Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My laptop's sound has disappeared, scared it might be some virus?


  • This topic is locked This topic is locked
29 replies to this topic

#1 nev19

nev19

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 17 July 2014 - 02:12 PM

Since 2-3 days, my laptop sound has been going off and returns sometimes.. it has the latest drivers and I don't remember downloading anything new.. so I'm afraid it's some kind of virus..

 

Can someone please help me fix this as it's very frustrating to have no sound..



BC AdBot (Login to Remove)

 


#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,118 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:52 AM

Posted 21 July 2014 - 09:30 AM

Hello and Welcome on board ,

my Name is Machiavelli and I will assist you with your problem.
If you booted into safe mode on your computer then print my instructions!
I'm in the 'Malware Staff Team' and will provide you with advice:

To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.

Below are a few tips:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
 

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 nev19

nev19
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 21 July 2014 - 01:27 PM

Hi there.. thnx for the reply and here are both logs..

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by Neville (administrator) on VAIO on 21-07-2014 23:53:53
Running from C:\Users\Neville\Desktop
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Flux Software LLC) C:\Users\Neville\AppData\Local\FluxSoftware\Flux\flux.exe
(Dropbox, Inc.) C:\Users\Neville\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcfgex.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10590208 2013-03-14] (Broadcom Corporation)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-11] (Realtek Semiconductor)
HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [533208 2013-04-03] (Broadcom Corporation.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Run: [Google Update] => C:\Users\Neville\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-31] (Google Inc.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Run: [Facebook Update] => C:\Users\Neville\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-27] (Facebook Inc.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Run: [GoogleChromeAutoLaunch_025349DF926404DCBA5805A40191CC91] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Run: [f.lux] => C:\Users\Neville\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [Google Update] => C:\Users\Neville\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-31] (Google Inc.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [CPN Notifier] => C:\Program Files (x86)\Intertops Poker\PokerNotifier.exe 
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [Facebook Update] => C:\Users\Neville\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-27] (Facebook Inc.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [GoogleChromeAutoLaunch_025349DF926404DCBA5805A40191CC91] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
AppInit_DLLs: C:\PROGRA~2\SW_X64~1.BOO => C:\PROGRA~2\SW_X64~1.BOO File Not Found
Startup: C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Neville\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{67916458-BEE9-4A48-8387-C78A355ED6BE}: [NameServer]59.185.0.50,59.185.0.23
Tcpip\..\Interfaces\{A7CA6FDC-65B3-4CF9-B6DE-3266EBD35973}: [NameServer]59.185.0.50,59.185.0.23
 
FireFox:
========
FF ProfilePath: C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287
FF SelectedSearchEngine: SweetIM Search
FF Homepage: hxxp://home.sweetim.com
FF Keyword.URL: user_pref("keyword.URL", "");
FF DefaultSearchEngine: SweetIM Search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Neville\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Neville\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Neville\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Neville\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Neville\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Neville\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Neville\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\searchplugins\sweetim.xml
FF Extension: SweetIM Toolbar for Firefox - C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2014-07-05]
FF Extension: DownThemAll! - C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-06-19]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
 
Chrome: 
=======
CHR StartupUrls: ""
CHR Extension: (Google Docs) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-04]
CHR Extension: (Google Drive) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-07]
CHR Extension: (YouTube) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-04]
CHR Extension: (Adblock Plus) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-16]
CHR Extension: (Google Search) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-04]
CHR Extension: (Empty New Tab Page) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjamkmjmigaoobjbekmfgabipmfilij [2014-04-04]
CHR Extension: (Google Wallet) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-04]
CHR Extension: (Gmail) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-04]
 
==================== Services (Whitelisted) =================
 
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1417160 2014-06-17] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2228440 2013-05-16] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639576 2013-05-11] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2012-09-20] (Sony Corporation) [File not signed]
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-07] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation) [File not signed]
R2 postgresql-8.4; C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w [X]
 
==================== Drivers (Whitelisted) ====================
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-05-14] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170200 2013-05-16] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8469680 2014-03-14] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 BTWPANFL; C:\Windows\system32\drivers\btwpanfl.sys [44912 2013-05-16] (Broadcom Corporation.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S3 ptun0901; C:\Windows\system32\DRIVERS\ptun0901.sys [40664 2014-03-10] (The OpenVPN Project)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-06] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-07-12] (Synaptics Incorporated)
S3 tapSF0901; C:\Windows\system32\DRIVERS\tapSF0901.sys [39104 2014-03-21] (Spotflux, Inc.)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-21 23:53 - 2014-07-21 23:54 - 00022734 _____ () C:\Users\Neville\Desktop\FRST.txt
2014-07-21 23:53 - 2014-07-21 23:53 - 00000000 ____D () C:\FRST
2014-07-21 23:52 - 2014-07-21 23:53 - 02090496 _____ (Farbar) C:\Users\Neville\Desktop\FRST64.exe
2014-07-21 18:29 - 2014-07-21 20:28 - 168193306 _____ () C:\Users\Neville\Desktop\CLPVideo0016.mp4
2014-07-21 18:29 - 2014-07-21 20:27 - 168457810 _____ () C:\Users\Neville\Desktop\CLPVideo0015.mp4
2014-07-21 18:15 - 2014-07-21 20:34 - 174101904 _____ () C:\Users\Neville\Desktop\CLPVideo0014.mp4
2014-07-21 18:14 - 2014-07-21 20:24 - 152806655 _____ () C:\Users\Neville\Desktop\CLPVideo0013.mp4
2014-07-21 18:14 - 2014-07-21 19:59 - 171618646 _____ () C:\Users\Neville\Desktop\CLPVideo0012.mp4
2014-07-21 18:13 - 2014-07-21 20:21 - 144772978 _____ () C:\Users\Neville\Desktop\CLPVideo0011.mp4
2014-07-20 04:36 - 2014-07-20 10:22 - 00005782 _____ () C:\Users\Neville\Desktop\Thyroxine.txt
2014-07-17 19:53 - 2014-07-17 19:53 - 00001092 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2014-07-16 06:14 - 2014-07-18 02:43 - 00000000 ____D () C:\Users\Neville\Desktop\Crush Live Poker
2014-07-16 01:26 - 2014-07-21 19:50 - 00379655 _____ () C:\Windows\WindowsUpdate.log
2014-07-15 16:19 - 2014-07-18 02:43 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\vlc
2014-07-15 16:18 - 2014-07-15 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-15 16:17 - 2014-07-15 16:17 - 00000000 ____D () C:\Program Files\VideoLAN
2014-07-15 15:07 - 2014-07-15 15:07 - 00000000 ___HD () C:\Users\Neville\Desktop\.picasaoriginals
2014-07-15 15:03 - 2014-07-15 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-07-15 14:53 - 2014-07-15 14:53 - 00000000 ____D () C:\Users\Neville\Documents\Fax
2014-07-15 14:53 - 2014-07-15 14:53 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-07-12 02:10 - 2014-07-12 02:10 - 00472008 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 22:30 - 2014-05-03 12:04 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-09 22:29 - 2014-06-18 04:57 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 22:29 - 2014-06-18 04:54 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 22:29 - 2014-06-11 09:48 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 22:29 - 2014-06-03 04:03 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-09 22:29 - 2014-05-30 05:01 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-09 22:29 - 2014-05-30 04:33 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-09 22:29 - 2014-05-30 04:32 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 22:29 - 2014-05-30 04:32 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-09 22:29 - 2014-05-03 12:03 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-09 22:29 - 2014-05-03 10:21 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-09 22:29 - 2014-05-02 04:07 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-09 22:29 - 2014-04-30 04:02 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-07-09 22:29 - 2014-04-30 04:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-07-09 22:29 - 2014-04-24 05:21 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-09 22:29 - 2014-04-24 05:21 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 22:29 - 2014-04-24 05:08 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-09 22:29 - 2014-04-24 05:08 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 22:29 - 2014-02-08 10:04 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-09 22:28 - 2014-06-19 07:41 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 22:28 - 2014-06-19 07:40 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 22:28 - 2014-06-19 07:40 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 22:28 - 2014-06-19 07:40 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 22:28 - 2014-06-19 06:23 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 22:28 - 2014-06-19 06:22 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 22:28 - 2014-06-19 06:22 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 22:27 - 2014-06-19 07:42 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 22:27 - 2014-06-19 07:42 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 22:27 - 2014-06-19 07:42 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-09 22:27 - 2014-06-19 07:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-09 22:27 - 2014-06-19 07:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 22:27 - 2014-06-19 07:41 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 22:27 - 2014-06-19 07:41 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 22:27 - 2014-06-19 07:39 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 22:27 - 2014-06-19 06:23 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 22:27 - 2014-06-19 06:23 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 22:27 - 2014-06-19 06:23 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 22:27 - 2014-06-19 06:23 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 22:27 - 2014-06-19 06:23 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 22:27 - 2014-06-19 06:23 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 22:27 - 2014-06-19 06:22 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 22:27 - 2014-06-19 06:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 22:27 - 2014-06-19 06:00 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 22:27 - 2014-06-19 03:35 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-09 22:27 - 2014-06-06 19:36 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 22:27 - 2014-06-06 15:47 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 22:27 - 2014-05-30 03:54 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-08 04:48 - 2014-07-15 15:28 - 00000000 ____D () C:\Users\Neville\Desktop\LKK Visa
2014-07-05 02:19 - 2014-07-05 02:19 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-07-05 01:46 - 2014-07-05 01:46 - 00000000 ____D () C:\Program Files (x86)\AVI to MP4 Converter
2014-07-05 01:44 - 2014-07-05 01:44 - 00000000 ____D () C:\ProgramData\A-PDF Text Replace
2014-07-04 02:58 - 2014-07-04 03:21 - 00000000 ____D () C:\Users\Neville\AppData\Local\FullTiltPoker
2014-07-04 02:58 - 2014-07-04 02:58 - 00000000 ____D () C:\Users\Neville\AppData\Local\cache
2014-07-04 02:58 - 2014-07-04 02:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Tilt Poker
2014-07-04 02:57 - 2014-07-05 03:47 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker
2014-06-30 23:02 - 2014-06-30 23:02 - 00000044 _____ () C:\speederr.txt
2014-06-30 22:14 - 2014-06-30 22:14 - 00000000 ____D () C:\Users\Neville\AppData\Local\Hold'em_Manager
2014-06-30 19:40 - 2014-06-30 22:57 - 00000000 ____D () C:\HM2Archive
2014-06-30 19:36 - 2014-07-18 07:07 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\HoldemManager
2014-06-30 19:36 - 2014-07-17 19:53 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2014-06-30 19:36 - 2014-06-30 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Holdem Manager 2
2014-06-30 16:57 - 2014-06-30 16:57 - 00002024 _____ () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars Beta.lnk
2014-06-30 16:57 - 2014-06-30 16:57 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.Beta
2014-06-30 16:56 - 2014-06-30 16:58 - 00000000 ____D () C:\Program Files (x86)\PokerStars.Beta
2014-06-27 06:21 - 2014-06-27 07:52 - 00000000 ____D () C:\Users\Neville\Downloads\Krrish 3 (2013) - 720p - DVDRip - x264 - AAc E-Subs [D3Si MaNiACs]
2014-06-26 13:42 - 2014-06-26 13:42 - 00000000 ____D () C:\Users\Neville\Downloads\Main Tera Hero (2014) Hindi Non-Retail DVDRip XviD - HTRG
2014-06-26 00:01 - 2014-06-30 02:34 - 00000000 ____D () C:\Users\Neville\Downloads\Queen 2014 Hindi 720p DvDRip x264 AAC...Hon3y
2014-06-26 00:01 - 2014-06-27 11:11 - 00000000 ____D () C:\Users\Neville\Downloads\Gulaab Gang 2014 Hindi 720p DvDRip x264 AAC...Hon3y
2014-06-25 23:59 - 2014-06-27 09:12 - 00000000 ____D () C:\Users\Neville\Downloads\Hasee Toh Phasee 2014 Hindi 720p DvDRip x264 AAC...Hon3y
2014-06-25 23:55 - 2014-07-01 21:41 - 1285190501 _____ () C:\Users\Neville\Downloads\Shaadi.Ke.Side.Effects.2014.720p.BluRay.x264.ShAaNiG.com.mkv
2014-06-25 21:31 - 2014-06-26 11:32 - 00000000 ____D () C:\Users\Neville\Downloads\Jai Ho (2014)
2014-06-25 19:17 - 2014-07-02 20:44 - 1460824684 _____ () C:\Users\Neville\Downloads\Lamhe 1991 DvDrip 1.36GB AVI ~ Musical Romance ~ [RdY] .avi
2014-06-25 17:40 - 2014-06-25 17:40 - 00000000 ____D () C:\Users\Neville\Downloads\Mickey Virus (2013) 1CD Dvdrip X264 MP3 [D3Si MaNiACs]
2014-06-25 17:38 - 2014-06-25 18:04 - 00000000 ____D () C:\Users\Neville\Downloads\Gangs Of Wasseypur 2012 Hindi BRRip 720p x264 AAC 5.1...Hon3y
2014-06-25 13:05 - 2014-06-27 21:40 - 00000000 ____D () C:\Users\Neville\Downloads\Satyagraha 2013 Hindi DvDRip 720p x264 AAC...Hon3y
2014-06-25 13:05 - 2014-06-26 05:56 - 00000000 ____D () C:\Users\Neville\Downloads\The Attacks of 26-11 2013 Hindi 720p DvDRip CharmeLeon SilverRG
2014-06-25 13:05 - 2014-06-26 02:50 - 00000000 ____D () C:\Users\Neville\Downloads\Madras Cafe 2013 Hindi BRRip 720p x264 AC3 5.1...Hon3y
2014-06-25 12:18 - 2014-06-30 19:56 - 00000000 ____D () C:\Users\Neville\Downloads\Grand Masti 2013 Hindi DvDRip 720p x264 AC3 5.1...Hon3y
2014-06-25 12:17 - 2014-06-25 13:04 - 1048124663 _____ () C:\Users\Neville\Downloads\Main.Tera.Hero.2014.720p.BluRay.999MB.ShAaNiG.com.mkv
2014-06-25 12:16 - 2014-06-26 03:58 - 00000000 ____D () C:\Users\Neville\Downloads\Dhoom 3 (2013) 720p BRrip.x264 SUJAIDR
2014-06-25 12:12 - 2014-06-27 19:50 - 731765983 _____ () C:\Users\Neville\Downloads\Black Friday 2007 1CD DVDRip x264 MP3 [Phantom].mkv
2014-06-25 12:11 - 2014-06-25 12:39 - 00000000 ____D () C:\Users\Neville\Downloads\Parzania 2007 Dvdrip x264 Ratzz
2014-06-24 08:37 - 2014-06-24 08:37 - 00001089 _____ () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.lnk
2014-06-24 08:37 - 2014-06-24 08:37 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
2014-06-22 08:50 - 2014-07-03 02:20 - 00006144 _____ () C:\Windows\SysWOW64\pokerclient.log
2014-06-22 08:50 - 2014-07-03 02:20 - 00000912 _____ () C:\Windows\SysWOW64\poker.jex
2014-06-22 08:50 - 2014-06-22 08:50 - 00000000 _____ () C:\Windows\SysWOW64\userdatatransfer.log
 
==================== One Month Modified Files and Folders =======
 
2014-07-21 23:54 - 2014-07-21 23:53 - 00022734 _____ () C:\Users\Neville\Desktop\FRST.txt
2014-07-21 23:53 - 2014-07-21 23:53 - 00000000 ____D () C:\FRST
2014-07-21 23:53 - 2014-07-21 23:52 - 02090496 _____ (Farbar) C:\Users\Neville\Desktop\FRST64.exe
2014-07-21 23:32 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\system32\sru
2014-07-21 23:28 - 2014-04-04 01:42 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-21 23:19 - 2014-02-27 15:44 - 00000946 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001UA.job
2014-07-21 23:10 - 2014-01-10 22:22 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-21 23:07 - 2013-12-11 15:13 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-21 23:04 - 2013-12-31 22:29 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001UA.job
2014-07-21 21:04 - 2013-12-31 22:29 - 00000874 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001Core.job
2014-07-21 20:34 - 2014-07-21 18:15 - 174101904 _____ () C:\Users\Neville\Desktop\CLPVideo0014.mp4
2014-07-21 20:28 - 2014-07-21 18:29 - 168193306 _____ () C:\Users\Neville\Desktop\CLPVideo0016.mp4
2014-07-21 20:27 - 2014-07-21 18:29 - 168457810 _____ () C:\Users\Neville\Desktop\CLPVideo0015.mp4
2014-07-21 20:24 - 2014-07-21 18:14 - 152806655 _____ () C:\Users\Neville\Desktop\CLPVideo0013.mp4
2014-07-21 20:21 - 2014-07-21 18:13 - 144772978 _____ () C:\Users\Neville\Desktop\CLPVideo0011.mp4
2014-07-21 19:59 - 2014-07-21 18:14 - 171618646 _____ () C:\Users\Neville\Desktop\CLPVideo0012.mp4
2014-07-21 19:50 - 2014-07-16 01:26 - 00379655 _____ () C:\Windows\WindowsUpdate.log
2014-07-21 17:46 - 2014-03-05 09:13 - 00000000 ___RD () C:\Users\Neville\Dropbox
2014-07-21 17:46 - 2014-03-05 09:12 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\DropboxMaster
2014-07-21 17:46 - 2014-03-05 09:11 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Dropbox
2014-07-21 17:45 - 2014-04-04 01:42 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-21 17:45 - 2014-03-24 07:24 - 00000458 ____H () C:\Windows\Tasks\SW.Booster-S-1935984173.job
2014-07-21 17:44 - 2012-07-26 12:52 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-21 15:24 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-07-21 14:55 - 2012-07-26 10:56 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-21 05:19 - 2014-02-27 15:44 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001Core.job
2014-07-20 10:22 - 2014-07-20 04:36 - 00005782 _____ () C:\Users\Neville\Desktop\Thyroxine.txt
2014-07-20 01:33 - 2013-12-30 12:01 - 00000000 ____D () C:\Users\Neville\AppData\Local\PokerStars
2014-07-18 16:26 - 2013-12-12 07:17 - 00000000 ____D () C:\Program Files (x86)\CarbonPoker
2014-07-18 16:26 - 2012-07-26 10:56 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-18 07:07 - 2014-06-30 19:36 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\HoldemManager
2014-07-18 07:01 - 2014-05-21 09:22 - 00000000 ____D () C:\BlackChipPoker
2014-07-18 02:43 - 2014-07-16 06:14 - 00000000 ____D () C:\Users\Neville\Desktop\Crush Live Poker
2014-07-18 02:43 - 2014-07-15 16:19 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\vlc
2014-07-17 23:52 - 2014-01-10 23:10 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\BitTorrent
2014-07-17 19:53 - 2014-07-17 19:53 - 00001092 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2014-07-17 19:53 - 2014-06-30 19:36 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2014-07-17 16:40 - 2013-12-12 07:20 - 00000000 ____D () C:\Users\Neville\AppData\Local\eclipse
2014-07-16 06:32 - 2013-12-11 14:43 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2107339062-2504870960-3837946639-1001
2014-07-16 00:20 - 2014-06-16 08:22 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-07-15 22:00 - 2012-07-26 13:29 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-15 16:18 - 2014-07-15 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-15 16:17 - 2014-07-15 16:17 - 00000000 ____D () C:\Program Files\VideoLAN
2014-07-15 15:28 - 2014-07-08 04:48 - 00000000 ____D () C:\Users\Neville\Desktop\LKK Visa
2014-07-15 15:07 - 2014-07-15 15:07 - 00000000 ___HD () C:\Users\Neville\Desktop\.picasaoriginals
2014-07-15 15:04 - 2013-12-31 22:29 - 00000000 ____D () C:\Users\Neville\AppData\Local\Google
2014-07-15 15:03 - 2014-07-15 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-07-15 15:03 - 2014-03-13 21:21 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-15 14:53 - 2014-07-15 14:53 - 00000000 ____D () C:\Users\Neville\Documents\Fax
2014-07-15 14:53 - 2014-07-15 14:53 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-07-14 01:03 - 2012-07-26 12:58 - 00848230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-12 19:15 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\rescache
2014-07-12 02:10 - 2014-07-12 02:10 - 00472008 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 03:22 - 2012-07-26 13:42 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 03:22 - 2012-07-26 13:42 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 03:22 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\WinStore
2014-07-11 03:22 - 2012-07-26 13:22 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 01:48 - 2013-12-29 04:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 01:41 - 2013-12-29 04:18 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 16:22 - 2014-03-24 08:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-08 23:09 - 2013-12-11 15:13 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-05 09:16 - 2013-12-11 14:46 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Skype
2014-07-05 03:47 - 2014-07-04 02:57 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker
2014-07-05 02:19 - 2014-07-05 02:19 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-07-05 02:19 - 2014-06-16 06:35 - 00000000 ____D () C:\Users\Neville\AppData\Local\FluxSoftware
2014-07-05 01:46 - 2014-07-05 01:46 - 00000000 ____D () C:\Program Files (x86)\AVI to MP4 Converter
2014-07-05 01:44 - 2014-07-05 01:44 - 00000000 ____D () C:\ProgramData\A-PDF Text Replace
2014-07-04 19:54 - 2014-03-31 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-04 03:21 - 2014-07-04 02:58 - 00000000 ____D () C:\Users\Neville\AppData\Local\FullTiltPoker
2014-07-04 02:58 - 2014-07-04 02:58 - 00000000 ____D () C:\Users\Neville\AppData\Local\cache
2014-07-04 02:58 - 2014-07-04 02:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Tilt Poker
2014-07-03 02:20 - 2014-06-22 08:50 - 00006144 _____ () C:\Windows\SysWOW64\pokerclient.log
2014-07-03 02:20 - 2014-06-22 08:50 - 00000912 _____ () C:\Windows\SysWOW64\poker.jex
2014-07-03 01:54 - 2013-12-11 14:42 - 00000000 ____D () C:\Update
2014-07-02 20:44 - 2014-06-25 19:17 - 1460824684 _____ () C:\Users\Neville\Downloads\Lamhe 1991 DvDrip 1.36GB AVI ~ Musical Romance ~ [RdY] .avi
2014-07-01 21:41 - 2014-06-25 23:55 - 1285190501 _____ () C:\Users\Neville\Downloads\Shaadi.Ke.Side.Effects.2014.720p.BluRay.x264.ShAaNiG.com.mkv
2014-06-30 23:02 - 2014-06-30 23:02 - 00000044 _____ () C:\speederr.txt
2014-06-30 23:02 - 2013-12-11 14:35 - 00000000 ____D () C:\Users\Neville\AppData\Local\VirtualStore
2014-06-30 22:57 - 2014-06-30 19:40 - 00000000 ____D () C:\HM2Archive
2014-06-30 22:44 - 2014-04-30 22:57 - 32464204 _____ () C:\blitzerr.txt
2014-06-30 22:14 - 2014-06-30 22:14 - 00000000 ____D () C:\Users\Neville\AppData\Local\Hold'em_Manager
2014-06-30 19:56 - 2014-06-25 12:18 - 00000000 ____D () C:\Users\Neville\Downloads\Grand Masti 2013 Hindi DvDRip 720p x264 AC3 5.1...Hon3y
2014-06-30 19:36 - 2014-06-30 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Holdem Manager 2
2014-06-30 19:36 - 2014-01-06 04:13 - 00000000 ____D () C:\Program Files (x86)\PSQLINSTALL
2014-06-30 16:58 - 2014-06-30 16:56 - 00000000 ____D () C:\Program Files (x86)\PokerStars.Beta
2014-06-30 16:57 - 2014-06-30 16:57 - 00002024 _____ () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars Beta.lnk
2014-06-30 16:57 - 2014-06-30 16:57 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.Beta
2014-06-30 02:34 - 2014-06-26 00:01 - 00000000 ____D () C:\Users\Neville\Downloads\Queen 2014 Hindi 720p DvDRip x264 AAC...Hon3y
2014-06-29 14:29 - 2014-05-22 12:39 - 00000178 _____ () C:\Users\Neville\Desktop\Merge.txt
2014-06-27 21:40 - 2014-06-25 13:05 - 00000000 ____D () C:\Users\Neville\Downloads\Satyagraha 2013 Hindi DvDRip 720p x264 AAC...Hon3y
2014-06-27 19:50 - 2014-06-25 12:12 - 731765983 _____ () C:\Users\Neville\Downloads\Black Friday 2007 1CD DVDRip x264 MP3 [Phantom].mkv
2014-06-27 11:11 - 2014-06-26 00:01 - 00000000 ____D () C:\Users\Neville\Downloads\Gulaab Gang 2014 Hindi 720p DvDRip x264 AAC...Hon3y
2014-06-27 09:12 - 2014-06-25 23:59 - 00000000 ____D () C:\Users\Neville\Downloads\Hasee Toh Phasee 2014 Hindi 720p DvDRip x264 AAC...Hon3y
2014-06-27 07:52 - 2014-06-27 06:21 - 00000000 ____D () C:\Users\Neville\Downloads\Krrish 3 (2013) - 720p - DVDRip - x264 - AAc E-Subs [D3Si MaNiACs]
2014-06-27 02:23 - 2013-12-31 02:16 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-27 02:23 - 2013-12-31 02:16 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-26 16:23 - 2013-12-30 12:00 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-06-26 13:42 - 2014-06-26 13:42 - 00000000 ____D () C:\Users\Neville\Downloads\Main Tera Hero (2014) Hindi Non-Retail DVDRip XviD - HTRG
2014-06-26 11:32 - 2014-06-25 21:31 - 00000000 ____D () C:\Users\Neville\Downloads\Jai Ho (2014)
2014-06-26 05:56 - 2014-06-25 13:05 - 00000000 ____D () C:\Users\Neville\Downloads\The Attacks of 26-11 2013 Hindi 720p DvDRip CharmeLeon SilverRG
2014-06-26 03:58 - 2014-06-25 12:16 - 00000000 ____D () C:\Users\Neville\Downloads\Dhoom 3 (2013) 720p BRrip.x264 SUJAIDR
2014-06-26 02:50 - 2014-06-25 13:05 - 00000000 ____D () C:\Users\Neville\Downloads\Madras Cafe 2013 Hindi BRRip 720p x264 AC3 5.1...Hon3y
2014-06-25 20:59 - 2013-12-31 22:29 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001UA
2014-06-25 20:59 - 2013-12-31 22:29 - 00003496 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001Core
2014-06-25 18:04 - 2014-06-25 17:38 - 00000000 ____D () C:\Users\Neville\Downloads\Gangs Of Wasseypur 2012 Hindi BRRip 720p x264 AAC 5.1...Hon3y
2014-06-25 17:40 - 2014-06-25 17:40 - 00000000 ____D () C:\Users\Neville\Downloads\Mickey Virus (2013) 1CD Dvdrip X264 MP3 [D3Si MaNiACs]
2014-06-25 13:04 - 2014-06-25 12:17 - 1048124663 _____ () C:\Users\Neville\Downloads\Main.Tera.Hero.2014.720p.BluRay.999MB.ShAaNiG.com.mkv
2014-06-25 12:39 - 2014-06-25 12:11 - 00000000 ____D () C:\Users\Neville\Downloads\Parzania 2007 Dvdrip x264 Ratzz
2014-06-24 08:37 - 2014-06-24 08:37 - 00001089 _____ () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.lnk
2014-06-24 08:37 - 2014-06-24 08:37 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
2014-06-22 09:23 - 2014-04-04 01:42 - 00003882 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-22 09:23 - 2014-04-04 01:42 - 00003646 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-22 08:50 - 2014-06-22 08:50 - 00000000 _____ () C:\Windows\SysWOW64\userdatatransfer.log
 
Some content of TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Guest\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Guest\AppData\Local\Temp\i4jdel0.exe
C:\Users\Guest\AppData\Local\Temp\JExplorer32.2.7.1.dll
C:\Users\Guest\AppData\Local\Temp\JExplorer32.2.7.1.exe
C:\Users\Guest\AppData\Local\Temp\JExplorer64.2.7.1.dll
C:\Users\Neville\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqnzdp6.dll
C:\Users\Neville\AppData\Local\Temp\javasysmo1864101987622802282.dll
C:\Users\Neville\AppData\Local\Temp\javasysmo7637037792771181631.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-07 01:42
 
==================== End Of Log ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2014
Ran by Neville at 2014-07-21 23:55:34
Running from C:\Users\Neville\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: AVG Internet Security 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32128 - BitTorrent Inc.)
BlackChipPoker (HKLM-x32\...\FE4D6F94-B3D5-484b-94F7-8BC45DEB7A82) (Version: 16.6 - IGSoft)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.181 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.125 - Broadcom Corporation)
CarbonPoker (HKCU\...\CarbonPoker) (Version: 6.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
f.lux (HKCU\...\Flux) (Version:  - )
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 5.14.1.WIN.FullTilt.COM - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Holdem Manager (HKLM-x32\...\HoldemManager) (Version:  - )
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version:  - )
IBM SPSS Statistics 20 (HKLM-x32\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3372 - Intel Corporation)
Intel® PROSet/Wireless NFC Software (HKLM\...\Intel® PROSet/Wireless NFC Software) (Version: 1.1.1.002 - Intel Corporation)
Intel® PROSet/Wireless NFC Software (Version: 1.1.1.002 - Intel Corporation) Hidden
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
Intertops Poker (HKLM-x32\...\Intertops Poker) (Version: 2.0.1.7665 - Intertops Poker)
InterVoip (HKLM-x32\...\InterVoip_is1) (Version: 4.13 build 737 - Finarea S.A. Switzerland)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
PokerStars Beta (HKLM-x32\...\PokerStars Beta) (Version:  - PokerStars Beta)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
Reader for PC (HKLM-x32\...\{25340F94-F74E-4CCF-ABDF-ECBCF03911BE}) (Version: 2.0.00.07121 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28135 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.2.4 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27339 - TeamViewer)
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Remote Keyboard with PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.1.05220 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.2.0.02040 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{92907606-B2FC-4193-B0CE-A21159DA3ABB}) (Version: 8.4.0.14286 - Sony Corporation)
VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.0.03070 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.6400 - Broadcom Corporation)
William Hill Poker (HKCU\...\William Hill Poker) (Version:  - )
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
 
==================== Restore Points  =========================
 
29-06-2014 10:37:56 Scheduled Checkpoint
04-07-2014 20:46:18 Removed SweetIM for Messenger 3.6
09-07-2014 20:05:37 Windows Update
15-07-2014 16:28:31 Windows Update
 
==================== Hosts content: ==========================
 
2012-07-26 10:56 - 2012-07-26 10:56 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {06579122-4774-4FE5-BA42-2DFCD63E686B} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {0B929CE9-5CD0-47A6-9859-0423FCA07A18} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-02-05] (Sony Corporation)
Task: {18585BE6-AC4B-4E6E-96C4-8E1F69DAE58F} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-21] (Sony Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {28EAF5D8-B94E-418A-A4E3-DDB193749F87} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-04] (Google Inc.)
Task: {3B84A1E9-9312-43A3-A65D-F3DACCA46EE2} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-21] (Sony Corporation)
Task: {3BE20696-08EF-4F7D-ABF3-38ACFE32C73F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001Core => C:\Users\Neville\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-27] (Facebook Inc.)
Task: {400E75A3-2104-4880-A98C-98AB34BDB7C8} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {45709E94-B8EE-4C89-A2A7-B777A0121AD3} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-21] (Sony Corporation)
Task: {490EBB7C-2356-452C-9649-B1C69972B1D8} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-21] (Sony Corporation)
Task: {4D2798F3-9B93-426E-A832-D5E9B2EE09DA} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {50F85440-FDE9-4BC5-A180-262BC5A07999} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-21] (Sony Corporation)
Task: {5179E4E0-AA1B-48C0-B87F-9522BF8136AD} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {52E4841A-71D1-429B-8041-2303E3275D42} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-04] (Google Inc.)
Task: {5498C027-A95D-4CC9-99B4-6ACEC1536CED} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {56A8D7F9-58D8-48E0-BA81-2D60AAFB2BB5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {58E8E924-E7DB-4AA2-9329-4A16A05CC912} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-21] (Sony Corporation)
Task: {684817BB-2A3D-4E29-94B0-CD3E80177905} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {6FB19CEE-A97B-468E-9405-292CFD3C450F} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-25] (Sony Corporation)
Task: {76BAA88B-8F09-4798-9FB8-D3A0786346AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {937BB6D2-B63A-41F3-A31D-94B04E1DE358} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-21] (Sony Corporation)
Task: {93ED9CB3-B100-4718-A979-26BB0099323B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001UA => C:\Users\Neville\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-31] (Google Inc.)
Task: {A1806928-5204-420F-94D8-4390119A4658} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {A8534D1A-95C6-446A-9AC6-47AF29392045} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-21] (Sony Corporation)
Task: {B7E09FA6-0C97-413B-863D-1481B5152293} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: {BEA36ED1-14F5-4599-8DF4-E25C23F48700} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-21] (Sony Corporation)
Task: {C580D0E9-D750-410B-B24C-76A0B8AC245E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-10] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CFF959CF-48D1-48BC-B1DC-FFFBDCC46A9E} - System32\Tasks\SW.Booster-S-1935984173 => c:\programdata\puresafe\sw.booster\SW.Booster.exe
Task: {D0686BE4-176F-47F2-B1A1-26848FA9E4E9} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {D2BDFCC8-A2A9-45B4-96AB-2A7ECE41DD7B} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {DB9C472A-5A55-4FB6-99D2-4E3D7C7B69CA} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {DE2A91B0-06F3-44DC-8A4B-ECFDC24B9757} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {E6AF8ACF-CB89-4F92-A4E5-9FD60288E917} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-07-12] (Synaptics Incorporated)
Task: {E7FAAFD9-D76C-4386-BFCA-83B8C8527569} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {EA1C5486-6748-42A9-8B0F-47E76CF6A654} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001UA => C:\Users\Neville\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-27] (Facebook Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {EFE5F5D3-D274-44B5-A08D-0AD8D23C73B8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001Core => C:\Users\Neville\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-31] (Google Inc.)
Task: {FE58024E-BDBD-4703-85CC-7FAB87A92B67} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001Core.job => C:\Users\Neville\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001UA.job => C:\Users\Neville\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001Core.job => C:\Users\Neville\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001UA.job => C:\Users\Neville\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SW.Booster-S-1935984173.job => c:\programdata\puresafe\sw.booster\SW.Booster.exe <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2013-04-03 01:33 - 2013-04-03 01:33 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2010-01-30 12:10 - 2010-01-30 12:10 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-25 07:08 - 2010-03-25 07:08 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-03-15 00:51 - 2013-03-14 09:01 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-19 19:51 - 2013-11-19 19:51 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-01-06 04:15 - 2011-01-28 10:45 - 00172032 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\LIBPQ.dll
2014-01-06 04:15 - 2009-02-13 00:31 - 00976384 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\libxml2.dll
2014-01-06 04:15 - 2005-07-20 16:18 - 00059904 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\zlib1.dll
2014-07-20 05:33 - 2014-07-15 14:54 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-20 05:33 - 2014-07-15 14:54 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-20 05:33 - 2014-07-15 14:54 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-20 05:33 - 2014-07-15 14:54 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-20 05:33 - 2014-07-15 14:54 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-07-21 17:46 - 2014-07-21 17:46 - 00043008 _____ () c:\users\neville\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqnzdp6.dll
2013-08-24 00:31 - 2013-08-24 00:31 - 25100288 _____ () C:\Users\Neville\AppData\Roaming\Dropbox\bin\libcef.dll
2013-10-27 11:30 - 2013-01-23 14:56 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Program Files (x86)\Intertops Poker:MID
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
HKLM\...\StartupApproved\Run: => "Bluetooth"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKCU\...\StartupApproved\Run: => "CloudSystemBooster"
HKCU\...\StartupApproved\Run: => "Google Update"
HKCU\...\StartupApproved\Run: => "CPN Notifier"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/21/2014 05:45:16 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-07-21 17:45:16 ISTFATAL:  the database system is starting up
 
Error: (07/21/2014 05:45:15 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-07-21 17:45:15 ISTFATAL:  the database system is starting up
 
Error: (07/21/2014 05:45:14 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-07-21 17:45:14 ISTFATAL:  the database system is starting up
 
Error: (07/21/2014 02:56:39 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-07-21 14:56:39 ISTFATAL:  the database system is starting up
 
Error: (07/21/2014 02:56:38 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-07-21 14:56:38 ISTFATAL:  the database system is starting up
 
Error: (07/21/2014 02:55:19 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: The process cannot access the file because it is being used by another process.
 
Error: (07/21/2014 02:55:19 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: The process cannot access the file because it is being used by another process.
 
Error: (07/21/2014 02:55:00 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: VCSystemTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Composition.ImportCardinalityMismatchException
Stack:
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExports(System.ComponentModel.Composition.Primitives.ImportDefinition, System.ComponentModel.Composition.Hosting.AtomicComposition)
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValueCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.ComponentModel.Composition.Primitives.ImportCardinality)
   at VCSystemTray.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VCSystemTray.App.Main()
 
Error: (07/18/2014 10:07:52 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-07-18 22:07:52 ISTFATAL:  the database system is starting up
 
Error: (07/18/2014 10:07:51 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-07-18 22:07:51 ISTFATAL:  the database system is starting up
 
 
System errors:
=============
Error: (07/21/2014 05:44:53 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:56:30 PM on ‎2014-‎07-‎21 was unexpected.
 
Error: (07/21/2014 02:54:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/21/2014 01:14:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/20/2014 06:36:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/20/2014 10:23:04 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/20/2014 02:12:04 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/18/2014 10:06:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/18/2014 04:46:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/17/2014 11:35:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/17/2014 07:57:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
Error: (07/21/2014 05:45:16 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-07-21 17:45:16 ISTFATAL:  the database system is starting up
 
Error: (07/21/2014 05:45:15 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-07-21 17:45:15 ISTFATAL:  the database system is starting up
 
Error: (07/21/2014 05:45:14 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-07-21 17:45:14 ISTFATAL:  the database system is starting up
 
Error: (07/21/2014 02:56:39 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-07-21 14:56:39 ISTFATAL:  the database system is starting up
 
Error: (07/21/2014 02:56:38 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-07-21 14:56:38 ISTFATAL:  the database system is starting up
 
Error: (07/21/2014 02:55:19 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: The process cannot access the file because it is being used by another process.
 
Error: (07/21/2014 02:55:19 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: The process cannot access the file because it is being used by another process.
 
Error: (07/21/2014 02:55:00 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: VCSystemTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Composition.ImportCardinalityMismatchException
Stack:
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExports(System.ComponentModel.Composition.Primitives.ImportDefinition, System.ComponentModel.Composition.Hosting.AtomicComposition)
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValueCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.ComponentModel.Composition.Primitives.ImportCardinality)
   at VCSystemTray.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VCSystemTray.App.Main()
 
Error: (07/18/2014 10:07:52 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-07-18 22:07:52 ISTFATAL:  the database system is starting up
 
Error: (07/18/2014 10:07:51 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2014-07-18 22:07:51 ISTFATAL:  the database system is starting up
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 29%
Total physical RAM: 8070.8 MB
Available physical RAM: 5723.42 MB
Total Pagefile: 9286.8 MB
Available Pagefile: 6665.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:665.79 GB) (Free:572.48 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: F4E95A4A)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,118 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:52 AM

Posted 21 July 2014 - 01:40 PM

Download CKScanner from here

Important : Save it to your desktop.
  • Doubleclick CKScanner.exe and click Search For Files.(If you have Windows Vista / Windows 7 / Windows 8 please do a Right click on CKScanner.exe and select Run as Administrator)
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify that the file is saved.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 nev19

nev19
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 21 July 2014 - 01:43 PM

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\poker\william hill poker\data\slots_pinkpanther40line\animations\bonus_crack\crack_intro.swf
c:\program files\kmspico\tokensbackup\keys.txt
c:\program files\kmspico\tokensbackup\windows\data.dat
c:\program files\kmspico\tokensbackup\windows\pkeyconfig.xrm-ms
c:\program files\kmspico\tokensbackup\windows\tokens.dat
c:\program files\kmspico\tokensbackup\windows\cache\cache.dat
c:\program files (x86)\holdem manager 2\keygenerateclasslibrary.dll
c:\program files (x86)\rvg software\holdem manager\keygenerateclasslibrary.dll
scanner sequence 3.DD.11.HFAPWZ
 ----- EOF ----- 


#6 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,118 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:52 AM

Posted 21 July 2014 - 01:45 PM

Why are you using illegal software?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#7 nev19

nev19
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 21 July 2014 - 01:49 PM

What illegal software??



#8 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,118 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:52 AM

Posted 21 July 2014 - 01:51 PM

KMSpico.

Topic will be closed. I don't support any kind of illegal software.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#9 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,118 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:52 AM

Posted 21 July 2014 - 02:54 PM

After discussion with some colleagues I will continue helping. Please delete ALL illegal software and make a new CKScanner Scan and post the log.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#10 nev19

nev19
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 21 July 2014 - 03:01 PM

Thank you so much. I have deleted the KMSpico folder from C:/Program files as I couldn't find it under CCleaner (as I may already have deleted it before, I don't remember). Anyway, here's the new log:

 

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\poker\william hill poker\data\slots_pinkpanther40line\animations\bonus_crack\crack_intro.swf
c:\program files (x86)\holdem manager 2\keygenerateclasslibrary.dll
c:\program files (x86)\rvg software\holdem manager\keygenerateclasslibrary.dll
scanner sequence 3.AB.11.BSAAG0
 ----- EOF ----- 


#11 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,118 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:52 AM

Posted 21 July 2014 - 03:03 PM

c:\poker\william hill poker\data\slots_pinkpanther40line\animations\bonus_crack\crack_intro.swf
c:\program files (x86)\holdem manager 2\keygenerateclasslibrary.dll
c:\program files (x86)\rvg software\holdem manager\keygenerateclasslibrary.dll

That looks also illegal. If it is , please delete it and make a new CkScanner Scan and post the log.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#12 nev19

nev19
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 21 July 2014 - 03:38 PM

It's not illegal. The first one is an online poker software and the second one is a new poker tracking software that is on a free trial of 30 days.



#13 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,118 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:52 AM

Posted 21 July 2014 - 03:40 PM

OK

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#14 nev19

nev19
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 21 July 2014 - 07:47 PM

# AdwCleaner v3.216 - Report created 22/07/2014 at 05:19:19
# Updated 17/07/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Neville - VAIO
# Running from : C:\Users\Neville\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\safEwweb
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
Folder Deleted : C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjamkmjmigaoobjbekmfgabipmfilij
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlhndcoeoognolakeacgedifnajmkhli
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlhndcoeoognolakeacgedifnajmkhli
Folder Deleted : C:\Users\postgres\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlhndcoeoognolakeacgedifnajmkhli
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmbcnlplcnolphaaoidbcjblijdnlegg
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmbcnlplcnolphaaoidbcjblijdnlegg
Folder Deleted : C:\Users\postgres\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmbcnlplcnolphaaoidbcjblijdnlegg
File Deleted : C:\END
File Deleted : C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\searchplugins\conduit-search.xml
File Deleted : C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\searchplugins\SweetIm.xml
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\SweetIM
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.17028
 
 
-\\ Mozilla Firefox v28.0 (en-US)
 
[ File : C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\wguw992c.default\prefs.js ]
 
 
[ File : C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\prefs.js ]
 
Line Deleted : user_pref("browser.search.selectedEngine", "SweetIM Search");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://home.sweetim.com");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "google.com");
Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
Line Deleted : user_pref("browser.search.defaultenginename", "SweetIM Search");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Google");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "");
 
-\\ Google Chrome v36.0.1985.125
 
[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : dpjamkmjmigaoobjbekmfgabipmfilij
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
 
*************************
 
AdwCleaner[R0].txt - [4347 octets] - [25/03/2014 15:29:01]
AdwCleaner[R1].txt - [882 octets] - [25/03/2014 15:34:49]
AdwCleaner[R2].txt - [941 octets] - [26/03/2014 09:40:21]
AdwCleaner[R3].txt - [5222 octets] - [22/07/2014 05:15:34]
AdwCleaner[S0].txt - [4442 octets] - [25/03/2014 15:31:48]
AdwCleaner[S1].txt - [1001 octets] - [26/03/2014 09:44:57]
AdwCleaner[S2].txt - [5180 octets] - [22/07/2014 05:19:19]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [5240 octets] ##########
 
 
 
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 2014-07-22
Scan Time: 5:24:42 AM
Logfile: mbamlog.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.07.21.09
Rootkit Database: v2014.07.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8
CPU: x64
File System: NTFS
User: Neville
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 372333
Time Elapsed: 27 min, 58 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 2
PUP.Optional.weDownload.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\The weDownload Manager, No Action By User, [dac7c1df3a4145f15ca47d64f9095ba5], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2107339062-2504870960-3837946639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Conduit_Search_Protect, No Action By User, [178af8a84c2f999dbb58061c57ad55ab], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Neville on 2014-07-22 at  5:56:33.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2107339062-2504870960-3837946639-1001\Software\sweetim
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\Neville\AppData\Roaming\mozilla\firefox\profiles\zpq2ecz1.default-1395808145287\minidumps [1 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2014-07-22 at  6:14:19.38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by Neville (administrator) on VAIO on 22-07-2014 06:14:51
Running from C:\Users\Neville\Desktop
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Flux Software LLC) C:\Users\Neville\AppData\Local\FluxSoftware\Flux\flux.exe
(Dropbox, Inc.) C:\Users\Neville\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcfgex.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10590208 2013-03-14] (Broadcom Corporation)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-11] (Realtek Semiconductor)
HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [533208 2013-04-03] (Broadcom Corporation.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Run: [Google Update] => C:\Users\Neville\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-31] (Google Inc.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Run: [Facebook Update] => C:\Users\Neville\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-27] (Facebook Inc.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Run: [GoogleChromeAutoLaunch_025349DF926404DCBA5805A40191CC91] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Run: [f.lux] => C:\Users\Neville\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [Google Update] => C:\Users\Neville\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-31] (Google Inc.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [CPN Notifier] => C:\Program Files (x86)\Intertops Poker\PokerNotifier.exe 
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [Facebook Update] => C:\Users\Neville\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-27] (Facebook Inc.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [GoogleChromeAutoLaunch_025349DF926404DCBA5805A40191CC91] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
AppInit_DLLs: C:\PROGRA~2\SW_X64~1.BOO => C:\PROGRA~2\SW_X64~1.BOO File Not Found
Startup: C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Neville\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{67916458-BEE9-4A48-8387-C78A355ED6BE}: [NameServer]59.185.0.50,59.185.0.23
Tcpip\..\Interfaces\{A7CA6FDC-65B3-4CF9-B6DE-3266EBD35973}: [NameServer]59.185.0.50,59.185.0.23
 
FireFox:
========
FF ProfilePath: C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Neville\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Neville\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Neville\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Neville\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Neville\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Neville\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Neville\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: DownThemAll! - C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-06-19]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
 
Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-04]
CHR Extension: (Google Drive) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-07]
CHR Extension: (YouTube) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-04]
CHR Extension: (Adblock Plus) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-16]
CHR Extension: (Google Search) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-04]
CHR Extension: (Google Wallet) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-04]
CHR Extension: (Gmail) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-04]
 
==================== Services (Whitelisted) =================
 
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1417160 2014-06-17] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2228440 2013-05-16] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639576 2013-05-11] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2012-09-20] (Sony Corporation) [File not signed]
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-07] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation) [File not signed]
R2 postgresql-8.4; C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w [X]
 
==================== Drivers (Whitelisted) ====================
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-05-14] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170200 2013-05-16] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8469680 2014-03-14] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 BTWPANFL; C:\Windows\system32\drivers\btwpanfl.sys [44912 2013-05-16] (Broadcom Corporation.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-22] (Malwarebytes Corporation)
S3 ptun0901; C:\Windows\system32\DRIVERS\ptun0901.sys [40664 2014-03-10] (The OpenVPN Project)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-06] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-07-12] (Synaptics Incorporated)
S3 tapSF0901; C:\Windows\system32\DRIVERS\tapSF0901.sys [39104 2014-03-21] (Spotflux, Inc.)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-22 06:14 - 2014-07-22 06:14 - 00000951 _____ () C:\Users\Neville\Desktop\JRT.txt
2014-07-22 05:22 - 2014-07-22 05:24 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-22 05:22 - 2014-07-22 05:22 - 00005328 _____ () C:\Users\Neville\Desktop\AdwCleaner[S2].txt
2014-07-22 05:21 - 2014-07-22 05:21 - 00000306 _____ () C:\Windows\PFRO.log
2014-07-22 05:17 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-22 05:14 - 2014-07-22 05:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 05:14 - 2014-07-22 05:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-22 05:14 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-22 05:14 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-22 02:15 - 2014-07-22 02:16 - 01016261 _____ (Thisisu) C:\Users\Neville\Desktop\JRT.exe
2014-07-22 02:13 - 2014-07-22 02:14 - 01354223 _____ () C:\Users\Neville\Desktop\AdwCleaner.exe
2014-07-22 02:01 - 2014-07-22 03:29 - 153031301 _____ () C:\Users\Neville\Desktop\CLPVideo0022.mp4
2014-07-22 02:01 - 2014-07-22 03:23 - 145944813 _____ () C:\Users\Neville\Desktop\CLPVideo0021.mp4
2014-07-22 01:35 - 2014-07-22 03:14 - 136828237 _____ () C:\Users\Neville\Desktop\CLPVideo0020.mp4
2014-07-22 01:29 - 2014-07-22 01:29 - 00000373 _____ () C:\Users\Neville\Desktop\ckfiles.txt
2014-07-22 01:19 - 2014-07-22 02:57 - 166785627 _____ () C:\Users\Neville\Desktop\CLPVideo0019.mp4
2014-07-22 01:17 - 2014-07-22 02:39 - 127695592 _____ () C:\Users\Neville\Desktop\CLPVideo0018.mp4
2014-07-22 01:16 - 2014-07-22 03:09 - 155238971 _____ () C:\Users\Neville\Desktop\CLPVideo0017.mp4
2014-07-22 00:12 - 2014-07-22 00:12 - 00468480 _____ () C:\Users\Neville\Desktop\CKScanner.exe
2014-07-21 23:55 - 2014-07-21 23:56 - 00038439 _____ () C:\Users\Neville\Desktop\Addition.txt
2014-07-21 23:53 - 2014-07-22 06:14 - 00021429 _____ () C:\Users\Neville\Desktop\FRST.txt
2014-07-21 23:53 - 2014-07-22 06:14 - 00000000 ____D () C:\FRST
2014-07-21 23:52 - 2014-07-21 23:53 - 02090496 _____ (Farbar) C:\Users\Neville\Desktop\FRST64.exe
2014-07-20 04:36 - 2014-07-20 10:22 - 00005782 _____ () C:\Users\Neville\Desktop\Thyroxine.txt
2014-07-17 19:53 - 2014-07-17 19:53 - 00001092 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2014-07-16 06:14 - 2014-07-22 01:04 - 00000000 ____D () C:\Users\Neville\Desktop\Crush Live Poker
2014-07-16 01:26 - 2014-07-22 05:29 - 00401225 _____ () C:\Windows\WindowsUpdate.log
2014-07-15 16:19 - 2014-07-18 02:43 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\vlc
2014-07-15 16:18 - 2014-07-15 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-15 16:17 - 2014-07-15 16:17 - 00000000 ____D () C:\Program Files\VideoLAN
2014-07-15 15:07 - 2014-07-15 15:07 - 00000000 ___HD () C:\Users\Neville\Desktop\.picasaoriginals
2014-07-15 15:03 - 2014-07-15 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-07-15 14:53 - 2014-07-15 14:53 - 00000000 ____D () C:\Users\Neville\Documents\Fax
2014-07-15 14:53 - 2014-07-15 14:53 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-07-12 02:10 - 2014-07-12 02:10 - 00472008 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 22:30 - 2014-05-03 12:04 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-09 22:29 - 2014-06-18 04:57 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 22:29 - 2014-06-18 04:54 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 22:29 - 2014-06-11 09:48 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 22:29 - 2014-06-03 04:03 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-09 22:29 - 2014-05-30 05:01 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-09 22:29 - 2014-05-30 04:33 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-09 22:29 - 2014-05-30 04:32 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 22:29 - 2014-05-30 04:32 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-09 22:29 - 2014-05-03 12:03 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-09 22:29 - 2014-05-03 10:21 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-09 22:29 - 2014-05-02 04:07 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-09 22:29 - 2014-04-30 04:02 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-07-09 22:29 - 2014-04-30 04:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-07-09 22:29 - 2014-04-24 05:21 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-09 22:29 - 2014-04-24 05:21 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 22:29 - 2014-04-24 05:08 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-09 22:29 - 2014-04-24 05:08 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 22:29 - 2014-02-08 10:04 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-09 22:28 - 2014-06-19 07:41 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 22:28 - 2014-06-19 07:40 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 22:28 - 2014-06-19 07:40 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 22:28 - 2014-06-19 07:40 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 22:28 - 2014-06-19 06:23 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 22:28 - 2014-06-19 06:22 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 22:28 - 2014-06-19 06:22 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 22:27 - 2014-06-19 07:42 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 22:27 - 2014-06-19 07:42 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 22:27 - 2014-06-19 07:42 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-09 22:27 - 2014-06-19 07:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-09 22:27 - 2014-06-19 07:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 22:27 - 2014-06-19 07:41 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 22:27 - 2014-06-19 07:41 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 22:27 - 2014-06-19 07:40 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 22:27 - 2014-06-19 07:39 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 22:27 - 2014-06-19 06:23 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 22:27 - 2014-06-19 06:23 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 22:27 - 2014-06-19 06:23 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 22:27 - 2014-06-19 06:23 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 22:27 - 2014-06-19 06:23 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 22:27 - 2014-06-19 06:23 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 22:27 - 2014-06-19 06:22 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 22:27 - 2014-06-19 06:22 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 22:27 - 2014-06-19 06:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 22:27 - 2014-06-19 06:00 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 22:27 - 2014-06-19 03:35 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-09 22:27 - 2014-06-06 19:36 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 22:27 - 2014-06-06 15:47 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 22:27 - 2014-05-30 03:54 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-08 04:48 - 2014-07-15 15:28 - 00000000 ____D () C:\Users\Neville\Desktop\LKK Visa
2014-07-05 02:19 - 2014-07-05 02:19 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-07-05 01:46 - 2014-07-05 01:46 - 00000000 ____D () C:\Program Files (x86)\AVI to MP4 Converter
2014-07-05 01:44 - 2014-07-05 01:44 - 00000000 ____D () C:\ProgramData\A-PDF Text Replace
2014-07-04 02:58 - 2014-07-04 03:21 - 00000000 ____D () C:\Users\Neville\AppData\Local\FullTiltPoker
2014-07-04 02:58 - 2014-07-04 02:58 - 00000000 ____D () C:\Users\Neville\AppData\Local\cache
2014-07-04 02:58 - 2014-07-04 02:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Tilt Poker
2014-07-04 02:57 - 2014-07-05 03:47 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker
2014-06-30 23:02 - 2014-06-30 23:02 - 00000044 _____ () C:\speederr.txt
2014-06-30 22:14 - 2014-06-30 22:14 - 00000000 ____D () C:\Users\Neville\AppData\Local\Hold'em_Manager
2014-06-30 19:40 - 2014-06-30 22:57 - 00000000 ____D () C:\HM2Archive
2014-06-30 19:36 - 2014-07-18 07:07 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\HoldemManager
2014-06-30 19:36 - 2014-07-17 19:53 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2014-06-30 19:36 - 2014-06-30 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Holdem Manager 2
2014-06-30 16:57 - 2014-06-30 16:57 - 00002024 _____ () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars Beta.lnk
2014-06-30 16:57 - 2014-06-30 16:57 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.Beta
2014-06-30 16:56 - 2014-06-30 16:58 - 00000000 ____D () C:\Program Files (x86)\PokerStars.Beta
2014-06-27 06:21 - 2014-06-27 07:52 - 00000000 ____D () C:\Users\Neville\Downloads\Krrish 3 (2013) - 720p - DVDRip - x264 - AAc E-Subs [D3Si MaNiACs]
2014-06-26 13:42 - 2014-06-26 13:42 - 00000000 ____D () C:\Users\Neville\Downloads\Main Tera Hero (2014) Hindi Non-Retail DVDRip XviD - HTRG
2014-06-26 00:01 - 2014-06-30 02:34 - 00000000 ____D () C:\Users\Neville\Downloads\Queen 2014 Hindi 720p DvDRip x264 AAC...Hon3y
2014-06-26 00:01 - 2014-06-27 11:11 - 00000000 ____D () C:\Users\Neville\Downloads\Gulaab Gang 2014 Hindi 720p DvDRip x264 AAC...Hon3y
2014-06-25 23:59 - 2014-06-27 09:12 - 00000000 ____D () C:\Users\Neville\Downloads\Hasee Toh Phasee 2014 Hindi 720p DvDRip x264 AAC...Hon3y
2014-06-25 23:55 - 2014-07-01 21:41 - 1285190501 _____ () C:\Users\Neville\Downloads\Shaadi.Ke.Side.Effects.2014.720p.BluRay.x264.ShAaNiG.com.mkv
2014-06-25 21:31 - 2014-06-26 11:32 - 00000000 ____D () C:\Users\Neville\Downloads\Jai Ho (2014)
2014-06-25 19:17 - 2014-07-02 20:44 - 1460824684 _____ () C:\Users\Neville\Downloads\Lamhe 1991 DvDrip 1.36GB AVI ~ Musical Romance ~ [RdY] .avi
2014-06-25 17:40 - 2014-06-25 17:40 - 00000000 ____D () C:\Users\Neville\Downloads\Mickey Virus (2013) 1CD Dvdrip X264 MP3 [D3Si MaNiACs]
2014-06-25 17:38 - 2014-06-25 18:04 - 00000000 ____D () C:\Users\Neville\Downloads\Gangs Of Wasseypur 2012 Hindi BRRip 720p x264 AAC 5.1...Hon3y
2014-06-25 13:05 - 2014-06-27 21:40 - 00000000 ____D () C:\Users\Neville\Downloads\Satyagraha 2013 Hindi DvDRip 720p x264 AAC...Hon3y
2014-06-25 13:05 - 2014-06-26 05:56 - 00000000 ____D () C:\Users\Neville\Downloads\The Attacks of 26-11 2013 Hindi 720p DvDRip CharmeLeon SilverRG
2014-06-25 13:05 - 2014-06-26 02:50 - 00000000 ____D () C:\Users\Neville\Downloads\Madras Cafe 2013 Hindi BRRip 720p x264 AC3 5.1...Hon3y
2014-06-25 12:18 - 2014-06-30 19:56 - 00000000 ____D () C:\Users\Neville\Downloads\Grand Masti 2013 Hindi DvDRip 720p x264 AC3 5.1...Hon3y
2014-06-25 12:17 - 2014-06-25 13:04 - 1048124663 _____ () C:\Users\Neville\Downloads\Main.Tera.Hero.2014.720p.BluRay.999MB.ShAaNiG.com.mkv
2014-06-25 12:16 - 2014-06-26 03:58 - 00000000 ____D () C:\Users\Neville\Downloads\Dhoom 3 (2013) 720p BRrip.x264 SUJAIDR
2014-06-25 12:12 - 2014-06-27 19:50 - 731765983 _____ () C:\Users\Neville\Downloads\Black Friday 2007 1CD DVDRip x264 MP3 [Phantom].mkv
2014-06-25 12:11 - 2014-06-25 12:39 - 00000000 ____D () C:\Users\Neville\Downloads\Parzania 2007 Dvdrip x264 Ratzz
2014-06-24 08:37 - 2014-06-24 08:37 - 00001089 _____ () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.lnk
2014-06-24 08:37 - 2014-06-24 08:37 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
2014-06-22 08:50 - 2014-07-03 02:20 - 00006144 _____ () C:\Windows\SysWOW64\pokerclient.log
2014-06-22 08:50 - 2014-07-03 02:20 - 00000912 _____ () C:\Windows\SysWOW64\poker.jex
2014-06-22 08:50 - 2014-06-22 08:50 - 00000000 _____ () C:\Windows\SysWOW64\userdatatransfer.log
 
==================== One Month Modified Files and Folders =======
 
2014-07-22 06:15 - 2014-07-21 23:53 - 00021429 _____ () C:\Users\Neville\Desktop\FRST.txt
2014-07-22 06:14 - 2014-07-22 06:14 - 00000951 _____ () C:\Users\Neville\Desktop\JRT.txt
2014-07-22 06:14 - 2014-07-21 23:53 - 00000000 ____D () C:\FRST
2014-07-22 06:07 - 2013-12-11 15:13 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-22 06:04 - 2013-12-31 22:29 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001UA.job
2014-07-22 05:30 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\system32\sru
2014-07-22 05:29 - 2014-07-16 01:26 - 00401225 _____ () C:\Windows\WindowsUpdate.log
2014-07-22 05:28 - 2014-04-04 01:42 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-22 05:27 - 2014-01-10 22:22 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-22 05:24 - 2014-07-22 05:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-22 05:22 - 2014-07-22 05:22 - 00005328 _____ () C:\Users\Neville\Desktop\AdwCleaner[S2].txt
2014-07-22 05:22 - 2014-03-05 09:13 - 00000000 ___RD () C:\Users\Neville\Dropbox
2014-07-22 05:22 - 2014-03-05 09:12 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\DropboxMaster
2014-07-22 05:22 - 2014-03-05 09:11 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Dropbox
2014-07-22 05:21 - 2014-07-22 05:21 - 00000306 _____ () C:\Windows\PFRO.log
2014-07-22 05:21 - 2014-04-04 01:42 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-22 05:21 - 2014-03-24 07:24 - 00000458 ____H () C:\Windows\Tasks\SW.Booster-S-1935984173.job
2014-07-22 05:21 - 2012-07-26 12:52 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-22 05:20 - 2012-07-26 10:56 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-22 05:19 - 2014-03-25 15:28 - 00000000 ____D () C:\AdwCleaner
2014-07-22 05:19 - 2014-02-27 15:44 - 00000946 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001UA.job
2014-07-22 05:19 - 2014-02-27 15:44 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001Core.job
2014-07-22 05:14 - 2014-07-22 05:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 05:14 - 2014-07-22 05:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-22 05:14 - 2014-01-24 07:28 - 00000275 _____ () C:\Users\Neville\Desktop\Poker.txt
2014-07-22 05:14 - 2014-01-10 23:25 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-22 05:14 - 2014-01-10 23:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-22 05:14 - 2014-01-10 23:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-22 03:29 - 2014-07-22 02:01 - 153031301 _____ () C:\Users\Neville\Desktop\CLPVideo0022.mp4
2014-07-22 03:23 - 2014-07-22 02:01 - 145944813 _____ () C:\Users\Neville\Desktop\CLPVideo0021.mp4
2014-07-22 03:14 - 2014-07-22 01:35 - 136828237 _____ () C:\Users\Neville\Desktop\CLPVideo0020.mp4
2014-07-22 03:09 - 2014-07-22 01:16 - 155238971 _____ () C:\Users\Neville\Desktop\CLPVideo0017.mp4
2014-07-22 02:57 - 2014-07-22 01:19 - 166785627 _____ () C:\Users\Neville\Desktop\CLPVideo0019.mp4
2014-07-22 02:39 - 2014-07-22 01:17 - 127695592 _____ () C:\Users\Neville\Desktop\CLPVideo0018.mp4
2014-07-22 02:16 - 2014-07-22 02:15 - 01016261 _____ (Thisisu) C:\Users\Neville\Desktop\JRT.exe
2014-07-22 02:14 - 2014-07-22 02:13 - 01354223 _____ () C:\Users\Neville\Desktop\AdwCleaner.exe
2014-07-22 01:29 - 2014-07-22 01:29 - 00000373 _____ () C:\Users\Neville\Desktop\ckfiles.txt
2014-07-22 01:04 - 2014-07-16 06:14 - 00000000 ____D () C:\Users\Neville\Desktop\Crush Live Poker
2014-07-22 00:12 - 2014-07-22 00:12 - 00468480 _____ () C:\Users\Neville\Desktop\CKScanner.exe
2014-07-21 23:56 - 2014-07-21 23:55 - 00038439 _____ () C:\Users\Neville\Desktop\Addition.txt
2014-07-21 23:53 - 2014-07-21 23:52 - 02090496 _____ (Farbar) C:\Users\Neville\Desktop\FRST64.exe
2014-07-21 21:04 - 2013-12-31 22:29 - 00000874 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001Core.job
2014-07-21 15:24 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-07-20 10:22 - 2014-07-20 04:36 - 00005782 _____ () C:\Users\Neville\Desktop\Thyroxine.txt
2014-07-20 01:33 - 2013-12-30 12:01 - 00000000 ____D () C:\Users\Neville\AppData\Local\PokerStars
2014-07-18 16:26 - 2013-12-12 07:17 - 00000000 ____D () C:\Program Files (x86)\CarbonPoker
2014-07-18 16:26 - 2012-07-26 10:56 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-18 07:07 - 2014-06-30 19:36 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\HoldemManager
2014-07-18 07:01 - 2014-05-21 09:22 - 00000000 ____D () C:\BlackChipPoker
2014-07-18 02:43 - 2014-07-15 16:19 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\vlc
2014-07-17 23:52 - 2014-01-10 23:10 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\BitTorrent
2014-07-17 19:53 - 2014-07-17 19:53 - 00001092 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2014-07-17 19:53 - 2014-06-30 19:36 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2014-07-17 16:40 - 2013-12-12 07:20 - 00000000 ____D () C:\Users\Neville\AppData\Local\eclipse
2014-07-16 06:32 - 2013-12-11 14:43 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2107339062-2504870960-3837946639-1001
2014-07-16 00:20 - 2014-06-16 08:22 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-07-15 22:00 - 2012-07-26 13:29 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-15 16:18 - 2014-07-15 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-15 16:17 - 2014-07-15 16:17 - 00000000 ____D () C:\Program Files\VideoLAN
2014-07-15 15:28 - 2014-07-08 04:48 - 00000000 ____D () C:\Users\Neville\Desktop\LKK Visa
2014-07-15 15:07 - 2014-07-15 15:07 - 00000000 ___HD () C:\Users\Neville\Desktop\.picasaoriginals
2014-07-15 15:04 - 2013-12-31 22:29 - 00000000 ____D () C:\Users\Neville\AppData\Local\Google
2014-07-15 15:03 - 2014-07-15 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-07-15 15:03 - 2014-03-13 21:21 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-15 14:53 - 2014-07-15 14:53 - 00000000 ____D () C:\Users\Neville\Documents\Fax
2014-07-15 14:53 - 2014-07-15 14:53 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-07-14 01:03 - 2012-07-26 12:58 - 00848230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-12 19:15 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\rescache
2014-07-12 02:10 - 2014-07-12 02:10 - 00472008 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 03:22 - 2012-07-26 13:42 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 03:22 - 2012-07-26 13:42 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 03:22 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\WinStore
2014-07-11 03:22 - 2012-07-26 13:22 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 01:48 - 2013-12-29 04:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 01:41 - 2013-12-29 04:18 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 16:22 - 2014-03-24 08:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-08 23:09 - 2013-12-11 15:13 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-05 09:16 - 2013-12-11 14:46 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Skype
2014-07-05 03:47 - 2014-07-04 02:57 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker
2014-07-05 02:19 - 2014-07-05 02:19 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-07-05 02:19 - 2014-06-16 06:35 - 00000000 ____D () C:\Users\Neville\AppData\Local\FluxSoftware
2014-07-05 01:46 - 2014-07-05 01:46 - 00000000 ____D () C:\Program Files (x86)\AVI to MP4 Converter
2014-07-05 01:44 - 2014-07-05 01:44 - 00000000 ____D () C:\ProgramData\A-PDF Text Replace
2014-07-04 19:54 - 2014-03-31 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-04 03:21 - 2014-07-04 02:58 - 00000000 ____D () C:\Users\Neville\AppData\Local\FullTiltPoker
2014-07-04 02:58 - 2014-07-04 02:58 - 00000000 ____D () C:\Users\Neville\AppData\Local\cache
2014-07-04 02:58 - 2014-07-04 02:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Tilt Poker
2014-07-03 02:20 - 2014-06-22 08:50 - 00006144 _____ () C:\Windows\SysWOW64\pokerclient.log
2014-07-03 02:20 - 2014-06-22 08:50 - 00000912 _____ () C:\Windows\SysWOW64\poker.jex
2014-07-03 01:54 - 2013-12-11 14:42 - 00000000 ____D () C:\Update
2014-07-02 20:44 - 2014-06-25 19:17 - 1460824684 _____ () C:\Users\Neville\Downloads\Lamhe 1991 DvDrip 1.36GB AVI ~ Musical Romance ~ [RdY] .avi
2014-07-01 21:41 - 2014-06-25 23:55 - 1285190501 _____ () C:\Users\Neville\Downloads\Shaadi.Ke.Side.Effects.2014.720p.BluRay.x264.ShAaNiG.com.mkv
2014-06-30 23:02 - 2014-06-30 23:02 - 00000044 _____ () C:\speederr.txt
2014-06-30 23:02 - 2013-12-11 14:35 - 00000000 ____D () C:\Users\Neville\AppData\Local\VirtualStore
2014-06-30 22:57 - 2014-06-30 19:40 - 00000000 ____D () C:\HM2Archive
2014-06-30 22:44 - 2014-04-30 22:57 - 32464204 _____ () C:\blitzerr.txt
2014-06-30 22:14 - 2014-06-30 22:14 - 00000000 ____D () C:\Users\Neville\AppData\Local\Hold'em_Manager
2014-06-30 19:56 - 2014-06-25 12:18 - 00000000 ____D () C:\Users\Neville\Downloads\Grand Masti 2013 Hindi DvDRip 720p x264 AC3 5.1...Hon3y
2014-06-30 19:36 - 2014-06-30 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Holdem Manager 2
2014-06-30 19:36 - 2014-01-06 04:13 - 00000000 ____D () C:\Program Files (x86)\PSQLINSTALL
2014-06-30 16:58 - 2014-06-30 16:56 - 00000000 ____D () C:\Program Files (x86)\PokerStars.Beta
2014-06-30 16:57 - 2014-06-30 16:57 - 00002024 _____ () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars Beta.lnk
2014-06-30 16:57 - 2014-06-30 16:57 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.Beta
2014-06-30 02:34 - 2014-06-26 00:01 - 00000000 ____D () C:\Users\Neville\Downloads\Queen 2014 Hindi 720p DvDRip x264 AAC...Hon3y
2014-06-29 14:29 - 2014-05-22 12:39 - 00000178 _____ () C:\Users\Neville\Desktop\Merge.txt
2014-06-27 21:40 - 2014-06-25 13:05 - 00000000 ____D () C:\Users\Neville\Downloads\Satyagraha 2013 Hindi DvDRip 720p x264 AAC...Hon3y
2014-06-27 19:50 - 2014-06-25 12:12 - 731765983 _____ () C:\Users\Neville\Downloads\Black Friday 2007 1CD DVDRip x264 MP3 [Phantom].mkv
2014-06-27 11:11 - 2014-06-26 00:01 - 00000000 ____D () C:\Users\Neville\Downloads\Gulaab Gang 2014 Hindi 720p DvDRip x264 AAC...Hon3y
2014-06-27 09:12 - 2014-06-25 23:59 - 00000000 ____D () C:\Users\Neville\Downloads\Hasee Toh Phasee 2014 Hindi 720p DvDRip x264 AAC...Hon3y
2014-06-27 07:52 - 2014-06-27 06:21 - 00000000 ____D () C:\Users\Neville\Downloads\Krrish 3 (2013) - 720p - DVDRip - x264 - AAc E-Subs [D3Si MaNiACs]
2014-06-27 02:23 - 2013-12-31 02:16 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-27 02:23 - 2013-12-31 02:16 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-26 16:23 - 2013-12-30 12:00 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-06-26 13:42 - 2014-06-26 13:42 - 00000000 ____D () C:\Users\Neville\Downloads\Main Tera Hero (2014) Hindi Non-Retail DVDRip XviD - HTRG
2014-06-26 11:32 - 2014-06-25 21:31 - 00000000 ____D () C:\Users\Neville\Downloads\Jai Ho (2014)
2014-06-26 05:56 - 2014-06-25 13:05 - 00000000 ____D () C:\Users\Neville\Downloads\The Attacks of 26-11 2013 Hindi 720p DvDRip CharmeLeon SilverRG
2014-06-26 03:58 - 2014-06-25 12:16 - 00000000 ____D () C:\Users\Neville\Downloads\Dhoom 3 (2013) 720p BRrip.x264 SUJAIDR
2014-06-26 02:50 - 2014-06-25 13:05 - 00000000 ____D () C:\Users\Neville\Downloads\Madras Cafe 2013 Hindi BRRip 720p x264 AC3 5.1...Hon3y
2014-06-25 20:59 - 2013-12-31 22:29 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001UA
2014-06-25 20:59 - 2013-12-31 22:29 - 00003496 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2107339062-2504870960-3837946639-1001Core
2014-06-25 18:04 - 2014-06-25 17:38 - 00000000 ____D () C:\Users\Neville\Downloads\Gangs Of Wasseypur 2012 Hindi BRRip 720p x264 AAC 5.1...Hon3y
2014-06-25 17:40 - 2014-06-25 17:40 - 00000000 ____D () C:\Users\Neville\Downloads\Mickey Virus (2013) 1CD Dvdrip X264 MP3 [D3Si MaNiACs]
2014-06-25 13:04 - 2014-06-25 12:17 - 1048124663 _____ () C:\Users\Neville\Downloads\Main.Tera.Hero.2014.720p.BluRay.999MB.ShAaNiG.com.mkv
2014-06-25 12:39 - 2014-06-25 12:11 - 00000000 ____D () C:\Users\Neville\Downloads\Parzania 2007 Dvdrip x264 Ratzz
2014-06-24 08:37 - 2014-06-24 08:37 - 00001089 _____ () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.lnk
2014-06-24 08:37 - 2014-06-24 08:37 - 00000000 ____D () C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
2014-06-22 09:23 - 2014-04-04 01:42 - 00003882 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-22 09:23 - 2014-04-04 01:42 - 00003646 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-22 08:50 - 2014-06-22 08:50 - 00000000 _____ () C:\Windows\SysWOW64\userdatatransfer.log
 
Some content of TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Guest\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Guest\AppData\Local\Temp\i4jdel0.exe
C:\Users\Guest\AppData\Local\Temp\JExplorer32.2.7.1.dll
C:\Users\Guest\AppData\Local\Temp\JExplorer32.2.7.1.exe
C:\Users\Guest\AppData\Local\Temp\JExplorer64.2.7.1.dll
C:\Users\Neville\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0ml748.dll
C:\Users\Neville\AppData\Local\Temp\javasysmo1864101987622802282.dll
C:\Users\Neville\AppData\Local\Temp\javasysmo7637037792771181631.dll
C:\Users\Neville\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-07 01:42
 
==================== End Of Log ============================


#15 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,118 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:52 AM

Posted 22 July 2014 - 12:14 AM

PUP.Optional.weDownload.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\The weDownload Manager, No Action By User, [dac7c1df3a4145f15ca47d64f9095ba5],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2107339062-2504870960-3837946639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Conduit_Search_Protect, No Action By User, [178af8a84c2f999dbb58061c57ad55ab],

Please do these entries in the Quarantine.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users