Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Norton Keeps On Detecting Trojan Activity


  • This topic is locked This topic is locked
6 replies to this topic

#1 Steiner1639

Steiner1639

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 27 June 2016 - 12:18 AM

Knowing, Norton is not the best virus protection, I am wondering if this is a coincidence or if I should be doing and in depth search of my computer.

 

Recently, Norton keeps notifying me of

System Infected: Backdoor Trojan Activity 4

 

On Symantec's site it states

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.

 

It says that these attempts have been successfully blocked, but I am not sure if I can prevent any more from happening. I want to be sure my computer won't be compromised.

 

 

I usually just use the Malwarebytes scan to detect any malware at this point, but nothing is detected.

This would have been fine for me, and I would just let it go, until my internet service provider warned me of a suspicious activity on my line. With Norton also notifying me of suspicious outbound traffic, I tried to find the source.

 

Here's what I have tried so far

Use Spybot

Use Malwarebytes

Use Norton Power Eraser

 

Now, I am hoping someone can help me, since there isn't anything detected.

Also, I am getting a bit worried, as the attacks have seemed to be on going, and each time a different vulnerability is targeted (from the ip). Each attack comes with around 4 attempts, and at bad times they come in around 10 minutes in between.

 

I have attached the scan results from FRST.exe

Attached File  FRST.txt   70.11KB   2 downloadsAttached File  Addition.txt   58.93KB   1 downloads

 

Finally, if there is no serious threat, is it possible to turn off these notifications?

They are bugging me at times...

 

I am considering doing a fresh installation of my windows, but wanted to ask here to see if there is anything easier I can do.

Many programs I have installed may take more time to get back on in a fresh installation, and I prefer not going through the troubles here.

 

Thank you for your time.

 



BC AdBot (Login to Remove)

 


#2 Steiner1639

Steiner1639
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 27 June 2016 - 12:38 AM

Here is the actual text for the FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2016 02
Ran by Admin (administrator) on VAIO-DUO (27-06-2016 10:48:12)
Running from C:\Users\Akihiko\Downloads
Loaded Profiles: Akihiko & Admin (Available Profiles: Akihiko & Admin)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\IME\SHARED\ImeBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2013-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [142040 2013-12-26] (Realtek Semiconductor Corp.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [529112 2014-03-11] (Broadcom Corporation.)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5231048 2016-04-22] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24105936 2016-06-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-11-01] (Wondershare)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2724432 2015-12-26] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-14] (Apple Inc.)
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [95976 2015-09-05] (Sensible Vision )
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\FastAccess: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll [2015-09-05] (Sensible Vision )
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\Run: [GoogleChromeAutoLaunch_9D88BB40F2D09934CEF3E544C2483F54] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-15] (Google Inc.)
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\Run: [CmTray] => "C:\Users\Akihiko\AppData\Roaming\Content Manager\launchCM.exe"
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files (x86)\i-Funbox DevTeam\ifunbox.exe /tray
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [2690424 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Akihiko\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-11] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINAE.EXE [298560 2014-03-21] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINAE.EXE [298560 2014-03-21] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\Run: [Google Update] => C:\Users\Akihiko\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-12-04] (Google Inc.)
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\Run: [AmoltoRecorder] => "C:\Program Files (x86)\Amolto Call Recorder for Skype\AmoltoRecorder.exe" /minimized
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2062208 2016-05-27] (Sony)
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\MountPoints2: {13abcf49-1149-11e5-82c5-8f6558d168a3} - "E:\MLLaunch.exe"
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\MountPoints2: {250fe69b-822b-11e4-8277-a27c9d036ca5} - "F:\CMADownloader.exe"
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\MountPoints2: {79db9b98-7757-11e5-8304-f07c644c0b48} - "E:\Setup.exe"
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\MountPoints2: {c31b864a-1248-11e5-82c6-8b661af22415} - "F:\setup.exe"
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\MountPoints2: {ca67a575-24b1-11e6-8352-00acbcc2871a} - "D:\setup.exe"
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\MountPoints2: {e368a22d-b9da-11e5-8314-00acbcc2871a} - "E:\Startme.exe"
HKU\S-1-5-21-3609492862-3545600430-2358637076-1013\...\Run: [BitTorrent] => C:\Users\Akihiko\AppData\Roaming\BitTorrent\BitTorrent.exe [1972232 2016-05-20] (BitTorrent Inc.)
HKU\S-1-5-21-3609492862-3545600430-2358637076-1013\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-02] (Skype Technologies S.A.)
HKU\S-1-5-21-3609492862-3545600430-2358637076-1013\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-3609492862-3545600430-2358637076-1013\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1477392 2016-05-08] (Lavasoft)
HKU\S-1-5-21-3609492862-3545600430-2358637076-1013\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2062208 2016-05-27] (Sony)
HKU\S-1-5-21-3609492862-3545600430-2358637076-1013\...\MountPoints2: {20cbe60c-f95a-11e5-832c-00acbcc2871a} - "G:\Setup.exe"
HKU\S-1-5-21-3609492862-3545600430-2358637076-1013\...\MountPoints2: {f0d7614f-cd7c-11e5-831b-00acbcc2871a} - "F:\Setup.exe"
Lsa: [Notification Packages] scecli FAPassSync
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-27] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Akihiko\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Akihiko\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Akihiko\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Akihiko\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Akihiko\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Akihiko\AppData\Local\MEGAsync\ShellExtX32.dll No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2016-04-22]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\コンテンツ管理アシスタント for PlayStation®.lnk [2014-12-14]
ShortcutTarget: コンテンツ管理アシスタント for PlayStation®.lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll No File
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll No File
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll No File
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll No File
Winsock: Catalog9 16 C:\Windows\system32\LavasoftTcpService.dll No File
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2016-05-08] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2016-05-08] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2016-05-08] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2016-05-08] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\Windows\system32\LavasoftTcpService64.dll [425744 2016-05-08] (Lavasoft Limited)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F48F93F1-56B8-4F17-A38E-A3EAEE20332C}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.toshiba.com/
HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-21-3609492862-3545600430-2358637076-1013\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine64\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll [2015-09-05] (Sensible Vision )
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-17] (Oracle Corporation)
BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll [2015-09-05] (Sensible Vision )
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-17] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Admin.VAIO-DUO\AppData\Roaming\Mozilla\Firefox\Profiles\7axao80s.default
FF DefaultSearchEngine: Bing®
FF SelectedSearchEngine: Bing®
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-19] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-04-01] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-16] (RealNetworks, Inc.)
FF Plugin-x32: @sensiblevision.com/FastAccess,version=4.1.110 -> C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\nprt.dll [2014-05-24] ( )
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2013-03-19] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-28] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3609492862-3545600430-2358637076-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Akihiko\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-09] (Google)
FF Plugin HKU\S-1-5-21-3609492862-3545600430-2358637076-1001: @talk.google.com/O1DPlugin -> C:\Users\Akihiko\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-09] (Google)
FF Plugin HKU\S-1-5-21-3609492862-3545600430-2358637076-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Akihiko\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3609492862-3545600430-2358637076-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Akihiko\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3609492862-3545600430-2358637076-1001: tdameritrade.com/thinkorswim -> C:\Program Files (x86)\thinkorswim\npthinkorswim.dll [2016-01-05] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3609492862-3545600430-2358637076-1001: tdameritrade.com/tossc -> C:\Program Files (x86)\thinkorswim\nptossc.dll [2016-01-05] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3609492862-3545600430-2358637076-1013: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2016-06-14] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3609492862-3545600430-2358637076-1013: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2016-06-14] (TD Ameritrade)
FF SearchPlugin: C:\Users\Admin.VAIO-DUO\AppData\Roaming\Mozilla\Firefox\Profiles\7axao80s.default\searchplugins\bing-lavasoft.xml [2016-05-08]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.4.24\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.4.24\coFFAddon [2016-06-22]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.4.24\coFFAddon
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2016-02-28] [not signed]

Chrome:
=======
CHR Profile: C:\Users\Admin.VAIO-DUO\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Admin.VAIO-DUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-25]
CHR Extension: (Google Docs) - C:\Users\Admin.VAIO-DUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-25]
CHR Extension: (Google Drive) - C:\Users\Admin.VAIO-DUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-08]
CHR Extension: (YouTube) - C:\Users\Admin.VAIO-DUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-08]
CHR Extension: (Norton Security Toolbar) - C:\Users\Admin.VAIO-DUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-02-08]
CHR Extension: (Google Search) - C:\Users\Admin.VAIO-DUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-08]
CHR Extension: (Google Sheets) - C:\Users\Admin.VAIO-DUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-25]
CHR Extension: (Google Docs Offline) - C:\Users\Admin.VAIO-DUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-08]
CHR Extension: (Norton Identity Safe) - C:\Users\Admin.VAIO-DUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-02-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin.VAIO-DUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-25]
CHR Extension: (Gmail) - C:\Users\Admin.VAIO-DUO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-25]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.7.0.76\Exts\Chrome.crx [2016-06-22]
CHR HKLM\...\Chrome\Extension: [feocblgcojafilfbgoineopkngchgaei] - C:\Program Files (x86)\Sensible Vision\Fast Access\chrome_fasso\extension.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.7.0.76\Exts\Chrome.crx [2016-06-22]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2014-03-27] (Broadcom Corporation.)
S2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [448400 2014-03-24] (Nuance Communications, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-02] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
S2 Ds3Service; C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe [388352 2014-12-17] (Scarlet.Crush Productions)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-27] ()
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-11-14] (Freemake) [File not signed]
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324424 2014-08-14] (Intel Corporation)
S2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel® Corporation)
S2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2016-05-08] (Lavasoft Limited)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation)
S2 NSBU; C:\Program Files (x86)\Norton Security with Backup\Engine\22.7.0.76\NSBU.exe [289080 2016-06-17] (Symantec Corporation)
S2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506960 2015-12-26] (Sony Corporation)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2013-12-17] (Realtek Semiconductor)
S2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5231048 2016-04-22] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-02-16] (Sony Corporation) [File not signed]
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-27] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-07] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-08-01] (Sony Corporation)
S2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [17168 2016-05-08] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-09-30] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BCMSDH43XX; C:\Windows\system32\DRIVERS\bcmdhd63.sys [375840 2015-05-12] (Broadcom Corp)
S1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\BASHDefs\20160621.003\BHDrvx64.sys [1832176 2016-05-13] (Symantec Corporation)
S3 BthMini; C:\Windows\System32\Drivers\BTHMINI.sys [31744 2015-06-10] (Microsoft Corporation)
S3 BtwSerialBus; C:\Windows\system32\DRIVERS\BtwSerialBus.sys [150744 2014-03-27] (Broadcom Corporation.)
S1 ccSet_NSBU; C:\Windows\system32\drivers\NSBUx64\1607000.04C\ccSetx64.sys [174328 2016-06-02] (Symantec Corporation)
S3 cecsvad; C:\Windows\system32\drivers\cecvad.sys [23040 2011-12-09] ()
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-02-07] (Disc Soft Ltd)
U3 dtlitescsidrv; C:\Windows\System32\Drivers\dtlitescsidrv.sys [316072 2016-05-28] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-02-07] (Disc Soft Ltd)
S3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30264 2016-05-28] (Disc Soft Ltd)
S3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [47672 2016-05-28] (Disc Soft Ltd)
R0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-05] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-05] (Symantec Corporation)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2016-01-16] (Sony Mobile Communications)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-09-04] ()
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)
S3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [83960 2013-09-17] (Intel Corporation)
S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-03] (Intel Corporation)
S1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\IPSDefs\20160624.001\IDSvia64.sys [876248 2016-05-25] (Symantec Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2013-10-06] (Intel Corporation)
S2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-18] (Intel Corporation)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [44480 2014-08-26] (hxxp://libusb-win32.sourceforge.net)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [125952 2014-06-17] (Intel Corporation)
R3 Neo_VPN; C:\Windows\system32\DRIVERS\Neo_VPN.sys [38432 2015-10-26] (SoftEther Corporation)
S3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [2980568 2014-12-10] (Realtek Semiconductor Corp.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2014-12-17] (Scarlet.Crush Productions)
U5 SEE; C:\Windows\System32\Drivers\SEE.sys [50208 2016-04-19] (SoftEther Corporation)
R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [51232 2016-04-22] (SoftEther Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [29352 2015-12-13] ()
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-07-31] ()
S3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 SIUSBXP; C:\Windows\system32\drivers\SiUSBXp.sys [19456 2009-11-04] (Silicon Laboratories) [File not signed]
S3 SMIGrabber3C; C:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [811520 2015-02-20] (Windows ® Win 7 DDK provider)
S3 SonyAmplifier; C:\Windows\system32\DRIVERS\SonyUDAC.SYS [579584 2015-03-05] (C-Media Inc.)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2016-05-29] (Duplex Secure Ltd.)
S3 SRTSP; C:\Windows\System32\Drivers\NSBUx64\1607000.04C\SRTSP64.SYS [773360 2016-06-02] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NSBUx64\1607000.04C\SRTSPX64.SYS [48888 2016-06-02] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSBUx64\1607000.04C\SYMEFASI64.SYS [1627352 2016-06-02] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NSBUx64\1607000.04C\SymELAM.sys [24192 2015-09-24] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [101112 2016-06-22] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NSBUx64\1607000.04C\Ironx64.SYS [291056 2016-06-02] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NSBUx64\1607000.04C\SYMNETS.SYS [567536 2016-06-02] (Symantec Corporation)
S3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2013-08-26] (Synaptics Incorporated)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2014-04-21] (Texas Instruments)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [29952 2013-07-30] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 btwaudio; \SystemRoot\system32\drivers\btwaudio.sys [X]
S3 btwavdt; \SystemRoot\System32\drivers\btwavdt.sys [X]
S3 btwl2cap; \SystemRoot\system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; \SystemRoot\System32\drivers\btwrchid.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\SDSDefs\20160621.023\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\SDSDefs\20160621.023\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-10-02 14:31 - 2025-10-02 14:31 - 00001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Director 12.lnk
2016-06-27 10:43 - 2016-06-27 10:43 - 00060344 _____ C:\Users\Akihiko\Downloads\Addition.txt
2016-06-27 10:42 - 2016-06-27 10:48 - 00000000 ____D C:\FRST
2016-06-27 10:42 - 2016-06-27 10:48 - 00000000 _____ C:\Users\Akihiko\Downloads\FRST.txt
2016-06-27 10:42 - 2016-06-27 10:42 - 02389504 _____ (Farbar) C:\Users\Akihiko\Downloads\FRST64.exe
2016-06-26 08:39 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-06-26 08:37 - 2016-06-26 08:37 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-06-26 08:36 - 2016-06-27 09:43 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-26 08:36 - 2016-06-27 09:41 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-26 08:36 - 2016-06-26 08:36 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Akihiko\Downloads\spybot-2.4.exe
2016-06-26 07:32 - 2016-06-26 07:32 - 00503393 _____ C:\Users\Akihiko\Downloads\NetMeterEvo_200.zip
2016-06-26 04:17 - 2016-06-27 09:46 - 00301322 _____ C:\Windows\ntbtlog.txt
2016-06-26 03:59 - 2016-06-26 03:59 - 00291606 _____ C:\Users\Akihiko\Downloads\TCPView.zip
2016-06-25 06:27 - 2016-06-25 06:27 - 00076846 _____ C:\Users\Akihiko\Downloads\PastBills.pdf
2016-06-25 04:54 - 2016-06-25 04:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-24 16:08 - 2016-06-24 16:08 - 00000000 ____D C:\Users\Akihiko\Downloads\BandiCam+1.9.5.510
2016-06-24 07:40 - 2016-06-24 10:53 - 00000000 ____D C:\Users\Akihiko\Downloads\Yutori Desu ga Nani ka EP10 END 720p HDTV x264 AAC-DoA
2016-06-22 17:07 - 2016-06-22 17:07 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security with Backup
2016-06-22 17:02 - 2016-06-22 17:02 - 00003240 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2016-06-22 17:02 - 2016-06-22 17:02 - 00002480 _____ C:\Users\Public\Desktop\Norton Security with Backup.lnk
2016-06-22 13:21 - 2016-06-22 13:21 - 00098630 _____ C:\ProgramData\1466569209.bdinstall.bin
2016-06-22 13:20 - 2016-06-22 13:20 - 00037671 _____ C:\ProgramData\1466569203.bdinstall.bin
2016-06-22 13:01 - 2016-06-27 08:01 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-22 13:00 - 2016-06-22 13:00 - 00199661 _____ C:\ProgramData\1466567953.bdinstall.bin
2016-06-22 13:00 - 2016-06-22 13:00 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-06-22 13:00 - 2016-06-22 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-22 13:00 - 2016-06-22 13:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-22 13:00 - 2016-03-11 06:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-22 13:00 - 2016-03-11 06:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-22 13:00 - 2016-03-11 06:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-22 13:00 - 2012-11-03 05:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2016-06-22 12:59 - 2016-06-22 12:59 - 22851472 _____ (Malwarebytes ) C:\Users\Akihiko\Downloads\mbam-setup-2.2.1.1043.exe
2016-06-22 12:59 - 2016-06-22 12:59 - 00000000 ____D C:\Users\Admin.VAIO-DUO\AppData\Roaming\QuickScan
2016-06-22 12:58 - 2016-06-22 12:59 - 10606640 _____ C:\Users\Akihiko\Downloads\Antivirus_Free_Edition_x64.exe
2016-06-22 12:58 - 2016-06-22 12:58 - 00196944 _____ C:\Users\Akihiko\Downloads\Antivirus_Free_Edition.exe
2016-06-22 11:09 - 2016-06-22 11:09 - 03411640 _____ (Symantec Corporation) C:\Users\Akihiko\Downloads\NPE.exe
2016-06-22 04:55 - 2016-06-22 04:55 - 00000000 ____D C:\Users\Admin.VAIO-DUO\AppData\Local\Mega Limited
2016-06-22 04:31 - 2016-06-22 04:54 - 00000000 ____D C:\Users\Akihiko\Documents\MEGAsync Downloads
2016-06-21 09:39 - 2016-06-22 05:38 - 00000000 ____D C:\Users\Akihiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
2016-06-21 05:28 - 2016-06-21 05:28 - 00000000 ____D C:\Users\Admin.VAIO-DUO\AppData\Local\CEF
2016-06-21 04:45 - 2016-06-21 05:35 - 152482079 _____ (Androxyde) C:\Users\Akihiko\Downloads\flashtool-0.9.22.3-windows.exe
2016-06-21 04:38 - 2016-06-21 04:38 - 45700992 _____ (Sony) C:\Users\Akihiko\Downloads\XperiaCompanion.exe
2016-06-21 04:38 - 2016-06-21 04:38 - 00002639 _____ C:\Users\Public\Desktop\Xperia Companion.lnk
2016-06-21 04:38 - 2016-06-21 04:38 - 00000000 ____D C:\Users\Akihiko\Documents\Sony
2016-06-20 10:55 - 2016-06-20 10:55 - 05223216 _____ (Sony Corporation) C:\Users\Akihiko\Downloads\BRDWLL-P0321266-1102.EXE
2016-06-20 10:25 - 2016-06-20 10:25 - 00000017 _____ C:\Users\Akihiko\AppData\Local\resmon.resmoncfg
2016-06-20 10:18 - 2016-06-20 10:18 - 00000017 _____ C:\Users\Admin.VAIO-DUO\AppData\Local\resmon.resmoncfg
2016-06-20 10:15 - 2016-06-20 10:15 - 00000000 ____D C:\Users\Akihiko\AppData\Local\Bluestacks
2016-06-17 05:54 - 2016-06-24 07:40 - 00000000 ____D C:\Users\Akihiko\Downloads\Yutori Desu ga Nani ka EP09 720p HDTV x264 AAC-DoA
2016-06-15 03:49 - 2016-05-13 03:38 - 00135336 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-15 03:49 - 2016-05-13 02:43 - 00115704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-15 03:49 - 2016-05-13 01:24 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-15 03:49 - 2016-05-13 01:17 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-15 03:49 - 2016-05-13 01:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-15 03:49 - 2016-05-13 01:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 03:49 - 2016-05-13 01:07 - 01360896 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-15 03:49 - 2016-05-13 00:59 - 00398848 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-15 03:49 - 2016-05-13 00:48 - 00580096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-15 03:49 - 2016-05-13 00:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-15 03:49 - 2016-05-13 00:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-15 03:49 - 2016-05-13 00:37 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 03:48 - 2016-05-22 02:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-15 03:48 - 2016-05-22 01:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-15 03:48 - 2016-05-21 07:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-15 03:48 - 2016-05-21 07:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-15 03:48 - 2016-05-21 07:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-15 03:48 - 2016-05-21 06:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-15 03:48 - 2016-05-21 06:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-15 03:48 - 2016-05-21 06:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-15 03:48 - 2016-05-21 06:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-15 03:48 - 2016-05-21 06:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-15 03:48 - 2016-05-21 06:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-15 03:48 - 2016-05-21 06:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-15 03:48 - 2016-05-21 06:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-15 03:48 - 2016-05-21 06:25 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-06-15 03:48 - 2016-05-21 06:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-15 03:48 - 2016-05-21 06:21 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-06-15 03:48 - 2016-05-21 06:19 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-06-15 03:48 - 2016-05-21 06:16 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-06-15 03:48 - 2016-05-21 06:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-15 03:48 - 2016-05-21 06:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-15 03:48 - 2016-05-21 06:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-15 03:48 - 2016-05-21 06:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-15 03:48 - 2016-05-21 06:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-15 03:48 - 2016-05-21 06:09 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-15 03:48 - 2016-05-21 06:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-15 03:48 - 2016-05-21 06:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-15 03:48 - 2016-05-21 06:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-15 03:48 - 2016-05-21 05:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-15 03:48 - 2016-05-21 05:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-15 03:48 - 2016-05-21 05:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-15 03:48 - 2016-05-21 05:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-15 03:48 - 2016-05-21 05:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-15 03:48 - 2016-05-21 05:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-15 03:48 - 2016-05-18 14:31 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-15 03:48 - 2016-05-18 14:31 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-15 03:48 - 2016-05-17 06:13 - 00563016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-15 03:48 - 2016-05-17 06:13 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-15 03:48 - 2016-05-17 06:13 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-15 03:48 - 2016-05-17 06:13 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-15 03:48 - 2016-05-14 08:09 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-15 03:48 - 2016-05-14 08:07 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-15 03:48 - 2016-05-14 08:07 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-15 03:48 - 2016-05-14 08:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-15 03:48 - 2016-05-14 08:04 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-15 03:48 - 2016-05-14 07:34 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-15 03:48 - 2016-05-14 07:19 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-15 03:48 - 2016-05-14 06:58 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-15 03:48 - 2016-05-10 06:35 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-06-15 03:48 - 2016-05-10 05:56 - 05270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-06-15 03:48 - 2016-05-10 05:45 - 07793152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-15 03:48 - 2016-05-10 05:23 - 05265920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 03:48 - 2016-05-07 00:45 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-15 03:48 - 2016-05-07 00:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-15 03:47 - 2016-05-19 08:15 - 01379040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-15 03:47 - 2016-05-19 05:35 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-15 03:47 - 2016-05-15 05:01 - 00363104 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-15 03:47 - 2016-05-15 05:01 - 00320720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-15 03:47 - 2016-05-14 08:07 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-15 03:47 - 2016-05-14 06:58 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-15 03:47 - 2016-05-14 06:45 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-15 03:47 - 2016-05-14 06:35 - 00286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-15 03:47 - 2016-05-14 06:26 - 00631808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-10 12:06 - 2016-06-17 10:47 - 00000000 ____D C:\Users\Akihiko\Downloads\Yutori Desu ga Nani ka EP08 720p HDTV x264 AAC-DoA
2016-06-09 08:17 - 2016-06-04 02:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-06-09 08:17 - 2016-06-03 22:38 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-09 08:17 - 2016-06-03 02:51 - 00050352 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-09 08:17 - 2016-05-30 00:04 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-09 08:17 - 2016-05-30 00:04 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-09 08:17 - 2016-05-30 00:04 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-09 08:17 - 2016-05-30 00:04 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-09 08:17 - 2016-05-30 00:04 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-09 08:17 - 2016-05-30 00:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-09 08:17 - 2016-04-13 00:46 - 14467584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-09 08:17 - 2016-04-13 00:30 - 12879872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-09 08:17 - 2016-04-10 14:35 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-06-09 08:17 - 2016-04-10 07:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-06-09 08:17 - 2016-04-10 07:14 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-06-09 08:17 - 2016-04-10 07:10 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-06-09 08:17 - 2016-04-10 07:09 - 00754176 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-06-09 08:17 - 2016-04-10 07:02 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2016-06-09 08:17 - 2016-04-10 06:59 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Geolocation.dll
2016-06-09 08:17 - 2016-04-10 06:59 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-06-09 08:17 - 2016-04-10 06:56 - 00543232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-06-09 08:17 - 2016-04-10 06:55 - 00881152 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-06-09 08:17 - 2016-04-10 06:52 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2016-06-09 08:17 - 2016-04-08 01:34 - 00987136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-09 08:17 - 2016-04-08 01:06 - 00927744 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-09 08:17 - 2016-04-08 00:36 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-09 08:17 - 2016-04-07 06:21 - 00114528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2016-06-09 08:17 - 2016-04-07 03:20 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2016-06-09 08:17 - 2016-04-07 03:20 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-06-09 08:17 - 2016-04-07 03:17 - 18825216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-06-09 08:17 - 2016-04-07 01:25 - 15158272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-06-09 08:17 - 2016-04-06 07:37 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2016-06-09 08:17 - 2016-04-02 23:09 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2016-06-09 08:17 - 2016-04-02 22:58 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-06-09 08:17 - 2016-04-02 02:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-06-09 08:17 - 2016-04-02 02:00 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-06-09 08:17 - 2016-04-02 01:53 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-06-09 08:17 - 2016-04-02 01:50 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-06-09 08:17 - 2016-04-02 01:41 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-06-09 08:17 - 2016-03-31 15:53 - 07446360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-09 08:17 - 2016-03-31 15:51 - 01134776 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-06-09 08:17 - 2016-03-31 13:36 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-06-09 08:17 - 2016-02-05 01:57 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-06-09 08:17 - 2016-02-05 01:49 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-06-09 08:17 - 2016-02-05 01:39 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-06-09 08:16 - 2016-04-15 00:25 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-09 08:16 - 2016-04-15 00:11 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-09 08:16 - 2016-03-08 23:44 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-06-08 14:37 - 2016-06-12 13:55 - 00000000 ____D C:\Users\Akihiko\Downloads\Yutori Desu ga Nani ka EP06 720p HDTV x264 AAC-DoA
2016-06-08 14:36 - 2016-06-08 14:37 - 00000000 ____D C:\Users\Akihiko\Downloads\Yutori Desu ga Nani ka EP04 720p HDTV x264 AAC-DoA
2016-06-08 14:36 - 2016-06-08 14:37 - 00000000 ____D C:\Users\Akihiko\Downloads\Yutori Desu ga Nani ka EP02 720p HDTV x264 AAC-DoA
2016-06-08 14:35 - 2016-06-08 14:37 - 00000000 ____D C:\Users\Akihiko\Downloads\Yutori Desu ga Nani ka EP03 720p HDTV x264 AAC-DoA
2016-06-08 14:35 - 2016-06-08 14:37 - 00000000 ____D C:\Users\Akihiko\Downloads\Yutori Desu ga Nani ka EP01 720p HDTV x264 AAC-DoA
2016-06-08 13:05 - 2016-06-08 14:38 - 00000000 ____D C:\Users\Akihiko\Downloads\Yutori Desu ga Nani ka EP05 720p HDTV x264 AAC-DoA
2016-06-08 12:22 - 2016-06-08 12:24 - 00000000 ____D C:\Users\Akihiko\Downloads\Yutori Desu ga Nani ka EP07 720p HDTV x264 AAC-DoA
2016-06-05 17:57 - 2016-06-21 15:29 - 00000000 ____D C:\Users\Akihiko\AppData\LocalLow\BitTorrent
2016-06-03 15:09 - 2016-06-03 15:09 - 00195680 _____ C:\Users\Akihiko\Downloads\Lab9Assignment.pdf
2016-06-02 10:04 - 2016-06-02 10:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warships
2016-06-02 10:03 - 2016-06-02 10:03 - 04995752 _____ (Wargaming.net ) C:\Users\Akihiko\Downloads\WoWS_internet_install_na.exe
2016-06-02 05:05 - 2016-06-02 05:05 - 00000000 ____D C:\Users\Akihiko\AppData\Local\Freshout_Media
2016-06-02 05:03 - 2016-06-02 05:03 - 00668240 _____ (Freshout Media ) C:\Users\Akihiko\Downloads\Setup_Recordit.exe
2016-06-01 15:56 - 2016-06-11 04:17 - 00000000 ____D C:\Users\Akihiko\Documents\UW2016 ENV HEALTH
2016-06-01 13:56 - 2016-06-01 13:56 - 00029176 _____ C:\Users\Akihiko\Downloads\Individual Assignment 6.pdf
2016-05-30 17:31 - 2016-05-30 17:31 - 00000023 _____ C:\Windows\Model.txt
2016-05-30 04:10 - 2016-05-30 07:49 - 00000000 ____D C:\Users\Akihiko\AppData\Local\RimhillEx
2016-05-30 03:28 - 2016-05-30 03:28 - 00134967 _____ C:\Users\Akihiko\Downloads\IS300ProjectGuideSpring16SectionB.pdf
2016-05-29 18:59 - 2016-05-30 06:17 - 00000236 _____ C:\Users\Admin.VAIO-DUO\Documents\ax_files.xml
2016-05-29 18:53 - 2016-05-29 18:53 - 00000000 ____D C:\Users\Admin.VAIO-DUO\Documents\Alcohol 120%
2016-05-29 18:38 - 2016-05-30 06:18 - 00000000 ____D C:\Program Files (x86)\Alcohol Soft
2016-05-29 18:14 - 2016-05-29 18:22 - 00000000 ____D C:\Program Files\GIGABYTE
2016-05-29 17:33 - 2016-05-29 17:33 - 00000000 ____D C:\Users\Akihiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2016-05-29 17:24 - 2016-05-29 17:30 - 00000000 ____D C:\Users\Admin.VAIO-DUO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2016-05-29 17:21 - 2016-05-29 17:22 - 01391104 _____ C:\apploc.msi
2016-05-28 17:59 - 2016-05-28 18:00 - 00000000 ____D C:\Users\Admin.VAIO-DUO\AppData\Roaming\DAEMON Tools Ultra
2016-05-28 17:59 - 2016-05-28 17:59 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtultrausbbus.sys
2016-05-28 17:59 - 2016-05-28 17:59 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtultrascsibus.sys
2016-05-28 17:59 - 2016-05-28 17:59 - 00000000 ____D C:\ProgramData\DAEMON Tools Ultra
2016-05-28 17:55 - 2016-05-28 17:55 - 00316072 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsidrv.sys
2016-05-28 17:54 - 2016-05-29 18:34 - 00394296 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2016-05-28 16:43 - 2016-06-26 05:46 - 00000000 ____D C:\Users\Admin.VAIO-DUO\AppData\Local\NPE
2016-05-28 01:39 - 2016-05-28 01:39 - 00000000 ___SD C:\Users\Akihiko\Documents\My Shapes
2016-05-28 01:24 - 2016-05-28 01:24 - 00210518 _____ C:\Users\Akihiko\Downloads\Lab8Assignment.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-10-02 14:30 - 2014-10-16 04:51 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5E6CE31C-2398-426D-BCDF-CA866E0D8EBB}
2016-06-27 09:55 - 2015-06-09 15:40 - 00505156 _____ C:\Windows\system32\perfh011.dat
2016-06-27 09:55 - 2015-06-09 15:40 - 00135458 _____ C:\Windows\system32\perfc011.dat
2016-06-27 09:55 - 2013-09-04 06:23 - 01496524 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-27 09:55 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\Inf
2016-06-27 09:47 - 2014-10-20 11:43 - 00000000 ____D C:\Users\Admin.VAIO-DUO
2016-06-27 09:43 - 2015-10-26 10:44 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2016-06-27 09:43 - 2013-08-22 23:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-27 09:41 - 2015-06-18 05:55 - 00000155 _____ C:\Windows\wininit.ini
2016-06-27 07:59 - 2014-10-16 04:46 - 00000000 ____D C:\Users\Akihiko
2016-06-27 07:40 - 2014-10-16 12:11 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-27 07:24 - 2015-12-14 09:24 - 00000937 _____ C:\Windows\Tasks\EPSON XP-420 Series Update {53A64B51-5545-44E1-AD54-F4CCBD80FA2F}.job
2016-06-27 07:22 - 2015-12-14 09:22 - 00000937 _____ C:\Windows\Tasks\EPSON XP-420 Series Update {D7E14CF2-B7E5-4FA6-A18D-D8D22C0FE82C}.job
2016-06-27 07:12 - 2015-09-02 04:06 - 00000924 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-06-27 05:46 - 2016-01-26 12:29 - 00000674 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3609492862-3545600430-2358637076-1001Core.job
2016-06-26 15:10 - 2015-08-18 14:30 - 00000000 ____D C:\Users\Akihiko\Downloads\TEMP
2016-06-26 12:11 - 2015-09-02 04:06 - 00000920 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-06-26 09:08 - 2014-10-16 04:51 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3609492862-3545600430-2358637076-1001
2016-06-26 08:49 - 2014-10-20 07:27 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-26 08:39 - 2016-02-13 15:09 - 00000000 ____D C:\Program Files\Common Files\AV
2016-06-26 08:04 - 2015-09-02 04:07 - 00000000 ___RD C:\Users\Akihiko\Dropbox
2016-06-26 08:04 - 2014-10-21 08:28 - 00000000 __RDO C:\Users\Akihiko\OneDrive
2016-06-26 05:21 - 2016-02-13 15:09 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-06-26 05:09 - 2014-10-16 10:19 - 00000000 ____D C:\Users\Akihiko\AppData\Local\Adobe
2016-06-26 04:36 - 2015-06-14 16:13 - 00000000 ____D C:\SELEN
2016-06-26 04:20 - 2013-08-22 22:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-06-25 17:31 - 2015-05-25 13:17 - 00137728 ___SH C:\Users\Akihiko\Desktop\Thumbs.db
2016-06-25 12:21 - 2014-12-26 15:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-25 12:21 - 2014-12-26 15:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-25 05:33 - 2015-09-04 05:58 - 00000000 ____D C:\Users\Akihiko\AppData\Local\Akamai
2016-06-25 05:28 - 2014-12-26 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-25 04:54 - 2015-09-02 04:06 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-06-24 16:18 - 2015-01-30 13:04 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3609492862-3545600430-2358637076-1013
2016-06-24 16:18 - 2013-08-23 00:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-24 16:18 - 2013-08-23 00:36 - 00000000 ____D C:\Windows\AppReadiness
2016-06-24 16:13 - 2016-02-08 07:50 - 00000000 ____D C:\Users\Admin.VAIO-DUO\AppData\Roaming\Skype
2016-06-24 15:51 - 2013-08-23 00:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-06-22 17:02 - 2016-02-08 07:45 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security with Backup
2016-06-22 17:02 - 2016-02-08 07:45 - 00000000 ____D C:\Windows\system32\Drivers\NSBUx64
2016-06-22 16:59 - 2016-02-08 07:46 - 00101112 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2016-06-22 16:59 - 2016-02-08 07:46 - 00008270 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2016-06-22 13:36 - 2014-10-26 08:54 - 00000000 ____D C:\Users\Akihiko\AppData\Roaming\BitTorrent
2016-06-22 13:13 - 2016-03-15 08:11 - 00000000 ____D C:\Users\Akihiko\AppData\Local\CrashDumps
2016-06-22 04:29 - 2015-08-20 15:48 - 00001108 _____ C:\Users\Akihiko\Desktop\MEGAsync.lnk
2016-06-21 10:46 - 2015-08-25 14:05 - 00000000 ____D C:\Users\Admin.VAIO-DUO\.oracle_jre_usage
2016-06-21 09:49 - 2013-08-22 22:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-06-21 09:43 - 2015-05-29 03:18 - 00000000 ____D C:\Users\Admin.VAIO-DUO\.flashTool
2016-06-21 09:43 - 2015-05-29 03:17 - 00000000 ____D C:\Flashtool
2016-06-21 05:28 - 2016-03-18 16:45 - 00000000 ____D C:\Users\Admin.VAIO-DUO\AppData\Roaming\Apple Computer
2016-06-21 04:41 - 2016-01-16 11:11 - 00000000 ____D C:\Program Files (x86)\Sony Mobile
2016-06-21 04:38 - 2016-02-28 03:24 - 00000000 ____D C:\Users\Akihiko\AppData\Roaming\Apple Computer
2016-06-21 04:38 - 2016-01-16 08:12 - 00000000 ____D C:\Users\Admin.VAIO-DUO\Documents\Sony
2016-06-21 04:38 - 2015-08-19 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-06-21 04:38 - 2013-10-12 17:23 - 00000000 ____D C:\Program Files (x86)\Sony
2016-06-21 04:38 - 2013-10-12 17:19 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-20 10:29 - 2013-08-23 00:36 - 00000000 ____D C:\Windows\system32\NDF
2016-06-20 10:20 - 2013-08-23 00:36 - 00000000 ____D C:\PerfLogs
2016-06-20 10:15 - 2013-08-23 00:36 - 00000000 __RHD C:\Users\Public\Libraries
2016-06-20 10:14 - 2015-06-01 03:32 - 00000000 ____D C:\ProgramData\BlueStacks
2016-06-20 10:12 - 2015-05-28 12:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
2016-06-20 10:09 - 2015-05-31 08:55 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-06-19 17:40 - 2016-05-21 23:40 - 09717952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-19 17:40 - 2014-10-16 12:11 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-18 08:20 - 2013-08-23 00:36 - 00000000 ____D C:\Windows\rescache
2016-06-18 05:05 - 2013-08-23 00:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-17 05:24 - 2016-04-23 02:41 - 00000000 ____D C:\Users\Akihiko\Documents\UW2016 IS 300
2016-06-17 05:08 - 2014-10-20 07:28 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 05:08 - 2014-10-20 07:28 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-16 11:00 - 2015-09-21 07:29 - 00000000 ____D C:\Users\Akihiko\Documents\TEMP
2016-06-15 15:49 - 2013-08-22 23:44 - 00548984 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-15 12:36 - 2016-04-06 06:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-06-15 12:34 - 2014-10-17 13:09 - 00000000 ____D C:\Windows\system32\MRT
2016-06-15 12:29 - 2014-10-17 13:09 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-15 10:49 - 2016-03-24 09:29 - 00000000 ____D C:\Users\Akihiko\Documents\UW
2016-06-15 03:36 - 2016-01-05 11:40 - 00000000 ____D C:\Program Files\thinkorswim
2016-06-15 03:36 - 2014-10-31 06:05 - 00000000 ____D C:\Users\Admin.VAIO-DUO\.thinkorswim
2016-06-15 02:13 - 2013-08-23 00:38 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-15 02:13 - 2013-08-23 00:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 06:58 - 2016-05-07 13:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-14 06:58 - 2014-10-16 11:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-09 08:19 - 2014-12-13 03:16 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-09 08:19 - 2013-08-23 00:36 - 00000000 ___RD C:\Windows\ToastData
2016-06-09 08:12 - 2015-04-05 20:54 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-06-09 08:12 - 2015-04-05 20:54 - 00000000 ___SD C:\Windows\system32\GWX
2016-06-09 07:59 - 2015-10-30 18:42 - 00000000 ___HD C:\$WINDOWS.~BT
2016-06-06 02:24 - 2015-04-18 07:43 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-02 14:21 - 2014-11-13 16:32 - 00070656 ___SH C:\Users\Akihiko\Documents\Thumbs.db
2016-06-02 10:57 - 2015-05-01 14:17 - 00259072 ___SH C:\Users\Akihiko\Downloads\Thumbs.db
2016-06-01 11:52 - 2016-04-05 11:27 - 00000000 ____D C:\Users\Akihiko\Documents\UW2016 FIN 350
2016-05-30 07:41 - 2013-08-22 22:25 - 00000133 _____ C:\Windows\win.ini
2016-05-28 18:22 - 2014-11-02 13:53 - 00000000 ____D C:\Users\Admin.VAIO-DUO\AppData\Local\ElevatedDiagnostics
2016-05-28 18:18 - 2015-06-15 02:46 - 00000000 ____D C:\Program Files (x86)\SELEN
2016-05-28 18:17 - 2015-07-02 16:30 - 00000012 _____ C:\Windows\D2_0412licensec.dat
2016-05-28 18:02 - 2016-02-07 18:34 - 00000000 ____D C:\Users\Admin.VAIO-DUO\AppData\Local\Disc_Soft_Ltd
2016-05-28 17:53 - 2015-03-01 05:26 - 00000000 ____D C:\Users\Akihiko\AppData\Roaming\DAEMON Tools Lite
2016-05-28 16:43 - 2016-02-08 07:44 - 00000000 ____D C:\ProgramData\Norton
2016-05-28 01:38 - 2013-08-23 00:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

==================== Files in the root of some directories =======

2015-07-22 14:49 - 2015-07-22 14:50 - 0000096 _____ () C:\Users\Admin.VAIO-DUO\AppData\Roaming\Camdata.ini
2015-07-22 14:49 - 2015-07-22 14:50 - 0000408 _____ () C:\Users\Admin.VAIO-DUO\AppData\Roaming\CamLayout.ini
2015-07-22 14:49 - 2015-07-22 14:50 - 0000408 _____ () C:\Users\Admin.VAIO-DUO\AppData\Roaming\CamShapes.ini
2015-07-22 14:49 - 2015-07-22 14:50 - 0004537 _____ () C:\Users\Admin.VAIO-DUO\AppData\Roaming\CamStudio.cfg
2015-10-23 04:53 - 2015-10-23 04:53 - 0000000 _____ () C:\Users\Admin.VAIO-DUO\AppData\Roaming\DVAP.set
2015-11-01 06:59 - 2015-11-04 11:07 - 0000028 _____ () C:\Users\Admin.VAIO-DUO\AppData\Roaming\MediaFolder.ini
2015-07-22 14:48 - 2015-07-22 14:49 - 0000096 _____ () C:\Users\Admin.VAIO-DUO\AppData\Roaming\version2.xml
2016-01-31 10:10 - 2016-01-31 10:10 - 0001529 _____ () C:\Users\Admin.VAIO-DUO\AppData\Local\recently-used.xbel
2016-06-20 10:18 - 2016-06-20 10:18 - 0000017 _____ () C:\Users\Admin.VAIO-DUO\AppData\Local\resmon.resmoncfg
2016-06-22 13:00 - 2016-06-22 13:00 - 0199661 _____ () C:\ProgramData\1466567953.bdinstall.bin
2016-06-22 13:20 - 2016-06-22 13:20 - 0037671 _____ () C:\ProgramData\1466569203.bdinstall.bin
2016-06-22 13:21 - 2016-06-22 13:21 - 0098630 _____ () C:\ProgramData\1466569209.bdinstall.bin
2013-10-12 17:18 - 2013-10-12 17:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Admin.VAIO-DUO\AppData\Local\Temp\ose00000.exe
C:\Users\Admin.VAIO-DUO\AppData\Local\Temp\_is51E9.exe
C:\Users\Admin.VAIO-DUO\AppData\Local\Temp\_isC8E7.exe
C:\Users\Admin.VAIO-DUO\AppData\Local\Temp\_isF2E5.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-19 05:24

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2016 02
Ran by Akihiko (2016-06-27 10:43:05)
Running from C:\Users\Akihiko\Downloads
Windows 8.1 Pro (Update) (X64) (2014-10-15 19:46:17)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-3609492862-3545600430-2358637076-1013 - Administrator - Enabled) => C:\Users\Admin.VAIO-DUO
Administrator (S-1-5-21-3609492862-3545600430-2358637076-500 - Administrator - Disabled)
Akihiko (S-1-5-21-3609492862-3545600430-2358637076-1001 - Limited - Enabled) => C:\Users\Akihiko
Guest (S-1-5-21-3609492862-3545600430-2358637076-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3609492862-3545600430-2358637076-1015 - Limited - Enabled)
SophosSAUVAIO-DUO0 (S-1-5-21-3609492862-3545600430-2358637076-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ノートン セキュリティ (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: ノートン セキュリティ (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: ノートン セキュリティ (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

(x32 Version: 1.00.0000 - WILLPLUS) Hidden
7-Zip 9.35 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0935-000001000000}) (Version: 9.35.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Japanese (HKLM-x32\...\{AC76BA86-7AD7-1041-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Akamai NetSession Interface (HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArtRage Studio Pro (HKLM-x32\...\{2F1DFDAD-E69E-429B-BB12-91610B178D8E}) (Version: 3.5.5 - Ambient Design)
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.5.510 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
BitTorrent (HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\BitTorrent) (Version: 7.9.7.42331 - BitTorrent Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.) Hidden
CATEYESync (HKLM-x32\...\CATEYESync) (Version: 1.1.2 - CATEYE Co.,Ltd.)
CATEYESync (x32 Version: 1.1.2 - CATEYE Co.,Ltd.) Hidden
Cisco WebEx Meetings (HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
CLIP STUDIO 1.5.0 (HKLM-x32\...\{49274EB8-4598-47E6-8039-9BB7CE07627E}) (Version: 1.5.0 - CELSYS)
CLIP STUDIO ACTION (HKLM-x32\...\{A1EFF737-455F-4736-A25D-B127447DCC3D}) (Version: 1.1.8 - CELSYS)
CLIP STUDIO COORDINATE 1.1.7 (HKLM-x32\...\{7A96C113-7922-46F4-B54F-B0B032E3A041}) (Version: 1.1.7 - CELSYS)
CLIP STUDIO MODELER 1.0.2 (HKLM-x32\...\{1B6FE598-3814-4076-90DC-7E76823AE7A0}) (Version: 1.0.2 - CELSYS)
CLIP STUDIO PAINT (HKLM-x32\...\{4B0AD476-DE95-4293-B437-BE2511DE74B6}) (Version: 1.4.1 - CELSYS)
CROSS†CHANNELFINAL COMPLETE (HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\{45CDF91F-B345-49D1-A162-C88B220FC11B}) (Version: 1.00.0000 - WILLPLUS)
Cyberduck (HKLM-x32\...\{fbf74a17-4248-4b05-ad7e-ab37ffb7a322}) (Version: 4.9.0.19632 - iterate GmbH)
Cyberduck (x32 Version: 4.9.0.19632 - iterate GmbH) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
DEEP [ XP対応版 ] (HKLM-x32\...\DEEP [ XP対応版 ]) (Version:  - )
DEEP/ZERO [ XP対応版 ] (HKLM-x32\...\DEEP/ZERO [ XP対応版 ]) (Version:  - )
DEEP2 (HKLM-x32\...\DEEP2) (Version:  - )
Dragon Assistant version 1.5.22 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.22 - Nuance Communications, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 5.4.24 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
Easy Photo Scan (HKLM-x32\...\{1A6DED1E-A024-455D-AA82-203D6B3B0CBC}) (Version: 1.00.0006 - Seiko Epson Corporation)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-420 Series Printer Uninstall (HKLM\...\EPSON XP-420 Series) (Version:  - SEIKO EPSON Corporation)
Epson XP-420_424 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-420_424 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
e-Train Data Ver.4 (HKLM-x32\...\{F6A7DF7D-FE79-411F-A024-104B73614577}) (Version: 4.0.20 - CATEYE)
FastAccess (HKLM\...\{0364E758-FE5E-4625-A553-B85542C927F5}) (Version: 4.1.225.1 - Sensible Vision)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Freemake Video Converter バージョン 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Garmin VIRB Edit (HKLM-x32\...\{A030BB70-6D6F-4980-9197-12BFAA8425B9}) (Version: 3.3.2.1 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GTR 2 1.0.0.0 (HKLM-x32\...\{D560A981-FEB3-42F0-A61A-13E9528E0C51}_is1) (Version: v1.0.0.0 - 10tacle Studios Publishing AG)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1015 - Intel Corporation)
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{ffa8daa3-4912-4a4a-aac4-a0549064268b}) (Version: 5.1.1.25 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 5.1.1.25 - Intel Corporation) Hidden
Intel® C++ Redistributables on IA-32 (HKLM-x32\...\{5018D8E6-8D8E-4F76-9AFD-CB2EF1100E84}) (Version: 13.0.089 - Intel Corporation)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{791FF357-3DE8-485E-BD59-41844BB16415}) (Version: 13.0.089 - Intel Corporation)
Intel® Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1036 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.0.0.13 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
Kindle Previewer (HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\KindlePreviewer) (Version: 2.94 - Amazon)
K-Lite Mega Codec Pack 12.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.1.0 - KLCP)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManguSta 恥辱風紀委員会 (HKLM-x32\...\{5B47EE57-DACB-412B-B8DC-0623A38B3C63}) (Version:  - エレクトリップ)
Maple 17 (HKLM\...\Maple 17) (Version: 17.0.0.0 - Maplesoft)
Maple 17 (HKLM-x32\...\Maple 17) (Version:  - Maplesoft)
Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.20.105.05220 (HKLM-x32\...\{77B3BF4C-1376-60BA-DBE7-932199ED6219}) (Version: 2.20.105.05220 - Sony)
MergeModule_x64 (Version: 9.3.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.3.00 - Sony Corporation) Hidden
Microsoft Access 2013 (HKLM-x32\...\Office15.AccessR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Publisher 2010 (HKLM-x32\...\Office14.PUBLISHERR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Monkey's Audio (HKLM-x32\...\Monkey's Audio_is1) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0 (x86 ja) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 ja)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
NFC Connection Utility (HKLM\...\{F3FC1B12-45AA-4ACE-AD9F-DFD87BE9457E}) (Version: 1.0.0.14100 - Sony Corporation)
N-trig Wintab x64 (HKLM-x32\...\{044886EF-A04E-4C84-AAAE-257815D510C5}) (Version: 1.0.9 - N-trig)
Nuance Speech Component DA-A en-US version 1.5.22 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.22 - Nuance Communications, Inc.)
Nuance Speech Component DA-C version 1.1.22 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.22 - Nuance Communications, Inc.)
Nuance Speech Component DA-L en-US version 1.1.5 (HKLM-x32\...\{4C0C1E4E-D3B1-4496-98EC-DA14D45EC855}_is1) (Version: 1.1.5 - Nuance Communications, Inc.)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.5.9.0 - NXP Semiconductors)
OL姉妹 (HKLM-x32\...\{B5197FAD-5AB6-40A4-AEAA-8509AC30C5FD}) (Version: 1.00.0000 - Selen)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.1.00.12260 - Sony Corporation)
PMB_ModeEditor (x32 Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 10.1.00 - Sony Corporation) Hidden
Python 2.7.9 (HKLM-x32\...\{79F081BF-7454-43DB-BD8F-9EE596813232}) (Version: 2.7.9150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Reader for PC (HKLM-x32\...\{11CBB0F5-989E-4B16-AE7E-D569AC4BF241}) (Version: 2.0.02.15180 - Sony Corporation)
Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7135 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.00230 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11073 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0015-0000-0000-0000000FF1CE}_Office15.AccessR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHERR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIMANO Camera Editor (HKLM-x32\...\{E6EDC569-1359-4F71-B0B8-325F4DD9C597}) (Version: 1.0.0 - SHIMANO INC.)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
SMI Grabber Device (HKLM-x32\...\{B03B98E3-2795-48F6-BA33-793BBF5DF685}) (Version: 1.0.0.22B - Somagic)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.20.9608 - SoftEther VPN Project)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.16.8.201605301505 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
SONY USB DAC Amplifier (HKLM-x32\...\{24B8A7C8-CB0D-457A-A3BF-6FE253349713}) (Version: 1.0 - Sony Corporation)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.5 - Synaptics Incorporated)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
thinkorswim (HKLM-x32\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
TI Connect・ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM\...\{1B2C85A0-2B9E-4291-8B37-468D57503E98}) (Version: 16.0.1171.1 - Microsoft Corporation)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM\...\{4DF9BC73-D405-4C3B-A0EA-1E390A8AFC73}) (Version: 16.0.1404.1 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{E75B82FD-B6FD-4653-8685-F3A97BDFEA6E}) (Version: 15.0.2013 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{01E87699-A49D-413A-B75B-7C434FEF979C}) (Version: 15.0.2013 - Microsoft Corporation)
Update for Japanese Microsoft IME Trending Words Dictionary (HKLM\...\{F3F11FF1-4EF7-4012-A0D7-BC89442FCA4F}) (Version: 16.0.1515.1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB3115033) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.AccessR_{BD10518F-3463-429E-8761-0AEDCEEA6297}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PRJPROR_{BD10518F-3463-429E-8761-0AEDCEEA6297}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{BD10518F-3463-429E-8761-0AEDCEEA6297}) (Version:  - Microsoft)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.3.11280 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{036400BD-B717-4D50-ACDC-96480C99EDD3}) (Version: 8.4.4.09186 - Sony Corporation)
VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11210 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{7BF64721-B4E0-4CBC-8D4B-E9E6A8590521}) (Version: 1.1.3.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.3.8.13060 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.12.0.07300 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.4.4.07220 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.4.1.09050 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.4.0.06280 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.2.00.07040 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.2.00.07040 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.3.0.05230 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.2.00.07040 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO Touch Search (HKLM\...\{F792DDDD-71C8-419E-AE05-46B0CDB1BEC8}) (Version: 1.1.0.1511 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VCCMMX64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Web Companion (HKLM-x32\...\{16a99b3a-b114-45cd-910b-21f54d37189e}) (Version: 2.3.1411.2698 - Lavasoft)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9400 - Broadcom Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Laboratories (WinUSB) USB  (04/08/2013 4.0.0.0) (HKLM\...\ECCA79E3941154C28F5B308B576703BD8253BAB1) (Version: 04/08/2013 4.0.0.0 - Silicon Laboratories)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WiVideo (HKLM-x32\...\{2A9BA733-C465-400A-8AA0-937C656503FB}) (Version: 2.01.202 - )
World of Warships (HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814na}_is1) (Version:  - Wargaming.net)
Xperia Companion (HKLM-x32\...\{8f4f39fa-087f-4e5c-84f3-1433ac7389e9}) (Version: 1.2.8.0 - Sony)
Xperia Companion (x32 Version: 1.2.8.0 - Sony) Hidden
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Zwift version 1.0.16 (HKLM-x32\...\{E4DA422A-82AB-44A4-B3A5-0AF60F47B7AB}_is1) (Version: 1.0.16 - Zwift, LLC)
萢餬3.0豎 (HKLM-x32\...\萢饑is1) (Version:  - 箴)
この大空に、翼をひろげて (HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\{20ADC9A3-55B0-4A63-8E17-5AC2C57E58C7}) (Version: 1.00.0000 - WILLPLUS)
コンテンツ管理アシスタント for PlayStation® (HKLM-x32\...\{961D5D7E-3DEC-4E3B-9065-EA8074923B18}) (Version: 3.31.7643.1 - Sony Computer Entertainment Inc.)
さかあがりハリケーン (HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\...\Sakahari) (Version:  - GIGA)
ノートン セキュリティ with バックアップ (HKLM-x32\...\NSBU) (Version: 22.7.0.76 - Symantec Corporation)
フォト ギャラリー (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
犠母姉妹DVD特別版 (HKLM-x32\...\犠母姉妹DVD特別版) (Version:  - )
借金姉妹 (HKLM-x32\...\{F7FF67A8-1DA4-4887-8424-30704E177411}) (Version: 1.00.0000 - Selen)
借金姉妹 (HKLM-x32\...\{85941C27-7498-4105-98A8-1B8E12CD0022}) (Version: 1.00.0000 - Selen)
借金姉妹AfterStory (HKLM-x32\...\{CA19620A-5DFC-4F98-AC57-C47246E96637}) (Version: 1.0 - Selen)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job =>
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\EPSON XP-420 Series Update {53A64B51-5545-44E1-AD54-F4CCBD80FA2F}.job =>
Task: C:\Windows\Tasks\EPSON XP-420 Series Update {D7E14CF2-B7E5-4FA6-A18D-D8D22C0FE82C}.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3609492862-3545600430-2358637076-1001Core.job => C:\Users\Akihiko\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3609492862-3545600430-2358637076-1001UA.job => C:\Users\Akihiko\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Akihiko\AppData\Local\Microsoft\Windows\GameExplorer\{C82F4C1A-28EA-4E28-B628-108F07A254D8}\SupportTasks\0\Support.lnk -> hxxp:\www.pulltop.com\( (No File)
Shortcut: C:\Users\Public\Desktop\Google Cloud Print Setup.lnk -> hxxp://192.168.1.9/PRESENTATION/HTML/TOP/INDEX.HTML (No File)

==================== Loaded Modules (Whitelisted) ==============

2014-09-27 06:41 - 2014-09-27 06:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-11-10 15:45 - 2015-11-10 15:45 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-09-05 03:09 - 2015-09-05 03:09 - 00093928 _____ () C:\Windows\SYSTEM32\FAIEExtension.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 22:25 - 2015-11-05 04:01 - 00006670 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1                   bandicam.com
127.0.0.1                   ssl.bandisoft.com
127.0.0.1                   skiip.com
128.199.121.125                   onhax.net
128.199.121.125                   www.onhax.net
128.199.121.125                   do2dear.net
128.199.121.125                   www.masterkreatif.com
128.199.121.125                   fullsoft24u.com
128.199.121.125                   piratecity.net
128.199.121.125                   keyscity.net
128.199.121.125                   www.fullstuff.net
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns-5.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com

There are 128 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3609492862-3545600430-2358637076-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Akihiko\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\vaio 13 img1 wallpaper 1920x1080.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{98982EC1-6FFA-4A63-AB08-C55AE4B82A3C}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{0386D86E-915D-4C0F-B419-B1B56CB7B853}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [TCP Query User{92D32A46-9D98-4CE3-8104-C5547F9D3181}C:\windows\system32\mobsync.exe] => (Allow) C:\windows\system32\mobsync.exe
FirewallRules: [UDP Query User{BEB26C3F-4BB9-4BAC-9E5D-8D1D5C8BFD3D}C:\windows\system32\mobsync.exe] => (Allow) C:\windows\system32\mobsync.exe
FirewallRules: [{2B3F69F9-436A-49AA-946C-F2431FC3B257}] => (Allow) C:\Users\Akihiko\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C3125BC8-C4DF-4F7D-B697-FF69E8C001E6}] => (Allow) C:\Users\Akihiko\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{7A433306-51B3-462E-B5F3-AD5A8701E38E}C:\users\akihiko\downloads\bittorrent.exe] => (Allow) C:\users\akihiko\downloads\bittorrent.exe
FirewallRules: [UDP Query User{22CBA06F-FFF1-48DA-8060-347CB9F6F58A}C:\users\akihiko\downloads\bittorrent.exe] => (Allow) C:\users\akihiko\downloads\bittorrent.exe
FirewallRules: [TCP Query User{52A5F19D-6232-47BE-B108-CF6C44EB0BA8}C:\windows\system32\igfxsrvc.exe] => (Block) C:\windows\system32\igfxsrvc.exe
FirewallRules: [UDP Query User{743FCAFD-1A76-4FF1-BA79-798F7A266ADA}C:\windows\system32\igfxsrvc.exe] => (Block) C:\windows\system32\igfxsrvc.exe
FirewallRules: [TCP Query User{D496283A-7392-4BAC-A7E5-643A95EA4E9D}C:\windows\system32\mobsync.exe] => (Allow) C:\windows\system32\mobsync.exe
FirewallRules: [UDP Query User{4B515330-8238-4B8A-9A55-0ADC38E6DFFA}C:\windows\system32\mobsync.exe] => (Allow) C:\windows\system32\mobsync.exe
FirewallRules: [TCP Query User{A1246562-8CC8-4DAC-83C5-5B2C0B28180D}C:\users\akihiko\appdata\local\amazon\kindle previewer\lib\touchlibs\webreader.exe] => (Block) C:\users\akihiko\appdata\local\amazon\kindle previewer\lib\touchlibs\webreader.exe
FirewallRules: [UDP Query User{3E1BEAF9-AA8B-46BC-92AF-9010AE8B4925}C:\users\akihiko\appdata\local\amazon\kindle previewer\lib\touchlibs\webreader.exe] => (Block) C:\users\akihiko\appdata\local\amazon\kindle previewer\lib\touchlibs\webreader.exe
FirewallRules: [TCP Query User{343B2A44-BBB7-47B7-BE76-97586950292E}C:\users\akihiko\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\akihiko\appdata\local\warthunder\launcher.exe
FirewallRules: [UDP Query User{10659645-1C4D-45E9-BD3D-BA6B19F5B3AC}C:\users\akihiko\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\akihiko\appdata\local\warthunder\launcher.exe
FirewallRules: [{B34DB9EE-2025-4B39-AC12-E4DFA1A7693D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ADCDC269-ED5E-4519-BF03-B891C631F0FA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D14F5DF7-BBDA-43B4-9B35-59C8BBC06DCB}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{39D59082-25FC-4758-8CE0-3BC7578DB7BB}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{525A63AC-35DD-4FDB-8E5A-A6E30183FCCB}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
FirewallRules: [TCP Query User{6B0AF4A7-3D86-487C-8F4D-88BEC3C3F7C8}C:\program files\common files\microsoft shared\ink\inputpersonalization.exe] => (Allow) C:\program files\common files\microsoft shared\ink\inputpersonalization.exe
FirewallRules: [UDP Query User{6737E138-DE1B-45CB-8A52-E22EF9A6918F}C:\program files\common files\microsoft shared\ink\inputpersonalization.exe] => (Allow) C:\program files\common files\microsoft shared\ink\inputpersonalization.exe
FirewallRules: [TCP Query User{17DDEA84-E9DF-4BFA-B579-55A76F9384E8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{1B114140-1B3B-4155-8315-43E34311602B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{A47261A0-8D91-41CF-B734-52C10EDB1A19}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{BFB43498-D2BD-4036-84FF-2FE356D60A94}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{1E07D6CE-EB3F-4B78-BF6E-40F1B2F078A8}C:\users\akihiko\appdata\local\warthunder\aces.exe] => (Allow) C:\users\akihiko\appdata\local\warthunder\aces.exe
FirewallRules: [UDP Query User{73590D33-C3C7-4978-A598-12CB10E246C2}C:\users\akihiko\appdata\local\warthunder\aces.exe] => (Allow) C:\users\akihiko\appdata\local\warthunder\aces.exe
FirewallRules: [{3125AD85-30A9-4C8E-BF5B-8EF8B25487B4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8131BDEB-6067-400D-8899-0247764E9134}] => (Allow) LPort=2869
FirewallRules: [{B41D36B4-CBA9-47D3-ABB4-49BA03E5CF0F}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{841FE2D1-E0EF-4DE9-9E14-4F73C1EBFCDF}C:\users\akihiko\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\akihiko\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{874575D2-6AAC-4A0F-AFE6-77D761586083}C:\users\akihiko\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\akihiko\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{DFA51D79-ACC4-49ED-9CFF-92CF61FE5CBE}C:\program files\common files\microsoft shared\ink\inputpersonalization.exe] => (Block) C:\program files\common files\microsoft shared\ink\inputpersonalization.exe
FirewallRules: [UDP Query User{F87D0B8A-182A-49D4-ADA4-C251222C40AA}C:\program files\common files\microsoft shared\ink\inputpersonalization.exe] => (Block) C:\program files\common files\microsoft shared\ink\inputpersonalization.exe
FirewallRules: [TCP Query User{264D8FB1-780E-4008-B22D-9C69DBBF344B}C:\users\akihiko\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\akihiko\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{BE2375C5-441D-4BCA-9FAD-BC3D14286F90}C:\users\akihiko\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\akihiko\appdata\local\akamai\netsession_win.exe
FirewallRules: [{7343A660-FAA5-4BF1-8EE0-EB8FF1661A39}] => (Allow) C:\Users\Admin.VAIO-DUO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6EA5054D-C909-4E2B-8EB0-D9E6D313B670}] => (Allow) C:\Users\Admin.VAIO-DUO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FF915341-9691-49EA-AF0D-580B5AD56957}] => (Allow) C:\Users\Admin.VAIO-DUO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{30E7C374-FF71-44DD-8F85-A2ED11DF0CE2}] => (Allow) C:\Users\Admin.VAIO-DUO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E5C161CF-54BE-4A06-AEB0-A5FDDB0BCEDC}] => (Allow) C:\Users\Admin.VAIO-DUO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7256B79F-9466-43D6-81AE-FB26DC875AF1}] => (Allow) C:\Users\Admin.VAIO-DUO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{CEACD3FF-9F18-4F80-B676-96E9840AEA6F}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe
FirewallRules: [UDP Query User{B6846B05-DD7F-4876-BE28-14D1C6A80F4A}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe
FirewallRules: [{177F325F-06B6-4A08-B9E2-19587B58875B}] => (Allow) C:\Program Files (x86)\WiVideo\WiVideo.exe
FirewallRules: [{1DB48D96-473A-4060-93A8-0D04A4301FFC}] => (Allow) C:\Program Files (x86)\WiVideo\WiVideo.exe
FirewallRules: [{3643E028-5255-4E9D-AACB-0CD5C99929B4}] => (Allow) C:\Program Files (x86)\WiVideo\WiVideo.exe
FirewallRules: [{B3D2912E-D2D9-4364-B780-8BDC82866925}] => (Allow) C:\Program Files (x86)\WiVideo\WiVideo.exe
FirewallRules: [{7A67C16D-C3B2-4072-85B9-F81793FF8F3B}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{A60A7845-3F55-4C1E-B546-7ED5912DC463}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{C5BAEE42-0F47-44CC-8E26-9A9A9D29677A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{AE7CC4AD-371A-4249-83BF-4F64D791EF93}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{3E072BAE-B098-491E-B082-8F606C0A9FD4}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{8474DA73-3900-4FDE-8F57-0FE928903ECF}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{278366C8-7E09-400E-8193-30C4B372C68E}] => (Block) %ProgramFiles%\Maple 17\bin.X86_64_WINDOWS\activation.exe
FirewallRules: [{C7F0BD5A-C68A-4757-B19C-49410BAD0A84}] => (Block) %ProgramFiles%\Maple 17\bin.X86_64_WINDOWS\maplew.exe
FirewallRules: [TCP Query User{093BB27D-A8B8-44C2-8A59-D7E9CCC6209C}C:\program files\maple 17\jre\bin\maple.exe] => (Allow) C:\program files\maple 17\jre\bin\maple.exe
FirewallRules: [UDP Query User{8E4B3927-917A-4B8B-9D66-929CCFE33C34}C:\program files\maple 17\jre\bin\maple.exe] => (Allow) C:\program files\maple 17\jre\bin\maple.exe
FirewallRules: [TCP Query User{647559EC-0D1A-4735-AF8D-96E88CB84155}C:\program files\maple 17\jre\bin\java.exe] => (Block) C:\program files\maple 17\jre\bin\java.exe
FirewallRules: [UDP Query User{AFAE8875-6146-4B80-9BC8-A1FD6CCF2D6D}C:\program files\maple 17\jre\bin\java.exe] => (Block) C:\program files\maple 17\jre\bin\java.exe
FirewallRules: [{23B7D5BB-C638-4E1A-A068-802911A62CFA}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Director 12\Director.exe
FirewallRules: [{AB19F7F3-EE7D-4407-8B0D-8F5BDEA32A0B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B0EE71BF-4F8B-44ED-987F-D39FB4ACE720}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8EE20007-879D-43ED-B361-F57D0DCC37F1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D7DAD5F9-D0C4-4050-A37F-C38B553ABB73}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{347C7BD9-F0E8-4987-9C26-4199523AB4ED}D:\temp\baiduyunguanjia\baiduyunguanjia.exe] => (Block) D:\temp\baiduyunguanjia\baiduyunguanjia.exe
FirewallRules: [UDP Query User{4D417E7A-640E-46B1-BBC6-1757F8316EDE}D:\temp\baiduyunguanjia\baiduyunguanjia.exe] => (Block) D:\temp\baiduyunguanjia\baiduyunguanjia.exe
FirewallRules: [{4FDD3B4F-302B-4ED1-AB3A-DAA54FC990C3}] => (Allow) D:\temp\BaiduYunGuanjia\YunDetectService.exe
FirewallRules: [{199A79BB-61E7-4F3E-9FF4-20A4085E07AD}] => (Allow) D:\temp\BaiduYunGuanjia\YunDetectService.exe
FirewallRules: [{D560EE9F-22C8-4F12-90F6-FF5C08753C49}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{14FDD07D-DC15-4CA2-9A5B-E9F63A1DF14D}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{78489E04-1916-4401-ABD9-974500F26BFE}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{D7E6FA30-BE85-46D5-9902-5D872071CAEE}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{9263BE78-8C2D-475E-B7CF-6ECA4ECFD081}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{E258F921-E0D6-4F51-B80A-B31D02166F01}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{57046DB0-023E-4370-AEE7-BD3F26058077}] => (Allow) C:\Users\Akihiko\AppData\Local\Temp\WZSE0.TMP\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{17ED3CD6-88B5-47FA-8EFC-94D369B194F9}] => (Allow) C:\Users\Akihiko\AppData\Local\Temp\WZSE0.TMP\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{9E549585-CB68-4264-9DE4-31FC4FF6BE55}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{D734A5E1-E544-4D24-B5CE-299F07B2D2B6}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{E8B04FF5-5AE7-4EBC-BD7F-5741C88209A5}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{3268FA3A-50E0-40A9-BF47-EADC04B4F7E3}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{341F2E8E-98D2-4784-AB12-AD832936C7E1}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe
FirewallRules: [UDP Query User{A0F07D33-6AD9-474A-8BBB-0E0A6D8F399C}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe
FirewallRules: [{31DCAB45-AEF0-4898-9D83-92888396970A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{9EDC15F7-BDE3-412C-8350-A727E2C47607}] => (Allow) C:\Users\Admin.VAIO-DUO\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E9BCB789-06D7-4BE5-BDEC-ACF4F8636214}] => (Allow) C:\Users\Admin.VAIO-DUO\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{546D8342-25DC-4777-999B-DAB6B6214BF4}] => (Allow) C:\Users\Admin.VAIO-DUO\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C8720494-CAB4-4EAA-B095-150D0F8C6519}] => (Allow) C:\Users\Admin.VAIO-DUO\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{EE357538-13A0-4F30-A277-8A609DBB215D}] => (Allow) C:\Users\Admin.VAIO-DUO\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{37F909C0-88AE-4328-A2B4-F42C70C95EFA}] => (Allow) C:\Users\Admin.VAIO-DUO\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{8B0322A0-E957-4576-B1F9-ABA68E38E973}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D7E6A0C6-2847-4EC6-8119-FD3D79B6B7DA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DB55A06A-A4ED-4D2D-A118-1B67ED798539}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{19C07A77-31C2-467C-B2EF-80860C32730A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{494DD478-940C-4F5F-87E3-53A30A831D3B}] => (Allow) C:\Program Files\SoftEther VPN Server\vpnsmgr_x64.exe
FirewallRules: [{D7E181CC-5BBA-4D96-8B01-27E24A6E05DD}] => (Allow) C:\Program Files\SoftEther VPN Server\vpnserver_x64.exe
FirewallRules: [{AE005ECE-303B-4679-9236-2AFCF8F022C6}] => (Allow) C:\Program Files\SoftEther VPN Server\vpncmd_x64.exe
FirewallRules: [{CA61BA2C-7C56-4C6F-9F74-1959414B5EFA}] => (Allow) C:\Program Files\SoftEther VPN Server Manager\vpnsmgr_x64.exe
FirewallRules: [{3E9A0A6B-0AEA-446A-B96F-1BEB4223FD72}] => (Allow) C:\Program Files\SoftEther VPN Server Manager\vpncmd_x64.exe
FirewallRules: [{02815E08-7C85-47D9-AAA7-C61B97E41D31}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{350C7AFB-EF65-4286-ADE6-8DC30DCADA0B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [TCP Query User{D54C42B1-BB85-437F-9734-DE08D9FE2922}C:\users\admin.vaio-duo\appdata\roaming\bittorrent\updates\7.9.7_42331.exe] => (Allow) C:\users\admin.vaio-duo\appdata\roaming\bittorrent\updates\7.9.7_42331.exe
FirewallRules: [UDP Query User{AD9D5424-8CF0-4A2A-813C-E8CBA16C7942}C:\users\admin.vaio-duo\appdata\roaming\bittorrent\updates\7.9.7_42331.exe] => (Allow) C:\users\admin.vaio-duo\appdata\roaming\bittorrent\updates\7.9.7_42331.exe
FirewallRules: [{84AAE820-04FE-4E8B-B37F-A48EAEA56BB3}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{24238CE8-6178-4E7E-9172-123F08F1BF40}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{89FABCA1-8AFA-44A7-A91C-35D92829EB52}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe
FirewallRules: [{558AB4DF-EBBF-422A-81F6-5A302FC634B7}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe
FirewallRules: [{9D84D4B4-8642-4616-9084-F179F54E90E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1D57426B-B5DD-4588-9918-3738CE7FEB1B}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [{2A7EF46D-E6A0-45F9-879C-C9EEDE337E9E}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{AFB675A2-7AF1-407D-9397-72BE2D47E1B9}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{3E0AE885-C01C-4C51-B82E-7A99C1BF3C42}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Name: Intel® Serial IO I2C Host Controller - 9C61
Description: Intel® Serial IO I2C Host Controller - 9C61
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: iaLPSS_I2C
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: Intel® Serial IO I2C Host Controller - 9C62
Description: Intel® Serial IO I2C Host Controller - 9C62
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: iaLPSS_I2C
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: Intel® Serial IO UART Host Controller - 9C64
Description: Intel® Serial IO UART Host Controller - 9C64
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: iaLPSS_UART2
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: Intel Collaborative Processor Performance Control (CPPC) Driver
Description: Intel Collaborative Processor Performance Control (CPPC) Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: IntelHSWPcc
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Intel® Experience Center Driver
Description: Intel® Experience Center Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (06/26/2016 08:48:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: プログラム wwahost.exe バージョン 6.3.9600.17415 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション センター コントロール パネルで、問題の履歴をクリックしてください。

プロセス ID: 32c

開始時刻: 01d1cf3b6a42476c

終了時刻: 4294967295

アプリケーション パス: C:\Windows\system32\wwahost.exe

レポート ID: 5dc05c2f-3b2f-11e6-836d-00acbcc2871a

障害が発生しているパッケージのフル ネーム: CrackleInc.Crackle_1.1.0.92_x64__gn1at2342eymg

障害が発生しているパッケージに関連するアプリケーション ID: App

Error: (06/26/2016 04:22:30 AM) (Source: MsiInstaller) (EventID: 11316) (User: VAIO-DUO)
Description: 製品 : OL姉妹 -- エラー 1316。  The specified account already exists.

Error: (06/26/2016 04:00:35 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/25/2016 03:01:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: プログラム Explorer.EXE バージョン 6.3.9600.18231 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション センター コントロール パネルで、問題の履歴をクリックしてください。

プロセス ID: 1588

開始時刻: 01d1ce90b7edfee7

終了時刻: 0

アプリケーション パス: C:\Windows\Explorer.EXE

レポート ID: 359daf6c-3a9a-11e6-836a-00acbcc2871a

障害が発生しているパッケージのフル ネーム:

障害が発生しているパッケージに関連するアプリケーション ID:

Error: (06/25/2016 09:46:36 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/24/2016 04:19:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIO-DUO)
Description: アプリ microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.People のライセンス認証がエラーで失敗しました: -2144980991。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error: (06/24/2016 04:17:56 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/24/2016 03:56:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: プログラム Explorer.EXE バージョン 6.3.9600.18231 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション センター コントロール パネルで、問題の履歴をクリックしてください。

プロセス ID: 177c

開始時刻: 01d1cde4ec324361

終了時刻: 0

アプリケーション パス: C:\Windows\Explorer.EXE

レポート ID: ba737a9d-39d8-11e6-8369-00acbcc2871a

障害が発生しているパッケージのフル ネーム:

障害が発生しているパッケージに関連するアプリケーション ID:

Error: (06/24/2016 06:51:54 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: エラーが発生したため、ボリューム Windows RE tools は最適化されませんでした: The parameter is incorrect. (0x80070057)

Error: (06/24/2016 05:30:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: プログラム wwahost.exe バージョン 6.3.9600.17415 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション センター コントロール パネルで、問題の履歴をクリックしてください。

プロセス ID: 206c

開始時刻: 01d1cd8d579816cb

終了時刻: 4294967295

アプリケーション パス: C:\Windows\system32\wwahost.exe

レポート ID: 4a58baae-3981-11e6-8368-00acbcc2871a

障害が発生しているパッケージのフル ネーム: CrackleInc.Crackle_1.1.0.92_x64__gn1at2342eymg

障害が発生しているパッケージに関連するアプリケーション ID: App


System errors:
=============
Error: (06/27/2016 10:43:09 AM) (Source: DCOM) (EventID: 10005) (User: VAIO-DUO)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/27/2016 10:43:09 AM) (Source: DCOM) (EventID: 10005) (User: VAIO-DUO)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/27/2016 10:43:09 AM) (Source: DCOM) (EventID: 10005) (User: VAIO-DUO)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/27/2016 10:43:09 AM) (Source: DCOM) (EventID: 10005) (User: VAIO-DUO)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/27/2016 10:43:09 AM) (Source: DCOM) (EventID: 10005) (User: VAIO-DUO)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/27/2016 10:43:09 AM) (Source: DCOM) (EventID: 10005) (User: VAIO-DUO)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/27/2016 10:43:09 AM) (Source: DCOM) (EventID: 10005) (User: VAIO-DUO)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/27/2016 10:43:09 AM) (Source: DCOM) (EventID: 10005) (User: VAIO-DUO)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/27/2016 10:43:09 AM) (Source: DCOM) (EventID: 10005) (User: VAIO-DUO)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/27/2016 10:43:09 AM) (Source: DCOM) (EventID: 10005) (User: VAIO-DUO)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}


CodeIntegrity:
===================================
  Date: 2016-06-26 04:32:58.352
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Akihiko\Desktop\Adobe Director 12.0\Shortcut\OLSHIMAI\MHS6.1\CCZYLZD because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-06-26 04:25:56.650
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Akihiko\Desktop\Adobe Director 12.0\Shortcut\OLSHIMAI\MHS6.1\YIKYC because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-06-26 04:25:53.015
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Akihiko\Desktop\Adobe Director 12.0\Shortcut\OLSHIMAI\MHS6.1\LXLYLCTM because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-06-25 17:35:37.342
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Akihiko\Desktop\Adobe Director 12.0\Shortcut\OLSHIMAI\MHS6.1\TUYVTW because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-06-20 17:06:27.241
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Akihiko\Downloads\MHS6.1\QBDI because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 26%
Total physical RAM: 8087.79 MB
Available physical RAM: 5930.57 MB
Total Virtual: 9367.79 MB
Available Virtual: 7366.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:212.42 GB) (Free:22.79 GB) NTFS
Drive d: () (Removable) (Total:238.78 GB) (Free:137.38 GB) NTFS

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================



#3 Steiner1639

Steiner1639
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 27 June 2016 - 01:01 PM

Kaspersky Virus Removal Tool was able to detect 2 trojans, finally.

I will go ahead and remove this, and it might solve the issue.

Thanks



#4 Steiner1639

Steiner1639
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 27 June 2016 - 02:50 PM

Okay. So, now that the trojan was removed, the norton updates have decreased.

It only notifies of one for around every 45 minutes, but it's still there.

 

Is there anything more I can do?



#5 Steiner1639

Steiner1639
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 27 June 2016 - 04:14 PM

I was able to detect two instances of

Trojan-Downloader.JS.Agent.ldh

and these were then removed.

 

Again, I am hoping these will now solve the issue, but if there is anything more I can do, it will help to know about it.

Thanks



#6 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:16 PM

Posted 02 July 2016 - 12:20 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/618345 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#7 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:16 PM

Posted 02 July 2016 - 07:52 PM

You have stated that you no longer need help with this issue, therefore I am closing this topic. If that is not the case and you need or wish to continue with this topic, please send any Moderator a Personal Message (PM) that you would like this topic re-opened.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users