Solved Call Mirosoft to Unlock Computer

[Bob Habart]

Tech Forum Support,

FRST.txt

Went to docs. google.com to get a manual and got this message
Call Microsoft to Unlock your computer

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22.04.2018 01
Ran by Bill (administrator) on BILL-VAIO (23-04-2018 12:50:48)
Running from C:\Users\Bill\Music\Desktop
Loaded Profiles: Bill & UpdatusUser (Available Profiles: boinc_master & Bill & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\AstSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Software 2000 Limited) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Digital Delivery Networks, Inc.) C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Digital Delivery Networks, Inc.) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-06-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-06-21] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-14] (Alps Electric Co., Ltd.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [36272 2010-04-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SmartWiHelper] => C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe [89080 2010-07-15] (Sony Electronics Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\570\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-2799643452-2932677957-2045640459-1005\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-11-03] (Google Inc.)
HKU\S-1-5-21-2799643452-2932677957-2045640459-1005\...\Run: [Google Update] => C:\Users\Bill\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-14] (Google Inc.)
HKU\S-1-5-21-2799643452-2932677957-2045640459-1005\...\MountPoints2: {04bb862f-d31d-11e7-8ef5-c0cb38fb0689} - D:\picasa36-setup.exe
HKU\S-1-5-21-2799643452-2932677957-2045640459-1005\...\MountPoints2: {3c84a984-5271-11e0-896b-c0cb38fb0689} - D:\LaunchU3.exe -a
HKU\S-1-5-21-2799643452-2932677957-2045640459-1005\...\MountPoints2: {83470220-395f-11e0-9cdc-544249f16790} - D:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-11-03]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4ADD4B33-0FF5-43E5-894E-1E2368E5DE0B}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{78AF1F77-A106-43A9-B0B5-19895A0C28A8}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2799643452-2932677957-2045640459-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
HKU\S-1-5-21-2799643452-2932677957-2045640459-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-us
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-28] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner.dll => No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-28] (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-03] (Sun Microsystems, Inc.)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-28] (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_140.dll [2018-04-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_140.dll [2018-04-12] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-02] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2799643452-2932677957-2045640459-1005: @citrixonline.com/appdetectorplugin -> C:\Users\Bill\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-09-21] (Citrix Online)
FF Plugin HKU\S-1-5-21-2799643452-2932677957-2045640459-1005: @talk.google.com/GoogleTalkPlugin -> C:\Users\Bill\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2799643452-2932677957-2045640459-1005: @talk.google.com/O1DPlugin -> C:\Users\Bill\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2799643452-2932677957-2045640459-1005: @tools.google.com/Google Update;version=3 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-2799643452-2932677957-2045640459-1005: @tools.google.com/Google Update;version=9 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Bill\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Bill\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT"
CHR Profile: C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default [2018-04-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Chrome Media Router) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-18]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Ast Service; C:\Windows\SysWOW64\\AstSrv.exe [57344 2007-02-16] (Nalpeiron Ltd.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [61440 2013-07-02] (Digital Delivery Networks, Inc.) [File not signed]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R1 MpKsl69d946da; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F023BDDD-4F05-4FDA-BB47-C82408FC55CE}\MpKsl69d946da.sys [58120 2018-04-23] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 TVICHW32; C:\Windows\system32\DRIVERS\TVICHW32.SYS [21200 2013-10-11] (EnTech Taiwan)
S3 TVICHW32; C:\Windows\SysWOW64\DRIVERS\TVICHW32.SYS [29536 2013-10-11] (EnTech Taiwan)
U2 MSSQL$DDNI; no ImagePath
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
S3 semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-20 16:46 - 2018-04-20 16:46 - 003015529 _____ C:\Users\Bill\Documents\IT 8020 instructions.pdf
2018-04-17 19:50 - 2018-04-18 08:10 - 000009902 _____ C:\Users\Bill\Documents\Line Items for Transfer.xlsx
2018-04-14 17:54 - 2018-04-14 17:57 - 000005632 ___SH C:\Users\Bill\Documents\Thumbs.db
2018-04-14 17:30 - 2018-04-14 17:30 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-04-14 17:26 - 2018-04-14 17:26 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2018-04-14 17:26 - 2018-04-14 17:26 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-23 12:50 - 2017-04-03 15:30 - 000000000 ____D C:\FRST
2018-04-23 12:49 - 2016-09-21 15:35 - 000000528 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2799643452-2932677957-2045640459-1005.job
2018-04-23 11:43 - 2016-09-21 15:35 - 000000624 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2799643452-2932677957-2045640459-1005.job
2018-04-23 10:52 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\tracing
2018-04-23 10:38 - 2015-09-21 21:00 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2018-04-23 10:31 - 2011-02-13 19:01 - 000003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{44CF6C4A-FA1D-4D97-890F-2C68C35F6FC5}
2018-04-23 10:22 - 2009-07-13 21:45 - 000010096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-23 10:22 - 2009-07-13 21:45 - 000010096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-23 10:20 - 2009-07-13 22:13 - 000800292 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-23 10:20 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\inf
2018-04-23 10:13 - 2012-10-20 09:25 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2018-04-23 10:13 - 2010-09-19 09:27 - 000000000 ____D C:\ProgramData\NVIDIA
2018-04-23 10:13 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-21 09:37 - 2018-03-09 08:10 - 000000000 ____D C:\Users\Bill\AppData\Local\GoToMeeting
2018-04-21 09:37 - 2016-09-21 15:35 - 000003654 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-2799643452-2932677957-2045640459-1005
2018-04-21 09:37 - 2016-09-21 15:35 - 000003558 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2799643452-2932677957-2045640459-1005
2018-04-21 09:37 - 2011-02-13 18:55 - 000000000 ____D C:\Users\Bill
2018-04-17 08:02 - 2011-02-15 17:12 - 000000000 ____D C:\Users\Bill\AppData\Local\Microsoft Help
2018-04-14 17:35 - 2013-10-11 14:24 - 000000000 ____D C:\Windows\system32\MRT
2018-04-14 17:30 - 2011-02-20 15:31 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-04-12 15:32 - 2018-03-13 14:32 - 000004462 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-04-12 15:32 - 2012-07-11 19:58 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-04-12 15:32 - 2012-07-11 19:58 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-04-12 15:32 - 2012-07-11 19:57 - 000000000 ____D C:\Windows\system32\Macromed
2018-04-12 15:32 - 2012-02-13 11:32 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-12 15:32 - 2010-11-03 13:09 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-04-07 07:21 - 2017-03-30 14:10 - 000000000 ____D C:\Users\Bill\Documents\TurboTax
2018-04-07 06:45 - 2016-03-31 11:53 - 000000000 ____D C:\Users\UpdatusUser

==================== Files in the root of some directories =======

2017-04-11 16:39 - 2017-04-11 16:42 - 007639040 _____ () C:\Program Files (x86)\GUT9675.tmp

Some files in TEMP:
====================
2017-04-14 09:25 - 2017-04-14 09:25 - 000000000 _____ () C:\Users\Bill\AppData\Local\Temp\8c8ml97p.dll
2012-08-22 20:38 - 2012-08-22 20:38 - 000248008 _____ (Ask.com) C:\Users\Bill\AppData\Local\Temp\AskSLib.dll
2017-04-04 08:50 - 2017-04-03 11:18 - 001732032 _____ (Microsoft Corporation) C:\Users\Bill\AppData\Local\Temp\dllnt_dump.dll
2014-04-19 09:40 - 2010-06-20 23:42 - 000046456 _____ (Sony Electronics, Inc) C:\Users\Bill\AppData\Local\Temp\GLF3C78.EXE
2014-04-19 09:40 - 2003-05-02 16:13 - 000151552 _____ () C:\Users\Bill\AppData\Local\Temp\GLF44A4.EXE
2013-10-11 15:12 - 2010-06-20 23:42 - 000046456 _____ (Sony Electronics, Inc) C:\Users\Bill\AppData\Local\Temp\GLF5249.EXE
2014-03-15 09:19 - 2010-06-20 23:42 - 000046456 _____ (Sony Electronics, Inc) C:\Users\Bill\AppData\Local\Temp\GLF541D.EXE
2013-10-11 15:12 - 2003-05-02 16:13 - 000151552 _____ () C:\Users\Bill\AppData\Local\Temp\GLF5871.EXE
2014-03-15 09:19 - 2003-05-02 16:13 - 000151552 _____ () C:\Users\Bill\AppData\Local\Temp\GLF5B6E.EXE
2013-10-11 14:53 - 2010-06-20 22:42 - 000046456 _____ (Sony Electronics, Inc) C:\Users\Bill\AppData\Local\Temp\GLF7F32.EXE
2013-10-11 15:05 - 2010-06-20 22:42 - 000046456 _____ (Sony Electronics, Inc) C:\Users\Bill\AppData\Local\Temp\GLF7F9F.EXE
2013-10-11 14:53 - 2003-05-02 15:13 - 000151552 _____ () C:\Users\Bill\AppData\Local\Temp\GLF8377.EXE
2013-10-11 15:05 - 2003-05-02 15:13 - 000151552 _____ () C:\Users\Bill\AppData\Local\Temp\GLF8645.EXE
2014-05-17 09:17 - 2010-06-20 23:42 - 000046456 _____ (Sony Electronics, Inc) C:\Users\Bill\AppData\Local\Temp\GLF8A1B.EXE
2014-05-17 09:17 - 2003-05-02 16:13 - 000151552 _____ () C:\Users\Bill\AppData\Local\Temp\GLF90DF.EXE
2013-10-11 15:01 - 2010-06-20 23:42 - 000046456 _____ (Sony Electronics, Inc) C:\Users\Bill\AppData\Local\Temp\GLFAD44.EXE
2013-10-11 15:01 - 2003-05-02 16:13 - 000151552 _____ () C:\Users\Bill\AppData\Local\Temp\GLFB2F0.EXE
2013-10-11 15:39 - 2010-06-20 23:42 - 000046456 _____ (Sony Electronics, Inc) C:\Users\Bill\AppData\Local\Temp\GLFC8DF.EXE
2013-10-11 15:39 - 2003-05-02 16:13 - 000151552 _____ () C:\Users\Bill\AppData\Local\Temp\GLFCD24.EXE
2014-05-28 18:15 - 2010-06-20 23:42 - 000046456 _____ (Sony Electronics, Inc) C:\Users\Bill\AppData\Local\Temp\GLFE13F.EXE
2013-10-11 16:12 - 2010-06-20 23:42 - 000046456 _____ (Sony Electronics, Inc) C:\Users\Bill\AppData\Local\Temp\GLFE4B8.EXE
2013-10-11 16:12 - 2003-05-02 16:13 - 000151552 _____ () C:\Users\Bill\AppData\Local\Temp\GLFE8DE.EXE
2014-05-28 18:15 - 2003-05-02 16:13 - 000151552 _____ () C:\Users\Bill\AppData\Local\Temp\GLFEA54.EXE
2014-06-13 10:28 - 2014-06-13 10:28 - 000000000 _____ () C:\Users\Bill\AppData\Local\Temp\GURCA05.exe
2013-02-22 15:39 - 2013-03-04 14:06 - 000186368 _____ (Sony Corporation) C:\Users\Bill\AppData\Local\Temp\VCPerfService32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-04-17 07:53

==================== End of FRST.txt ============================

 

[Bob Habart]

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22.04.2018 01
Ran by Bill (23-04-2018 12:52:19)
Running from C:\Users\Bill\Music\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-02-14 01:55:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2799643452-2932677957-2045640459-500 - Administrator - Disabled)
Bill (S-1-5-21-2799643452-2932677957-2045640459-1005 - Administrator - Enabled) => C:\Users\Bill
boinc_master (S-1-5-21-2799643452-2932677957-2045640459-1000 - Limited - Enabled) => C:\Users\boinc_master
boinc_project (S-1-5-21-2799643452-2932677957-2045640459-1001 - Limited - Enabled)
Guest (S-1-5-21-2799643452-2932677957-2045640459-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2799643452-2932677957-2045640459-1007 - Limited - Enabled)
UpdatusUser (S-1-5-21-2799643452-2932677957-2045640459-1008 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AccuWeather.com Cirrus (HKLM-x32\...\{808625C0-412D-2343-CA00-9C19A9671101}) (Version: 0.1.6 - AccuWeather, Inc.) Hidden
AccuWeather.com Cirrus (HKLM-x32\...\com.AccuWeather.sony.6AF67E59E785A9A644FCA43BED05A7731922EF40.1) (Version: 0.1.6 - AccuWeather, Inc.)
Adaptick PowerStrike (HKLM-x32\...\{09A53631-15B9-43EC-BF5F-0DBC52960A7E}) (Version: 2.0 - Adaptick, Inc.)
Adobe Acrobat 9 Standard (HKLM-x32\...\{AC76BA86-1033-0000-BA7E-000000000004}{AC76BA86-1033-0000-BA7E-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-0000-BA7E-000000000004}_955) (Version: - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 8.0 (HKLM-x32\...\PremElem80) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Reader 9.3.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A93000000001}) (Version: 9.3.2 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version: - )
ArcSoft Magic-I Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.115 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.368 - ArcSoft)
Bollinger Band Tool Kit (HKLM-x32\...\{001E4B32-B7A0-4380-8E53-D2E007E9BA5F}) (Version: 1.00.0000 - Bollinger Capital Management)
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.297 - Corel Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Evernote (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 3.5.4.2224 - Evernote Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 9.0.0.570 - Citrix Online, a division of Citrix Systems, Inc.)
GoToMeeting 8.26.0.8679 (HKU\S-1-5-21-2799643452-2932677957-2045640459-1005\...\GoToMeeting) (Version: 8.26.0.8679 - LogMeIn, Inc.)
HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version: - )
HP Officejet 6500 E710n-z Basic Device Software (HKLM\...\{BF09A017-54F4-46BC-AF54-F6DA0D7486D3}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Help (HKLM-x32\...\{EFBC0CB1-AFFD-4E74-ACEF-42099F1D49C3}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation)
Java(TM) 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Gallery (HKLM\...\{115B60D5-BBDB-490E-AF2E-064D37A3CE01}) (Version: 1.3.0 - Sony Corporation) Hidden
Media Gallery (HKLM\...\{202B76AB-1B21-434E-A289-788D767D3A7C}) (Version: 1.3.0 - Sony Corporation) Hidden
Media Gallery (HKLM-x32\...\{20536917-E2DF-45D9-B41F-9AC0CAFFE48A}) (Version: 1.3.0.06230 - Sony Corporation) Hidden
Media Gallery (HKLM-x32\...\{3DB5EA77-4A14-4EC9-8BFC-73BC848BDE73}) (Version: 1.3.0.06230 - Sony Corporation) Hidden
Media Gallery (HKLM-x32\...\{D8FF4505-5977-4116-8DE4-2AF7174E70AC}) (Version: 1.3.0.06230 - Sony Corporation) Hidden
MetaStock Professional 10.1 (HKLM-x32\...\MetaStock Professional 10.1) (Version: - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.4.0 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 45.4.0 (x86 en-US)) (Version: 45.4.0 - Mozilla)
MrvlUsgTracking (HKLM-x32\...\{A82D052A-0806-42DF-80CD-1730A1AC0ED3}) (Version: 1.0.7 - Marvell)
MrvlUsgTracking64 (HKLM\...\{42F0FD29-7EB3-4CAA-AF10-BC2619B96D80}) (Version: 1.0.1 - Marvell Semiconductor Pvt Ltd)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero 12 (HKLM-x32\...\{5019D24D-A627-4402-A393-A3AAAF13DE56}) (Version: 12.0.01600 - Nero AG)
Nero 12 Content Pack (HKLM-x32\...\{B14F874A-79C7-4756-9826-69BAB8F60E6F}) (Version: 12.0.00100 - Nero AG)
NVIDIA 3D Vision Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Graphics Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Oasis2Service (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.4 - DDNi)
OOBE (HKLM-x32\...\{1B500D37-E7CF-480B-8054-8A563594EC4E}) (Version: 3.10.0630 - Sony Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.3.00.06040 - Sony Corporation) Hidden
PMB VAIO Edition Guide (HKLM-x32\...\{88C252C8-A7EE-4B60-BF74-8E5919A8048F}) (Version: 1.3.00.06040 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (HKLM\...\{10E14C74-0638-4996-ABAD-BBF7A6CF1FAA}) (Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (HKLM\...\{1E37FC84-799E-481B-9462-3489861E36C9}) (Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.3.00.06180 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\{CFB66DB0-00AC-4CBC-B99D-99EFEB03743C}) (Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.3.00.06110 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM\...\{4DABD2B3-B67A-41B0-86FE-C11AAF5D158A}) (Version: 2.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM\...\{5AC18E2C-7EAB-4F9E-BEEC-07FD722B28E3}) (Version: 2.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.3.00.06180 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\{FBB4411F-1328-4E36-A5B3-16AA8CFA8F9C}) (Version: 2.3.00 - Sony Corporation) Hidden
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
PVSonyDll (HKLM\...\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}) (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)
Remote Keyboard with PlayStation 3 (HKLM-x32\...\{65B138AE-F636-4D4C-BA5D-A06E21E47C53}) (Version: 1.0.2.06170 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (HKLM-x32\...\{734B6C6C-4740-476F-BB0C-F7AF469EDBB2}) (Version: 1.0.2.06210 - Sony Corporation) Hidden
Remote Play with PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.1 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.1 - Renesas Electronics Corporation)
RogueKiller version 12.10.3.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.10.3.0 - Adlice Software)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc) Hidden
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartWi Connection Utility (HKLM-x32\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.11.4.20100722.2739 - Sony Corporation)
TC2000 v11 (HKU\S-1-5-21-2799643452-2932677957-2045640459-1005\...\3307560005.www.tc2000.com) (Version: - www.tc2000.com)
TeleChart 2007 (HKLM-x32\...\{8F899627-1EA1-484D-91EA-7B22C05358DB}) (Version: 6.00.0000 - Worden Brothers Inc)
TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
TurboTax 2017 (HKLM-x32\...\TurboTax 2017) (Version: 2017.0 - Intuit, Inc)
VAIO - Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.3.0.06230 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}) (Version: 1.3.00.06040 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.3.00.06180 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.3.00.06110 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.3.00.06180 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{CFF47016-B212-4D89-8DC2-15D5508A73BA}) (Version: 8.4.6.05111 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation) Hidden
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO Data Restore Tool (HKLM-x32\...\{8211C280-5B02-4E7E-B55F-845A207249BA}) (Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.2.00.05120 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation) Hidden
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation) Hidden
VAIO Hardware Diagnostics (HKLM-x32\...\{2F9D63BE-A891-4E39-AFB3-7402D486800C}) (Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{AD3E7141-A22E-40F1-A7A4-55E898AE35E3}) (Version: 12.00.0622 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation) Hidden
VAIO Media plus (HKLM\...\{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}) (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (HKLM\...\{A3D964A6-411A-4817-9D58-5CB8808F494E}) (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{177AF091-7854-4615-8327-AC7518F62782}) (Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{4B9DA746-5AE1-4BA0-9087-BDB162242890}) (Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{52F9CDDA-26F6-4499-90E0-6DDDE6D2259C}) (Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{B941F34C-F36A-4A6F-A97C-50B5948E451F}) (Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}) (Version: 2.1.0.14080 - Sony Corporation) Hidden
VAIO Messenger (HKLM-x32\...\VAIO Messenger) (Version: 2.0.550.0 - DDNi)
VAIO Movie Story Template Data (HKLM-x32\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.3.00.06040 - Sony Corporation) Hidden
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.3.00.06040 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.2.0.16080 - Sony Corporation) Hidden
VAIO Survey (HKLM-x32\...\{34B37A74-125E-4406-87BA-E4BD3D097AE5}) (Version: 6.00.1028 - Sony Corporation) Hidden
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VectorVest 7 (HKLM-x32\...\{B54D832F-693D-48FB-8939-C7423D5E2F5F}) (Version: 1.1.9.1 - VectorVest, Inc.)
VGClientX64 (HKLM\...\{99E6C2F3-59B2-4308-B1CD-4928B55B7E30}) (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (HKLM-x32\...\{8B583EF5-FA7B-4AE2-9008-51B7FD505886}) (Version: 1.0.0 - Sony Corporation) Hidden
VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.13000 - Nero AG) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\5530\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2799643452-2932677957-2045640459-1005_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2013-05-08] (Adobe Systems Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-08-29] (NVIDIA Corporation)
ContextMenuHandlers6: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2013-05-08] (Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)

 

[Bob Habart]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {079C8A6F-B53F-42AA-BBB7-C5053381B5A6} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe
Task: {0B9A01D0-A12C-4816-AA4F-74D38360F053} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {16BDE0C5-F4D3-4D2C-9416-C8A39F65F195} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {2155E970-7AF5-4BEC-B964-551892E4F7C0} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [2009-10-26] ()
Task: {2C2CAFD4-4822-4CFC-AF8F-BD37B85A84AB} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {341C097D-9286-4D0E-BF57-1CF91BDFE97D} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {37441AC7-4DFD-416D-8850-856FACCCE917} - System32\Tasks\Sony Corporation\VAIO Care\GetSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {3C1F1101-22C4-40B4-B51C-E00B0A05F083} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {3DEAF900-2575-4870-B43D-CE7796178364} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {3E922691-F6DE-4D34-BE14-D728D6E3FFBD} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcDaily => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2017-04-19] (Sony Corporation)
Task: {454CB5A9-3B4D-4379-AAB1-05751D1964FB} - System32\Tasks\VAIO® Messenger (Bill) => C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [2013-07-02] (Digital Delivery Networks, Inc.)
Task: {4689F7D4-0D94-4D30-A549-4373A7EE3E68} - System32\Tasks\G2MUploadTask-S-1-5-21-2799643452-2932677957-2045640459-1005 => C:\Users\Bill\AppData\Local\GoToMeeting\8679\g2mupload.exe [2018-04-21] (LogMeIn, Inc.)
Task: {46F517C0-EDBF-4913-8B78-BB941D4340CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {520A9D8C-45F4-45D6-A589-8B586D8CDC89} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcWeekly => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2017-04-19] (Sony Corporation)
Task: {54B509A5-9D7E-4491-BDEB-F6CF9C56F36C} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {5631592F-842C-4883-89EC-4B9D11216C22} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {571A07CA-0FED-4B69-A40D-0DB5E0529117} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {609DA1CF-3EDB-4532-B2D5-AC4F4A4E8C69} - System32\Tasks\{060CA72E-37F9-48C7-8CC6-B8BF44CA219B} => C:\Windows\system32\pcalua.exe -a C:\Users\Bill\AppData\Local\Temp\GLFE020\TROUBL~1.EXE -d C:\Users\Bill\AppData\Local\Temp\GLFE020 <==== ATTENTION
Task: {690DB8CE-9288-41B3-AA6C-74B55260601D} - System32\Tasks\Sony Corporation\VAIO Care\VTUsr => C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe [2017-04-19] (Sony Corporation)
Task: {7C45BB60-9774-461A-81E5-105483A0FB6C} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-06-17] (Sony Corporation)
Task: {7C58EA65-F048-4D36-908F-E792765EA877} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {7C70E5B5-066C-4778-A54C-DCA442E78206} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2017-05-11] (Sony Corporation)
Task: {7D06F52D-17F7-4922-9313-0E797821BEE6} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2016-03-31] (Sony Corporation)
Task: {8D66D45E-B11A-4780-8763-808299912FF6} - System32\Tasks\Sony Corporation\VAIO Care\VTSvc => C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe [2017-04-19] (Sony Corporation)
Task: {8F8C8886-6775-427A-9248-67B0FF4CCF24} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2799643452-2932677957-2045640459-1005UA => C:\Users\Bill\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {91D78DA5-9910-4686-B65F-40F3BEB46F0E} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {A20EF41F-9DED-4BD8-BA14-BB71A0C8E6FE} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {A67841BA-AB9C-470A-85D6-34B4CFEB2E04} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {A8838AFB-C2D3-4505-A3EC-9C7C7713CF7E} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {B1E92FDA-6FB8-4DB2-9E28-FA1A8AD16F01} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-07-26] (Sony Corporation)
Task: {B6482865-D6DF-4D8D-8653-2441AF1E9112} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [2018-04-12] (Adobe Systems Incorporated)
Task: {B9C943F8-DB8F-460A-A4E4-3ADA95468077} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {C668796E-730B-48D4-A4F1-7149CF0A2898} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2799643452-2932677957-2045640459-1005Core => C:\Users\Bill\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {C9B2DD9D-307B-4969-9B46-4C4483CD0DE6} - System32\Tasks\DDNi Startup => C:\Program Files (x86)\DDNi\Oasis\DDNiStartup.exe [2013-07-02] (Digital Delivery Networks, Inc.)
Task: {D36110CE-D1A8-4712-8F69-D625DE03A23A} - System32\Tasks\G2MUpdateTask-S-1-5-21-2799643452-2932677957-2045640459-1005 => C:\Users\Bill\AppData\Local\GoToMeeting\8679\g2mupdate.exe [2018-04-21] (LogMeIn, Inc.)
Task: {DDA2BF69-C166-42AE-9A28-EC7F7233C049} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-11] (Sony Corporation)
Task: {DEC1C553-1EBF-46BA-9C22-1C04EF9536D6} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-30] (Sony Corporation)
Task: {EB8449A0-582A-4250-B00B-9408FD189693} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-07-26] (Sony Corporation)
Task: {F1053EF5-467B-4D9E-AFDF-364BB5C8AAEA} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {F5537C06-7F39-46DF-B40E-BEB4292ADCC5} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {F835762B-61C8-472E-96AF-52BA8575EB7B} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2017-05-11] (Sony Corporation)
Task: {FAF3C348-F3E3-43CF-81F3-0FEDFFAD8E1A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-12] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2799643452-2932677957-2045640459-1005.job => C:\Users\Bill\AppData\Local\GoToMeeting\8679\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2799643452-2932677957-2045640459-1005.job => C:\Users\Bill\AppData\Local\GoToMeeting\8679\g2mupload.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Bill\Music\Desktop\TC2000 v11.lnk -> C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe (Microsoft Corporation) -> 3307560005.www.tc2000.com
ShortcutWithArgument: C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TC2000 v11.lnk -> C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe (Microsoft Corporation) -> 3307560005.www.tc2000.com

==================== Loaded Modules (Whitelisted) ==============

2016-03-31 11:52 - 2013-08-29 15:43 - 000097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000022504 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
2010-11-03 13:33 - 2010-07-15 11:07 - 000023552 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
2010-11-03 13:33 - 2010-07-15 11:07 - 000040952 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
2010-11-03 13:33 - 2010-07-15 11:07 - 000184816 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
2018-03-20 18:49 - 2018-03-19 23:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-20 18:49 - 2018-03-19 23:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
2010-11-03 13:42 - 2010-05-31 19:18 - 000013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2010-11-03 13:42 - 2010-05-31 19:18 - 000013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000131072 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000011264 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000007680 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000015360 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000018944 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000011264 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000005120 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000023040 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000027648 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000005120 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000015872 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000009728 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000006656 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000004608 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000005120 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SystemPowerDLL.dll
2010-11-03 13:33 - 2010-07-15 11:07 - 000109568 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DevicePanel.dll
2013-10-04 10:08 - 2013-07-02 23:08 - 000061864 _____ () C:\Program Files (x86)\DDNi\Oasis\OasisCloudModel.dll
2013-10-04 10:08 - 2013-07-02 23:08 - 000018856 _____ () C:\Program Files (x86)\DDNi\Oasis\OasisCloudClient.dll
2013-06-17 17:42 - 2013-06-17 17:42 - 000170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1ad8638fee6b8f2152118441b9554d18\IsdiInterop.ni.dll
2010-09-19 09:25 - 2010-03-03 20:08 - 000058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-07-02 23:06 - 2013-07-02 23:06 - 000039936 _____ () C:\Program Files (x86)\DDNi\Oasis2Service\OasisCloudModel.dll
2013-07-02 23:06 - 2013-07-02 23:06 - 000011264 _____ () C:\Program Files (x86)\DDNi\Oasis2Service\OasisCloudClient.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:AstInfo [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2799643452-2932677957-2045640459-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{49675393-3F31-40CC-9575-340785001347}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{2F2DCA24-1E35-43F2-9BB6-8DAD1CD4B21A}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{659B102D-FE33-45F1-B9E2-75E0548CCB63}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3984DE46-666F-4108-A698-937AB9444DAF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C9B3C86E-2206-4F3D-BDFD-2737A415B1D7}] => (Allow) svchost.exe
FirewallRules: [{ACE3C5B0-5C6B-41B7-A895-9035EB871DFF}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{8CD9115B-A5CB-452D-9F42-14739DD7C1C2}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{96594184-9A7E-46C1-B901-E37524654F38}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{4DF057BF-57BC-4C89-9BC6-2BD2642B5E6C}] => (Allow) C:\Users\Bill\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{AF18E937-168E-4C42-9B71-F0D07C0E178F}] => (Allow) C:\Users\Bill\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{C2106755-2DA1-4CC5-AAC3-7AE27B518574}] => (Allow) C:\Users\Bill\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{61F1EE23-0682-4246-A5F7-C62B9F367DB9}] => (Allow) C:\Users\Bill\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [TCP Query User{879020B6-A78C-4B14-9644-D9F42255F2D2}C:\program files (x86)\nero\km\kwikmedia.exe] => (Block) C:\program files (x86)\nero\km\kwikmedia.exe
FirewallRules: [UDP Query User{7FB5A858-DC7D-4805-B804-BAF665A2B61A}C:\program files (x86)\nero\km\kwikmedia.exe] => (Block) C:\program files (x86)\nero\km\kwikmedia.exe
FirewallRules: [{5CE761D0-3788-4204-9E75-3EDA0174EBA3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5355197A-1E56-4240-B5BD-AFE9A095FEFB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AFFCC56D-1A91-4322-BC67-877870978407}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9148DA45-4C71-412E-8F32-09A96BC5F270}] => (Allow) LPort=2869
FirewallRules: [{4C92EDD8-0CCD-45F3-9DFF-07F84EE2506A}] => (Allow) LPort=1900
FirewallRules: [{F47B3E93-4309-4D9D-9B12-F14B5F39F4E9}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{37D20D73-CC7B-49E3-ABDB-161B41AEBE18}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{470D5EAF-3AE1-43C2-9F60-A04BB33F12D9}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{B4CBE6AD-86CF-4920-8713-033C8A250CE3}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{412A0B9F-7EA4-4DDC-8721-F8AB46B8D4B6}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
FirewallRules: [{B08215F8-FC1B-4B7C-9C8F-9752D21B8292}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
FirewallRules: [{C8340274-BDB3-4CDA-ABF3-16DCA05F0D03}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{9542F9EC-C1E7-4279-BC19-5F1B6526E109}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{54B89C29-0EB8-4695-B05A-64D6BE4EB6B9}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{3346DE3D-CBF1-4796-A7A4-403CA4580738}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{9E43D06E-5D10-4D54-9693-5ED989DC445A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A87A99CB-D9FA-4AB7-9457-D87F198FCF47}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{EE031B13-DD91-4126-A81B-707F6D7D92BA}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{75122DF1-F50D-44A9-AD97-69148BDDAE13}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{99868D60-4DF0-4194-877B-78F15BF3F517}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{4EB1A6F2-1226-4F38-9929-A5D5A3D1310C}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{4DBFEB05-38A7-45CB-90C3-F2B7045959F8}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

==================== Restore Points =========================

22-02-2018 08:45:13 Windows Update
26-02-2018 23:38:39 Windows Update
01-03-2018 23:41:12 Windows Update
05-03-2018 23:40:10 Windows Update
09-03-2018 23:40:14 Windows Update
13-03-2018 00:04:27 Windows Update
17-03-2018 14:05:04 Windows Update
20-03-2018 18:52:50 Windows Update
24-03-2018 10:20:50 Windows Update
29-03-2018 09:31:49 Windows Update
03-04-2018 08:30:07 Windows Update
07-04-2018 07:04:25 Windows Update
12-04-2018 15:36:03 Windows Update
14-04-2018 17:21:58 Windows Update
18-04-2018 08:19:50 Windows Update
23-04-2018 10:39:20 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/23/2018 10:32:39 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location D:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (04/15/2018 07:00:07 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location D:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (04/15/2018 05:31:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program VAIO Messenger.exe version 2.0.550.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 16a8

Start Time: 01d3d4d9d2a72ac1

Termination Time: 47

Application Path: C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe

Report Id: 85b1c5b1-410d-11e8-b3cb-544249f16790

Error: (04/10/2018 04:04:44 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location D:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (04/03/2018 08:26:44 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location D:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (03/29/2018 09:20:00 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location D:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (03/19/2018 10:28:38 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location D:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (03/18/2018 11:42:19 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (04/23/2018 10:15:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (04/23/2018 10:14:27 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{4ADD4B33-0FF5-43E5-894E-1E2368E5DE0B} because another computer on the network has the same name. The server could not start.

Error: (04/23/2018 10:13:52 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (04/21/2018 08:48:55 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (04/21/2018 08:47:47 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (04/20/2018 05:46:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {51FA2736-5DEE-11D4-98E8-006008BF430C} did not register with DCOM within the required timeout.

Error: (04/20/2018 04:01:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (04/20/2018 04:00:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126


CodeIntegrity:
===================================

Date: 2017-06-18 08:43:20.855
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-18 08:43:20.721
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-18 08:43:20.561
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-18 08:43:20.393
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-18 08:43:20.240
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-18 08:43:20.038
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-18 08:43:19.858
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-18 08:43:19.630
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
Percentage of memory in use: 53%
Total physical RAM: 4076.93 MB
Available physical RAM: 1914.48 MB
Total Virtual: 8152.04 MB
Available Virtual: 5178.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.23 GB) (Free:48.23 GB) NTFS

\\?\Volume{a8ed8a78-e783-11df-8bd1-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{a8ed8a77-e783-11df-8bd1-806e6f6e6963}\ (Recovery) (Fixed) (Total:13.44 GB) (Free:0.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 194FE40B)
Partition 1: (Not Active) - (Size=13.4 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

[Broni]

Welcome aboard

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==================================
If you didn't call and you didn't click on anything else you should be OK, but we can run some more checks.

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

• Close all the running programs
• Double click on downloaded setup.exe file to install the program.
• Click on Start Scan button.
• Click on another Start Scan button.
• Wait until the Status box shows Scan Finished
• Click on Remove Selected.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.

Please download Malwarebytes to your desktop.

• Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
• Then click Finish.
• Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
• If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
• When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
• Restart your computer when prompted to do so.
• The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

Please download AdwCleaner by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool.
  Vista/Windows 7/8/10 users right-click and select Run As Administrator
• The tool will start to update the database if one is required.
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• After the scan has finished, click on the Logfile button.
• A window will open which lists the logs of your scans.
• Click on the Scan tab.
• Double-click the most recent scan which will be at the top of the list....the log will appear.
• Review the results...see note below
• After reviewing the log, click on the Clean button.
• Press OK when asked to close all programs and follow the onscreen prompts.
• Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
• After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
• To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
• Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
• A copy of all logfiles are saved to C:\AdwCleaner.

-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

 

[Bob Habart]

Removed Selected - 7 infections

Rogue Killer Report

RogueKiller V12.12.14.0 (x64) [Apr 23 2018] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Bill [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 04/24/2018 08:35:37 (Duration : 01:05:05)
Switches : -refid

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 3 ¤¤¤
[PUP.Gen1] (X64) HKEY_CLASSES_ROOT\CLSID\{9517FB66-3DCF-44eb-8CE5-1A0F8A058D12} (C:\ProgramData\Partner\Partner64.dll) -> Deleted
[PUP.Auslogics] (X86) HKEY_LOCAL_MACHINE\Software\Auslogics -> Deleted
[PUP.Gen0] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> Deleted

¤¤¤ Tasks : 4 ¤¤¤
[VT.Unknown] %WINDIR%\Tasks\G2MUpdateTask-S-1-5-21-2799643452-2932677957-2045640459-1005.job -- C:\Users\Bill\AppData\Local\GoToMeeting\8679\g2mupdate.exe -> Deleted
[VT.Unknown] %WINDIR%\Tasks\G2MUploadTask-S-1-5-21-2799643452-2932677957-2045640459-1005.job -- C:\Users\Bill\AppData\Local\GoToMeeting\8679\g2mupload.exe -> Deleted
[VT.Unknown] \G2MUpdateTask-S-1-5-21-2799643452-2932677957-2045640459-1005 -- C:\Users\Bill\AppData\Local\GoToMeeting\8679\g2mupdate.exe -> Deleted
[VT.Unknown] \G2MUploadTask-S-1-5-21-2799643452-2932677957-2045640459-1005 -- C:\Users\Bill\AppData\Local\GoToMeeting\8679\g2mupload.exe -> Deleted

¤¤¤ Files : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] 1f64060441dcbb9d07723ebff6d762c7
[BSP] ed0df23d5beae5553a17160588f6bba3 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13758 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 28178432 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 28383232 | Size: 463080 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

 

[Bob Habart]

For Rogue Killer, there were 3 items in quarantine - Should I delete those also?

 

[Broni]

You may.

 

[Bob Habart]

Malwarebytes report

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 4/24/18
Scan Time: 11:47 AM
Log File: f7dbb2f8-47ef-11e8-ba62-544249f16790.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.4862
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Bill-VAIO\Bill

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 311095
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 18 min, 52 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

 

[Bob Habart]

ADW Cleaner.txt

# -------------------------------
# Malwarebytes AdwCleaner 7.1.0.0
# -------------------------------
# Build: 04-12-2018
# Database: 2018-04-24.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-24-2018
# Duration: 00:00:11
# OS: Windows 7 Home Premium
# Cleaned: 3
# Failed: 2


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Not Deleted Ask
Not Deleted AOL

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

 

[Bob Habart]

Should I activate Malwarebytes Realtime protection now? Or wait until after I complete the cleaning process?

 

[Broni]

You may.
In any case, nothing there.

Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download

DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

• Activate UAC (optional; some users prefer to keep it off)
• Remove disinfection tools
• Create registry backup
• Purge System Restore
• Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

6. Run Temporary File Cleaner (TFC) and AdwCleaner weekly (you need to redownload these tools since they were removed by DelFix).

7. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

8. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

9. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

10. Please, let me know, how your computer is doing.

 

[Broni]

The issue seems to be resolved.