Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Receiving spam from my own email


  • This topic is locked This topic is locked
2 replies to this topic

#1 gescalada

gescalada

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:27 AM

Posted 07 December 2014 - 09:52 AM

Hi! I posted in "Am I infected? What do I do?" the following message:

 

"Hello! My name is Gabriela, I'm currently using Windows 8.1 and I've been receiving spam e-mails from my own e-mail adress, as well as sending it to my contact list. I've already tried cleaning my pc following a guide (which isn't from bleeping computer) and using Rkill, Malwarebytes, HitmanPro, RogueKiller and my usual anti-virus software, Avast!, but none of them showed me any threats.

I've already had this problem before and tried using Combofix, but I'm pretty sure it was with my old pc, so I haven't ran it in this one yet, and I'm willing to do things the right way now.

How can I solve this annoying problem and make sure my pc is clean from any threats?

 

I thank in advance to any help you give me."

 

and I was told to post here. I tried following the preparation guide but I was unable to run the DDS.

 

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by Gabriela at 2014-12-07 14:46:04
Microsoft Windows 8.1 
System drive C: has 732 GB (79%) free of 921 GB
Total RAM: 8071 MB (77% free)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:46:05, on 07/12/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\usuRio\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files\trend micro\Gabriela.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://uk.search.yahoo.com/?type=711278&fr=sp_tr_ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\usuRio\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: NI Error Reporting.lnk = C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\national instruments\shared\mdns responder\nimdnsnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Kaspersky Endpoint Security Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe
O23 - Service: @oem13.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service (ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\SysWOW64\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\WINDOWS\SysWOW64\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\WINDOWS\SysWOW64\lktsrv.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
O23 - Service: NI Application Web Server (NIApplicationWebServer) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: National Instruments mDNS Responder Service (nimDNSResponder) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
O23 - Service: NI System Web Server (niSvcLoc) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Intel® System Behavior Tracker Collector Service (SampleCollector) - Intel Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: User Energy Server Service (USER_ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 16293 bytes
 
======Listing Processes======
 
 
 
 
 
wininit.exe
 
winlogon.exe
 
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\WLANExt.exe 12958266176
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
taskhostex.exe 
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" 
"c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
taskeng.exe {B5B753B3-E70E-4060-B4EF-0B154EB67E9F}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
/QuitInfo:0000000000000710;0000000000000714;  
/loadhooks /Parent:00000000000009a8
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE" 
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"
C:\WINDOWS\SysWOW64\lkads.exe
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe"
"C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe" -system
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe"
"C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE" "C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe"
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe" -r
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe
C:\WINDOWS\SysWOW64\lkcitdl.exe
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83}
C:\WINDOWS\SysWOW64\lktsrv.exe
"C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe" -Embedding
"C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user
"C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-27ccde79-4262-420d-8e68-73cc5fc47675 -SystemEventPortName:HostProcess-5678bef6-246c-4fb6-be8f-0d35dbc5713b -IoCancelEventPortName:HostProcess-82ef31b5-6927-449f-889d-95ee658a9de7 -NonStateChangingEventPortName:HostProcess-8d444af9-c581-44d0-9621-e08483e3a663 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:35fac9bc-6dbf-4f30-9f42-09fb6212d593 -DeviceGroupId:WudfDefaultDevicePool
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" 
"C:\Windows\System32\igfxtray.exe" 
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe" 
"C:\Windows\System32\igfxpers.exe" 
"C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SONYAPO
"C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE" 
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe" 
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\usuRio\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" 
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe" 
"C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe" 
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" 
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\iTunes\iTunesHelper.exe" 
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe" 
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Sony\VAIO Update\vuagent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\iPod\bin\iPodService.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\WINDOWS\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"" "--start" "--register_port" "--address" "127.0.0.1" "--port" "49266" "--pause_on_user_switching" "--depend_on_service" "SampleCollector" "--depend_on_service_start_state_not" "disabled" "--time_in_ms" "--pause" "5000" "--library" "C:\Program Files\Sony\VAIO Care\ESRV\intel_modeler.dll" "--no_pl" "--watchdog" "10" "--watchdog_cpu_usage_limit" "50" "--end_on_error" "--kernel_priority_boost" "--shutdown_priority_boost" "--device_options" " time=no output=no output_folder='C:\ProgramData\Sony Corporation\VAIO Care\inteldata\userlogs' limit_output_by=time output_limit=3600000 output_buffer=1024 il='C:\Program Files\Sony\VAIO Care\ESRV\sony_foreground_window_input.dll' " 
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe" "--AUTO_START" "--start" "--address" "127.0.0.1" "--port" "49265" "--depend_on_service" "SampleCollector" "--depend_on_service_start_state_not" "disabled" "--time_in_ms" "--pause" "5000" "--library" "C:\Program Files\Sony\VAIO Care\ESRV\intel_modeler.dll" "--no_pl" "--watchdog" "10" "--watchdog_cpu_usage_limit" "50" "--end_on_error" "--kernel_priority_boost" "--shutdown_priority_boost" "--device_options" " time=no output=w output_folder='C:\ProgramData\Sony Corporation\VAIO Care\inteldata' limit_output_by=time output_limit=3600000 output_buffer=1024 il='C:\Program Files\Sony\VAIO Care\ESRV\sony_acpi_battery_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\sony_sema_thermal_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\sony_wifi_input.dll' " 
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=10000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1" "/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\%C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata"
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe" -System
C:\WINDOWS\system32\DllHost.exe /Processid:{B32DAC50-97B2-4BF7-A8DB-418294621529}
"C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe" -User
"C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" -versionsave -reminder -autoupdate
"C:\Program Files\Sony\VAIO Care\VCService.exe"
"C:\Program Files\Sony\VAIO Care\VCAgent.exe"
"C:\Program Files (x86)\Steam\steam.exe" "steam://rungameid/294510"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Program Files (x86)\Steam\config\htmlcache" -cookiepath "C:\Program Files (x86)\Steam\config\cookies" -steampid 1864 --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
 
"C:\Users\usuRio\Downloads\RSITx64.exe" 
 
======Scheduled tasks folder======
 
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe  
 
======Registry dump======
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-10-22 218776]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-08 553896]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-19 612248]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-10-14 2334928]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-08 211880]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-10-22 153248]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-11-05 462760]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-19 457712]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-10-14 1729752]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-11-05 171944]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-25 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-25 771544]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-25 770520]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-02-11 1381744]
"Broadcom Wireless Manager UI"=C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [2013-03-14 10590208]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-07-12 2752752]
"Bluetooth"=C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [2013-09-04 534232]
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-10-21 22869088]
"Spotify Web Helper"=C:\Users\usuRio\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-10-18 1514040]
 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-30 421888]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-06 4085896]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-07-08 152392]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe [2013-11-27 741360]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"NI Update Service"=C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [2011-11-02 3004512]
 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
NI Error Reporting.lnk - C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\SYSTEM32\igfxdev.dll [2014-01-25 624640]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
 
======File associations======
 
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install - 
.scr - config - 
 
======List of files/folders created in the last 2 months======
 
2014-12-07 14:38:05 ----D---- C:\rsit
2014-12-07 14:38:05 ----D---- C:\Program Files\trend micro
2014-12-07 13:17:55 ----A---- C:\WINDOWS\system32\drivers\HmseUsb.sys
2014-12-07 12:37:17 ----A---- C:\WINDOWS\SYSWOW64\drivers\HmseUsb.sys
2014-12-07 12:37:17 ----A---- C:\WINDOWS\SYSWOW64\drivers\E1usb.sys
2014-12-07 12:36:17 ----A---- C:\WINDOWS\SYSWOW64\hhactivex.dll
2014-12-07 12:35:17 ----D---- C:\WorkSpace
2014-12-07 12:32:29 ----A---- C:\WINDOWS\Hew2Inst.ini
2014-12-01 10:05:52 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_40.dll
2014-12-01 10:05:52 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_40.dll
2014-12-01 10:05:52 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2014-12-01 10:05:52 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2014-12-01 10:05:49 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_40.dll
2014-12-01 10:05:49 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2014-12-01 10:03:55 ----D---- C:\Program Files (x86)\Ubisoft
2014-11-30 21:10:48 ----D---- C:\Program Files (x86)\Steam
2014-11-30 11:51:59 ----D---- C:\WINDOWS\Downloaded Installations
2014-11-30 10:47:52 ----D---- C:\ProgramData\Renesas
2014-11-30 10:47:26 ----D---- C:\Program Files (x86)\Renesas
2014-11-26 15:38:54 ----D---- C:\Users\usuRio\AppData\Roaming\National Instruments
2014-11-26 15:30:02 ----D---- C:\Program Files (x86)\HI-TECH Software
2014-11-26 15:25:43 ----D---- C:\WINDOWS\system32\cvirte
2014-11-26 15:25:39 ----D---- C:\WINDOWS\SYSWOW64\cvirte
2014-11-26 15:25:27 ----D---- C:\Program Files\National Instruments
2014-11-26 15:23:51 ----D---- C:\Program Files (x86)\National Instruments
2014-11-26 15:20:21 ----D---- C:\ProgramData\National Instruments
2014-11-18 20:23:40 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2014-11-18 20:23:40 ----A---- C:\WINDOWS\system32\kerberos.dll
2014-11-18 20:23:39 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2014-11-18 20:23:39 ----A---- C:\WINDOWS\system32\pku2u.dll
2014-11-17 19:33:30 ----D---- C:\Program Files (x86)\Mad Scientist Productions
2014-11-16 00:40:34 ----D---- C:\Program Files\Recuva
2014-11-15 00:49:38 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-11-12 16:25:41 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-11-12 16:25:40 ----A---- C:\WINDOWS\system32\msi.dll
2014-11-12 16:25:39 ----A---- C:\WINDOWS\system32\authui.dll
2014-11-12 16:25:38 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-11-12 16:25:37 ----A---- C:\WINDOWS\SYSWOW64\msihnd.dll
2014-11-12 16:25:37 ----A---- C:\WINDOWS\system32\msihnd.dll
2014-11-12 16:25:37 ----A---- C:\WINDOWS\system32\consent.exe
2014-11-12 16:25:37 ----A---- C:\WINDOWS\system32\appinfo.dll
2014-11-12 16:25:29 ----A---- C:\WINDOWS\system32\user32.dll
2014-11-12 16:25:27 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2014-11-12 16:25:27 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-11-12 16:25:26 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-11-12 16:25:25 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-11-12 16:25:24 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2014-11-12 16:25:23 ----A---- C:\WINDOWS\system32\winshfhc.dll
2014-11-12 16:24:50 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2014-11-12 16:24:50 ----A---- C:\WINDOWS\system32\schannel.dll
2014-11-12 16:24:50 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2014-11-12 16:24:49 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2014-11-12 16:24:49 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2014-11-12 16:23:47 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2014-11-12 16:23:47 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-11-12 16:23:47 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-11-12 16:23:47 ----A---- C:\WINDOWS\system32\certcli.dll
2014-11-12 16:23:46 ----A---- C:\WINDOWS\SYSWOW64\msaudite.dll
2014-11-12 16:23:46 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll
2014-11-12 16:23:46 ----A---- C:\WINDOWS\system32\rfxvmt.dll
2014-11-12 16:23:46 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2014-11-12 16:23:46 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-11-12 16:23:46 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-11-12 16:23:46 ----A---- C:\WINDOWS\system32\adtschema.dll
2014-11-12 16:23:45 ----A---- C:\WINDOWS\system32\rdpudd.dll
2014-11-12 16:23:45 ----A---- C:\WINDOWS\system32\msaudite.dll
2014-11-12 16:21:31 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2014-11-12 16:21:31 ----A---- C:\WINDOWS\system32\msxml3.dll
2014-11-12 16:21:26 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-11-12 16:21:26 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-11-12 16:21:26 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-11-12 16:21:26 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-11-12 16:21:26 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-11-12 16:21:26 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-12 16:21:26 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-11-12 16:21:26 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-12 16:21:26 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-11-12 16:21:25 ----A---- C:\WINDOWS\system32\EncDump.dll
2014-11-12 16:21:21 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-11-12 16:21:19 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-11-12 16:19:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-11-12 16:19:37 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-11-12 16:19:25 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-11-12 16:19:20 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-11-12 16:19:17 ----A---- C:\WINDOWS\system32\wininet.dll
2014-11-12 16:19:16 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-11-12 16:19:16 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-11-12 16:19:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-11-12 16:19:15 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-11-12 16:19:14 ----A---- C:\WINDOWS\system32\inetcomm.dll
2014-11-12 16:19:14 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-11-12 16:19:13 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2014-11-12 16:19:13 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-11-12 16:19:12 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2014-11-12 16:19:12 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-11-12 16:19:11 ----A---- C:\WINDOWS\system32\jscript.dll
2014-11-12 16:19:11 ----A---- C:\WINDOWS\system32\ieui.dll
2014-11-12 16:19:10 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-11-12 16:19:10 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-11-12 16:19:09 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-11-12 16:19:09 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2014-11-12 16:19:09 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-11-12 16:19:08 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-11-12 16:19:07 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-11-12 16:19:07 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-11-12 16:19:07 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-11-12 16:19:06 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-11-12 16:19:06 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-11-12 16:19:06 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-11-12 16:19:05 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2014-11-12 16:19:05 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-11-12 16:19:05 ----A---- C:\WINDOWS\system32\webcheck.dll
2014-11-12 16:19:05 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-12 16:19:04 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2014-11-12 16:19:04 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-11-12 16:19:03 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-11-12 16:19:03 ----A---- C:\WINDOWS\system32\hlink.dll
2014-11-12 16:19:02 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-11-12 16:19:02 ----A---- C:\WINDOWS\SYSWOW64\inseng.dll
2014-11-12 16:19:02 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-11-12 16:19:02 ----A---- C:\WINDOWS\SYSWOW64\iesysprep.dll
2014-11-12 16:19:02 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2014-11-12 16:19:02 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-11-12 16:19:02 ----A---- C:\WINDOWS\system32\iesysprep.dll
2014-11-12 16:19:02 ----A---- C:\WINDOWS\system32\iepeers.dll
2014-11-12 16:19:02 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-11-12 16:19:01 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2014-11-12 16:19:01 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2014-11-12 16:19:01 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-12 16:19:01 ----A---- C:\WINDOWS\system32\inseng.dll
2014-11-12 16:19:00 ----A---- C:\WINDOWS\SYSWOW64\occache.dll
2014-11-12 16:19:00 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-11-12 16:19:00 ----A---- C:\WINDOWS\SYSWOW64\msfeedsbs.dll
2014-11-12 16:19:00 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-11-12 16:19:00 ----A---- C:\WINDOWS\SYSWOW64\IEAdvpack.dll
2014-11-12 16:19:00 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-11-12 16:19:00 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-11-12 16:18:59 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 16:18:59 ----A---- C:\WINDOWS\SYSWOW64\iexpress.exe
2014-11-12 16:18:59 ----A---- C:\WINDOWS\system32\occache.dll
2014-11-12 16:18:59 ----A---- C:\WINDOWS\system32\msrating.dll
2014-11-12 16:18:59 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-11-12 16:18:58 ----A---- C:\WINDOWS\SYSWOW64\pngfilt.dll
2014-11-12 16:18:58 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-11-12 16:18:58 ----A---- C:\WINDOWS\SYSWOW64\licmgr10.dll
2014-11-12 16:18:58 ----A---- C:\WINDOWS\SYSWOW64\imgutil.dll
2014-11-12 16:18:58 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-11-12 16:18:58 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-11-12 16:18:58 ----A---- C:\WINDOWS\system32\pngfilt.dll
2014-11-12 16:18:58 ----A---- C:\WINDOWS\system32\licmgr10.dll
2014-11-12 16:18:58 ----A---- C:\WINDOWS\system32\imgutil.dll
2014-11-12 16:18:57 ----A---- C:\WINDOWS\SYSWOW64\wextract.exe
2014-11-12 16:18:57 ----A---- C:\WINDOWS\SYSWOW64\url.dll
2014-11-12 16:18:57 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-11-12 16:18:57 ----A---- C:\WINDOWS\system32\url.dll
2014-11-12 16:18:57 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-11-12 16:18:56 ----A---- C:\WINDOWS\system32\wextract.exe
2014-11-12 16:18:56 ----A---- C:\WINDOWS\system32\IEAdvpack.dll
2014-11-12 16:18:55 ----A---- C:\WINDOWS\system32\iexpress.exe
2014-11-12 16:18:55 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-11-12 16:18:54 ----A---- C:\WINDOWS\SYSWOW64\mshta.exe
2014-11-12 16:18:54 ----A---- C:\WINDOWS\SYSWOW64\msfeedssync.exe
2014-11-12 16:18:54 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2014-11-12 16:18:53 ----A---- C:\WINDOWS\system32\mshta.exe
2014-11-12 16:18:41 ----A---- C:\WINDOWS\system32\win32k.sys
2014-11-12 16:18:40 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2014-11-12 16:18:40 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2014-11-12 16:18:40 ----A---- C:\WINDOWS\system32\packager.dll
2014-11-12 16:18:40 ----A---- C:\WINDOWS\system32\oleaut32.dll
2014-11-12 16:18:36 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-11-12 16:18:35 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-11-12 16:18:35 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-11-12 16:18:35 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-12 16:18:35 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-11-12 16:18:35 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-11-12 16:18:34 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-11-12 16:18:34 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-11-12 16:18:34 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-11-12 16:18:34 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-11-12 16:18:34 ----A---- C:\WINDOWS\system32\wups2.dll
2014-11-12 16:18:34 ----A---- C:\WINDOWS\system32\wups.dll
2014-11-12 16:18:34 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-11-12 16:18:34 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-11-12 16:18:33 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-11-12 16:18:33 ----A---- C:\WINDOWS\system32\wuaext.dll
2014-11-12 16:18:21 ----A---- C:\WINDOWS\system32\shell32.dll
2014-11-12 16:18:18 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-11-12 16:18:17 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-11-12 16:18:14 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-12 16:18:13 ----A---- C:\WINDOWS\system32\twinui.dll
2014-11-12 16:18:11 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-11-12 16:18:09 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-12 16:18:09 ----A---- C:\WINDOWS\system32\localspl.dll
2014-11-12 16:18:08 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-12 16:18:06 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-11-12 16:18:04 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2014-11-12 16:18:04 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-11-12 16:18:04 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-11-12 16:18:02 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2014-11-12 16:18:01 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2014-11-12 16:18:00 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2014-11-12 16:18:00 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2014-11-12 16:18:00 ----A---- C:\WINDOWS\system32\puiobj.dll
2014-11-12 16:17:58 ----AC---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-11-12 16:17:57 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-11-12 16:17:56 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2014-11-12 16:17:56 ----A---- C:\WINDOWS\system32\untfs.dll
2014-11-12 16:17:54 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-12 16:17:47 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2014-11-12 16:17:47 ----A---- C:\WINDOWS\system32\FXSAPI.dll
2014-11-09 17:14:54 ----RHD---- C:\Users\usuRio\AppData\Roaming\SecuROM
2014-11-09 16:58:46 ----D---- C:\ProgramData\EA Core
2014-11-09 16:54:31 ----A---- C:\WINDOWS\SYSWOW64\vp6vfw.dll
2014-11-09 15:00:54 ----D---- C:\Program Files (x86)\Origin Games
2014-11-09 14:58:58 ----D---- C:\Users\usuRio\AppData\Roaming\Origin
2014-11-09 14:57:34 ----D---- C:\ProgramData\Origin
2014-11-09 14:57:31 ----D---- C:\ProgramData\Electronic Arts
2014-11-09 14:57:25 ----D---- C:\Program Files (x86)\Origin
2014-11-05 15:10:55 ----A---- C:\WINDOWS\SYSWOW64\javaws.exe
2014-11-05 15:10:47 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2014-11-05 15:10:47 ----A---- C:\WINDOWS\SYSWOW64\javaw.exe
2014-11-05 15:10:47 ----A---- C:\WINDOWS\SYSWOW64\java.exe
2014-11-04 23:18:12 ----D---- C:\Users\usuRio\AppData\Roaming\DesktopIconForAmazon
2014-11-03 10:51:26 ----D---- C:\Users\usuRio\AppData\Roaming\Subversion
2014-11-02 14:49:06 ----D---- C:\WINDOWS\ERUNT
2014-11-02 14:35:10 ----A---- C:\WINDOWS\SYSWOW64\sqlite3.dll
2014-11-02 14:33:56 ----D---- C:\AdwCleaner
2014-11-02 14:07:02 ----A---- C:\WINDOWS\system32\drivers\TrueSight.sys
2014-11-02 14:07:01 ----D---- C:\ProgramData\RogueKiller
2014-11-02 13:50:24 ----D---- C:\Program Files\HitmanPro
2014-11-02 11:11:26 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-11-02 11:11:14 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-11-02 11:11:13 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-02 11:11:13 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2014-11-02 11:11:13 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-10-31 17:08:55 ----D---- C:\ProgramData\Kaspersky Lab
2014-10-31 17:08:55 ----D---- C:\Program Files (x86)\Kaspersky Lab
2014-10-31 17:08:08 ----A---- C:\WINDOWS\system32\drivers\klif.sys
2014-10-31 17:08:07 ----A---- C:\WINDOWS\system32\drivers\klflt.sys
2014-10-26 21:13:45 ----D---- C:\WINDOWS\PCHEALTH
2014-10-26 09:44:59 ----D---- C:\Users\usuRio\AppData\Roaming\e-academy Inc
2014-10-19 17:15:01 ----D---- C:\ProgramData\IARSystems
2014-10-19 17:15:00 ----D---- C:\Users\usuRio\AppData\Roaming\IAR Embedded Workbench
2014-10-19 17:14:15 ----D---- C:\ProgramData\SafeNet Sentinel
2014-10-19 17:13:52 ----A---- C:\WINDOWS\system32\drivers\sentinel64.sys
2014-10-19 16:41:29 ----D---- C:\Program Files\DIFX
2014-10-18 17:42:42 ----D---- C:\Users\usuRio\AppData\Roaming\Spotify
2014-10-16 16:23:19 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2014-10-16 16:23:19 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-10-16 16:23:14 ----A---- C:\WINDOWS\system32\winbici.dll
2014-10-16 16:22:59 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2014-10-16 16:22:59 ----A---- C:\WINDOWS\system32\rastls.dll
2014-10-16 16:21:15 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-16 16:21:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-10-16 16:21:10 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-10-16 16:21:10 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-10-16 16:21:10 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-10-16 16:21:06 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-10-16 16:21:05 ----A---- C:\WINDOWS\system32\ntdll.dll
2014-10-16 16:21:04 ----A---- C:\WINDOWS\system32\KernelBase.dll
2014-10-16 16:21:03 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2014-10-16 16:21:03 ----A---- C:\WINDOWS\system32\propsys.dll
2014-10-16 16:21:02 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-10-16 16:21:02 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-10-16 16:21:02 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2014-10-16 16:21:01 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2014-10-16 16:21:01 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-10-16 16:21:01 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-10-16 16:21:01 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2014-10-16 16:21:01 ----A---- C:\WINDOWS\system32\Wldap32.dll
2014-10-16 16:21:01 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-16 16:21:00 ----A---- C:\WINDOWS\SYSWOW64\SkyDriveShell.dll
2014-10-16 16:21:00 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-16 16:21:00 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-16 16:21:00 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-10-16 16:21:00 ----A---- C:\WINDOWS\system32\ProximityService.dll
2014-10-16 16:21:00 ----A---- C:\WINDOWS\system32\pcsvDevice.dll
2014-10-16 16:21:00 ----A---- C:\WINDOWS\system32\httpprxm.dll
2014-10-16 16:21:00 ----A---- C:\WINDOWS\system32\bisrv.dll
2014-10-16 16:21:00 ----A---- C:\WINDOWS\system32\adhsvc.dll
2014-10-16 16:20:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 16:20:59 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
 
======List of files/folders modified in the last 2 months======
 
2014-12-07 14:38:57 ----D---- C:\WINDOWS\Prefetch
2014-12-07 14:38:05 ----D---- C:\Program Files
2014-12-07 14:16:57 ----RD---- C:\Program Files (x86)
2014-12-07 14:12:09 ----D---- C:\WINDOWS\System32
2014-12-07 14:12:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-07 14:12:08 ----D---- C:\WINDOWS\Inf
2014-12-07 14:10:11 ----D---- C:\WINDOWS\system32\Tasks
2014-12-07 14:09:22 ----D---- C:\WINDOWS\Temp
2014-12-07 14:09:04 ----D---- C:\Windows
2014-12-07 14:08:26 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-12-07 14:02:50 ----D---- C:\WINDOWS\Microsoft.NET
2014-12-07 14:00:00 ----D---- C:\WINDOWS\system32\sru
2014-12-07 13:45:58 ----D---- C:\WINDOWS\system32\drivers
2014-12-07 13:27:39 ----HD---- C:\Config.Msi
2014-12-07 13:26:26 ----D---- C:\WINDOWS\system32\catroot
2014-12-07 13:25:29 ----SHD---- C:\WINDOWS\Installer
2014-12-07 13:19:56 ----D---- C:\Users\usuRio\AppData\Roaming\Skype
2014-12-07 13:18:14 ----D---- C:\WINDOWS\SYSWOW64\drivers
2014-12-07 13:18:11 ----D---- C:\WINDOWS\system32\DriverStore
2014-12-07 12:36:17 ----D---- C:\WINDOWS\SysWOW64
2014-12-07 12:34:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-12-07 12:34:09 ----SHD---- C:\System Volume Information
2014-12-07 12:23:56 ----D---- C:\Program Files (x86)\Common Files
2014-12-05 10:15:43 ----D---- C:\Users\usuRio\AppData\Roaming\Dropbox
2014-12-02 23:09:15 ----D---- C:\ProgramData\Skype
2014-12-02 23:09:07 ----RD---- C:\Program Files (x86)\Skype
2014-12-01 10:05:06 ----RSD---- C:\WINDOWS\assembly
2014-11-30 10:47:52 ----HD---- C:\ProgramData
2014-11-26 15:54:01 ----D---- C:\WINDOWS\system32\config
2014-11-26 15:28:29 ----D---- C:\Program Files\Common Files\microsoft shared
2014-11-26 15:25:13 ----D---- C:\WINDOWS\WinSxS
2014-11-26 11:07:26 ----D---- C:\WINDOWS\CbsTemp
2014-11-17 22:33:50 ----D---- C:\WINDOWS\system32\catroot2
2014-11-16 22:28:17 ----D---- C:\WINDOWS\system32\NDF
2014-11-15 10:43:11 ----D---- C:\WINDOWS\rescache
2014-11-15 09:11:50 ----D---- C:\ProgramData\Package Cache
2014-11-15 00:40:38 ----D---- C:\Program Files\Windows Defender
2014-11-15 00:40:36 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-15 00:40:32 ----D---- C:\WINDOWS\system32\wbem
2014-11-15 00:40:24 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-11-15 00:40:24 ----D---- C:\WINDOWS\system32\en-US
2014-11-15 00:40:21 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-15 00:40:19 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-11-15 00:40:16 ----D---- C:\WINDOWS\system32\migration
2014-11-15 00:40:12 ----D---- C:\Program Files\Internet Explorer
2014-11-15 00:40:05 ----RD---- C:\WINDOWS\ToastData
2014-11-15 00:40:01 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-11-15 00:39:59 ----D---- C:\WINDOWS\apppatch
2014-11-15 00:39:41 ----D---- C:\WINDOWS\system32\MRT
2014-11-15 00:34:40 ----A---- C:\WINDOWS\system32\MRT.exe
2014-11-14 19:08:50 ----D---- C:\ProgramData\Microsoft Help
2014-11-14 12:05:40 ----D---- C:\WINDOWS\Tasks
2014-11-12 17:23:31 ----A---- C:\WINDOWS\win.ini
2014-11-05 15:11:31 ----D---- C:\ProgramData\Oracle
2014-11-03 10:49:13 ----D---- C:\Program Files\MATLAB
2014-10-31 17:45:52 ----D---- C:\WINDOWS\system32\GroupPolicy
2014-10-31 17:09:05 ----HD---- C:\WINDOWS\ELAMBKUP
2014-10-28 20:07:57 ----SD---- C:\ProgramData\Microsoft
2014-10-26 11:20:20 ----SD---- C:\Users\usuRio\AppData\Roaming\Microsoft
2014-10-26 10:13:28 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-10-26 10:12:27 ----D---- C:\WINDOWS\ShellNew
2014-10-26 10:10:53 ----D---- C:\Program Files (x86)\Microsoft Office
2014-10-26 10:10:15 ----D---- C:\Program Files\Microsoft Office
2014-10-26 10:09:53 ----A---- C:\WINDOWS\ODBC.INI
2014-10-16 22:48:07 ----D---- C:\WINDOWS\MediaViewer
2014-10-16 22:48:07 ----D---- C:\WINDOWS\FileManager
2014-10-16 22:48:07 ----D---- C:\WINDOWS\Camera
2014-10-16 22:48:03 ----D---- C:\WINDOWS\WinStore
2014-10-16 16:54:10 ----RSD---- C:\WINDOWS\Fonts
 
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R0 aswNdisFlt;@oem21.inf,%AfwDescriptionFree%;Avast! Firewall Driver; C:\WINDOWS\system32\DRIVERS\aswNdisFlt.sys [2014-07-19 448400]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-07-19 65776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-07-19 224896]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-02-08 647736]
R0 KL1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2013-09-05 7717984]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2014-07-19 28184]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2014-07-19 93568]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-11-22 1041168]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-07-19 427360]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 dtsoftbus01;@oem14.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-05-22 283064]
R1 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2013-07-08 30816]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2014-10-31 665184]
R1 KLIM6;@oem66.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\WINDOWS\system32\DRIVERS\klim6.sys [2013-07-11 30304]
R1 klwfp;klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [2013-02-27 50448]
R1 kneps;kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [2013-07-01 177760]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-07-19 29208]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-07-19 79184]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2014-07-19 92008]
R3 bcbtums;@oem13.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2013-09-04 170712]
R3 BCM42RLY;BCM42RLY; C:\WINDOWS\system32\drivers\BCM42RLY.sys [2013-03-14 23760]
R3 BCM43XX;@oem8.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2014-07-13 7488176]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-03-18 81920]
R3 btwampfl;@oem13.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2013-09-04 166104]
R3 btwaudio;@oem3.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\WINDOWS\system32\drivers\btwaudio.sys [2013-09-26 186584]
R3 btwavdt;@oem4.inf,%btwavdt.SVCDESC%;Bluetooth AVDT Service; C:\WINDOWS\System32\drivers\btwavdt.sys [2013-09-26 228568]
R3 btwl2cap;@oem12.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\WINDOWS\system32\DRIVERS\btwl2cap.sys [2013-09-26 40248]
R3 btwrchid;btwrchid; C:\WINDOWS\System32\drivers\btwrchid.sys [2013-09-26 38616]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HmseUsb;@oem63.inf,%HmseUsb.DeviceDesc%;FDM; C:\WINDOWS\System32\drivers\HmseUsb.sys [2010-07-23 40184]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-25 4221440]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-02-14 3867224]
R3 IntcDAud;@oem7.inf,%IntcDAud.SvcDesc%;Intel® Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-03-14 342528]
R3 iwdbus;@oem35.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-26 27032]
R3 MEIx64;@oem28.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-23 62784]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-03-18 167424]
R3 RSPCIESTOR;@oem1.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2013-12-19 356056]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 semav6thermal64ro;semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [2014-08-13 13792]
R3 SFEP;@oem29.inf,%SvcDesc%;Sony Firmware Extension Parser; C:\WINDOWS\System32\drivers\SFEP.sys [2012-07-11 14336]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2013-07-12 34544]
R3 SynTP;@oem17.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-07-12 521968]
R3 tap0901;@oem36.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
R3 tapoas;@oem39.inf,%DeviceDescription%;TAP-Win32 Adapter OAS; C:\WINDOWS\system32\DRIVERS\tapoas.sys [2012-07-15 30720]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
S0 klelam;klelam; C:\WINDOWS\system32\DRIVERS\klelam.sys [2012-07-27 29616]
S2 Sentinel64;Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 dot4;@oem23.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-09-25 151968]
S3 Dot4Print;@oem24.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-09-25 27040]
S3 dot4usb;@oem23.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-09-25 49056]
S3 intaud_WaveExtensible;@oem34.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-26 38296]
S3 USBAAPL64;@oem45.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2014-06-11 54784]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
S3 usbser;@oem38.inf,%ServiceName%;USB RS-232 Emulation Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-22 33280]
 
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R2 AdobeARMservice;Adobe Acrobat Update Service; c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-19 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-07-19 106488]
R2 AVP;Kaspersky Endpoint Security Service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe [2013-11-27 741360]
R2 Bonjour Service;Serviço do Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2013-09-04 976600]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 ESRV_SVC;Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-19 377768]
R2 hpqddsvc;Serviço de Descoberta de dispositivos CUE HP; C:\WINDOWS\syswow64\svchost.exe [2013-08-22 31552]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 Intel® ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-01-23 129824]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2013-01-23 166688]
R2 LkCitadelServer;Lookout Citadel Server; C:\WINDOWS\SysWOW64\lkcitdl.exe [2010-10-27 695136]
R2 lkClassAds;National Instruments PSP Server Locator; C:\WINDOWS\SysWOW64\lkads.exe [2011-06-14 46192]
R2 lkTimeSync;National Instruments Time Synchronization; C:\WINDOWS\SysWOW64\lktsrv.exe [2011-06-14 56952]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2013-01-23 277792]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2013-08-22 37768]
R2 NIApplicationWebServer;NI Application Web Server; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-05-27 50336]
R2 NIDomainService;National Instruments Domain Service; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [2011-06-14 362104]
R2 nimDNSResponder;National Instruments mDNS Responder Service; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-06-01 194224]
R2 niSvcLoc;NI System Web Server; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [2011-05-27 50328]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2013-08-22 37768]
R2 SampleCollector;Intel® System Behavior Tracker Collector Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2013-11-19 266168]
R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-01-23 365344]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe [2012-11-24 67536]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\syswow64\svchost.exe [2013-08-22 31552]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-07-08 641352]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]
R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2014-07-02 59240]
S2 BcmBtRSupport;@oem13.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2013-09-04 2252504]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-17 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 cphs;Intel® Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-25 279000]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-07-26 1030600]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-17 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NetworkSupport;NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [2013-09-28 629336]
S3 NILM License Manager;NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2010-08-02 1427688]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-06 1900400]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2013-01-30 124568]
S3 SOHDms;VAIO Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2013-03-01 463000]
S3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2013-01-30 79000]
S3 Sony SCSI Helper Service;Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [2012-09-19 73728]
S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-01 289952]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 USER_ESRV_SVC;User Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-19 377768]
S3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2013-01-31 477792]
S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2013-01-06 972000]
S4 NIApplicationWebServer64;NI Application Web Server (64-bit); C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-05-27 68256]
 
-----------------EOF-----------------
 


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:27 PM

Posted 11 December 2014 - 09:32 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

How is the computer running?
Wait for further instructions.

p.s.
If I were you I would create a new e-mail account.
Tell all my contacts to use that new one from now and and confirm.
When all have confirmed delete the spoofed e-mail account.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:27 PM

Posted 17 December 2014 - 10:02 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users