 - 000000000 ____D C:\Users\Lorraine\AppData\Roaming\Lavasoft
2017-12-12 14:13 - 2017-08-01 14:19 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2017-12-12 14:13 - 2017-08-01 14:18 - 000000000 ____D C:\ProgramData\Lavasoft
2017-12-12 14:08 - 2012-05-29 21:27 - 000002408 _____ C:\Users\Lorraine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-12 14:03 - 2012-06-02 07:49 - 000000000 ____D C:\Users\Lorraine\AppData\Local\CrashDumps
2017-12-11 16:51 - 2012-05-06 23:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-09 18:08 - 2016-11-19 11:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-12-06 07:10 - 2009-07-13 21:45 - 000298624 _____ C:\Windows\system32\FNTCACHE.DAT
2017-12-03 08:39 - 2016-10-27 20:12 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-12-03 08:23 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\inf
2017-11-26 12:58 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\rescache
2017-11-26 12:09 - 2017-04-11 16:32 - 000103936 ___SH C:\Users\Lorraine\Desktop\Thumbs.db
2017-11-26 12:03 - 2012-01-04 08:24 - 000000000 ____D C:\Program Files (x86)\Sony
2017-11-26 12:02 - 2015-09-30 17:02 - 000067240 _____ C:\Users\Lorraine\AppData\Local\GDIPFONTCACHEV1.DAT
2017-11-26 11:44 - 2017-10-21 20:07 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-22 09:35 - 2009-07-13 22:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2017-11-22 09:35 - 2009-07-13 21:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-11-20 14:54 - 2015-09-22 16:57 - 000000000 ____D C:\Windows\system32\appraiser
2017-11-20 12:31 - 2012-01-11 15:28 - 000000000 ____D C:\Users\Lorraine\AppData\Roaming\Mozilla
2017-11-16 07:13 - 2015-11-01 16:41 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-16 06:55 - 2016-12-16 15:35 - 000003240 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d1ea937625a875
2017-11-16 06:55 - 2012-05-29 21:27 - 000003512 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005UA

==================== Files in the root of some directories =======

2014-03-20 09:10 - 2014-07-20 17:02 - 000000111 _____ () C:\Users\Lorraine\AppData\Roaming\WB.CFG
2017-10-21 20:04 - 2017-10-21 20:04 - 000007606 _____ () C:\Users\Lorraine\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2017-11-26 12:04 - 2017-11-26 12:04 - 000937664 _____ (adaware) C:\Users\Lorraine\AppData\Local\Temp\WCU008_FF.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-03 08:23

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2017
Ran by Lorraine (13-12-2017 16:35:17)
Running from C:\Users\Lorraine\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-09-21 22:55:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3240821568-1653635036-208495454-500 - Administrator - Disabled)
Guest (S-1-5-21-3240821568-1653635036-208495454-501 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3240821568-1653635036-208495454-1008 - Administrator - Enabled)
Lorraine (S-1-5-21-3240821568-1653635036-208495454-1005 - Administrator - Enabled) => C:\Users\Lorraine

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Disabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: 1.20.1.47037 - Amazon)
Amazon Music (HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Amazon Amazon Music) (Version: 5.3.2.1634 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version:  - )
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.485 - ArcSoft)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP Navigator EX 4.1 (HKLM-x32\...\MP Navigator EX 4.1) (Version:  - )
Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - )
Canon MX410 series User Registration (HKLM-x32\...\Canon MX410 series User Registration) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.18.51 - Conexant)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DriverUpdate (HKLM-x32\...\{97C97FAC-9153-409E-A9C8-A19AFABE7547}) (Version: 2.2.38275 - SlimWare Utilities, Inc.)
Dropbox (HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Dropbox) (Version: 37.4.29 - Dropbox, Inc.)
Free M4P To MP3 Converter (HKLM-x32\...\{A6B85850-3C6A-4E06-9B45-3BFAE5193BE8}) (Version: 1.0.0 - Convert Audio Free)
Google Chrome (HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP ENVY 4520 series Basic Device Software (HKLM\...\{B46D9E8C-10FE-4873-996B-CA9EA3D7D9FE}) (Version: 40.11.1122.1796 - HP Inc.)
HP ENVY 4520 series Help (HKLM-x32\...\{201E58BD-2A1D-4C4D-BD6F-ADA7669FE3AE}) (Version: 36.0.0 - Hewlett Packard)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.13.125.1 - Intel Security)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Keyboard Shortcuts (HKLM-x32\...\{FE8974B4-479C-4DBA-8544-9E5342ABB26A}) (Version: 1.1.0.08290 - Sony Corporation)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Manager (HKLM-x32\...\{7D641FFE-7F1B-4026-AC5D-7CFFB0882A83}) (Version: 15.0.7.28782 - Interactive Brands) Hidden
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 57.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.2 (x64 en-US)) (Version: 57.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.2.6549 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.6.0.27 - Symantec Corporation)
NoteBurner 2.35 (HKLM\...\NoteBurner_is1) (Version:  - NoteBurner.com)
OOBE (HKLM-x32\...\{18894D16-5448-4BF9-A128-F7E937322F91}) (Version: 11.2.1.10 - Sony Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation) Hidden
PMB VAIO Edition Guide (HKLM-x32\...\{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (HKLM\...\{133D3F07-D558-46CE-80E8-F4D75DBBAD63}) (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (HKLM-x32\...\{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.01.06110 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (HKLM-x32\...\{8356CB97-A48F-44CB-837A-A12838DC4669}) (Version: 1.6.00.06010 - Sony Corporation) Hidden
Product Improvement Study for HP ENVY 4520 series (HKLM\...\{1DDC5451-BE8B-4092-AB04-E92127242886}) (Version: 40.11.1122.1796 - HP Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Remote Keyboard (HKLM-x32\...\{25AF1025-095C-4AA9-A3FD-29710D3C3AE5}) (Version: 1.1.1.07060 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (HKLM-x32\...\{5FA51AAF-23FE-42F4-A724-D79F85F41D4B}) (Version: 1.1.0.15070 - Sony Corporation) Hidden
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Sony Corporation (HKLM\...\{4F31AC31-0A28-4F5A-8416-513972DA1F79}) (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
TweetDeck (HKLM-x32\...\{C5AC39F1-001D-4338-84C6-35109525588A}) (Version: 1.0.0 - Twitter, Inc.)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.01.06110 - Sony Corporation) Hidden
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.1.0.07060 - Sony Corporation)
VAIO - Remote Play with PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{CFF47016-B212-4D89-8DC2-15D5508A73BA}) (Version: 8.4.6.05111 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation) Hidden
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Data Restore Tool (HKLM-x32\...\{70EED410-697B-4193-A2CB-2F790F82B420}) (Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation) Hidden
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation) Hidden
VAIO Hardware Diagnostics (HKLM-x32\...\{C72E35E5-C5C6-4328-AD9A-BBCCC816A2E6}) (Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation) Hidden
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation) Hidden
VAIO Messenger (HKLM-x32\...\VAIO Messenger) (Version: 2.0.493.0 - DDNi)
VAIO Quick Web Access (HKLM-x32\...\{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}) (Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.0.09010 - Sony Corporation) Hidden
VAIO Satisfaction Survey. (HKLM-x32\...\VAIO Satisfaction Survey.3.0) (Version: 3.0 - Sony Electronics Inc.) Hidden
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.5.0.02280 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VCCx86 (HKLM-x32\...\{9B088046-8A01-4355-99DD-8530C022F682}) (Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (HKLM\...\{F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}) (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (HKLM-x32\...\{3A94F54D-A8A4-4B82-B346-92B4D56A2708}) (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (HKLM\...\{99E6C2F3-59B2-4308-B1CD-4928B55B7E30}) (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (HKLM-x32\...\{8B583EF5-FA7B-4AE2-9008-51B7FD505886}) (Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (HKLM\...\{D55EAC07-7207-44BD-B524-0F063F327743}) (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (HKLM-x32\...\{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}) (Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
VSNx64 (HKLM\...\{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}) (Version: 1.0.0 - Sony Corporation) Hidden
VU5x86 (HKLM-x32\...\{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}) (Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden
Web Companion (HKLM-x32\...\{52e8e954-d9fc-4038-91fb-1a87d8950026}) (Version: 4.0.1777.3330 - Lavasoft)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\ChromeHTML: -> C:\Users\Lorraine\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\20.6.0.27\NavShExt.dll [2014-12-06] (Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers2: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\20.6.0.27\NavShExt.dll [2014-12-06] (Symantec Corporation)
ContextMenuHandlers3: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-07-18] (Intel Corporation)
ContextMenuHandlers6: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\20.6.0.27\NavShExt.dll [2014-12-06] (Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3240821568-1653635036-208495454-1005: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3240821568-1653635036-208495454-1005: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3240821568-1653635036-208495454-1005: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02067597-2D68-4280-ABB3-9121725B73E2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {025ADEA8-EBA9-4FAA-A818-41BC83F15C06} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {08F0090D-4DD5-4223-9337-178746B0468C} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2017-05-11] (Sony Corporation)
Task: {0F05635C-76B9-4858-850B-0A8D1E59DC7E} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {13BB5A72-5CEC-475C-9167-87DF3CC11BC6} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {21AEF827-224D-4646-909E-02B43048394E} - System32\Tasks\Sony Corporation\VAIO Care\VTUsr => C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe [2017-04-19] (Sony Corporation)
Task: {27CB3F38-404A-4E59-9ED6-E1EF4BCA4B4F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005UA => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3312BE42-F243-483E-993B-47B16CCED637} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {3F7AC633-6ACD-44B4-BE49-B547B248CE73} - System32\Tasks\VAIO® Messenger (Lorraine) => C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [2012-11-13] (Digital Delivery Networks, Inc.)
Task: {46788FE6-5D45-47C7-80B2-8D6763EB983B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {48A8E9A9-F4EC-4BEA-98BF-2C89F3FF658D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {49A6B073-EBEF-461D-B521-6409D3FF11E1} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {4D80EF51-8C9E-4A4B-A989-556F48030AB1} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {629CA34C-AA8E-47D3-9399-026FFC425150} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6996958D-E444-45BB-8435-C3CC4440CE45} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6DD259E9-07ED-4547-81F3-579B77E0FE39} - System32\Tasks\Amazon Music Helper => C:\Users\Lorraine\AppData\Local\Amazon Music\Amazon Music Helper.exe [2016-12-14] ()
Task: {6E5B6645-DEB6-4F86-B5BA-0F92BB3A12E0} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {713E8F59-A0C4-4713-BC1C-65A4CC14A6AA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {72952C98-34FA-4CDA-94A8-CA33C7C14037} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {7C654AD4-C7FA-476E-851E-20815F5F490B} - System32\Tasks\Sony Corporation\VAIO Care\VTSvc => C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe [2017-04-19] (Sony Corporation)
Task: {82E9B90A-B130-4703-A8D3-CE8BE5D4BD08} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-21] (Adobe Systems Incorporated)
Task: {91568174-29B9-487A-81C2-7B00D921123E} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient [Argument = /Start]
Task: {9453CD97-876F-4641-9384-F3D2B7C6FB8B} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {990217EA-7F73-4F96-A74D-C0009779FE72} - System32\Tasks\Sony Corporation\VAIO Care\GetSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {99F9C0B3-120E-48C3-AE88-45906BD0C626} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {9C294B23-22DD-413C-A3BA-52031A8BD5F6} - System32\Tasks\VAIO® Messenger (Administrator) => C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [2012-11-13] (Digital Delivery Networks, Inc.)
Task: {A72F3F7D-4D9B-40C1-B8B5-E777E9E520F9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AC9401A3-98E7-47F7-8675-8357AC9E75CC} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {B3426827-33A4-4F25-BC2D-7F37253D9D53} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcWeekly => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2017-04-19] (Sony Corporation)
Task: {B7264CFE-0CD1-446A-8339-D070DE6641C6} - System32\Tasks\DDNi Startup => C:\Program Files (x86)\DDNi\Oasis\DDNiStartup.exe [2012-11-13] (Digital Delivery Networks, Inc.)
Task: {B7D99BE7-D7F8-4B09-B4F2-31539342DCAC} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {C1E5E6A6-1297-471D-9619-85750574C03A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C44A406F-A32F-4B7A-9B5A-4A7C258E9643} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2017-05-11] (Sony Corporation)
Task: {CCD82BC5-37D5-481D-AD91-D2257B0EE5A6} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {D6FFF279-7300-4C38-BFFA-8C56538BF401} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\WSCStub.exe [2015-07-27] (Symantec Corporation)
Task: {DA0B421B-461C-4AA6-845E-4FE02338C99F} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe [2013-06-20] (Sony Electronics)
Task: {DAF9DBB4-332D-4FC3-B498-D1F0C334AFD3} - System32\Tasks\Sony\Keyboard Shortcuts => C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe [2011-08-31] ()
Task: {DC6F2034-0B67-4586-8F9D-AF23E2A5319F} - System32\Tasks\SONY\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {DD332E27-09FB-49D7-8ECF-06D7E8E42E1D} - System32\Tasks\HPCustParticipation HP ENVY 4520 series => C:\Program Files\HP\HP ENVY 4520 series\Bin\HPCustPartic.exe [2017-04-06] (HP Inc.)
Task: {DD58CD88-77BC-4FAD-BDB8-CF8232A226A5} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {E1144A03-6254-4B5F-A3B9-72763E6AC904} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {E5356F9A-0DBA-4C7E-99E4-F1DD9A9B8281} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E6457921-7FED-40C4-A341-E9DDA9EF0C0D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-30] (Sony Corporation)
Task: {EB54B057-F56B-44E6-A342-2990A13F5D9C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d1ea937625a875 => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {EBAD373C-1F9B-4249-B862-AB8DC3D8421A} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-03-01] (McAfee, Inc.)
Task: {ECC86CBE-0C83-4E8D-A25F-80950848372F} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcDaily => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2017-04-19] (Sony Corporation)
Task: {F3B17F88-1633-4DF5-AF94-A629BC2807C7} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d0c41b3a3d246e.job => C:\Users\Lorraine\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1cf8cdc5319d4ca.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1cff41ee75a537b.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d00336e0e8f9d9.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d0458ff6526713.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d09148b35dfc9.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d0bfed41250dd3.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d0e111f10202ca.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d0f019f5148c52.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d12e14cce55975.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d15d8636e997dc.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d1ab062d18c740.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-04-22 01:07 - 2016-04-22 01:07 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 001337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-07-18 23:04 - 2011-07-18 23:04 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-12-25 13:29 - 2016-12-14 14:41 - 003494376 _____ () C:\Users\Lorraine\AppData\Local\Amazon Music\Amazon Music Helper.exe
2017-10-21 20:07 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2011-08-31 10:44 - 2011-08-31 10:44 - 000477200 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
2014-12-11 17:46 - 2012-05-30 07:51 - 000699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.6.0.27\wincfi39.dll
2016-07-12 19:21 - 2011-01-06 11:29 - 000077824 _____ () C:\Program Files (x86)\NoteBurner\vtblog.dll
2016-07-12 19:21 - 2011-01-06 11:29 - 000020480 _____ () C:\Program Files (x86)\NoteBurner\URLLink.dll
2016-07-12 19:21 - 2011-06-08 16:57 - 000036864 _____ () C:\Program Files (x86)\NoteBurner\EncodeAndTagComm.dll
2016-07-12 19:21 - 2011-06-08 16:58 - 000049152 _____ () C:\Program Files (x86)\NoteBurner\DL_WMAEncoder.DLL
2011-08-31 12:06 - 2011-08-31 12:06 - 000027104 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\Utility.dll
2011-08-31 12:06 - 2011-08-31 12:06 - 000161256 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\MessageHook.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Lorraine\Desktop\HOA October 2017.bmp:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\Lorraine\Desktop\HOA October 2017.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 000000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3240821568-1653635036-208495454-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Lorraine\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: ACDaemon => 3
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: ESRV_SVC => 2
MSCONFIG\Services: EvtEng => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: PMBDeviceInfoProvider => 2
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: SampleCollector => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SOHCImp => 2
MSCONFIG\Services: SOHDs => 3
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: uCamMonitor => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: USER_ESRV_SVC => 3
MSCONFIG\Services: VAIO Event Service => 2
MSCONFIG\Services: VCFw => 2
MSCONFIG\Services: VcmIAlzMgr => 2
MSCONFIG\Services: VcmINSMgr => 2
MSCONFIG\Services: VcmXmlIfHelper => 3
MSCONFIG\Services: VCService => 3
MSCONFIG\Services: VSNService => 2
MSCONFIG\Services: VUAgent => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Sony MSS.lnk => C:\Windows\pss\Sony MSS.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Lorraine^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Apoint => %ProgramFiles%\Apoint\Apoint.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Lorraine\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: Elbserver => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay
MSCONFIG\startupreg: Google Update => "C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: IntelWireless => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
MSCONFIG\startupreg: ISBMgr.exe => "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
MSCONFIG\startupreg: OutfoxTV => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F98C488C-4662-45EA-865B-68A544E1930E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{994615AD-7626-43AC-A878-A9BB02DB4B08}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{903E7829-8DBB-42FA-B4DD-C41C0106592E}] => (Allow) C:\Windows\TEMP\file_to_run551433.exe
FirewallRules: [{4FF1C83B-2CE3-4E72-A0F1-54A6D6D1F533}] => (Allow) C:\Windows\TEMP\file_to_run551433.exe
FirewallRules: [UDP Query User{8DCE1F2C-ABDB-4F0F-8C4F-E691741493A3}C:\users\lorraine\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\lorraine\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{159F1FC4-029C-46B8-8A4E-CA0C79501060}C:\users\lorraine\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\lorraine\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F7E7E7CC-15AD-4905-860C-55F65D8C30AD}] => (Allow) C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2A7DD240-4FE8-4E81-9A89-C678A0DAF6CF}] => (Allow) C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{FE6524E3-46DE-4F0F-9200-925D4E3E88F7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{CE362413-4191-4D43-B5CF-4F8824266C1E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{97468AB0-295E-481E-B227-8EFE22612BEC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7BB07596-C712-4125-8A67-B5232CD1B484}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8E469B68-E7D9-4638-85CD-37EC8B4C4F27}] => (Allow) C:\Program Files (x86)\Bench\Proxy\pwdg.exe
FirewallRules: [{91F70264-D4A8-4560-B4C1-A6E03A313123}] => (Allow) C:\Program Files (x86)\Bench\Proxy\proc.exe
FirewallRules: [{4190B1F9-E5E9-4B7D-9AD7-F8F1A251DD03}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\file_to_run551733.exe
FirewallRules: [{23BB13FC-6391-4451-A12B-14081EB3B8E3}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\file_to_run551733.exe
FirewallRules: [{92FB5D73-E920-406C-88C8-93022677CC04}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\file_to_run551007.exe
FirewallRules: [{7FC26CB8-A008-4C01-B4F2-2DB524EF4CBB}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\file_to_run551007.exe
FirewallRules: [{88CB178B-AED6-40B2-8908-50EA60772DE9}] => (Allow) c:\program files\pcreg\service.exe
FirewallRules: [{936F0051-D0BB-4EAF-9418-40A77BB88D15}] => (Allow) c:\program files\pcreg\service.exe
FirewallRules: [{9318BE86-A54D-4B55-B227-6CD118AC0126}] => (Allow) c:\program files\pcreg\pcreg.exe
FirewallRules: [{89661CB3-0DBB-4770-9949-BF89C1E0103A}] => (Allow) c:\program files\pcreg\pcreg.exe
FirewallRules: [{31F6EBBD-12C0-4436-8A47-569AA6E6E65F}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\updater_131990.exe
FirewallRules: [{DBB2AEDE-62BE-4D39-B166-BF4A7B65C223}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\speedmax_905.exe
FirewallRules: [{CDC2B438-0B1F-4942-A55A-B1E2CD919C4F}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\speedmax_20140516.exe
FirewallRules: [{C93826F0-97B4-4DC8-AB53-582D8A5EDF2C}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
FirewallRules: [{6B88A451-C395-47F6-A309-97FBE7346FC1}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
FirewallRules: [{53FE59E1-05AE-4BB3-B6C4-E58C270B978F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{58C38C2C-5378-4C15-8DB1-1FAD58CD1F72}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1BADA80D-7DFD-488E-ACE2-1CBA7C4B1B1F}] => (Allow) LPort=1900
FirewallRules: [{2C36ED4F-B487-482D-8087-472A62D3BAA9}] => (Allow) LPort=2869
FirewallRules: [{510C6A62-86D3-4321-AB08-B99A79DF734E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B60A3FD8-7606-4D10-B140-3BE17F138C65}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1EE35746-2ED5-45DC-B511-9C7A56BCE819}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BA7A8A74-D312-4AEE-A90E-D74ED1C85EDE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B54C5C99-17F8-4E46-A554-3F63F9D8883F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DCE9AE5A-165E-4E90-8433-0911D6848E84}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{96168DD5-94E9-413A-B06D-32E81389D6FE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9D1CD1C3-2BC6-4D46-A836-523A016B9562}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D07039AD-809B-45F9-AF68-8469DBCC36D8}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{69E10D8A-BFBC-4E9D-9CF6-94D4C912C33E}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{3405784B-9981-4910-9C34-F15D73BB2D14}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{538EA251-704F-4D76-8070-2C2BE2B79E86}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{115F9234-24D8-4D9B-B28E-3AF9A0D411BD}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe
FirewallRules: [{76685B95-3E20-4F51-AEC2-9DE59290BF97}] => (Allow) LPort=5357
FirewallRules: [{D76161F4-0AE3-450E-8C69-D6069EDEB9CE}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{BDE92114-6E55-4AAD-B0F2-E0E058BD76D8}C:\users\lorraine\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\lorraine\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [UDP Query User{8164729E-77FF-4A33-9B7F-94B6D67D3AE1}C:\users\lorraine\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\lorraine\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{163EFD33-B533-4FB5-BB27-9E548390F631}] => (Allow) C:\Users\Lorraine\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

16-11-2017 07:17:15 Windows Update
20-11-2017 12:36:25 Windows Update
20-11-2017 13:17:05 Windows Backup
21-11-2017 06:21:57 Windows Update
24-11-2017 14:45:14 Windows Update
26-11-2017 19:00:03 Windows Backup
03-12-2017 08:33:06 Windows Update
09-12-2017 10:03:54 Windows Backup
11-12-2017 17:02:41 Windows Backup

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/13/2017 04:33:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 13.12.2017.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 159c

Start Time: 01d3746a61dd1009

Termination Time: 16

Application Path: C:\Users\Lorraine\Desktop\FRST64.exe

Report Id: ef76342d-e05d-11e7-8bb9-78843cfb3628

Error: (12/13/2017 04:26:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/12/2017 05:10:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62947

Error: (12/12/2017 05:10:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62947

Error: (12/12/2017 05:10:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/12/2017 05:10:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 52947

Error: (12/12/2017 05:10:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 52947

Error: (12/12/2017 05:10:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/12/2017 05:09:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 42963

Error: (12/12/2017 05:09:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 42963


System errors:
=============
Error: (12/13/2017 04:25:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel Security True Key Scheduler service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (12/13/2017 04:25:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel Security True Key Scheduler service to connect.

Error: (12/13/2017 04:25:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel Security True Key service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (12/13/2017 04:25:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel Security True Key service to connect.

Error: (12/13/2017 04:24:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
Unspecified error

Error: (12/13/2017 04:24:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service Installer TrueKey service failed to start due to the following error:
The system cannot find the file specified.

Error: (12/12/2017 09:50:55 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (12/12/2017 09:38:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (12/12/2017 02:14:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
Unspecified error

Error: (12/12/2017 02:14:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service Installer TrueKey service failed to start due to the following error:
The system cannot find the file specified.


==================== Memory info ===========================

Processor: Intel® Pentium® CPU B950 @ 2.10GHz
Percentage of memory in use: 38%
Total physical RAM: 4043.86 MB
Available physical RAM: 2490.4 MB
Total Virtual: 8085.9 MB
Available Virtual: 6165.97 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:287.23 GB) (Free:190.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 7DB7F704)
Partition 1: (Not Active) - (Size=10.8 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=287.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2017
Ran by Lorraine (13-12-2017 16:35:17)
Running from C:\Users\Lorraine\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-09-21 22:55:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3240821568-1653635036-208495454-500 - Administrator - Disabled)
Guest (S-1-5-21-3240821568-1653635036-208495454-501 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3240821568-1653635036-208495454-1008 - Administrator - Enabled)
Lorraine (S-1-5-21-3240821568-1653635036-208495454-1005 - Administrator - Enabled) => C:\Users\Lorraine

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Disabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: 1.20.1.47037 - Amazon)
Amazon Music (HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Amazon Amazon Music) (Version: 5.3.2.1634 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version:  - )
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.485 - ArcSoft)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP Navigator EX 4.1 (HKLM-x32\...\MP Navigator EX 4.1) (Version:  - )
Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - )
Canon MX410 series User Registration (HKLM-x32\...\Canon MX410 series User Registration) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.18.51 - Conexant)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DriverUpdate (HKLM-x32\...\{97C97FAC-9153-409E-A9C8-A19AFABE7547}) (Version: 2.2.38275 - SlimWare Utilities, Inc.)
Dropbox (HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Dropbox) (Version: 37.4.29 - Dropbox, Inc.)
Free M4P To MP3 Converter (HKLM-x32\...\{A6B85850-3C6A-4E06-9B45-3BFAE5193BE8}) (Version: 1.0.0 - Convert Audio Free)
Google Chrome (HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP ENVY 4520 series Basic Device Software (HKLM\...\{B46D9E8C-10FE-4873-996B-CA9EA3D7D9FE}) (Version: 40.11.1122.1796 - HP Inc.)
HP ENVY 4520 series Help (HKLM-x32\...\{201E58BD-2A1D-4C4D-BD6F-ADA7669FE3AE}) (Version: 36.0.0 - Hewlett Packard)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.13.125.1 - Intel Security)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Keyboard Shortcuts (HKLM-x32\...\{FE8974B4-479C-4DBA-8544-9E5342ABB26A}) (Version: 1.1.0.08290 - Sony Corporation)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Manager (HKLM-x32\...\{7D641FFE-7F1B-4026-AC5D-7CFFB0882A83}) (Version: 15.0.7.28782 - Interactive Brands) Hidden
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 57.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.2 (x64 en-US)) (Version: 57.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.2.6549 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.6.0.27 - Symantec Corporation)
NoteBurner 2.35 (HKLM\...\NoteBurner_is1) (Version:  - NoteBurner.com)
OOBE (HKLM-x32\...\{18894D16-5448-4BF9-A128-F7E937322F91}) (Version: 11.2.1.10 - Sony Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation) Hidden
PMB VAIO Edition Guide (HKLM-x32\...\{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (HKLM\...\{133D3F07-D558-46CE-80E8-F4D75DBBAD63}) (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (HKLM-x32\...\{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.01.06110 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (HKLM-x32\...\{8356CB97-A48F-44CB-837A-A12838DC4669}) (Version: 1.6.00.06010 - Sony Corporation) Hidden
Product Improvement Study for HP ENVY 4520 series (HKLM\...\{1DDC5451-BE8B-4092-AB04-E92127242886}) (Version: 40.11.1122.1796 - HP Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Remote Keyboard (HKLM-x32\...\{25AF1025-095C-4AA9-A3FD-29710D3C3AE5}) (Version: 1.1.1.07060 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (HKLM-x32\...\{5FA51AAF-23FE-42F4-A724-D79F85F41D4B}) (Version: 1.1.0.15070 - Sony Corporation) Hidden
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Sony Corporation (HKLM\...\{4F31AC31-0A28-4F5A-8416-513972DA1F79}) (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
TweetDeck (HKLM-x32\...\{C5AC39F1-001D-4338-84C6-35109525588A}) (Version: 1.0.0 - Twitter, Inc.)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.01.06110 - Sony Corporation) Hidden
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.1.0.07060 - Sony Corporation)
VAIO - Remote Play with PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{CFF47016-B212-4D89-8DC2-15D5508A73BA}) (Version: 8.4.6.05111 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation) Hidden
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Data Restore Tool (HKLM-x32\...\{70EED410-697B-4193-A2CB-2F790F82B420}) (Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation) Hidden
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation) Hidden
VAIO Hardware Diagnostics (HKLM-x32\...\{C72E35E5-C5C6-4328-AD9A-BBCCC816A2E6}) (Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation) Hidden
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation) Hidden
VAIO Messenger (HKLM-x32\...\VAIO Messenger) (Version: 2.0.493.0 - DDNi)
VAIO Quick Web Access (HKLM-x32\...\{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}) (Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.0.09010 - Sony Corporation) Hidden
VAIO Satisfaction Survey. (HKLM-x32\...\VAIO Satisfaction Survey.3.0) (Version: 3.0 - Sony Electronics Inc.) Hidden
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.5.0.02280 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VCCx86 (HKLM-x32\...\{9B088046-8A01-4355-99DD-8530C022F682}) (Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (HKLM\...\{F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}) (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (HKLM-x32\...\{3A94F54D-A8A4-4B82-B346-92B4D56A2708}) (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (HKLM\...\{99E6C2F3-59B2-4308-B1CD-4928B55B7E30}) (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (HKLM-x32\...\{8B583EF5-FA7B-4AE2-9008-51B7FD505886}) (Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (HKLM\...\{D55EAC07-7207-44BD-B524-0F063F327743}) (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (HKLM-x32\...\{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}) (Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
VSNx64 (HKLM\...\{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}) (Version: 1.0.0 - Sony Corporation) Hidden
VU5x86 (HKLM-x32\...\{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}) (Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden
Web Companion (HKLM-x32\...\{52e8e954-d9fc-4038-91fb-1a87d8950026}) (Version: 4.0.1777.3330 - Lavasoft)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\ChromeHTML: -> C:\Users\Lorraine\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\20.6.0.27\NavShExt.dll [2014-12-06] (Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers2: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\20.6.0.27\NavShExt.dll [2014-12-06] (Symantec Corporation)
ContextMenuHandlers3: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-07-18] (Intel Corporation)
ContextMenuHandlers6: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\20.6.0.27\NavShExt.dll [2014-12-06] (Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3240821568-1653635036-208495454-1005: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3240821568-1653635036-208495454-1005: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3240821568-1653635036-208495454-1005: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02067597-2D68-4280-ABB3-9121725B73E2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {025ADEA8-EBA9-4FAA-A818-41BC83F15C06} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {08F0090D-4DD5-4223-9337-178746B0468C} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2017-05-11] (Sony Corporation)
Task: {0F05635C-76B9-4858-850B-0A8D1E59DC7E} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {13BB5A72-5CEC-475C-9167-87DF3CC11BC6} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {21AEF827-224D-4646-909E-02B43048394E} - System32\Tasks\Sony Corporation\VAIO Care\VTUsr => C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe [2017-04-19] (Sony Corporation)
Task: {27CB3F38-404A-4E59-9ED6-E1EF4BCA4B4F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005UA => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3312BE42-F243-483E-993B-47B16CCED637} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {3F7AC633-6ACD-44B4-BE49-B547B248CE73} - System32\Tasks\VAIO® Messenger (Lorraine) => C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [2012-11-13] (Digital Delivery Networks, Inc.)
Task: {46788FE6-5D45-47C7-80B2-8D6763EB983B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {48A8E9A9-F4EC-4BEA-98BF-2C89F3FF658D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {49A6B073-EBEF-461D-B521-6409D3FF11E1} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {4D80EF51-8C9E-4A4B-A989-556F48030AB1} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {629CA34C-AA8E-47D3-9399-026FFC425150} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6996958D-E444-45BB-8435-C3CC4440CE45} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6DD259E9-07ED-4547-81F3-579B77E0FE39} - System32\Tasks\Amazon Music Helper => C:\Users\Lorraine\AppData\Local\Amazon Music\Amazon Music Helper.exe [2016-12-14] ()
Task: {6E5B6645-DEB6-4F86-B5BA-0F92BB3A12E0} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {713E8F59-A0C4-4713-BC1C-65A4CC14A6AA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {72952C98-34FA-4CDA-94A8-CA33C7C14037} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {7C654AD4-C7FA-476E-851E-20815F5F490B} - System32\Tasks\Sony Corporation\VAIO Care\VTSvc => C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe [2017-04-19] (Sony Corporation)
Task: {82E9B90A-B130-4703-A8D3-CE8BE5D4BD08} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-21] (Adobe Systems Incorporated)
Task: {91568174-29B9-487A-81C2-7B00D921123E} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient [Argument = /Start]
Task: {9453CD97-876F-4641-9384-F3D2B7C6FB8B} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {990217EA-7F73-4F96-A74D-C0009779FE72} - System32\Tasks\Sony Corporation\VAIO Care\GetSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {99F9C0B3-120E-48C3-AE88-45906BD0C626} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {9C294B23-22DD-413C-A3BA-52031A8BD5F6} - System32\Tasks\VAIO® Messenger (Administrator) => C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [2012-11-13] (Digital Delivery Networks, Inc.)
Task: {A72F3F7D-4D9B-40C1-B8B5-E777E9E520F9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AC9401A3-98E7-47F7-8675-8357AC9E75CC} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {B3426827-33A4-4F25-BC2D-7F37253D9D53} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcWeekly => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2017-04-19] (Sony Corporation)
Task: {B7264CFE-0CD1-446A-8339-D070DE6641C6} - System32\Tasks\DDNi Startup => C:\Program Files (x86)\DDNi\Oasis\DDNiStartup.exe [2012-11-13] (Digital Delivery Networks, Inc.)
Task: {B7D99BE7-D7F8-4B09-B4F2-31539342DCAC} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {C1E5E6A6-1297-471D-9619-85750574C03A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C44A406F-A32F-4B7A-9B5A-4A7C258E9643} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2017-05-11] (Sony Corporation)
Task: {CCD82BC5-37D5-481D-AD91-D2257B0EE5A6} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {D6FFF279-7300-4C38-BFFA-8C56538BF401} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\WSCStub.exe [2015-07-27] (Symantec Corporation)
Task: {DA0B421B-461C-4AA6-845E-4FE02338C99F} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe [2013-06-20] (Sony Electronics)
Task: {DAF9DBB4-332D-4FC3-B498-D1F0C334AFD3} - System32\Tasks\Sony\Keyboard Shortcuts => C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe [2011-08-31] ()
Task: {DC6F2034-0B67-4586-8F9D-AF23E2A5319F} - System32\Tasks\SONY\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {DD332E27-09FB-49D7-8ECF-06D7E8E42E1D} - System32\Tasks\HPCustParticipation HP ENVY 4520 series => C:\Program Files\HP\HP ENVY 4520 series\Bin\HPCustPartic.exe [2017-04-06] (HP Inc.)
Task: {DD58CD88-77BC-4FAD-BDB8-CF8232A226A5} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {E1144A03-6254-4B5F-A3B9-72763E6AC904} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {E5356F9A-0DBA-4C7E-99E4-F1DD9A9B8281} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E6457921-7FED-40C4-A341-E9DDA9EF0C0D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-30] (Sony Corporation)
Task: {EB54B057-F56B-44E6-A342-2990A13F5D9C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d1ea937625a875 => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {EBAD373C-1F9B-4249-B862-AB8DC3D8421A} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-03-01] (McAfee, Inc.)
Task: {ECC86CBE-0C83-4E8D-A25F-80950848372F} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcDaily => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2017-04-19] (Sony Corporation)
Task: {F3B17F88-1633-4DF5-AF94-A629BC2807C7} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d0c41b3a3d246e.job => C:\Users\Lorraine\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1cf8cdc5319d4ca.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1cff41ee75a537b.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d00336e0e8f9d9.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d0458ff6526713.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d09148b35dfc9.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d0bfed41250dd3.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d0e111f10202ca.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d0f019f5148c52.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d12e14cce55975.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d15d8636e997dc.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d1ab062d18c740.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-04-22 01:07 - 2016-04-22 01:07 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 001337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-07-18 23:04 - 2011-07-18 23:04 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-12-25 13:29 - 2016-12-14 14:41 - 003494376 _____ () C:\Users\Lorraine\AppData\Local\Amazon Music\Amazon Music Helper.exe
2017-10-21 20:07 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2011-08-31 10:44 - 2011-08-31 10:44 - 000477200 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
2014-12-11 17:46 - 2012-05-30 07:51 - 000699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.6.0.27\wincfi39.dll
2016-07-12 19:21 - 2011-01-06 11:29 - 000077824 _____ () C:\Program Files (x86)\NoteBurner\vtblog.dll
2016-07-12 19:21 - 2011-01-06 11:29 - 000020480 _____ () C:\Program Files (x86)\NoteBurner\URLLink.dll
2016-07-12 19:21 - 2011-06-08 16:57 - 000036864 _____ () C:\Program Files (x86)\NoteBurner\EncodeAndTagComm.dll
2016-07-12 19:21 - 2011-06-08 16:58 - 000049152 _____ () C:\Program Files (x86)\NoteBurner\DL_WMAEncoder.DLL
2011-08-31 12:06 - 2011-08-31 12:06 - 000027104 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\Utility.dll
2011-08-31 12:06 - 2011-08-31 12:06 - 000161256 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\MessageHook.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Lorraine\Desktop\HOA October 2017.bmp:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\Lorraine\Desktop\HOA October 2017.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 000000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3240821568-1653635036-208495454-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Lorraine\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: ACDaemon => 3
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: ESRV_SVC => 2
MSCONFIG\Services: EvtEng => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: PMBDeviceInfoProvider => 2
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: SampleCollector => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SOHCImp => 2
MSCONFIG\Services: SOHDs => 3
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: uCamMonitor => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: USER_ESRV_SVC => 3
MSCONFIG\Services: VAIO Event Service => 2
MSCONFIG\Services: VCFw => 2
MSCONFIG\Services: VcmIAlzMgr => 2
MSCONFIG\Services: VcmINSMgr => 2
MSCONFIG\Services: VcmXmlIfHelper => 3
MSCONFIG\Services: VCService => 3
MSCONFIG\Services: VSNService => 2
MSCONFIG\Services: VUAgent => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Sony MSS.lnk => C:\Windows\pss\Sony MSS.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Lorraine^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Apoint => %ProgramFiles%\Apoint\Apoint.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Lorraine\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: Elbserver => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay
MSCONFIG\startupreg: Google Update => "C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: IntelWireless => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
MSCONFIG\startupreg: ISBMgr.exe => "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
MSCONFIG\startupreg: OutfoxTV => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F98C488C-4662-45EA-865B-68A544E1930E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{994615AD-7626-43AC-A878-A9BB02DB4B08}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{903E7829-8DBB-42FA-B4DD-C41C0106592E}] => (Allow) C:\Windows\TEMP\file_to_run551433.exe
FirewallRules: [{4FF1C83B-2CE3-4E72-A0F1-54A6D6D1F533}] => (Allow) C:\Windows\TEMP\file_to_run551433.exe
FirewallRules: [UDP Query User{8DCE1F2C-ABDB-4F0F-8C4F-E691741493A3}C:\users\lorraine\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\lorraine\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{159F1FC4-029C-46B8-8A4E-CA0C79501060}C:\users\lorraine\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\lorraine\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F7E7E7CC-15AD-4905-860C-55F65D8C30AD}] => (Allow) C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2A7DD240-4FE8-4E81-9A89-C678A0DAF6CF}] => (Allow) C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{FE6524E3-46DE-4F0F-9200-925D4E3E88F7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{CE362413-4191-4D43-B5CF-4F8824266C1E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{97468AB0-295E-481E-B227-8EFE22612BEC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7BB07596-C712-4125-8A67-B5232CD1B484}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8E469B68-E7D9-4638-85CD-37EC8B4C4F27}] => (Allow) C:\Program Files (x86)\Bench\Proxy\pwdg.exe
FirewallRules: [{91F70264-D4A8-4560-B4C1-A6E03A313123}] => (Allow) C:\Program Files (x86)\Bench\Proxy\proc.exe
FirewallRules: [{4190B1F9-E5E9-4B7D-9AD7-F8F1A251DD03}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\file_to_run551733.exe
FirewallRules: [{23BB13FC-6391-4451-A12B-14081EB3B8E3}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\file_to_run551733.exe
FirewallRules: [{92FB5D73-E920-406C-88C8-93022677CC04}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\file_to_run551007.exe
FirewallRules: [{7FC26CB8-A008-4C01-B4F2-2DB524EF4CBB}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\file_to_run551007.exe
FirewallRules: [{88CB178B-AED6-40B2-8908-50EA60772DE9}] => (Allow) c:\program files\pcreg\service.exe
FirewallRules: [{936F0051-D0BB-4EAF-9418-40A77BB88D15}] => (Allow) c:\program files\pcreg\service.exe
FirewallRules: [{9318BE86-A54D-4B55-B227-6CD118AC0126}] => (Allow) c:\program files\pcreg\pcreg.exe
FirewallRules: [{89661CB3-0DBB-4770-9949-BF89C1E0103A}] => (Allow) c:\program files\pcreg\pcreg.exe
FirewallRules: [{31F6EBBD-12C0-4436-8A47-569AA6E6E65F}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\updater_131990.exe
FirewallRules: [{DBB2AEDE-62BE-4D39-B166-BF4A7B65C223}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\speedmax_905.exe
FirewallRules: [{CDC2B438-0B1F-4942-A55A-B1E2CD919C4F}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\speedmax_20140516.exe
FirewallRules: [{C93826F0-97B4-4DC8-AB53-582D8A5EDF2C}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
FirewallRules: [{6B88A451-C395-47F6-A309-97FBE7346FC1}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
FirewallRules: [{53FE59E1-05AE-4BB3-B6C4-E58C270B978F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{58C38C2C-5378-4C15-8DB1-1FAD58CD1F72}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1BADA80D-7DFD-488E-ACE2-1CBA7C4B1B1F}] => (Allow) LPort=1900
FirewallRules: [{2C36ED4F-B487-482D-8087-472A62D3BAA9}] => (Allow) LPort=2869
FirewallRules: [{510C6A62-86D3-4321-AB08-B99A79DF734E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B60A3FD8-7606-4D10-B140-3BE17F138C65}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1EE35746-2ED5-45DC-B511-9C7A56BCE819}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BA7A8A74-D312-4AEE-A90E-D74ED1C85EDE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B54C5C99-17F8-4E46-A554-3F63F9D8883F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DCE9AE5A-165E-4E90-8433-0911D6848E84}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{96168DD5-94E9-413A-B06D-32E81389D6FE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9D1CD1C3-2BC6-4D46-A836-523A016B9562}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D07039AD-809B-45F9-AF68-8469DBCC36D8}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{69E10D8A-BFBC-4E9D-9CF6-94D4C912C33E}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{3405784B-9981-4910-9C34-F15D73BB2D14}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{538EA251-704F-4D76-8070-2C2BE2B79E86}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{115F9234-24D8-4D9B-B28E-3AF9A0D411BD}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe
FirewallRules: [{76685B95-3E20-4F51-AEC2-9DE59290BF97}] => (Allow) LPort=5357
FirewallRules: [{D76161F4-0AE3-450E-8C69-D6069EDEB9CE}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{BDE92114-6E55-4AAD-B0F2-E0E058BD76D8}C:\users\lorraine\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\lorraine\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [UDP Query User{8164729E-77FF-4A33-9B7F-94B6D67D3AE1}C:\users\lorraine\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\lorraine\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{163EFD33-B533-4FB5-BB27-9E548390F631}] => (Allow) C:\Users\Lorraine\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

16-11-2017 07:17:15 Windows Update
20-11-2017 12:36:25 Windows Update
20-11-2017 13:17:05 Windows Backup
21-11-2017 06:21:57 Windows Update
24-11-2017 14:45:14 Windows Update
26-11-2017 19:00:03 Windows Backup
03-12-2017 08:33:06 Windows Update
09-12-2017 10:03:54 Windows Backup
11-12-2017 17:02:41 Windows Backup

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/13/2017 04:33:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 13.12.2017.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 159c

Start Time: 01d3746a61dd1009

Termination Time: 16

Application Path: C:\Users\Lorraine\Desktop\FRST64.exe

Report Id: ef76342d-e05d-11e7-8bb9-78843cfb3628

Error: (12/13/2017 04:26:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/12/2017 05:10:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62947

Error: (12/12/2017 05:10:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62947

Error: (12/12/2017 05:10:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/12/2017 05:10:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 52947

Error: (12/12/2017 05:10:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 52947

Error: (12/12/2017 05:10:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/12/2017 05:09:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 42963

Error: (12/12/2017 05:09:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 42963


System errors:
=============
Error: (12/13/2017 04:25:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel Security True Key Scheduler service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (12/13/2017 04:25:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel Security True Key Scheduler service to connect.

Error: (12/13/2017 04:25:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel Security True Key service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (12/13/2017 04:25:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel Security True Key service to connect.

Error: (12/13/2017 04:24:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
Unspecified error

Error: (12/13/2017 04:24:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service Installer TrueKey service failed to start due to the following error:
The system cannot find the file specified.

Error: (12/12/2017 09:50:55 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (12/12/2017 09:38:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (12/12/2017 02:14:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
Unspecified error

Error: (12/12/2017 02:14:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service Installer TrueKey service failed to start due to the following error:
The system cannot find the file specified.


==================== Memory info ===========================

Processor: Intel® Pentium® CPU B950 @ 2.10GHz
Percentage of memory in use: 38%
Total physical RAM: 4043.86 MB
Available physical RAM: 2490.4 MB
Total Virtual: 8085.9 MB
Available Virtual: 6165.97 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:287.23 GB) (Free:190.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 7DB7F704)
Partition 1: (Not Active) - (Size=10.8 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=287.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2017
Ran by Lorraine (13-12-2017 16:35:17)
Running from C:\Users\Lorraine\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-09-21 22:55:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3240821568-1653635036-208495454-500 - Administrator - Disabled)
Guest (S-1-5-21-3240821568-1653635036-208495454-501 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3240821568-1653635036-208495454-1008 - Administrator - Enabled)
Lorraine (S-1-5-21-3240821568-1653635036-208495454-1005 - Administrator - Enabled) => C:\Users\Lorraine

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Disabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: 1.20.1.47037 - Amazon)
Amazon Music (HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Amazon Amazon Music) (Version: 5.3.2.1634 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version:  - )
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.485 - ArcSoft)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP Navigator EX 4.1 (HKLM-x32\...\MP Navigator EX 4.1) (Version:  - )
Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - )
Canon MX410 series User Registration (HKLM-x32\...\Canon MX410 series User Registration) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.18.51 - Conexant)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DriverUpdate (HKLM-x32\...\{97C97FAC-9153-409E-A9C8-A19AFABE7547}) (Version: 2.2.38275 - SlimWare Utilities, Inc.)
Dropbox (HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Dropbox) (Version: 37.4.29 - Dropbox, Inc.)
Free M4P To MP3 Converter (HKLM-x32\...\{A6B85850-3C6A-4E06-9B45-3BFAE5193BE8}) (Version: 1.0.0 - Convert Audio Free)
Google Chrome (HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP ENVY 4520 series Basic Device Software (HKLM\...\{B46D9E8C-10FE-4873-996B-CA9EA3D7D9FE}) (Version: 40.11.1122.1796 - HP Inc.)
HP ENVY 4520 series Help (HKLM-x32\...\{201E58BD-2A1D-4C4D-BD6F-ADA7669FE3AE}) (Version: 36.0.0 - Hewlett Packard)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.13.125.1 - Intel Security)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Keyboard Shortcuts (HKLM-x32\...\{FE8974B4-479C-4DBA-8544-9E5342ABB26A}) (Version: 1.1.0.08290 - Sony Corporation)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Manager (HKLM-x32\...\{7D641FFE-7F1B-4026-AC5D-7CFFB0882A83}) (Version: 15.0.7.28782 - Interactive Brands) Hidden
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 57.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.2 (x64 en-US)) (Version: 57.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.2.6549 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.6.0.27 - Symantec Corporation)
NoteBurner 2.35 (HKLM\...\NoteBurner_is1) (Version:  - NoteBurner.com)
OOBE (HKLM-x32\...\{18894D16-5448-4BF9-A128-F7E937322F91}) (Version: 11.2.1.10 - Sony Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation) Hidden
PMB VAIO Edition Guide (HKLM-x32\...\{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (HKLM\...\{133D3F07-D558-46CE-80E8-F4D75DBBAD63}) (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (HKLM-x32\...\{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.01.06110 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (HKLM-x32\...\{8356CB97-A48F-44CB-837A-A12838DC4669}) (Version: 1.6.00.06010 - Sony Corporation) Hidden
Product Improvement Study for HP ENVY 4520 series (HKLM\...\{1DDC5451-BE8B-4092-AB04-E92127242886}) (Version: 40.11.1122.1796 - HP Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Remote Keyboard (HKLM-x32\...\{25AF1025-095C-4AA9-A3FD-29710D3C3AE5}) (Version: 1.1.1.07060 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (HKLM-x32\...\{5FA51AAF-23FE-42F4-A724-D79F85F41D4B}) (Version: 1.1.0.15070 - Sony Corporation) Hidden
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Sony Corporation (HKLM\...\{4F31AC31-0A28-4F5A-8416-513972DA1F79}) (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
TweetDeck (HKLM-x32\...\{C5AC39F1-001D-4338-84C6-35109525588A}) (Version: 1.0.0 - Twitter, Inc.)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.01.06110 - Sony Corporation) Hidden
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.1.0.07060 - Sony Corporation)
VAIO - Remote Play with PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{CFF47016-B212-4D89-8DC2-15D5508A73BA}) (Version: 8.4.6.05111 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation) Hidden
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Data Restore Tool (HKLM-x32\...\{70EED410-697B-4193-A2CB-2F790F82B420}) (Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation) Hidden
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation) Hidden
VAIO Hardware Diagnostics (HKLM-x32\...\{C72E35E5-C5C6-4328-AD9A-BBCCC816A2E6}) (Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation) Hidden
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation) Hidden
VAIO Messenger (HKLM-x32\...\VAIO Messenger) (Version: 2.0.493.0 - DDNi)
VAIO Quick Web Access (HKLM-x32\...\{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}) (Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.0.09010 - Sony Corporation) Hidden
VAIO Satisfaction Survey. (HKLM-x32\...\VAIO Satisfaction Survey.3.0) (Version: 3.0 - Sony Electronics Inc.) Hidden
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.5.0.02280 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VCCx86 (HKLM-x32\...\{9B088046-8A01-4355-99DD-8530C022F682}) (Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (HKLM\...\{F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}) (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (HKLM-x32\...\{3A94F54D-A8A4-4B82-B346-92B4D56A2708}) (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (HKLM\...\{99E6C2F3-59B2-4308-B1CD-4928B55B7E30}) (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (HKLM-x32\...\{8B583EF5-FA7B-4AE2-9008-51B7FD505886}) (Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (HKLM\...\{D55EAC07-7207-44BD-B524-0F063F327743}) (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (HKLM-x32\...\{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}) (Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
VSNx64 (HKLM\...\{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}) (Version: 1.0.0 - Sony Corporation) Hidden
VU5x86 (HKLM-x32\...\{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}) (Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden
Web Companion (HKLM-x32\...\{52e8e954-d9fc-4038-91fb-1a87d8950026}) (Version: 4.0.1777.3330 - Lavasoft)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\ChromeHTML: -> C:\Users\Lorraine\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\20.6.0.27\NavShExt.dll [2014-12-06] (Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers2: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\20.6.0.27\NavShExt.dll [2014-12-06] (Symantec Corporation)
ContextMenuHandlers3: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-07-18] (Intel Corporation)
ContextMenuHandlers6: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\20.6.0.27\NavShExt.dll [2014-12-06] (Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3240821568-1653635036-208495454-1005: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3240821568-1653635036-208495454-1005: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3240821568-1653635036-208495454-1005: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02067597-2D68-4280-ABB3-9121725B73E2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {025ADEA8-EBA9-4FAA-A818-41BC83F15C06} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {08F0090D-4DD5-4223-9337-178746B0468C} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2017-05-11] (Sony Corporation)
Task: {0F05635C-76B9-4858-850B-0A8D1E59DC7E} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {13BB5A72-5CEC-475C-9167-87DF3CC11BC6} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {21AEF827-224D-4646-909E-02B43048394E} - System32\Tasks\Sony Corporation\VAIO Care\VTUsr => C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe [2017-04-19] (Sony Corporation)
Task: {27CB3F38-404A-4E59-9ED6-E1EF4BCA4B4F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005UA => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3312BE42-F243-483E-993B-47B16CCED637} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {3F7AC633-6ACD-44B4-BE49-B547B248CE73} - System32\Tasks\VAIO® Messenger (Lorraine) => C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [2012-11-13] (Digital Delivery Networks, Inc.)
Task: {46788FE6-5D45-47C7-80B2-8D6763EB983B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {48A8E9A9-F4EC-4BEA-98BF-2C89F3FF658D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {49A6B073-EBEF-461D-B521-6409D3FF11E1} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {4D80EF51-8C9E-4A4B-A989-556F48030AB1} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {629CA34C-AA8E-47D3-9399-026FFC425150} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6996958D-E444-45BB-8435-C3CC4440CE45} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6DD259E9-07ED-4547-81F3-579B77E0FE39} - System32\Tasks\Amazon Music Helper => C:\Users\Lorraine\AppData\Local\Amazon Music\Amazon Music Helper.exe [2016-12-14] ()
Task: {6E5B6645-DEB6-4F86-B5BA-0F92BB3A12E0} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {713E8F59-A0C4-4713-BC1C-65A4CC14A6AA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {72952C98-34FA-4CDA-94A8-CA33C7C14037} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {7C654AD4-C7FA-476E-851E-20815F5F490B} - System32\Tasks\Sony Corporation\VAIO Care\VTSvc => C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe [2017-04-19] (Sony Corporation)
Task: {82E9B90A-B130-4703-A8D3-CE8BE5D4BD08} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-21] (Adobe Systems Incorporated)
Task: {91568174-29B9-487A-81C2-7B00D921123E} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient [Argument = /Start]
Task: {9453CD97-876F-4641-9384-F3D2B7C6FB8B} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {990217EA-7F73-4F96-A74D-C0009779FE72} - System32\Tasks\Sony Corporation\VAIO Care\GetSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {99F9C0B3-120E-48C3-AE88-45906BD0C626} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {9C294B23-22DD-413C-A3BA-52031A8BD5F6} - System32\Tasks\VAIO® Messenger (Administrator) => C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [2012-11-13] (Digital Delivery Networks, Inc.)
Task: {A72F3F7D-4D9B-40C1-B8B5-E777E9E520F9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AC9401A3-98E7-47F7-8675-8357AC9E75CC} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {B3426827-33A4-4F25-BC2D-7F37253D9D53} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcWeekly => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2017-04-19] (Sony Corporation)
Task: {B7264CFE-0CD1-446A-8339-D070DE6641C6} - System32\Tasks\DDNi Startup => C:\Program Files (x86)\DDNi\Oasis\DDNiStartup.exe [2012-11-13] (Digital Delivery Networks, Inc.)
Task: {B7D99BE7-D7F8-4B09-B4F2-31539342DCAC} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {C1E5E6A6-1297-471D-9619-85750574C03A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C44A406F-A32F-4B7A-9B5A-4A7C258E9643} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2017-05-11] (Sony Corporation)
Task: {CCD82BC5-37D5-481D-AD91-D2257B0EE5A6} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {D6FFF279-7300-4C38-BFFA-8C56538BF401} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\WSCStub.exe [2015-07-27] (Symantec Corporation)
Task: {DA0B421B-461C-4AA6-845E-4FE02338C99F} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe [2013-06-20] (Sony Electronics)
Task: {DAF9DBB4-332D-4FC3-B498-D1F0C334AFD3} - System32\Tasks\Sony\Keyboard Shortcuts => C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe [2011-08-31] ()
Task: {DC6F2034-0B67-4586-8F9D-AF23E2A5319F} - System32\Tasks\SONY\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {DD332E27-09FB-49D7-8ECF-06D7E8E42E1D} - System32\Tasks\HPCustParticipation HP ENVY 4520 series => C:\Program Files\HP\HP ENVY 4520 series\Bin\HPCustPartic.exe [2017-04-06] (HP Inc.)
Task: {DD58CD88-77BC-4FAD-BDB8-CF8232A226A5} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {E1144A03-6254-4B5F-A3B9-72763E6AC904} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {E5356F9A-0DBA-4C7E-99E4-F1DD9A9B8281} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E6457921-7FED-40C4-A341-E9DDA9EF0C0D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-30] (Sony Corporation)
Task: {EB54B057-F56B-44E6-A342-2990A13F5D9C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d1ea937625a875 => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {EBAD373C-1F9B-4249-B862-AB8DC3D8421A} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-03-01] (McAfee, Inc.)
Task: {ECC86CBE-0C83-4E8D-A25F-80950848372F} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcDaily => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2017-04-19] (Sony Corporation)
Task: {F3B17F88-1633-4DF5-AF94-A629BC2807C7} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d0c41b3a3d246e.job => C:\Users\Lorraine\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1cf8cdc5319d4ca.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1cff41ee75a537b.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d00336e0e8f9d9.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d0458ff6526713.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d09148b35dfc9.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d0bfed41250dd3.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d0e111f10202ca.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d0f019f5148c52.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d12e14cce55975.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d15d8636e997dc.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3240821568-1653635036-208495454-1005Core1d1ab062d18c740.job => C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-04-22 01:07 - 2016-04-22 01:07 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 001337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-07-18 23:04 - 2011-07-18 23:04 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-12-25 13:29 - 2016-12-14 14:41 - 003494376 _____ () C:\Users\Lorraine\AppData\Local\Amazon Music\Amazon Music Helper.exe
2017-10-21 20:07 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2011-08-31 10:44 - 2011-08-31 10:44 - 000477200 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
2014-12-11 17:46 - 2012-05-30 07:51 - 000699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.6.0.27\wincfi39.dll
2016-07-12 19:21 - 2011-01-06 11:29 - 000077824 _____ () C:\Program Files (x86)\NoteBurner\vtblog.dll
2016-07-12 19:21 - 2011-01-06 11:29 - 000020480 _____ () C:\Program Files (x86)\NoteBurner\URLLink.dll
2016-07-12 19:21 - 2011-06-08 16:57 - 000036864 _____ () C:\Program Files (x86)\NoteBurner\EncodeAndTagComm.dll
2016-07-12 19:21 - 2011-06-08 16:58 - 000049152 _____ () C:\Program Files (x86)\NoteBurner\DL_WMAEncoder.DLL
2011-08-31 12:06 - 2011-08-31 12:06 - 000027104 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\Utility.dll
2011-08-31 12:06 - 2011-08-31 12:06 - 000161256 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\MessageHook.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Lorraine\Desktop\HOA October 2017.bmp:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\Lorraine\Desktop\HOA October 2017.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3240821568-1653635036-208495454-1005\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 000000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3240821568-1653635036-208495454-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Lorraine\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: ACDaemon => 3
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: ESRV_SVC => 2
MSCONFIG\Services: EvtEng => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: PMBDeviceInfoProvider => 2
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: SampleCollector => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SOHCImp => 2
MSCONFIG\Services: SOHDs => 3
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: uCamMonitor => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: USER_ESRV_SVC => 3
MSCONFIG\Services: VAIO Event Service => 2
MSCONFIG\Services: VCFw => 2
MSCONFIG\Services: VcmIAlzMgr => 2
MSCONFIG\Services: VcmINSMgr => 2
MSCONFIG\Services: VcmXmlIfHelper => 3
MSCONFIG\Services: VCService => 3
MSCONFIG\Services: VSNService => 2
MSCONFIG\Services: VUAgent => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Sony MSS.lnk => C:\Windows\pss\Sony MSS.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Lorraine^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Apoint => %ProgramFiles%\Apoint\Apoint.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Lorraine\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: Elbserver => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay
MSCONFIG\startupreg: Google Update => "C:\Users\Lorraine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: IntelWireless => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
MSCONFIG\startupreg: ISBMgr.exe => "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
MSCONFIG\startupreg: OutfoxTV => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F98C488C-4662-45EA-865B-68A544E1930E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{994615AD-7626-43AC-A878-A9BB02DB4B08}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{903E7829-8DBB-42FA-B4DD-C41C0106592E}] => (Allow) C:\Windows\TEMP\file_to_run551433.exe
FirewallRules: [{4FF1C83B-2CE3-4E72-A0F1-54A6D6D1F533}] => (Allow) C:\Windows\TEMP\file_to_run551433.exe
FirewallRules: [UDP Query User{8DCE1F2C-ABDB-4F0F-8C4F-E691741493A3}C:\users\lorraine\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\lorraine\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{159F1FC4-029C-46B8-8A4E-CA0C79501060}C:\users\lorraine\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\lorraine\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F7E7E7CC-15AD-4905-860C-55F65D8C30AD}] => (Allow) C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2A7DD240-4FE8-4E81-9A89-C678A0DAF6CF}] => (Allow) C:\Users\Lorraine\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{FE6524E3-46DE-4F0F-9200-925D4E3E88F7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{CE362413-4191-4D43-B5CF-4F8824266C1E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{97468AB0-295E-481E-B227-8EFE22612BEC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7BB07596-C712-4125-8A67-B5232CD1B484}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8E469B68-E7D9-4638-85CD-37EC8B4C4F27}] => (Allow) C:\Program Files (x86)\Bench\Proxy\pwdg.exe
FirewallRules: [{91F70264-D4A8-4560-B4C1-A6E03A313123}] => (Allow) C:\Program Files (x86)\Bench\Proxy\proc.exe
FirewallRules: [{4190B1F9-E5E9-4B7D-9AD7-F8F1A251DD03}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\file_to_run551733.exe
FirewallRules: [{23BB13FC-6391-4451-A12B-14081EB3B8E3}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\file_to_run551733.exe
FirewallRules: [{92FB5D73-E920-406C-88C8-93022677CC04}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\file_to_run551007.exe
FirewallRules: [{7FC26CB8-A008-4C01-B4F2-2DB524EF4CBB}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\file_to_run551007.exe
FirewallRules: [{88CB178B-AED6-40B2-8908-50EA60772DE9}] => (Allow) c:\program files\pcreg\service.exe
FirewallRules: [{936F0051-D0BB-4EAF-9418-40A77BB88D15}] => (Allow) c:\program files\pcreg\service.exe
FirewallRules: [{9318BE86-A54D-4B55-B227-6CD118AC0126}] => (Allow) c:\program files\pcreg\pcreg.exe
FirewallRules: [{89661CB3-0DBB-4770-9949-BF89C1E0103A}] => (Allow) c:\program files\pcreg\pcreg.exe
FirewallRules: [{31F6EBBD-12C0-4436-8A47-569AA6E6E65F}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\updater_131990.exe
FirewallRules: [{DBB2AEDE-62BE-4D39-B166-BF4A7B65C223}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\speedmax_905.exe
FirewallRules: [{CDC2B438-0B1F-4942-A55A-B1E2CD919C4F}] => (Allow) C:\Users\Lorraine\AppData\Local\Temp\speedmax_20140516.exe
FirewallRules: [{C93826F0-97B4-4DC8-AB53-582D8A5EDF2C}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
FirewallRules: [{6B88A451-C395-47F6-A309-97FBE7346FC1}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
FirewallRules: [{53FE59E1-05AE-4BB3-B6C4-E58C270B978F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{58C38C2C-5378-4C15-8DB1-1FAD58CD1F72}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1BADA80D-7DFD-488E-ACE2-1CBA7C4B1B1F}] => (Allow) LPort=1900
FirewallRules: [{2C36ED4F-B487-482D-8087-472A62D3BAA9}] => (Allow) LPort=2869
FirewallRules: [{510C6A62-86D3-4321-AB08-B99A79DF734E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B60A3FD8-7606-4D10-B140-3BE17F138C65}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1EE35746-2ED5-45DC-B511-9C7A56BCE819}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BA7A8A74-D312-4AEE-A90E-D74ED1C85EDE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B54C5C99-17F8-4E46-A554-3F63F9D8883F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DCE9AE5A-165E-4E90-8433-0911D6848E84}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{96168DD5-94E9-413A-B06D-32E81389D6FE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9D1CD1C3-2BC6-4D46-A836-523A016B9562}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D07039AD-809B-45F9-AF68-8469DBCC36D8}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{69E10D8A-BFBC-4E9D-9CF6-94D4C912C33E}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{3405784B-9981-4910-9C34-F15D73BB2D14}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{538EA251-704F-4D76-8070-2C2BE2B79E86}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{115F9234-24D8-4D9B-B28E-3AF9A0D411BD}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe
FirewallRules: [{76685B95-3E20-4F51-AEC2-9DE59290BF97}] => (Allow) LPort=5357
FirewallRules: [{D76161F4-0AE3-450E-8C69-D6069EDEB9CE}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{BDE92114-6E55-4AAD-B0F2-E0E058BD76D8}C:\users\lorraine\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\lorraine\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [UDP Query User{8164729E-77FF-4A33-9B7F-94B6D67D3AE1}C:\users\lorraine\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\lorraine\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{163EFD33-B533-4FB5-BB27-9E548390F631}] => (Allow) C:\Users\Lorraine\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

16-11-2017 07:17:15 Windows Update
20-11-2017 12:36:25 Windows Update
20-11-2017 13:17:05 Windows Backup
21-11-2017 06:21:57 Windows Update
24-11-2017 14:45:14 Windows Update
26-11-2017 19:00:03 Windows Backup
03-12-2017 08:33:06 Windows Update
09-12-2017 10:03:54 Windows Backup
11-12-2017 17:02:41 Windows Backup

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/13/2017 04:33:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 13.12.2017.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 159c

Start Time: 01d3746a61dd1009

Termination Time: 16

Application Path: C:\Users\Lorraine\Desktop\FRST64.exe

Report Id: ef76342d-e05d-11e7-8bb9-78843cfb3628

Error: (12/13/2017 04:26:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/12/2017 05:10:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62947

Error: (12/12/2017 05:10:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62947

Error: (12/12/2017 05:10:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/12/2017 05:10:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 52947

Error: (12/12/2017 05:10:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 52947

Error: (12/12/2017 05:10:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/12/2017 05:09:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 42963

Error: (12/12/2017 05:09:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 42963


System errors:
=============
Error: (12/13/2017 04:25:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel Security True Key Scheduler service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (12/13/2017 04:25:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel Security True Key Scheduler service to connect.

Error: (12/13/2017 04:25:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel Security True Key service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (12/13/2017 04:25:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel Security True Key service to connect.

Error: (12/13/2017 04:24:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
Unspecified error

Error: (12/13/2017 04:24:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service Installer TrueKey service failed to start due to the following error:
The system cannot find the file specified.

Error: (12/12/2017 09:50:55 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (12/12/2017 09:38:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (12/12/2017 02:14:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
Unspecified error

Error: (12/12/2017 02:14:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service Installer TrueKey service failed to start due to the following error:
The system cannot find the file specified.


==================== Memory info ===========================

Processor: Intel® Pentium® CPU B950 @ 2.10GHz
Percentage of memory in use: 38%
Total physical RAM: 4043.86 MB
Available physical RAM: 2490.4 MB
Total Virtual: 8085.9 MB
Available Virtual: 6165.97 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:287.23 GB) (Free:190.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 7DB7F704)
Partition 1: (Not Active) - (Size=10.8 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=287.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


  • 0

#6
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts
I have noticed you started another topic in the forum. Is that a different computer ?
A few items to fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
start
CloseProcesses:
CreateRestorePoint:
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\dsengine.js [2017-12-09] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\dsengine.cfg [2017-12-09] <==== ATTENTION
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
S3 semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [X]
2017-12-12 14:13 - 2017-08-01 14:19 - 000000000 ____D C:\Users\Lorraine\AppData\Roaming\Lavasoft
2017-12-12 14:13 - 2017-08-01 14:19 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2017-12-12 14:13 - 2017-08-01 14:18 - 000000000 ____D C:\ProgramData\Lavasoft
2017-11-26 12:04 - 2017-11-26 12:04 - 000937664 _____ (adaware) C:\Users\Lorraine\AppData\Local\Temp\WCU008_FF.exe
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
Task: {46788FE6-5D45-47C7-80B2-8D6763EB983B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {629CA34C-AA8E-47D3-9399-026FFC425150} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6996958D-E444-45BB-8435-C3CC4440CE45} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A72F3F7D-4D9B-40C1-B8B5-E777E9E520F9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C1E5E6A6-1297-471D-9619-85750574C03A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E5356F9A-0DBA-4C7E-99E4-F1DD9A9B8281} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\Lorraine\Desktop\HOA October 2017.bmp:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\Lorraine\Desktop\HOA October 2017.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp:
  • Click Format and ensure Wordwrap is unchecked.
  • Save as Fixlist.txt to your Desktop (Must be in this location)
  • Run FRST/FRST64 and press the Fix button just once and wait.
  • If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
  • The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.
  • 0

#7
isolationary

isolationary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Thanks for the fix. Here's the fixlog:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-12-2017
Ran by Lorraine (13-12-2017 17:52:11) Run:2
Running from C:\Users\Lorraine\Desktop
Loaded Profiles: Lorraine (Available Profiles: Lorraine)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
CreateRestorePoint:
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\dsengine.js [2017-12-09] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\dsengine.cfg [2017-12-09] <==== ATTENTION
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
S3 semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [X]
2017-12-12 14:13 - 2017-08-01 14:19 - 000000000 ____D C:\Users\Lorraine\AppData\Roaming\Lavasoft
2017-12-12 14:13 - 2017-08-01 14:19 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2017-12-12 14:13 - 2017-08-01 14:18 - 000000000 ____D C:\ProgramData\Lavasoft
2017-11-26 12:04 - 2017-11-26 12:04 - 000937664 _____ (adaware) C:\Users\Lorraine\AppData\Local\Temp\WCU008_FF.exe
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Lorraine\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
Task: {46788FE6-5D45-47C7-80B2-8D6763EB983B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {629CA34C-AA8E-47D3-9399-026FFC425150} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6996958D-E444-45BB-8435-C3CC4440CE45} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A72F3F7D-4D9B-40C1-B8B5-E777E9E520F9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C1E5E6A6-1297-471D-9619-85750574C03A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E5356F9A-0DBA-4C7E-99E4-F1DD9A9B8281} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\Lorraine\Desktop\HOA October 2017.bmp:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\Lorraine\Desktop\HOA October 2017.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp:
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
C:\Program Files (x86)\mozilla firefox\defaults\pref\dsengine.js => moved successfully
C:\Program Files (x86)\mozilla firefox\dsengine.cfg => moved successfully
"HKLM\System\CurrentControlSet\Services\InstallerService" => removed successfully
InstallerService => service removed successfully
"HKLM\System\CurrentControlSet\Services\semav6msr64" => removed successfully
semav6msr64 => service removed successfully
"HKLM\System\CurrentControlSet\Services\semav6thermal64ro" => removed successfully
semav6thermal64ro => service removed successfully
C:\Users\Lorraine\AppData\Roaming\Lavasoft => moved successfully
C:\Program Files (x86)\Lavasoft => moved successfully
C:\ProgramData\Lavasoft => moved successfully
C:\Users\Lorraine\AppData\Local\Temp\WCU008_FF.exe => moved successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => removed successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}" => removed successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}" => removed successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => removed successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}" => removed successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}" => removed successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}" => removed successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}" => removed successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}" => removed successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}" => removed successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => removed successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}" => removed successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => removed successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}" => removed successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}" => removed successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => removed successfully
"HKU\S-1-5-21-3240821568-1653635036-208495454-1005_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46788FE6-5D45-47C7-80B2-8D6763EB983B} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46788FE6-5D45-47C7-80B2-8D6763EB983B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{629CA34C-AA8E-47D3-9399-026FFC425150}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{629CA34C-AA8E-47D3-9399-026FFC425150}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6996958D-E444-45BB-8435-C3CC4440CE45}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6996958D-E444-45BB-8435-C3CC4440CE45}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A72F3F7D-4D9B-40C1-B8B5-E777E9E520F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A72F3F7D-4D9B-40C1-B8B5-E777E9E520F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1E5E6A6-1297-471D-9619-85750574C03A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1E5E6A6-1297-471D-9619-85750574C03A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5356F9A-0DBA-4C7E-99E4-F1DD9A9B8281}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5356F9A-0DBA-4C7E-99E4-F1DD9A9B8281}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
C:\Users\Lorraine\Desktop\HOA October 2017.bmp => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Users\Lorraine\Desktop\HOA October 2017.bmp => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com" => removed successfully

========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{D52AC5F8-A3DB-49A7-8F9B-B7DA0E71500D} canceled.
{49C5CAE5-AB61-4BC3-94FA-6A59E306E028} canceled.
{B2FB161D-4B1A-4085-A722-74933774A670} canceled.
{FB9DC10C-7F1E-4C54-8DC1-5586AF990F47} canceled.
{CD03904D-4F57-47C6-85FE-CAE711E5E5AB} canceled.
5 out of 5 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3240821568-1653635036-208495454-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3240821568-1653635036-208495454-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6169767 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 15527129 B
Edge => 0 B
Chrome => 144279959 B
Firefox => 401262922 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83586 B
systemprofile32 => 66356 B
LocalService => 66228 B
NetworkService => 2118 B
Lorraine => 170654351 B

RecycleBin => 3579968 B
EmptyTemp: => 715.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:53:20 ====


  • 0

#8
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,804 posts
Hello,

Lets check things over with a Malewarebytes scan, you may skip the download part of the instructions if Malwarebytes is already installed,

Next
  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that that all Threats are selected, and click Remove Selected.
  • Reboot your computer if prompted.
Posting the Malwarebytes log.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • post that saved log to your next reply.

  • 0

#9
isolationary

isolationary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Here is my Malwarebytes log. It didn't ask me to reboot but It did quarantine and remove the files.

 

===============================

 

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 12/14/17
Scan Time: 11:10 PM
Log File: 9902011d-e15e-11e7-ab2c-78843cfb3628.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2029
Components Version: 1.0.212
Update Package Version: 1.0.3493
License: Free

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Kits-Computer\Lorraine

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 259960
Threats Detected: 68
Threats Quarantined: 66
Time Elapsed: 5 min, 49 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 1
PUP.Optional.Conduit, HKU\S-1-5-21-3240821568-1653635036-208495454-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Quarantined, [533], [236865],1.0.3493

Registry Value: 2
PUP.Optional.Conduit, HKU\S-1-5-21-3240821568-1653635036-208495454-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Quarantined, [533], [236865],1.0.3493
PUP.Optional.Conduit, HKU\S-1-5-21-3240821568-1653635036-208495454-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURL, Quarantined, [533], [236865],1.0.3493

Registry Data: 1
PUP.Optional.Conduit, HKU\S-1-5-21-3240821568-1653635036-208495454-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replaced, [533], [293058],1.0.3493

Data Stream: 0
(No malicious items detected)

Folder: 20
PUP.Optional.MyEmailXP, C:\Users\Lorraine\AppData\Roaming\Mozilla\Firefox\Profiles\uv4j5qfq.default\jetpack\@Email\simple-storage, Quarantined, [1455], [335005],1.0.3493
PUP.Optional.MyEmailXP, C:\USERS\LORRAINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UV4J5QFQ.DEFAULT\JETPACK\@EMAIL, Quarantined, [1455], [335005],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\_locales\en, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\html\popup, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\_metadata, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\js\popup, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\_locales, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\newtab, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\html, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\css, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\js, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\USERS\LORRAINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\BNIEHHABMGHKMCBOBKDODKICEDAGALOB, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\_metadata, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\img\se, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\css, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\img, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\lib, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\USERS\LORRAINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\MICCBCHDDDOELLCFFOCMHAANKBMIAPLL, Quarantined, [8627], [448980],1.0.3493

File: 44
PUP.Optional.MyEmailXP, C:\Users\Lorraine\AppData\Roaming\Mozilla\Firefox\Profiles\uv4j5qfq.default\jetpack\@Email\simple-storage\store.json, Quarantined, [1455], [335005],1.0.3493
PUP.Optional.Conduit, C:\USERS\LORRAINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UV4J5QFQ.DEFAULT\PREFS.JS, Replaced, [533], [301520],1.0.3493
PUP.Optional.Spigot.Generic, C:\USERS\LORRAINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Secure Preferences, Removal Failed, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\USERS\LORRAINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Preferences, Replaced, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\USERS\LORRAINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\BNIEHHABMGHKMCBOBKDODKICEDAGALOB\4.11_0\CHROMERESTORE.JS, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\css\description.css, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\css\popup.css, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\html\popup\description.html, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\html\popup\popup.html, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\js\popup\popup.js, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\js\userNewTab.js, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\newtab\slimconverter_newtab.html, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\_locales\en\messages.json, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\_metadata\computed_hashes.json, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\_metadata\verified_contents.json, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\after.js, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\background.js, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\contentscript.js, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\icon.png, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.Spigot.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bniehhabmghkmcbobkdodkicedagalob\4.11_0\manifest.json, Quarantined, [2101], [454579],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\USERS\LORRAINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Secure Preferences, Removal Failed, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\USERS\LORRAINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Preferences, Replaced, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\USERS\LORRAINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\MICCBCHDDDOELLCFFOCMHAANKBMIAPLL\2.1.0_0\MANIFEST.JSON, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\css\tooltip.css, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\img\se\icon128.png, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\img\se\icon16.png, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\img\se\icon16_disabled.png, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\img\se\icon48.png, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\img\se\input-checked.png, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\img\se\input-unchecked.png, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\img\se\si-logo.png, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\lib\bg.js, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\lib\jquery.js, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\lib\label.js, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\lib\popup.js, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\lib\savesettings.js, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\lib\warn-user-of-potential-redirect.js, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\_metadata\computed_hashes.json, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\_metadata\verified_contents.json, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\popup.html, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\settings.html, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.SearchEncrypt.Generic, C:\Users\Lorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\miccbchdddoellcffocmhaankbmiapll\2.1.0_0\util.js, Quarantined, [8627], [448980],1.0.3493
PUP.Optional.Conduit, C:\PREFS.JS, Quarantined, [533], [302274],1.0.3493
Generic.Malware/Suspicious, C:\TEMP\WHITE.EXE, Quarantined, [0], [392686],1.0.3493

Physical Sector: 0
(No malicious items detected)


(end)


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP