Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

[OTL]Win32/Alureon.FL and .FE


  • Please log in to reply

#1
jth

jth

    New Member

  • Member
  • Pip
  • 3 posts
Hi there;

I was searching for images of shoes through google images and when I reached one site, my MSS antivirus detected something and I quickly pressed clean. It then popped up again and once again, I clicked clean. After this, my computer had many small popup errors saying that there was something wrong with my hard drive.

All my desktop icons disappeared and when I opened "My Computer", my hard drive would open but it would report that there is no files within it.
(Even after running all the scans and virus and malware removers, I still don't see any files when I open my "D" hard drive..)

I did a memory scan from safe mode and it showed that my memory was fine but when I did the memory diagnostic without safe mode, it said that my hard drive was slow and potentially damaged and that my RAM was running at 85 degrees Celsius.

Whenever I restarted my computer, it would return to the blank desktop, a bunch of small error popups would appear and my only choice is to restart.

I then chose System Restore from Safe Mode, and here I am now.
(My MSE shows that I have Win32/Alureon.fl and .fe and Blacole virus)

1) I updated my MSE but did not make it clean anything again because I'm worried this process will start over
2) Downloaded and used Spybot S&D, Malwarebytes, Microsoft Security Essentials Clean and used TDSSKiller.exe
3) Followed the GtG Malware Guide and used OTL and am now posting here






OTL logfile created on: 12/12/2011 8:38:46 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Owner\Desktop
64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.82 Gb Available Physical Memory | 70.42% Memory free
7.99 Gb Paging File | 6.72 Gb Available in Paging File | 84.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.69 Gb Total Space | 76.20 Gb Free Space | 68.23% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 225.03 Gb Free Space | 48.32% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/12 05:42:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2011/11/09 04:51:02 | 000,924,632 | -H-- | M] (Mozilla Corporation) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/09/05 12:04:58 | 000,035,736 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/01/22 11:29:40 | 000,106,496 | -H-- | M] (NEC Electronics Corporation) -- D:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/09 04:51:01 | 001,989,592 | -H-- | M] () -- D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010/11/11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/16 16:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/01/11 03:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/08/02 16:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/10/24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/10/02 23:20:16 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/10/02 23:20:02 | 001,250,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2010/09/07 15:08:55 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/08/10 08:38:40 | 000,171,016 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiK0CCB.sys -- (SaiK0CCB)
DRV:64bit: - [2010/08/10 08:38:40 | 000,041,096 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiU0CCB.sys -- (SaiU0CCB)
DRV:64bit: - [2010/07/27 03:14:24 | 006,465,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech HD Webcam C510(UVC)
DRV:64bit: - [2010/07/27 03:12:16 | 000,339,040 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2010/07/27 03:07:22 | 000,024,032 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvbflt64.sys -- (CompFilter64)
DRV:64bit: - [2010/07/09 12:19:02 | 000,021,480 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:64bit: - [2010/07/08 08:39:36 | 000,050,056 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:64bit: - [2010/07/08 08:39:36 | 000,022,792 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini)
DRV:64bit: - [2010/01/22 11:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/01/22 11:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/11/23 16:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 16:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/10/18 20:56:10 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009/07/15 22:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/iat/us_ca.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 97 A5 45 EA 08 77 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: D:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: D:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/02/23 17:35:44 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: D:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/02/23 17:35:44 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2011/11/09 04:51:02 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins [2011/10/26 14:48:07 | 000,000,000 | -H-D | M]

[2010/10/02 23:02:08 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2011/02/23 21:10:58 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\n7qgs58o.default\extensions

O1 HOSTS File: ([2011/12/12 07:31:54 | 000,441,873 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 0.0.0.0 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 0.0.0.0 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 15177 more lines...
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - D:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] D:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE29B792-02EA-4664-85EF-90C6793A1AB0}: DhcpNameServer = 64.71.255.198
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/12 07:35:18 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2011/12/12 07:34:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/12/12 07:34:53 | 000,287,304 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\TrufosAlt.sys
[2011/12/12 07:27:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2011/12/12 05:42:22 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2011/12/12 05:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/12 05:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/12/12 05:29:28 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/12/12 05:29:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/12/12 05:28:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/12/12 04:40:16 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix
[2011/12/11 13:15:11 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{41BEB329-B17B-49F8-BA5B-B6BD031243BA}
[2011/12/11 13:15:00 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{E532D847-844C-4FAB-BA05-103EB4BC245D}
[2011/12/10 18:38:20 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{71A72099-65E3-49B1-8F20-73EC94490DF7}
[2011/12/10 18:38:08 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{BB1D2F36-F70A-46CB-8618-4CF9A1463DE6}
[2011/12/08 18:26:19 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{E5B09E23-8671-4E0B-9EBA-ACBA9FA90C96}
[2011/12/08 18:26:08 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{CAF2B27F-579C-497E-A389-50376E861A38}
[2011/12/07 17:14:25 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{09AC0F95-754D-4DAF-997F-BE1D1DB487B9}
[2011/12/07 17:14:14 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{3A02B29D-02C4-4862-9F52-B1783B1B2D76}
[2011/12/05 15:05:15 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{7CCB1EDB-5BB5-4611-B6A7-10167F444EE9}
[2011/12/05 15:05:03 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{FAA10F44-B082-47A4-B24F-852B39EF4C09}
[2011/12/04 19:09:51 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{90695653-5539-4286-81AB-D01C74924DAC}
[2011/12/04 19:09:40 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{F6330D02-9073-4590-90EF-1A9053F4AF18}
[2011/12/03 20:55:25 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{ED0BC8D7-40D3-4C04-8A69-856BBC5B8535}
[2011/12/03 20:55:07 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{B5E1A5D0-6E42-45DD-A924-40B57923F32C}
[2011/12/01 14:39:42 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{F6357210-B033-4959-A830-25D511D14BEA}
[2011/12/01 14:39:30 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{2B95CC21-9F49-43A3-8E6A-1402724C9C0A}
[2011/11/30 20:27:35 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{742BA301-C683-4874-967F-29D86CFC76CD}
[2011/11/30 20:27:24 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{5264E69C-6C56-449D-9019-DE421FD39C0F}
[2011/11/30 06:07:31 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{20F223BD-CE07-4C3B-BA79-4AFFF336A068}
[2011/11/30 06:07:19 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{109EF40C-C505-4A4A-91C9-184B8881465C}
[2011/11/29 14:20:39 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{E9437578-D78D-4D26-9797-90B1B23FDD94}
[2011/11/29 14:20:24 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{FEF25C16-2F4E-460E-A5B8-22AD39FE3666}
[2011/11/28 16:23:31 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{C724D0A4-162A-4A4D-8C39-8E697B40D904}
[2011/11/28 16:23:19 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{CD32410D-CA65-4660-989F-199F3E72F7D1}
[2011/11/23 20:19:32 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{4752E6A3-F6D4-40A5-8A53-E984E478D574}
[2011/11/23 20:19:21 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{7FFF6AC9-B5D0-4215-A29E-641039275F96}
[2011/11/23 09:40:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011/11/23 02:37:05 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{D8EC3EB7-1A20-4DBC-82CB-0C684389E11B}
[2011/11/23 02:36:52 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{EE7FDEF8-B8DC-491C-9327-C1FFA1DD4FB1}
[2011/11/20 19:23:30 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{E573212E-BC5C-4844-989A-DCC96CDDA5FC}
[2011/11/20 19:23:19 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{816F8D60-7937-47B9-A145-DE5AEEBF38AF}
[2011/11/19 22:55:54 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{6BEF9E64-EA94-4E01-AA5C-A5D9046CB0FA}
[2011/11/19 22:55:42 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{78C28A79-70CE-47EE-91CB-0951719A5F22}
[2011/11/16 21:23:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/11/16 16:05:09 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{3EC12CF7-73A2-4C2C-BF6C-2EF68CB4E6F8}
[2011/11/16 16:04:58 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{D52596AB-63C9-48E0-8038-3A4F263389B8}
[2011/11/15 19:21:05 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{ACE5BF66-1324-424C-AAA5-B175A5802321}
[2011/11/15 19:20:54 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{C531EE24-7194-49B4-A422-8E1AADDA78BD}
[2011/11/14 16:19:44 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{97AC7C52-5136-436F-A2FB-E4C1709ABB17}
[2011/11/14 16:19:32 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData\Local\{C25EB60A-57BB-4648-B025-A268ED73D628}

========== Files - Modified Within 30 Days ==========

[2011/12/12 08:38:22 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/12 08:38:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/12 08:38:09 | 3219,693,568 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/12 08:23:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/12 08:01:49 | 000,014,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/12 08:01:49 | 000,014,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/12 07:58:47 | 000,717,260 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/12 07:58:47 | 000,617,222 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/12 07:58:47 | 000,104,496 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/12 07:35:18 | 000,025,160 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/12/12 07:34:53 | 000,287,304 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\TrufosAlt.sys
[2011/12/12 07:31:54 | 000,441,873 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/12/12 05:42:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2011/12/12 05:29:32 | 000,000,786 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/12 05:29:04 | 000,000,929 | ---- | M] () -- C:\Users\Owner\Desktop\Spybot - Search & Destroy.lnk
[2011/12/12 04:41:58 | 000,000,456 | -H-- | M] () -- C:\ProgramData\ky3Ddib6Ho0bw1
[2011/12/12 04:40:17 | 000,000,304 | -H-- | M] () -- C:\ProgramData\~ky3Ddib6Ho0bw1
[2011/12/12 04:40:17 | 000,000,224 | -H-- | M] () -- C:\ProgramData\~ky3Ddib6Ho0bw1r
[2011/11/16 21:23:45 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

========== Files Created - No Company Name ==========

[2011/12/12 07:35:18 | 000,025,160 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/12/12 05:29:32 | 000,000,786 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/12 05:29:04 | 000,000,929 | ---- | C] () -- C:\Users\Owner\Desktop\Spybot - Search & Destroy.lnk
[2011/12/12 04:40:17 | 000,000,304 | -H-- | C] () -- C:\ProgramData\~ky3Ddib6Ho0bw1
[2011/12/12 04:40:17 | 000,000,224 | -H-- | C] () -- C:\ProgramData\~ky3Ddib6Ho0bw1r
[2011/12/12 04:40:13 | 000,000,456 | -H-- | C] () -- C:\ProgramData\ky3Ddib6Ho0bw1
[2011/11/16 21:23:45 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/03/26 16:21:18 | 000,041,974 | -H-- | C] () -- C:\Users\Owner\AppData\Roaming\room.dat
[2011/02/17 19:04:46 | 000,000,600 | -H-- | C] () -- C:\Users\Owner\AppData\Roaming\winscp.rnd
[2011/02/17 18:19:01 | 000,187,432 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/02/17 04:58:42 | 000,007,168 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/28 01:41:31 | 000,730,638 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/11/21 04:37:02 | 006,814,952 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2010/10/14 14:06:13 | 000,001,770 | -H-- | C] () -- C:\Users\Owner\AppData\Roaming\Profile0.dat
[2010/10/05 18:13:25 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2010/10/05 18:13:24 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2010/10/05 18:13:24 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2010/10/05 18:13:24 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2010/10/05 18:13:24 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2010/10/05 18:13:24 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2010/10/05 18:13:24 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2010/10/05 18:13:24 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2010/10/05 18:13:24 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2010/10/05 18:13:24 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2010/10/05 18:13:24 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2010/10/05 18:13:24 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2010/10/05 18:13:24 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2010/10/05 18:13:24 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2010/10/05 18:13:24 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2010/10/05 18:13:24 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2010/10/03 23:49:31 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/10/02 23:09:44 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010/10/02 23:09:42 | 000,029,875 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010/07/27 03:03:20 | 010,829,656 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2010/07/27 03:03:20 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2010/07/27 03:03:18 | 000,290,648 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/02 07:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007/07/19 11:50:12 | 000,104,520 | ---- | C] () -- C:\Windows\SysWow64\OSD.dll

========== LOP Check ==========

[2011/12/12 08:08:37 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Audacity
[2010/10/17 22:36:35 | 000,000,000 | -H-D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Lite
[2011/02/04 20:36:52 | 000,000,000 | -H-D | M] -- C:\Users\Owner\AppData\Roaming\EPSON
[2010/10/02 23:34:53 | 000,000,000 | -H-D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2010/11/04 12:28:27 | 000,000,000 | -H-D | M] -- C:\Users\Owner\AppData\Roaming\LolClient
[2011/03/26 23:37:14 | 000,000,000 | -H-D | M] -- C:\Users\Owner\AppData\Roaming\mkvtoolnix
[2011/02/23 00:59:30 | 000,000,000 | -H-D | M] -- C:\Users\Owner\AppData\Roaming\Red Kawa
[2011/12/12 08:08:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TS3Client
[2011/12/12 08:37:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2011/12/12 08:08:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WindSolutions
[2011/08/27 17:29:27 | 000,032,656 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Edited by jth, 12 December 2011 - 07:44 AM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP