Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible Malware, Spyware or Virus, please help


  • Please log in to reply

#1
sirrendur

sirrendur

    New Member

  • Member
  • Pip
  • 1 posts

I am not sure if i have a virus, spyware or malware on this computer i have some anti-virus removal software, and i thas found nothing as far as i am aware. A friend reccomended this website to me as he has gotten help recently and thought i might require assistance. Here are my OTL logs. Hopefully it is nothing but i am trying all my options to make sure.

 

OTL logfile created on: 10/27/2014 2:07:44 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\testing\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
 
3.87 Gb Total Physical Memory | 0.20 Gb Available Physical Memory | 5.09% Memory free
7.73 Gb Paging File | 3.19 Gb Available in Paging File | 41.28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 684.83 Gb Total Space | 487.31 Gb Free Space | 71.16% Space Free | Partition Type: NTFS
 
Computer Name: USER-PC | User Name: testing | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/10/27 14:07:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\testing\Downloads\OTL.exe
PRC - [2014/10/27 09:36:41 | 006,060,808 | ---- | M] (Curse, Inc) -- C:\Users\testing\AppData\Roaming\Curse Client\Bin\Curse.exe
PRC - [2014/10/22 05:22:40 | 001,529,536 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
PRC - [2014/10/22 05:22:40 | 000,833,728 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014/10/22 05:22:38 | 001,938,624 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2014/10/18 16:52:14 | 003,835,728 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2014/10/18 04:24:56 | 000,045,840 | ---- | M] (Raptr, Inc) -- C:\Program Files (x86)\Raptr\raptr_im.exe
PRC - [2014/10/18 04:24:54 | 000,066,832 | ---- | M] (Raptr, Inc) -- C:\Program Files (x86)\Raptr\raptr.exe
PRC - [2014/10/17 10:15:36 | 032,956,416 | R--- | M] (Hirez Studios, Inc.) -- C:\Program Files (x86)\Hi-Rez Studios\HiRezGames\smite\Binaries\Win32\Smite.exe
PRC - [2014/09/25 14:48:07 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/09/13 10:52:04 | 036,414,624 | ---- | M] (Dropbox, Inc.) -- C:\Users\testing\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/06/25 10:46:30 | 010,177,648 | ---- | M] (Coherent Labs) -- C:\Users\testing\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.exe
PRC - [2014/05/31 16:26:48 | 000,585,048 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2014/05/22 18:30:52 | 000,865,088 | ---- | M] (Razer Inc) -- C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe
PRC - [2013/09/28 04:46:26 | 000,559,696 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2013/06/14 03:03:00 | 000,943,016 | ---- | M] (Lavasoft) -- C:\ProgramData\Search Protection\SearchProtection.exe
PRC - [2013/06/05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\testing\AppData\Local\Akamai\netsession_win.exe
PRC - [2011/10/17 15:12:52 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/10/17 15:12:48 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/11/20 03:17:02 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2010/05/11 15:33:52 | 000,810,880 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Naga\NagaTray.exe
PRC - [2010/03/04 07:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/04 07:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/02/23 06:23:50 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
PRC - [2009/07/29 13:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2009/07/23 06:40:00 | 000,083,336 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2009/03/11 11:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2009/02/21 02:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/10/27 09:25:52 | 000,043,008 | ---- | M] () -- c:\Users\testing\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3zzols.dll
MOD - [2014/10/22 05:22:58 | 002,226,880 | ---- | M] () -- C:\Program Files (x86)\Steam\video.dll
MOD - [2014/10/22 05:22:40 | 000,682,176 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014/10/17 09:50:17 | 002,363,392 | R--- | M] () -- C:\Program Files (x86)\Hi-Rez Studios\HiRezGames\smite\Binaries\Win32\MctsInterface.dll
MOD - [2014/10/16 07:44:26 | 002,407,168 | ---- | M] () -- C:\Program Files (x86)\Raptr\ltc_host_ex.dll
MOD - [2014/10/16 03:52:17 | 000,491,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\2dcc034d5d87d4f98c02db370c95c117\IAStorUtil.ni.dll
MOD - [2014/10/16 03:46:41 | 011,922,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\b4001d722e320fa42cd87b04b5249b2d\System.Web.ni.dll
MOD - [2014/10/16 03:46:35 | 000,774,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b3011370dcbf33751d3b9dce8091c6c6\System.Runtime.Remoting.ni.dll
MOD - [2014/10/16 03:46:14 | 012,435,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/16 03:46:09 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/16 03:46:05 | 005,467,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/16 03:46:02 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/16 03:45:53 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014/10/16 03:45:47 | 007,991,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/10/16 03:25:22 | 000,530,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\7f372539d1837d70e88821cc20ed6530\System.Net.Http.ni.dll
MOD - [2014/10/16 03:25:21 | 019,696,640 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\316b149dbb031d0e35c9d57bb2fc4b6e\System.ServiceModel.ni.dll
MOD - [2014/10/16 03:25:04 | 000,399,872 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\7ab3e68c2e523f60bfc4f222cbd1c1d0\System.Xml.Linq.ni.dll
MOD - [2014/10/16 03:24:35 | 001,651,712 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\6df18fe9df1728434f42d5dbe8348568\PresentationUI.ni.dll
MOD - [2014/10/16 03:24:34 | 000,018,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\38d6578b4fe29bede85ffff08e3697b6\PresentationFramework-SystemXml.ni.dll
MOD - [2014/10/16 03:24:34 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\9370714a38ae2805434296b26a9f5b14\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014/10/16 03:24:33 | 000,016,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\4df6733efc348c009a4a6e0adccc42a6\PresentationFramework-SystemData.ni.dll
MOD - [2014/10/16 03:24:32 | 000,025,088 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a6349c#\63e9d81bd805aea8f8690fee2efc9a9e\PresentationFramework-SystemCore.ni.dll
MOD - [2014/10/16 03:12:51 | 018,813,440 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\3646375313dd2b8e3afecbf945960336\PresentationFramework.ni.dll
MOD - [2014/10/16 03:12:40 | 013,643,776 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Web\d12ecb88500237067aa30b40081d51b7\System.Web.ni.dll
MOD - [2014/10/16 03:12:40 | 011,025,920 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\006d28e7c86f3e70db90ce06ea2f33fb\PresentationCore.ni.dll
MOD - [2014/10/16 03:12:33 | 000,785,920 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\b09b4172f3978fe066418f429795661a\System.EnterpriseServices.ni.dll
MOD - [2014/10/16 03:12:33 | 000,250,880 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\b09b4172f3978fe066418f429795661a\System.EnterpriseServices.Wrapper.dll
MOD - [2014/10/16 03:12:32 | 000,660,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\a26884cd80c1d4a7e3f00c795e5cb305\System.Transactions.ni.dll
MOD - [2014/10/16 03:12:31 | 001,889,792 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
MOD - [2014/10/16 03:12:31 | 000,241,664 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Comp46f2b404#\6c97a46aff5154a7217a528e86698ab3\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2014/10/16 03:12:29 | 003,950,080 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\94bbd298ec8575f3c6151a59538a109c\WindowsBase.ni.dll
MOD - [2014/10/16 03:12:29 | 000,805,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\54565a827b0e5a6f78e93e2ae06dd0e4\System.Runtime.Remoting.ni.dll
MOD - [2014/10/16 03:12:27 | 000,470,528 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7971f3a1c08c4043cf981f457855b4d4\PresentationFramework.Aero.ni.dll
MOD - [2014/10/16 03:12:26 | 007,409,664 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\5d2c01ae1ca8c40ed74cdfd7b7b7dcb1\System.Data.ni.dll
MOD - [2014/10/16 03:12:25 | 012,894,208 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MOD - [2014/10/16 03:12:25 | 001,046,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\cc7bb025e7cca401787cec5893c2cb67\System.ComponentModel.Composition.ni.dll
MOD - [2014/10/16 03:12:24 | 001,947,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\dd47bb843c62ff156baac3ff9fd23fa9\Microsoft.VisualBasic.ni.dll
MOD - [2014/10/16 03:12:20 | 006,990,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014/10/16 03:12:19 | 007,668,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014/10/16 03:12:17 | 001,180,672 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\c90a4b709b46b64c89fce02585d55370\System.Management.ni.dll
MOD - [2014/10/16 03:12:16 | 002,822,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
MOD - [2014/10/16 03:12:15 | 001,644,544 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MOD - [2014/10/16 03:12:14 | 000,794,112 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\35d3a1b878542de59cb4fc0593992404\System.ServiceModel.Internals.ni.dll
MOD - [2014/10/16 03:12:14 | 000,122,880 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\046058f81b039ab6fd839e03e67595f8\SMDiagnostics.ni.dll
MOD - [2014/10/16 03:12:13 | 000,976,384 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014/10/16 03:12:12 | 010,100,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/10/02 09:16:02 | 000,774,656 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014/09/25 14:47:50 | 003,715,184 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/09/13 10:20:58 | 003,610,624 | ---- | M] () -- C:\Users\testing\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014/09/11 03:49:05 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\a3595a3cb9046b8790488765b714d995\IAStorCommon.ni.dll
MOD - [2014/09/11 03:40:36 | 011,497,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/09/05 09:29:26 | 034,589,376 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014/08/22 04:15:22 | 001,171,456 | ---- | M] () -- C:\Program Files (x86)\Steam\libavcodec-56.dll
MOD - [2014/08/22 04:15:22 | 000,485,888 | ---- | M] () -- C:\Program Files (x86)\Steam\libswscale-3.dll
MOD - [2014/08/22 04:15:22 | 000,442,368 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-54.dll
MOD - [2014/08/22 04:15:22 | 000,403,968 | ---- | M] () -- C:\Program Files (x86)\Steam\libavformat-56.dll
MOD - [2014/08/22 04:15:22 | 000,332,800 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-2.dll
MOD - [2014/06/18 10:56:00 | 002,717,595 | ---- | M] () -- C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
MOD - [2014/05/22 18:28:12 | 000,619,328 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenDevProps.dll
MOD - [2014/05/19 17:05:14 | 000,437,248 | ---- | M] () -- C:\Users\testing\AppData\Roaming\Curse Client\Bin\WebRTC_CSharpWrapper.dll
MOD - [2014/05/19 17:04:42 | 000,861,696 | ---- | M] () -- C:\Users\testing\AppData\Roaming\Curse Client\Bin\ffmpegsumo.dll
MOD - [2014/05/19 17:04:42 | 000,307,712 | ---- | M] () -- C:\Users\testing\AppData\Roaming\Curse Client\Bin\opus.dll
MOD - [2014/05/14 09:26:54 | 001,662,464 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
MOD - [2014/05/14 09:26:54 | 000,494,592 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
MOD - [2014/05/14 09:26:52 | 005,812,736 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
MOD - [2014/05/14 09:26:52 | 000,313,856 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
MOD - [2014/05/14 09:26:40 | 000,067,584 | ---- | M] () -- C:\Program Files (x86)\Raptr\sip.pyd
MOD - [2014/03/04 17:39:41 | 000,190,976 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014/03/04 17:39:40 | 000,100,864 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\c94c36c9ae776de930f2aacb6dd51c38\UIAutomationProvider.ni.dll
MOD - [2014/03/04 03:04:06 | 000,147,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\4c8a153aa66fcd62db6fff269a2ef2b4\System.Numerics.ni.dll
MOD - [2014/03/04 03:04:05 | 016,953,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2013/11/21 10:05:26 | 000,256,000 | ---- | M] () -- C:\Program Files (x86)\Raptr\amd_ags.dll
MOD - [2013/08/24 05:01:44 | 025,100,288 | ---- | M] () -- C:\Users\testing\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/05/10 09:52:58 | 001,183,699 | ---- | M] () -- C:\Program Files (x86)\Raptr\liboscar.dll
MOD - [2013/05/10 09:52:58 | 000,483,306 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libicq.dll
MOD - [2013/05/10 09:52:56 | 000,495,680 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libaim.dll
MOD - [2013/05/04 04:57:16 | 001,640,221 | ---- | M] () -- C:\Program Files (x86)\Raptr\libjabber.dll
MOD - [2013/05/04 04:57:14 | 001,053,730 | ---- | M] () -- C:\Program Files (x86)\Raptr\libymsg.dll
MOD - [2013/05/04 04:57:06 | 000,655,356 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libirc.dll
MOD - [2013/05/04 04:57:04 | 000,603,326 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
MOD - [2013/05/04 04:57:02 | 000,474,199 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\ssl.dll
MOD - [2013/05/04 04:57:00 | 000,497,782 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
MOD - [2013/05/04 04:56:50 | 001,306,387 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libmsn.dll
MOD - [2013/05/04 04:56:46 | 000,565,461 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
MOD - [2013/05/04 04:56:44 | 000,506,276 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
MOD - [2012/12/29 06:11:25 | 020,645,216 | R--- | M] () -- C:\Program Files (x86)\Hi-Rez Studios\HiRezGames\smite\Binaries\Win32\Awesomium.dll
MOD - [2011/02/16 04:17:28 | 001,213,633 | ---- | M] () -- C:\Program Files (x86)\Raptr\libxml2-2.dll
MOD - [2011/02/16 04:17:28 | 000,417,501 | ---- | M] () -- C:\Program Files (x86)\Raptr\sqlite3.dll
MOD - [2010/11/23 09:06:22 | 000,055,808 | ---- | M] () -- C:\Program Files (x86)\Raptr\zlib1.dll
MOD - [2010/11/23 08:57:34 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32gui.pyd
MOD - [2010/11/23 08:57:34 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32file.pyd
MOD - [2010/11/23 08:57:34 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32api.pyd
MOD - [2010/11/23 08:57:34 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32process.pyd
MOD - [2010/11/23 08:57:34 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32trace.pyd
MOD - [2010/11/23 08:57:18 | 000,141,312 | ---- | M] () -- C:\Program Files (x86)\Raptr\gobject._gobject.pyd
MOD - [2010/11/23 08:57:06 | 000,263,168 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
MOD - [2010/11/23 08:56:56 | 000,354,304 | ---- | M] () -- C:\Program Files (x86)\Raptr\pythoncom26.dll
MOD - [2010/11/23 08:56:56 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\Raptr\pywintypes26.dll
MOD - [2010/11/23 08:56:26 | 000,324,608 | ---- | M] () -- C:\Program Files (x86)\Raptr\PIL._imaging.pyd
MOD - [2010/11/23 08:56:02 | 000,805,376 | ---- | M] () -- C:\Program Files (x86)\Raptr\_ssl.pyd
MOD - [2010/11/23 08:56:02 | 000,583,680 | ---- | M] () -- C:\Program Files (x86)\Raptr\unicodedata.pyd
MOD - [2010/11/23 08:56:02 | 000,356,864 | ---- | M] () -- C:\Program Files (x86)\Raptr\_hashlib.pyd
MOD - [2010/11/23 08:56:02 | 000,127,488 | ---- | M] () -- C:\Program Files (x86)\Raptr\pyexpat.pyd
MOD - [2010/11/23 08:56:02 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\Raptr\_ctypes.pyd
MOD - [2010/11/23 08:56:02 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Raptr\_sqlite3.pyd
MOD - [2010/11/23 08:56:02 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Raptr\_socket.pyd
MOD - [2010/11/23 08:56:02 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Raptr\select.pyd
MOD - [2010/11/23 08:56:02 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\Raptr\winsound.pyd
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/09/19 11:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/08/22 15:14:34 | 000,368,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/08/22 15:14:34 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2014/03/07 10:27:54 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64)
SRV:64bit: - [2013/10/11 17:02:12 | 000,517,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4527.0\AdAwareService.exe -- (LavasoftAdAwareService11)
SRV:64bit: - [2013/05/27 15:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/03/18 09:00:44 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/03/15 11:56:20 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/02/24 10:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/02/06 10:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/11/06 15:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/07/29 08:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/03/28 11:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2014/10/22 05:22:40 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/10/18 16:52:14 | 002,529,616 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014/10/18 15:16:36 | 000,417,552 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014/09/25 14:48:06 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/10 23:19:33 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/08/22 23:04:06 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/04/19 01:07:21 | 000,032,960 | ---- | M] (Razer, Inc.) [Auto | Running] -- C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe -- (RzOvlMon)
SRV - [2014/04/03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/03/21 08:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011/10/17 15:12:52 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/04 07:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/04 07:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/02/26 06:07:14 | 000,196,464 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2010/01/29 09:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/10/07 02:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/03/11 11:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009/02/21 02:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/07/17 18:05:06 | 000,125,584 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014/05/19 16:47:28 | 000,155,816 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2014/04/19 01:02:50 | 000,129,472 | ---- | M] (Razer, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzDxgk.sys -- (RzDxgk)
DRV:64bit: - [2014/04/19 01:02:50 | 000,074,432 | ---- | M] (Razer, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RzFilter.sys -- (RzFilter)
DRV:64bit: - [2013/07/17 18:10:52 | 000,329,800 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Trufos.sys -- (Trufos)
DRV:64bit: - [2012/08/24 00:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/24 00:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/27 04:31:24 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012/03/01 16:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/17 14:55:32 | 000,559,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/20 08:24:56 | 000,169,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/03/11 16:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 16:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 04:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/04/21 15:59:16 | 000,073,216 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:64bit: - [2010/04/01 07:50:16 | 000,724,536 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010/03/15 12:06:28 | 006,403,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/03/15 11:00:58 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/03/11 11:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/06 04:11:30 | 000,720,952 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDMI64.sys -- (CnxtHdmiAudService)
DRV:64bit: - [2010/02/11 08:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/02 03:29:48 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/09/18 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/31 13:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/22 07:03:34 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/15 08:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/14 15:12:00 | 000,019,824 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2009/07/14 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/08 01:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/23 10:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/20 12:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/11 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009/07/14 11:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {F4ED0519-C584-4DDA-BE93-FA0B93D040F6}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{F4ED0519-C584-4DDA-BE93-FA0B93D040F6}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {F4ED0519-C584-4DDA-BE93-FA0B93D040F6}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{F4ED0519-C584-4DDA-BE93-FA0B93D040F6}: "URL" = http://www.bing.com/...rc=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch...&u=___userid___
IE - HKCU\..\SearchScopes,DefaultScope = {F4ED0519-C584-4DDA-BE93-FA0B93D040F6}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{F4ED0519-C584-4DDA-BE93-FA0B93D040F6}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013/09/05 15:55:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\testing\AppData\Roaming\Mozilla\Extensions
[2014/10/16 23:06:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\testing\AppData\Roaming\Mozilla\Firefox\Profiles\tsr8il5i.default\extensions
[2014/10/16 23:06:33 | 000,979,610 | ---- | M] () (No name found) -- C:\Users\testing\AppData\Roaming\Mozilla\Firefox\Profiles\tsr8il5i.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/09/25 14:47:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/09/25 14:48:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2009/06/11 07:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4527.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [LifeChat] C:\Program Files\Microsoft LifeChat\LifeChat.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KrakenLauncher] C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe (Razer Inc)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\NagaTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKLM..\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe (Lavasoft)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\testing\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Raptr] C:\Program Files (x86)\Raptr\raptrstub.exe (Raptr, Inc)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\testing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\testing\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EEB3BC32-01C6-46B1-9DB9-03FEEC7B8958}: DhcpNameServer = 10.1.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/03/07 10:08:31 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/10/27 11:14:57 | 000,000,000 | ---D | C] -- C:\Users\testing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raptr
[2014/10/27 11:14:28 | 000,000,000 | ---D | C] -- C:\Users\testing\AppData\Roaming\library_dir
[2014/10/27 11:13:51 | 000,000,000 | ---D | C] -- C:\Users\testing\AppData\Roaming\Raptr
[2014/10/27 11:13:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr
[2014/10/22 13:42:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2014/10/22 13:42:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2014/10/15 15:50:04 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2014/10/15 15:50:04 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2014/10/15 15:50:04 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscorier.dll
[2014/10/15 15:50:04 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscorier.dll
[2014/10/15 15:50:03 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscories.dll
[2014/10/15 15:50:03 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscories.dll
[2014/10/15 15:49:55 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drmv2clt.dll
[2014/10/15 15:49:55 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\blackbox.dll
[2014/10/15 15:49:55 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\blackbox.dll
[2014/10/15 15:49:53 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drmv2clt.dll
[2014/10/15 15:49:52 | 014,632,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2014/10/15 15:49:51 | 004,120,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2014/10/15 15:49:50 | 000,782,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmsdk.dll
[2014/10/15 15:49:50 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmsdk.dll
[2014/10/15 15:49:49 | 011,411,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2014/10/15 15:49:49 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AUDIOKSE.dll
[2014/10/15 15:49:47 | 003,208,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2014/10/15 15:49:47 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drmmgrtn.dll
[2014/10/15 15:49:46 | 000,693,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2014/10/15 15:49:46 | 000,616,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2014/10/15 15:49:46 | 000,457,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ci.dll
[2014/10/15 15:49:46 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AUDIOKSE.dll
[2014/10/15 15:49:46 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drmmgrtn.dll
[2014/10/15 15:49:45 | 001,574,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2014/10/15 15:49:45 | 000,619,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2014/10/15 15:49:45 | 000,532,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2014/10/15 15:49:45 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioEng.dll
[2014/10/15 15:49:44 | 005,551,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2014/10/15 15:49:44 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\evr.dll
[2014/10/15 15:49:44 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2014/10/15 15:49:43 | 003,970,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2014/10/15 15:49:43 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2014/10/15 15:49:43 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDump.dll
[2014/10/15 15:49:40 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptui.dll
[2014/10/15 15:49:40 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2014/10/15 15:49:38 | 003,914,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2014/10/15 15:49:36 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\evr.dll
[2014/10/15 15:49:35 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfplat.dll
[2014/10/15 15:49:34 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2014/10/15 15:49:32 | 001,005,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptui.dll
[2014/10/15 15:49:31 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2014/10/15 15:49:31 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfplat.dll
[2014/10/15 15:49:31 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptsp.dll
[2014/10/15 15:49:29 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscp.dll
[2014/10/15 15:49:29 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscp.dll
[2014/10/15 15:49:29 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msnetobj.dll
[2014/10/15 15:49:29 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rstrui.exe
[2014/10/15 15:49:28 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msnetobj.dll
[2014/10/15 15:49:28 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiodg.exe
[2014/10/15 15:49:28 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidapi.dll
[2014/10/15 15:49:28 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rrinstaller.exe
[2014/10/15 15:49:27 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
[2014/10/15 15:49:27 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidpolicyconverter.exe
[2014/10/15 15:49:27 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfps.dll
[2014/10/15 15:49:27 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\appidapi.dll
[2014/10/15 15:49:27 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rrinstaller.exe
[2014/10/15 15:49:26 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setbcdlocale.dll
[2014/10/15 15:49:26 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srclient.dll
[2014/10/15 15:49:26 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfpmp.exe
[2014/10/15 15:49:26 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfpmp.exe
[2014/10/15 15:49:26 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidcertstorecheck.exe
[2014/10/15 15:49:25 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL
[2014/10/15 15:49:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwmp.dll
[2014/10/15 15:49:25 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwmp.dll
[2014/10/15 15:49:25 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdxm.ocx
[2014/10/15 15:49:25 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxmasf.dll
[2014/10/15 15:49:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdxm.ocx
[2014/10/15 15:49:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxmasf.dll
[2014/10/15 15:49:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mferror.dll
[2014/10/15 15:49:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mferror.dll
[2014/10/15 15:49:24 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL
[2014/10/15 15:49:16 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2014/10/15 15:49:15 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/10/15 15:49:15 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/10/15 15:49:14 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/10/15 15:49:14 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/10/15 15:49:14 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/10/15 15:49:14 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/10/15 15:49:13 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/10/15 15:49:13 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014/10/15 15:49:13 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/10/15 15:49:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/10/15 15:49:13 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/10/15 15:49:11 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/10/15 15:49:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/10/15 15:49:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/10/15 15:49:09 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/10/15 15:49:09 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/10/15 15:49:09 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/10/15 15:49:09 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/10/15 15:49:08 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/10/15 15:49:07 | 002,108,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/10/15 15:49:06 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014/10/15 15:49:05 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/10/15 15:49:05 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/10/15 15:49:03 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/10/15 15:49:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014/10/15 15:49:02 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/10/15 15:49:02 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/10/15 15:49:01 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014/10/15 15:49:01 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/10/15 15:49:00 | 005,829,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/10/15 15:49:00 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/10/15 15:49:00 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/10/15 15:49:00 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/10/15 15:48:59 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014/10/15 15:48:58 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/10/15 15:48:58 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014/10/15 15:48:57 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/10/15 15:48:20 | 003,241,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2014/10/15 15:48:09 | 004,922,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2014/10/15 15:48:09 | 001,125,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2014/10/15 15:48:09 | 001,050,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2014/10/15 15:48:09 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
[2014/10/15 15:48:09 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
[2014/10/15 15:48:09 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2014/10/15 15:48:09 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2014/10/15 15:48:08 | 005,780,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2014/10/15 15:48:07 | 003,179,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll
[2014/10/15 15:48:04 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rastls.dll
[2014/10/15 15:48:04 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastls.dll
[2014/10/15 15:47:56 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll
[2014/10/15 15:47:56 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2014/10/15 15:47:55 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2014/10/15 15:47:39 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2014/10/15 15:47:38 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2014/10/05 11:35:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/10/05 11:35:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/10/01 11:29:04 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2014/10/01 11:29:04 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2014/09/30 03:50:04 | 000,000,000 | ---D | C] -- C:\Users\testing\AppData\Roaming\.mono
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/10/27 13:19:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/10/27 09:33:31 | 000,019,248 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/10/27 09:33:31 | 000,019,248 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/10/27 09:22:59 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/10/17 21:11:13 | 000,001,551 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2014/10/16 03:32:36 | 000,418,584 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/10/10 12:05:59 | 000,276,480 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2014/10/10 12:05:42 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/10/10 12:00:38 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/10/25 14:55:23 | 000,000,192 | ---- | C] () -- C:\Users\testing\.packettracer
 
========== ZeroAccess Check ==========
 
[2009/07/14 14:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/25 12:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/25 11:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 11:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 03:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 11:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
 

 

I would like to thank you for your time and i hope that it is nothing and i am over reacting :)


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP