Jump to content

Win HDD - Fake Defragmenter


Recommended Posts

I seem to have a trojan that keeps telling me I need to defragment my hard drive. It's called Win HDD.

I ran Malwarebytes and it removed two objects and placed them in the quarantine vault, but the problem still persists when I don't run the computer in safe mode.

Attached is my HJT log.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:52:55 PM, on 11/27/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16671)

Boot mode: Safe mode with network support

Running processes:

C:\Program Files (x86)\zMUD\Zmud.exe

C:\Program Files (x86)\zMUD\Zmud.exe

C:\Users\Phil\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Phil\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.DLL

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll

O4 - HKLM\..\Run: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe

O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

O4 - HKLM\..\Run: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe

O4 - HKLM\..\Run: [Lycosa] "C:\Program Files (x86)\Razer\Lycosa\razerhid.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe

O4 - HKLM\..\RunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"

O4 - HKLM\..\RunOnce: [sTToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [Google Update] "C:\Users\Phil\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [EqCAlppKDp.exe] C:\Users\Phil\AppData\Local\Temp\EqCAlppKDp.exe

O4 - HKCU\..\Run: [1142503664] C:\Users\Phil\AppData\Local\Temp\1142503664.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')

O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe

O4 - Startup: LimeWire On Startup.lnk = C:\Program Files (x86)\LimeWire\LimeWire.exe

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10833 bytes

Link to post
Share on other sites

Hello ,

And :) My name is Elise and I'll be glad to help you with your computer problems.

I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.

  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.

You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications.

-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.

Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:

  • Please download OTL from one of the following mirrors:

    [*]Save it to your desktop.

    [*]Double click on the otlDesktopIcon.png icon on your desktop.

    [*]Click the "Scan All Users" checkbox.

    [*]Push the Quick Scan button.

    [*]Two reports will open, copy and paste them in a reply here:

    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Please Download Rootkit Unhooker Save it to your desktop.

  • extract RKUnhooker to your desktop
    • Note** it is zipped up in a .rar file - If you do not have a program to unzip this type of file -
      you can get a free one from here -
    http://www.7-zip.org/

  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.

Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!

It is recommended to remove parasite, okay?"

"just click on Cancel, then Accept".

-------------------------------------------------------------

In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply

  • A detailed description of your problems
  • A new OTL log (don't forget extra.txt)
  • RKU log

Thanks and again sorry for the delay.

Link to post
Share on other sites

Thanks in advance for your assistance!

OTL logfile created on: 11/28/2010 4:42:15 PM - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Phil\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 5.00 Gb Available Physical Memory | 85.00% Memory free

12.00 Gb Paging File | 11.00 Gb Available in Paging File | 93.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 921.59 Gb Total Space | 859.77 Gb Free Space | 93.29% Space Free | Partition Type: NTFS

Computer Name: FANATIC_ | User Name: Phil | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/28 16:41:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Phil\Downloads\OTL.exe

PRC - [2010/11/01 16:36:03 | 000,974,904 | ---- | M] (Google Inc.) -- C:\Users\Phil\AppData\Local\Google\Chrome\Application\chrome.exe

PRC - [2010/09/24 01:10:48 | 009,777,448 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunes.exe

PRC - [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

PRC - [2010/03/25 18:42:36 | 000,388,096 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

========== Modules (SafeList) ==========

MOD - [2010/11/28 16:41:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Phil\Downloads\OTL.exe

MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/05/17 21:03:54 | 000,203,264 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Stopped] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)

SRV - [2010/11/16 23:58:28 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2010/10/07 10:56:01 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)

SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2010/05/21 11:58:30 | 000,673,088 | ---- | M] (SoftThinks) [Auto | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/01/20 17:02:22 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe -- (N360)

SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)

========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0300000.087\SYMNDISV.SYS -- (SYMNDISV)

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0300000.087\SYMFW.SYS -- (SYMFW)

DRV:64bit: - [2010/11/14 18:53:47 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)

DRV:64bit: - [2010/07/12 13:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2010/05/17 21:35:30 | 006,853,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2010/05/17 20:30:28 | 000,263,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010/04/08 07:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2010/02/27 10:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2010/02/04 00:38:32 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®

DRV:64bit: - [2010/01/20 17:02:23 | 000,476,720 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtsp64.sys -- (SRTSP)

DRV:64bit: - [2010/01/20 17:02:23 | 000,402,992 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymEFA64.sys -- (SymEFA)

DRV:64bit: - [2010/01/20 17:02:23 | 000,278,576 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symtdi.sys -- (SYMTDI)

DRV:64bit: - [2010/01/20 17:02:23 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV:64bit: - [2010/01/20 17:02:23 | 000,031,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)

DRV:64bit: - [2010/01/20 17:02:22 | 000,583,296 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\cchpx64.sys -- (ccHP)

DRV:64bit: - [2010/01/20 17:02:22 | 000,334,384 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\BHDrvx64.sys -- (BHDrvx64)

DRV:64bit: - [2010/01/06 16:20:00 | 000,676,864 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)

DRV:64bit: - [2009/10/16 06:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink

DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®

DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/01/15 11:19:58 | 000,030,760 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2007/04/12 05:46:46 | 000,013,824 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dadder.sys -- (DAdderFltr)

DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2010/10/31 22:16:05 | 001,461,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\EX64.SYS -- (NAVEX15)

DRV - [2010/10/31 22:16:05 | 000,396,848 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090206.001\IDSvia64.sys -- (IDSVia64)

DRV - [2010/10/31 22:16:05 | 000,136,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\ENG64.SYS -- (NAVENG)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2299473153-2093104855-494322011-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1

IE - HKU\S-1-5-21-2299473153-2093104855-494322011-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-21-2299473153-2093104855-494322011-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2299473153-2093104855-494322011-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[2010/10/19 20:03:41 | 000,000,000 | ---D | M] -- C:\Users\Phil\AppData\Roaming\Mozilla\Extensions

[2010/10/19 20:03:41 | 000,000,000 | ---D | M] -- C:\Users\Phil\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)

O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe ()

O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()

O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)

O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [Lycosa] C:\Program Files (x86)\Razer\Lycosa\razerhid.exe (Razer USA Ltd.)

O4 - HKLM..\Run: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)

O4 - HKLM..\Run: [startCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2299473153-2093104855-494322011-1000..\Run: [1142503664] C:\Users\Phil\AppData\Local\Temp\1142503664.exe ()

O4 - HKU\S-1-5-21-2299473153-2093104855-494322011-1000..\Run: [EqCAlppKDp.exe] C:\Users\Phil\AppData\Local\Temp\EqCAlppKDp.exe ()

O4 - HKU\S-1-5-21-2299473153-2093104855-494322011-1000..\Run: [steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

O4 - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)

O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)

O4 - HKLM..\RunOnce: [sTToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\ToasterLauncher.exe ()

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found

O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found

O4 - Startup: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found

O4 - Startup: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files (x86)\LimeWire\LimeWire.exe (Lime Wire, LLC)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/27 22:13:27 | 000,000,000 | ---D | C] -- C:\Users\Phil\AppData\Roaming\Malwarebytes

[2010/11/27 22:13:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2010/11/27 22:13:21 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010/11/27 22:13:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2010/11/27 22:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010/11/27 21:48:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro

[2010/11/16 12:57:28 | 000,000,000 | ---D | C] -- C:\Users\Phil\AppData\Roaming\Onhe

[2010/11/16 12:57:28 | 000,000,000 | ---D | C] -- C:\Users\Phil\AppData\Roaming\Cive

[2010/11/14 18:53:47 | 000,402,992 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymEFA64.sys

[2010/11/14 18:53:47 | 000,278,576 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symtdi.sys

[2010/11/14 18:53:47 | 000,120,880 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symfw.sys

[2010/11/14 18:53:47 | 000,056,880 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symndisv.sys

[2010/11/14 18:53:47 | 000,044,080 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symndis.sys

[2010/11/14 18:53:47 | 000,043,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symids.sys

[2010/11/14 18:53:46 | 000,583,296 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\cchpx64.sys

[2010/11/14 18:53:46 | 000,476,720 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtsp64.sys

[2010/11/14 18:53:46 | 000,334,384 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\BHDrvx64.sys

[2010/11/14 18:53:46 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtspx64.sys

[2010/11/14 18:53:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0308000.029

[2010/11/14 17:36:15 | 000,000,000 | ---D | C] -- C:\Users\Phil\AppData\Roaming\DivX

[2010/11/14 17:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\DivX

[2010/11/14 17:35:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared

[2010/11/14 17:33:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX

[2010/11/14 17:32:33 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX

[2010/11/04 17:53:25 | 000,000,000 | ---D | C] -- C:\PFiles

[2010/11/04 17:03:07 | 000,000,000 | ---D | C] -- C:\Users\Phil\AppData\Roaming\Ventrilo

[2010/11/04 17:02:59 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo

[2010/11/04 17:02:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard

[2010/11/01 19:58:46 | 000,000,000 | ---D | C] -- C:\Users\Phil\Documents\My Received Files

[2010/10/31 22:28:01 | 000,000,000 | ---D | C] -- C:\Users\Phil\AppData\Roaming\LolClient

[2010/10/31 22:17:02 | 000,000,000 | ---D | C] -- C:\Users\Phil\Documents\Symantec

[2010/10/31 22:16:25 | 000,000,000 | ---D | C] -- C:\ProgramData\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}

[2010/10/31 22:16:18 | 000,000,000 | ---D | C] -- C:\Users\Phil\AppData\Local\Downloaded Installations

[2010/10/31 22:16:16 | 000,031,280 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SymIMV.sys

[2010/10/31 22:16:13 | 000,172,592 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS

[2010/10/31 22:16:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared

[2010/10/31 22:16:13 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec

[2010/10/31 22:15:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64

[2010/10/31 22:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec

[2010/10/31 22:15:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360

[2010/10/31 22:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton

[2010/10/31 21:48:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller

[2010/10/31 21:48:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller

========== Files - Modified Within 30 Days ==========

[2010/11/27 22:54:32 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010/11/27 22:54:32 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010/11/27 22:54:32 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010/11/27 22:50:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/11/27 22:50:01 | 504,717,311 | -HS- | M] () -- C:\hiberfil.sys

[2010/11/27 22:13:24 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/11/27 22:07:19 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/11/27 22:07:19 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/11/27 22:03:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2299473153-2093104855-494322011-1000UA.job

[2010/11/27 21:48:59 | 000,002,971 | ---- | M] () -- C:\Users\Phil\Desktop\HiJackThis.lnk

[2010/11/27 21:48:45 | 001,243,374 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\Cat.DB

[2010/11/27 21:46:23 | 000,000,036 | ---- | M] () -- C:\Users\Phil\AppData\Local\housecall.guid.cache

[2010/11/27 21:36:30 | 000,002,390 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk

[2010/11/27 21:34:45 | 000,000,941 | ---- | M] () -- C:\Users\Phil\Desktop\Win HDD.lnk

[2010/11/27 18:03:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2299473153-2093104855-494322011-1000Core.job

[2010/11/14 18:53:47 | 000,172,592 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS

[2010/11/14 18:53:47 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT

[2010/11/14 18:53:47 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

[2010/11/14 18:53:35 | 000,009,412 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symnetv.cat

[2010/11/14 18:53:35 | 000,001,481 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymNetV.inf

[2010/11/14 18:53:35 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\isolate.ini

[2010/11/14 17:36:22 | 000,001,572 | ---- | M] () -- C:\Users\Phil\Desktop\DivX Movies.lnk

[2010/11/14 17:36:09 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk

[2010/11/14 17:35:55 | 000,001,154 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk

[2010/11/06 18:04:14 | 000,002,356 | ---- | M] () -- C:\Users\Phil\Desktop\Google Chrome.lnk

[2010/11/04 17:03:00 | 000,000,915 | ---- | M] () -- C:\Users\Phil\Desktop\Ventrilo.lnk

[2010/11/04 17:03:00 | 000,000,262 | ---- | M] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini

[2010/11/03 19:32:33 | 000,000,219 | ---- | M] () -- C:\Users\Phil\Desktop\Left 4 Dead 2.url

========== Files Created - No Company Name ==========

[2010/11/27 22:13:24 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/11/27 21:48:59 | 000,002,971 | ---- | C] () -- C:\Users\Phil\Desktop\HiJackThis.lnk

[2010/11/27 21:46:23 | 000,000,036 | ---- | C] () -- C:\Users\Phil\AppData\Local\housecall.guid.cache

[2010/11/27 21:36:50 | 001,243,374 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\Cat.DB

[2010/11/27 21:34:45 | 000,000,941 | ---- | C] () -- C:\Users\Phil\Desktop\Win HDD.lnk

[2010/11/14 18:53:47 | 000,009,415 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymNet.cat

[2010/11/14 18:53:47 | 000,001,480 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymNet.inf

[2010/11/14 18:53:46 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtsp64.cat

[2010/11/14 18:53:46 | 000,007,401 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtspx64.cat

[2010/11/14 18:53:46 | 000,007,399 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymEFA64.cat

[2010/11/14 18:53:46 | 000,007,362 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\BHDrvx64.CAT

[2010/11/14 18:53:46 | 000,007,345 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\ccHPx64.cat

[2010/11/14 18:53:46 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymEFA.inf

[2010/11/14 18:53:46 | 000,001,836 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\ccHPx64.inf

[2010/11/14 18:53:46 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtsp64.inf

[2010/11/14 18:53:46 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtspx64.inf

[2010/11/14 18:53:46 | 000,000,640 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\BHDrvx64.inf

[2010/11/14 18:53:35 | 000,009,412 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symnetv.cat

[2010/11/14 18:53:35 | 000,001,481 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymNetV.inf

[2010/11/14 18:53:35 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\isolate.ini

[2010/11/14 17:36:22 | 000,001,572 | ---- | C] () -- C:\Users\Phil\Desktop\DivX Movies.lnk

[2010/11/14 17:36:09 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk

[2010/11/14 17:35:55 | 000,001,154 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk

[2010/11/04 17:03:00 | 000,000,915 | ---- | C] () -- C:\Users\Phil\Desktop\Ventrilo.lnk

[2010/11/04 17:02:56 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini

[2010/11/03 19:32:33 | 000,000,219 | ---- | C] () -- C:\Users\Phil\Desktop\Left 4 Dead 2.url

[2010/10/31 22:16:13 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT

[2010/10/31 22:16:13 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

[2010/10/31 22:16:08 | 000,002,390 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk

[2010/10/17 17:20:57 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll

[2010/10/17 17:20:57 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll

[2010/10/17 17:20:57 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll

[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010/11/16 12:58:03 | 000,000,000 | ---D | M] -- C:\Users\Phil\AppData\Roaming\Cive

[2010/11/27 22:47:39 | 000,000,000 | ---D | M] -- C:\Users\Phil\AppData\Roaming\LimeWire

[2010/10/31 22:28:01 | 000,000,000 | ---D | M] -- C:\Users\Phil\AppData\Roaming\LolClient

[2010/11/27 22:36:35 | 000,000,000 | ---D | M] -- C:\Users\Phil\AppData\Roaming\Onhe

[2010/11/14 15:50:36 | 000,000,000 | ---D | M] -- C:\Users\Phil\AppData\Roaming\uTorrent

[2009/07/14 00:08:49 | 000,004,660 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:359B3BDA

< End of report >

OTL Extras logfile created on: 11/28/2010 4:42:15 PM - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Phil\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 5.00 Gb Available Physical Memory | 85.00% Memory free

12.00 Gb Paging File | 11.00 Gb Available in Paging File | 93.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 921.59 Gb Total Space | 859.77 Gb Free Space | 93.29% Space Free | Partition Type: NTFS

Computer Name: FANATIC_ | User Name: Phil | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2299473153-2093104855-494322011-1000\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- C:\Users\Phil\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes

"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java 6 Update 20 (64-bit)

"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support

"{3EA71966-4551-1758-775B-91769B69720A}" = ccc-utility64

"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour

"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock

"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable

"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center

"{08B73C99-D071-488F-8861-5DDA897C510D}" = Belkin Connect Wireless USB Adapter

"{0E428946-8332-B93E-9C26-8ADFCEB8DDD8}" = CCC Help Spanish

"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup

"{114EA307-D8C8-C17C-4908-4A6F01EFFE1A}" = CCC Help Thai

"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online

"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer

"{1B37E535-AEFD-A318-5424-BDCD373D7F1C}" = Catalyst Control Center Localization All

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{20AE5481-1D87-5BAA-A18E-176953166A1D}" = Skins

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{23B4636C-A780-4FEB-B4C9-A2564E9B9F7C}" = Multimedia Card Reader

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20

"{28999392-5871-4A39-863A-D2A6EA3260AF}" = League of Legends

"{2AD129C1-F00C-4F99-74DC-864008611F81}" = Catalyst Control Center InstallProxy

"{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}" = GEAR driver installer for x86 and x64

"{3AEB8580-42C8-E795-F770-5149255C4632}" = CCC Help Greek

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker

"{3E89148E-8827-DB7C-57E7-7C3555DDB752}" = CCC Help Dutch

"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A8F48C5-6FAC-9744-55C9-38BF1F0C9425}" = CCC Help Russian

"{4F77DCBA-7370-CBAF-EF25-6FEB29541C84}" = CCC Help Czech

"{514D3391-F031-78C7-8939-94023AC8AB74}" = CCC Help French

"{5A05DF12-909D-03A6-5983-C111BE26F2BF}" = CCC Help Portuguese

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail

"{695D218A-DEF0-503B-3183-EB992A395159}" = CCC Help Norwegian

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{78D56726-B120-D93F-A426-279C95001F08}" = CCC Help Finnish

"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide

"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials

"{818FA1BB-A0A9-F553-D9C7-125C541F3A3A}" = CCC Help Italian

"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync

"{888C03E4-58E6-046B-E380-F6CB1972C398}" = CCC Help Japanese

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{9060F116-D570-7033-4B42-DB0E5119DDA0}" = CCC Help Swedish

"{924AED21-D45C-3486-FE09-7DD182B35AA0}" = Catalyst Control Center Graphics Previews Common

"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends

"{929B1DC7-1201-2305-0182-6CC7655AF596}" = CCC Help English

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars

"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar

"{99F8C520-B782-6C15-DBB7-91061BA752C5}" = CCC Help Polish

"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack

"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn

"{A69D7B32-2BE9-42BF-B576-69B5E0FF7394}" = Catalyst Control Center - Branding

"{A7F702F8-B4AD-3EF4-5B4D-C1BB0DF9DBB6}" = CCC Help Hungarian

"{A8443959-7C6F-3ED4-7BB5-DA0E0F85B9BA}" = ccc-core-static

"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger

"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software

"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2

"{AD54E087-C6D2-3439-0993-3061CE6C10F1}" = Catalyst Control Center Graphics Previews Vista

"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn

"{B3C9A765-F917-6C92-A32B-607751AF4C2B}" = CCC Help Turkish

"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)

"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype

Link to post
Share on other sites

RKU will not run most likely, try this instead:

Please download MBRCheck.exe by a_d_13 from one of the links provided below and save it to your desktop.

Link 1
Link 2
Link 3

  • Double-click on MBRCheck.exe to run it. Vista/Windows 7 users right-click and select Run As Administrator.
  • It will open a black screen with some data on it...please do not fix anything (if it gives you an option).
  • When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.
  • A log named MBRCheck_date_time.txt (i.e. MBRCheck_07.21.10_10.22.51.txt) will be created on the desktop.
  • Copy and paste the contents of that log in your next reply.

Link to post
Share on other sites

I'm amazed by the fast response! Here you go. (Good call on RKU not working)

MBRCheck, version 1.2.3

© 2010, AD

Command-line:

Windows Version: Windows 7 Home Premium Edition

Windows Information: (build 7600), 64-bit

Base Board Manufacturer: Dell Inc.

BIOS Manufacturer: Dell Inc.

System Manufacturer: Dell Inc.

System Product Name: Inspiron 580

Logical Drives Mask: 0x000000fc

Kernel Drivers (total 158):

0x02201000 \SystemRoot\system32\ntoskrnl.exe

0x027DD000 \SystemRoot\system32\hal.dll

0x00BA1000 \SystemRoot\system32\kdcom.dll

0x00C8E000 \SystemRoot\system32\mcupdate_GenuineIntel.dll

0x00CD2000 \SystemRoot\system32\PSHED.dll

0x00CE6000 \SystemRoot\system32\CLFS.SYS

0x00E28000 \SystemRoot\system32\CI.dll

0x00EE8000 \SystemRoot\system32\drivers\Wdf01000.sys

0x00F8C000 \SystemRoot\system32\drivers\WDFLDR.SYS

0x00F9B000 \SystemRoot\system32\DRIVERS\ACPI.sys

0x00FF2000 \SystemRoot\system32\DRIVERS\WMILIB.SYS

0x00E00000 \SystemRoot\system32\DRIVERS\msisadrv.sys

0x00D44000 \SystemRoot\system32\DRIVERS\pci.sys

0x00E0A000 \SystemRoot\system32\DRIVERS\vdrvroot.sys

0x00D77000 \SystemRoot\System32\drivers\partmgr.sys

0x00D8C000 \SystemRoot\system32\DRIVERS\volmgr.sys

0x00DA1000 \SystemRoot\System32\drivers\volmgrx.sys

0x00E17000 \SystemRoot\system32\DRIVERS\pciide.sys

0x00C00000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS

0x00C10000 \SystemRoot\System32\drivers\mountmgr.sys

0x00E1E000 \SystemRoot\system32\DRIVERS\atapi.sys

0x00C2A000 \SystemRoot\system32\DRIVERS\ataport.SYS

0x00C54000 \SystemRoot\system32\DRIVERS\amdxata.sys

0x010CE000 \SystemRoot\system32\drivers\fltmgr.sys

0x0111A000 \SystemRoot\system32\drivers\fileinfo.sys

0x0112E000 \SystemRoot\system32\drivers\N360x64\0308000.029\SYMEFA64.SYS

0x01195000 \SystemRoot\System32\Drivers\PxHlpa64.sys

0x0122F000 \SystemRoot\System32\Drivers\Ntfs.sys

0x011A2000 \SystemRoot\System32\Drivers\msrpc.sys

0x013D2000 \SystemRoot\System32\Drivers\ksecdd.sys

0x01000000 \SystemRoot\System32\Drivers\cng.sys

0x013EC000 \SystemRoot\System32\drivers\pcw.sys

0x01200000 \SystemRoot\System32\Drivers\Fs_Rec.sys

0x01403000 \SystemRoot\system32\drivers\ndis.sys

0x014F5000 \SystemRoot\system32\drivers\NETIO.SYS

0x01555000 \SystemRoot\System32\Drivers\ksecpkg.sys

0x01600000 \SystemRoot\System32\drivers\tcpip.sys

0x01580000 \SystemRoot\System32\drivers\fwpkclnt.sys

0x01073000 \SystemRoot\system32\DRIVERS\volsnap.sys

0x0189D000 \SystemRoot\System32\drivers\rdyboost.sys

0x018D7000 \SystemRoot\System32\Drivers\mup.sys

0x018E9000 \SystemRoot\System32\drivers\hwpolicy.sys

0x018F2000 \SystemRoot\System32\DRIVERS\fvevol.sys

0x0192C000 \SystemRoot\system32\DRIVERS\disk.sys

0x01942000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS

0x019A8000 \SystemRoot\System32\Drivers\Null.SYS

0x019B1000 \SystemRoot\System32\Drivers\Beep.SYS

0x019B8000 \SystemRoot\System32\drivers\vga.sys

0x019C6000 \SystemRoot\System32\drivers\VIDEOPRT.SYS

0x019EB000 \SystemRoot\System32\drivers\watchdog.sys

0x01800000 \SystemRoot\system32\drivers\rdpencdd.sys

0x01809000 \SystemRoot\System32\Drivers\Msfs.SYS

0x01814000 \SystemRoot\System32\Drivers\Npfs.SYS

0x01825000 \SystemRoot\system32\DRIVERS\tdx.sys

0x01843000 \SystemRoot\system32\DRIVERS\TDI.SYS

0x01850000 \SystemRoot\System32\DRIVERS\netbt.sys

0x02AD8000 \SystemRoot\system32\drivers\afd.sys

0x02B62000 \SystemRoot\system32\DRIVERS\wfplwf.sys

0x02B6B000 \SystemRoot\system32\DRIVERS\pacer.sys

0x02B91000 \SystemRoot\system32\DRIVERS\vwififlt.sys

0x02BA7000 \SystemRoot\system32\DRIVERS\SymIMv.sys

0x02BB2000 \SystemRoot\system32\DRIVERS\netbios.sys

0x02A00000 \SystemRoot\system32\DRIVERS\rdbss.sys

0x02A51000 \SystemRoot\system32\drivers\nsiproxy.sys

0x02A5D000 \SystemRoot\System32\Drivers\dfsc.sys

0x02A7B000 \SystemRoot\system32\DRIVERS\tunnel.sys

0x02AA1000 \SystemRoot\system32\DRIVERS\HDAudBus.sys

0x02AC5000 \SystemRoot\system32\DRIVERS\HECIx64.sys

0x02BC1000 \SystemRoot\system32\DRIVERS\usbehci.sys

0x02E59000 \SystemRoot\system32\DRIVERS\USBPORT.SYS

0x02EAF000 \SystemRoot\system32\DRIVERS\k57nd60a.sys

0x02F00000 \SystemRoot\system32\DRIVERS\cdrom.sys

0x02F2A000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

0x02F35000 \SystemRoot\system32\DRIVERS\blbdrive.sys

0x02F46000 \SystemRoot\system32\DRIVERS\CompositeBus.sys

0x02F56000 \SystemRoot\system32\DRIVERS\mssmbios.sys

0x02F61000 \SystemRoot\system32\DRIVERS\AgileVpn.sys

0x02F77000 \SystemRoot\system32\DRIVERS\rasl2tp.sys

0x02F9B000 \SystemRoot\system32\DRIVERS\ndistapi.sys

0x02FA7000 \SystemRoot\system32\DRIVERS\ndiswan.sys

0x02FD6000 \SystemRoot\system32\DRIVERS\raspppoe.sys

0x02E00000 \SystemRoot\system32\DRIVERS\raspptp.sys

0x02E21000 \SystemRoot\system32\DRIVERS\rassstp.sys

0x02E3B000 \SystemRoot\system32\DRIVERS\termdd.sys

0x02FF1000 \SystemRoot\system32\DRIVERS\kbdclass.sys

0x02BD2000 \SystemRoot\system32\DRIVERS\mouclass.sys

0x02E4F000 \SystemRoot\system32\DRIVERS\swenum.sys

0x030AF000 \SystemRoot\system32\DRIVERS\ks.sys

0x030F2000 \SystemRoot\system32\DRIVERS\umbus.sys

0x03104000 \SystemRoot\system32\DRIVERS\usbhub.sys

0x0315E000 \SystemRoot\System32\Drivers\NDProxy.SYS

0x03173000 \SystemRoot\System32\Drivers\crashdmp.sys

0x03181000 \SystemRoot\System32\Drivers\dump_dumpata.sys

0x0318D000 \SystemRoot\System32\Drivers\dump_atapi.sys

0x03196000 \SystemRoot\System32\Drivers\dump_dumpfve.sys

0x00030000 \SystemRoot\System32\win32k.sys

0x031A9000 \SystemRoot\System32\drivers\Dxapi.sys

0x00540000 \SystemRoot\System32\drivers\dxg.sys

0x00660000 \SystemRoot\System32\TSDDD.dll

0x00980000 \SystemRoot\System32\framebuf.dll

0x031B5000 \SystemRoot\system32\drivers\dadder.sys

0x031B9000 \SystemRoot\system32\DRIVERS\hidusb.sys

0x031C7000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS

0x031E0000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS

0x031E9000 \SystemRoot\system32\DRIVERS\USBD.SYS

0x031EB000 \SystemRoot\system32\DRIVERS\mouhid.sys

0x03000000 \SystemRoot\system32\DRIVERS\usbccgp.sys

0x0301D000 \SystemRoot\system32\DRIVERS\kbdhid.sys

0x0302B000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS

0x0344D000 \SystemRoot\system32\DRIVERS\RTL8192su.sys

0x0350E000 \SystemRoot\System32\drivers\vwifibus.sys

0x0351B000 \SystemRoot\system32\drivers\WudfPf.sys

0x0353C000 \SystemRoot\system32\DRIVERS\nwifi.sys

0x0358F000 \SystemRoot\system32\DRIVERS\ndisuio.sys

0x035A2000 \SystemRoot\system32\DRIVERS\bowser.sys

0x035C0000 \SystemRoot\System32\drivers\mpsdrv.sys

0x03400000 \SystemRoot\system32\DRIVERS\mrxsmb.sys

0x03046000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys

0x035D8000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys

0x77530000 \Windows\System32\ntdll.dll

0x47F00000 \Windows\System32\smss.exe

0xFF850000 \Windows\System32\apisetschema.dll

0xFFA80000 \Windows\System32\autochk.exe

0x77700000 \Windows\System32\normaliz.dll

0xFF830000 \Windows\System32\nsi.dll

0xFF790000 \Windows\System32\clbcatq.dll

0xFF710000 \Windows\System32\difxapi.dll

0xFF5E0000 \Windows\System32\wininet.dll

0xFF5B0000 \Windows\System32\imm32.dll

0xFE820000 \Windows\System32\shell32.dll

0xFE6F0000 \Windows\System32\rpcrt4.dll

0xFE6D0000 \Windows\System32\imagehlp.dll

0xFE600000 \Windows\System32\usp10.dll

0xFE3F0000 \Windows\System32\ole32.dll

0xFE3D0000 \Windows\System32\sechost.dll

0xFE170000 \Windows\System32\iertutil.dll

0xFE090000 \Windows\System32\advapi32.dll

0xFDF80000 \Windows\System32\msctf.dll

0xFDF00000 \Windows\System32\shlwapi.dll

0xFDE90000 \Windows\System32\gdi32.dll

0xFDD10000 \Windows\System32\urlmon.dll

0xFDC30000 \Windows\System32\oleaut32.dll

0x776F0000 \Windows\System32\psapi.dll

0xFDBE0000 \Windows\System32\Wldap32.dll

0x77410000 \Windows\System32\kernel32.dll

0xFDB40000 \Windows\System32\msvcrt.dll

0xFDB30000 \Windows\System32\lpk.dll

0xFD950000 \Windows\System32\setupapi.dll

0x77310000 \Windows\System32\user32.dll

0xFD8B0000 \Windows\System32\comdlg32.dll

0xFD860000 \Windows\System32\ws2_32.dll

0xFD820000 \Windows\System32\cfgmgr32.dll

0xFD7B0000 \Windows\System32\KernelBase.dll

0xFD640000 \Windows\System32\crypt32.dll

0xFD620000 \Windows\System32\devobj.dll

0xFD580000 \Windows\System32\comctl32.dll

0xFD540000 \Windows\System32\wintrust.dll

0xFD530000 \Windows\System32\msasn1.dll

Processes (total 31):

0 System Idle Process

4 System

264 C:\Windows\System32\smss.exe

340 csrss.exe

376 csrss.exe

384 C:\Windows\System32\wininit.exe

432 C:\Windows\System32\winlogon.exe

468 C:\Windows\System32\services.exe

484 C:\Windows\System32\lsass.exe

492 C:\Windows\System32\lsm.exe

600 C:\Windows\System32\svchost.exe

680 C:\Windows\System32\svchost.exe

760 C:\Windows\System32\svchost.exe

824 C:\Windows\System32\svchost.exe

864 C:\Windows\System32\svchost.exe

904 C:\Windows\System32\svchost.exe

940 C:\Windows\System32\svchost.exe

284 C:\Windows\System32\svchost.exe

1120 C:\Windows\System32\svchost.exe

1288 C:\Windows\explorer.exe

1356 C:\Windows\System32\ctfmon.exe

1836 C:\Program Files (x86)\zMUD\Zmud.exe

1844 C:\Program Files (x86)\zMUD\Zmud.exe

1056 C:\Windows\System32\svchost.exe

1516 WmiPrvSE.exe

1748 C:\Users\Phil\AppData\Local\Google\Chrome\Application\chrome.exe

1416 C:\Users\Phil\AppData\Local\Google\Chrome\Application\chrome.exe

2028 C:\Users\Phil\AppData\Local\Google\Chrome\Application\chrome.exe

580 C:\Users\Phil\AppData\Local\Google\Chrome\Application\chrome.exe

1344 C:\Users\Phil\Downloads\MBRCheck.exe

1260 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`7ae00000 (NTFS)

PhysicalDrive0 Model Number: ST31000528AS, Rev: CC46

Size Device Name MBR Status

--------------------------------------------

931 GB \\.\PhysicalDrive0 Dell Inspiron MBR code detected

SHA1: AE3E0A945D44C8EA304A19A8F50F69065C34344B

Done!

Link to post
Share on other sites

Last reply I'm making this night. :)

Please let me know how things are running after the following fix.

OTL FIX

------------

We need to run an OTL Fix

  1. Please reopen otlDesktopIcon.png on your desktop.
  2. Copy and Paste the following code into the customFix.png textbox.
    :otl
    O4 - HKU\S-1-5-21-2299473153-2093104855-494322011-1000..\Run: [1142503664] C:\Users\Phil\AppData\Local\Temp\1142503664.exe ()
    O4 - HKU\S-1-5-21-2299473153-2093104855-494322011-1000..\Run: [EqCAlppKDp.exe] C:\Users\Phil\AppData\Local\Temp\EqCAlppKDp.exe ()

    :commands
    [emptytemp]


  3. Push runFixbutton.png
  4. OTL may ask to reboot the machine. Please do so if asked.
  5. Click btnOK.png.
  6. A report will open. Copy and Paste that report in your next reply.

Link to post
Share on other sites

A report didn't immediately generate when I copied the code in. It rebooted first and when I opened OTL again, the below text came up. Here it is.

All processes killed

========== OTL ==========

Registry value HKEY_USERS\S-1-5-21-2299473153-2093104855-494322011-1000\Software\Microsoft\Windows\CurrentVersion\Run\\1142503664 deleted successfully.

C:\Users\Phil\AppData\Local\Temp\1142503664.exe moved successfully.

Registry value HKEY_USERS\S-1-5-21-2299473153-2093104855-494322011-1000\Software\Microsoft\Windows\CurrentVersion\Run\\EqCAlppKDp.exe deleted successfully.

C:\Users\Phil\AppData\Local\Temp\EqCAlppKDp.exe moved successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Phil

->Temp folder emptied: 96681147 bytes

->Temporary Internet Files folder emptied: 43274217 bytes

->Java cache emptied: 211844 bytes

->Google Chrome cache emptied: 199082381 bytes

->Flash cache emptied: 13962 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 17111886 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67563 bytes

RecycleBin emptied: 113521023 bytes

Total Files Cleaned = 448.00 mb

OTL by OldTimer - Version 3.2.17.3 log created on 11282010_194903

Files\Folders moved on Reboot...

File move failed. C:\Users\Phil\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000112 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000115 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012d not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00012e not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000132 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000136 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000138 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000139 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000143 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000170 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001ed not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0001fd not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000207 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000221 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000222 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000223 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000228 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000229 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000295 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000296 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0002d3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000346 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00035a not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000376 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000383 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0008df not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000985 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000a87 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000b33 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000baf not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000bb0 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000be3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000c05 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000c08 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000c09 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000df6 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000df8 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000dfa not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000dfb not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e3d not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e3e not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e3f not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e40 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e96 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000eb9 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000ebb not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000ee9 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000f98 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000fa5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000fa8 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000fd5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000fe5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001016 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001071 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001113 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001116 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00111b not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001189 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00118c not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001232 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001233 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00199c not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001a95 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001a96 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001aad not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001ac3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001adf not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001af5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001af7 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001af8 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001af9 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001afa not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001b09 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001b5b not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001b5c not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001bda not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001bde not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001c0d not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001c15 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001c1f not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001c20 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001c29 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001c2a not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001c30 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001d76 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001d98 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001dc6 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001e0b not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001e0d not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001e7d not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001ed1 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001ed2 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001f24 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001f82 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0020f7 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00210c not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00210d not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0027f8 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0027f9 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0027fa not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0027fb not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002800 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00280d not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00280e not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00281b not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002821 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002827 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002828 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002829 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00282a not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002832 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00283a not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00283b not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00284e not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002851 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002857 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002858 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002874 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002878 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00287b not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00287c not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0028a2 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0028a3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0028a4 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0028b9 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0028ba not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0028bd not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0028bf not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0028c5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0028d3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0028d4 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0028d5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0028d8 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002901 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002916 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002925 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002929 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00292f not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002930 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002931 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002932 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002935 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002936 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002938 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002939 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00293a not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00293b not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00293c not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00293d not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00293e not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00293f not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002940 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002947 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002949 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002952 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002953 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002978 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00297d not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002981 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002983 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002986 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002988 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00298d not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00298e not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002991 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002993 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002995 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002996 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002997 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002a51 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002a5e not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002a61 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002a62 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002a63 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002a6e not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002a6f not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002a78 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002a79 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002a7a not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002a7b not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002a7c not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002a83 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ab5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ab6 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002aba not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002abc not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002abd not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002abe not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ac0 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ac1 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ac2 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ac3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ac4 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ac5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ac6 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ac7 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ac8 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ac9 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002aca not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002acb not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002acd not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ace not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002acf not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ad0 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ad1 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ba8 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ba9 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bac not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bb0 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bb1 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bb3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bb4 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bba not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bbb not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bbc not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bbf not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bc1 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bc2 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bc3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bcc not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bcd not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bd1 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bd2 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bd3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bd6 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bdf not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002be0 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002be1 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002be2 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002be3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bef not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bf0 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bf4 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002bfa not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002c0d not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002c0f not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002c10 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002c11 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002c1e not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002c23 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002c40 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002cf5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002cf7 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002cfe not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002d01 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002d0a not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002d11 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002d14 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002d15 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002d3c not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002d6d not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002d6f not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002d72 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002da0 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002da1 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002da2 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002da4 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002da5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002da6 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002da7 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002da8 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002da9 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002daa not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002dac not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002db0 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002db1 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002db2 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002db3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002db4 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002db5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002db7 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002db8 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002dbe not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002dc0 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002dc1 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002dc2 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002dc3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fb5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fbb not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fc0 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fc1 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fd3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fd4 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fd5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fd6 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fd7 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fd8 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fd9 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fda not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fdb not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fdc not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fdd not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fde not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fdf not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fe0 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fe1 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fe2 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fe3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fe4 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fe5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fe6 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fe7 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fe8 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fe9 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fea not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fec not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fed not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fee not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002fef not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ff0 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ff1 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ff2 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002ff3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00311d not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00311e not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00311f not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003120 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003121 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003122 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003123 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003124 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003125 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003126 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003127 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003128 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003129 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00312a not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00312b not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00312c not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00312d not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00312e not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00312f not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003130 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003131 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003132 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003133 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003134 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003135 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003136 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003137 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003138 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003139 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00313a not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00313b not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00313c not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00313d not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00313e not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00313f not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_003140 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031a5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031a6 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031a7 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031a8 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031a9 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031aa not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031ab not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031ac not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031ad not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031ae not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031af not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031b0 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031b1 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031b2 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031b3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031b4 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031b5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031b6 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031b7 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031b8 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031b9 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031ba not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031bb not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031bc not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031bd not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031be not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031bf not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031c0 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031c1 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031c2 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031c3 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031c4 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031c5 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031c6 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031c7 not found!

File\Folder C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0031c8 not found!

File\Folder C:\Windows\temp\TMP00000014796549E276F22001 not found!

Registry entries deleted on Reboot...

Link to post
Share on other sites

Hi again, where do you see it in your Programs list?

Three good antivirus programs free for non-commercial home use are Avast!, Antivir and Microsoft Security Essentials

Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.

P2P WARNING

-------------------

Going over your logs I noticed that you have uTorrent installed.

[*] Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.

[*]They are a security risk which can make your computer susceptible to a sm

Link to post
Share on other sites

I see it in start/programs, and it's there under Win HDD.

In addition, I can't seem to send shortcut icons to my desktop, or see any of my old desktop icons for the matter.

Any thoughts?

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 5203

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

11/29/2010 11:57:48 PM

mbam-log-2010-11-29 (23-57-48).txt

Scan type: Full scan (C:\|)

Objects scanned: 286999

Time elapsed: 33 minute(s), 55 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

OTL logfile created on: 11/30/2010 2:13:20 PM - Run 3

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Phil\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 58.00% Memory free

12.00 Gb Paging File | 9.00 Gb Available in Paging File | 78.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 921.59 Gb Total Space | 860.42 Gb Free Space | 93.36% Space Free | Partition Type: NTFS

Drive D: | 82.61 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FANATIC_ | User Name: Phil | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/28 16:41:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Phil\Downloads\OTL.exe

PRC - [2010/11/16 23:58:28 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe

PRC - [2010/11/16 23:58:27 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe

PRC - [2010/11/01 16:36:03 | 000,974,904 | ---- | M] (Google Inc.) -- C:\Users\Phil\AppData\Local\Google\Chrome\Application\chrome.exe

PRC - [2010/09/16 15:04:06 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

PRC - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010/05/21 12:00:52 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

PRC - [2010/05/21 11:59:12 | 001,760,064 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

PRC - [2010/05/21 11:58:30 | 000,673,088 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

PRC - [2010/02/18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

PRC - [2010/02/09 13:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

PRC - [2010/01/27 16:01:56 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe

PRC - [2010/01/20 17:02:22 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe

PRC - [2009/10/15 03:10:44 | 001,169,904 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe

PRC - [2009/10/15 03:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

PRC - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe

PRC - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

PRC - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe

PRC - [2007/11/20 15:53:36 | 000,147,456 | ---- | M] (Razer USA Ltd.) -- C:\Program Files (x86)\Razer\Lycosa\razerhid.exe

PRC - [2007/05/07 16:40:52 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe

PRC - [2007/05/07 14:35:14 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe

PRC - [2006/11/24 14:24:16 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razertra.exe

PRC - [2005/10/15 19:55:26 | 003,772,416 | ---- | M] (Zugg Software) -- C:\Program Files (x86)\zMUD\Zmud.exe

========== Modules (SafeList) ==========

MOD - [2010/11/28 16:41:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Phil\Downloads\OTL.exe

MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/05/17 21:03:54 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)

SRV - [2010/11/16 23:58:28 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2010/10/07 10:56:01 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)

SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2010/05/21 11:58:30 | 000,673,088 | ---- | M] (SoftThinks) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/01/20 17:02:22 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe -- (N360)

SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)

========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0300000.087\SYMNDISV.SYS -- (SYMNDISV)

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0300000.087\SYMFW.SYS -- (SYMFW)

DRV:64bit: - [2010/11/14 18:53:47 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)

DRV:64bit: - [2010/07/12 13:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2010/05/17 21:35:30 | 006,853,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2010/05/17 20:30:28 | 000,263,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010/04/08 07:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2010/02/27 10:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2010/02/04 00:38:32 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®

DRV:64bit: - [2010/01/20 17:02:23 | 000,476,720 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtsp64.sys -- (SRTSP)

DRV:64bit: - [2010/01/20 17:02:23 | 000,402,992 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymEFA64.sys -- (SymEFA)

DRV:64bit: - [2010/01/20 17:02:23 | 000,278,576 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symtdi.sys -- (SYMTDI)

DRV:64bit: - [2010/01/20 17:02:23 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV:64bit: - [2010/01/20 17:02:23 | 000,031,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)

DRV:64bit: - [2010/01/20 17:02:22 | 000,583,296 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\cchpx64.sys -- (ccHP)

DRV:64bit: - [2010/01/20 17:02:22 | 000,334,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\BHDrvx64.sys -- (BHDrvx64)

DRV:64bit: - [2010/01/06 16:20:00 | 000,676,864 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)

DRV:64bit: - [2009/10/16 06:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink

DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®

DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/01/15 11:19:58 | 000,030,760 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2007/04/12 05:46:46 | 000,013,824 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dadder.sys -- (DAdderFltr)

DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2010/11/28 17:04:04 | 000,034,560 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\Normandy.sys -- (Normandy)

DRV - [2010/10/31 22:16:05 | 001,461,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\EX64.SYS -- (NAVEX15)

DRV - [2010/10/31 22:16:05 | 000,396,848 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090206.001\IDSvia64.sys -- (IDSVia64)

DRV - [2010/10/31 22:16:05 | 000,136,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\ENG64.SYS -- (NAVENG)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[2010/10/19 20:03:41 | 000,000,000 | ---D | M] -- C:\Users\Phil\AppData\Roaming\Mozilla\Extensions

[2010/10/19 20:03:41 | 000,000,000 | ---D | M] -- C:\Users\Phil\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)

O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe ()

O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()

O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)

O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [Lycosa] C:\Program Files (x86)\Razer\Lycosa\razerhid.exe (Razer USA Ltd.)

O4 - HKLM..\Run: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)

O4 - HKLM..\Run: [startCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKCU..\Run: [steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

O4 - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)

O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)

O4 - HKLM..\RunOnce: [sTToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\ToasterLauncher.exe ()

O4 - Startup: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/28 19:49:03 | 000,000,000 | ---D | C] -- C:\_OTL

[2010/11/28 16:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip

[2010/11/27 22:13:27 | 000,000,000 | ---D | C] -- C:\Users\Phil\AppData\Roaming\Malwarebytes

[2010/11/27 22:13:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2010/11/27 22:13:21 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010/11/27 22:13:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2010/11/27 22:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010/11/27 21:48:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro

[2010/11/16 12:57:28 | 000,000,000 | ---D | C] -- C:\Users\Phil\AppData\Roaming\Onhe

[2010/11/16 12:57:28 | 000,000,000 | ---D | C] -- C:\Users\Phil\AppData\Roaming\Cive

[2010/11/14 18:53:47 | 000,402,992 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymEFA64.sys

[2010/11/14 18:53:47 | 000,278,576 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symtdi.sys

[2010/11/14 18:53:47 | 000,120,880 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symfw.sys

[2010/11/14 18:53:47 | 000,056,880 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symndisv.sys

[2010/11/14 18:53:47 | 000,044,080 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symndis.sys

[2010/11/14 18:53:47 | 000,043,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symids.sys

[2010/11/14 18:53:46 | 000,583,296 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\cchpx64.sys

[2010/11/14 18:53:46 | 000,476,720 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtsp64.sys

[2010/11/14 18:53:46 | 000,334,384 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\BHDrvx64.sys

[2010/11/14 18:53:46 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtspx64.sys

[2010/11/14 18:53:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0308000.029

[2010/11/14 17:36:15 | 000,000,000 | ---D | C] -- C:\Users\Phil\AppData\Roaming\DivX

[2010/11/14 17:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\DivX

[2010/11/14 17:35:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared

[2010/11/14 17:33:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX

[2010/11/14 17:32:33 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX

[2010/11/04 17:53:25 | 000,000,000 | ---D | C] -- C:\PFiles

[2010/11/04 17:03:07 | 000,000,000 | ---D | C] -- C:\Users\Phil\AppData\Roaming\Ventrilo

[2010/11/04 17:02:59 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo

[2010/11/04 17:02:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard

[2010/11/01 19:58:46 | 000,000,000 | ---D | C] -- C:\Users\Phil\Documents\My Received Files

[2010/10/31 22:28:01 | 000,000,000 | ---D | C] -- C:\Users\Phil\AppData\Roaming\LolClient

[2010/10/31 22:17:02 | 000,000,000 | ---D | C] -- C:\Users\Phil\Documents\Symantec

[2010/10/31 22:16:25 | 000,000,000 | ---D | C] -- C:\ProgramData\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}

[2010/10/31 22:16:18 | 000,000,000 | ---D | C] -- C:\Users\Phil\AppData\Local\Downloaded Installations

[2010/10/31 22:16:16 | 000,031,280 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SymIMV.sys

[2010/10/31 22:16:13 | 000,172,592 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS

[2010/10/31 22:16:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared

[2010/10/31 22:16:13 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec

[2010/10/31 22:15:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64

[2010/10/31 22:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec

[2010/10/31 22:15:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360

[2010/10/31 22:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton

[2010/10/31 21:48:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller

[2010/10/31 21:48:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller

========== Files - Modified Within 30 Days ==========

[2010/11/30 14:03:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2299473153-2093104855-494322011-1000UA.job

[2010/11/30 02:20:48 | 001,243,374 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\Cat.DB

[2010/11/29 18:03:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2299473153-2093104855-494322011-1000Core.job

[2010/11/29 14:53:46 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/11/29 14:53:46 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/11/29 14:14:58 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010/11/29 14:14:58 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010/11/29 14:14:58 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010/11/29 14:09:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/11/29 14:09:35 | 504,717,311 | -HS- | M] () -- C:\hiberfil.sys

[2010/11/28 17:04:04 | 000,034,560 | ---- | M] () -- C:\Windows\SysWow64\drivers\Normandy.sys

[2010/11/27 22:13:24 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/11/27 21:48:59 | 000,002,971 | ---- | M] () -- C:\Users\Phil\Desktop\HiJackThis.lnk

[2010/11/27 21:46:23 | 000,000,036 | ---- | M] () -- C:\Users\Phil\AppData\Local\housecall.guid.cache

[2010/11/27 21:36:30 | 000,002,390 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk

[2010/11/14 18:53:47 | 000,172,592 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS

[2010/11/14 18:53:47 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT

[2010/11/14 18:53:47 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

[2010/11/14 18:53:35 | 000,009,412 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symnetv.cat

[2010/11/14 18:53:35 | 000,001,481 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymNetV.inf

[2010/11/14 18:53:35 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\isolate.ini

[2010/11/14 17:36:22 | 000,001,572 | ---- | M] () -- C:\Users\Phil\Desktop\DivX Movies.lnk

[2010/11/14 17:36:09 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk

[2010/11/14 17:35:55 | 000,001,154 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk

[2010/11/06 18:04:14 | 000,002,356 | ---- | M] () -- C:\Users\Phil\Desktop\Google Chrome.lnk

[2010/11/04 17:03:00 | 000,000,915 | ---- | M] () -- C:\Users\Phil\Desktop\Ventrilo.lnk

[2010/11/04 17:03:00 | 000,000,262 | ---- | M] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini

[2010/11/03 19:32:33 | 000,000,219 | ---- | M] () -- C:\Users\Phil\Desktop\Left 4 Dead 2.url

========== Files Created - No Company Name ==========

[2010/11/28 16:55:27 | 000,034,560 | ---- | C] () -- C:\Windows\SysWow64\drivers\Normandy.sys

[2010/11/27 22:13:24 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/11/27 21:48:59 | 000,002,971 | ---- | C] () -- C:\Users\Phil\Desktop\HiJackThis.lnk

[2010/11/27 21:46:23 | 000,000,036 | ---- | C] () -- C:\Users\Phil\AppData\Local\housecall.guid.cache

[2010/11/27 21:36:50 | 001,243,374 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\Cat.DB

[2010/11/14 18:53:47 | 000,009,415 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymNet.cat

[2010/11/14 18:53:47 | 000,001,480 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymNet.inf

[2010/11/14 18:53:46 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtsp64.cat

[2010/11/14 18:53:46 | 000,007,401 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtspx64.cat

[2010/11/14 18:53:46 | 000,007,399 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymEFA64.cat

[2010/11/14 18:53:46 | 000,007,362 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\BHDrvx64.CAT

[2010/11/14 18:53:46 | 000,007,345 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\ccHPx64.cat

[2010/11/14 18:53:46 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymEFA.inf

[2010/11/14 18:53:46 | 000,001,836 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\ccHPx64.inf

[2010/11/14 18:53:46 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtsp64.inf

[2010/11/14 18:53:46 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtspx64.inf

[2010/11/14 18:53:46 | 000,000,640 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\BHDrvx64.inf

[2010/11/14 18:53:35 | 000,009,412 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symnetv.cat

[2010/11/14 18:53:35 | 000,001,481 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymNetV.inf

[2010/11/14 18:53:35 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\isolate.ini

[2010/11/14 17:36:22 | 000,001,572 | ---- | C] () -- C:\Users\Phil\Desktop\DivX Movies.lnk

[2010/11/14 17:36:09 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk

[2010/11/14 17:35:55 | 000,001,154 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk

[2010/11/04 17:03:00 | 000,000,915 | ---- | C] () -- C:\Users\Phil\Desktop\Ventrilo.lnk

[2010/11/04 17:02:56 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini

[2010/11/03 19:32:33 | 000,000,219 | ---- | C] () -- C:\Users\Phil\Desktop\Left 4 Dead 2.url

[2010/10/31 22:16:13 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT

[2010/10/31 22:16:13 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

[2010/10/31 22:16:08 | 000,002,390 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk

[2010/10/17 17:20:57 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll

[2010/10/17 17:20:57 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll

[2010/10/17 17:20:57 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll

[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010/11/16 12:58:03 | 000,000,000 | ---D | M] -- C:\Users\Phil\AppData\Roaming\Cive

[2010/10/31 22:28:01 | 000,000,000 | ---D | M] -- C:\Users\Phil\AppData\Roaming\LolClient

[2010/11/27 22:36:35 | 000,000,000 | ---D | M] -- C:\Users\Phil\AppData\Roaming\Onhe

[2010/11/14 15:50:36 | 000,000,000 | ---D | M] -- C:\Users\Phil\AppData\Roaming\uTorrent

[2009/07/14 00:08:49 | 000,005,164 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:359B3BDA

< End of report >

Link to post
Share on other sites

Please let me know how things are after the following fix.

OTL FIX

------------

We need to run an OTL Fix

  1. Please reopen otlDesktopIcon.png on your desktop.
  2. Copy and Paste the following code into the customFix.png textbox.
    :otl
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    [2010/11/16 12:58:03 | 000,000,000 | ---D | M] -- C:\Users\Phil\AppData\Roaming\Cive
    [2010/11/27 22:36:35 | 000,000,000 | ---D | M] -- C:\Users\Phil\AppData\Roaming\Onhe

    :commands
    [emptytemp]


  3. Push runFixbutton.png
  4. OTL may ask to reboot the machine. Please do so if asked.
  5. Click btnOK.png.
  6. A report will open. Copy and Paste that report in your next reply.

Link to post
Share on other sites

All processes killed

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.

C:\Users\Phil\AppData\Roaming\Cive folder moved successfully.

C:\Users\Phil\AppData\Roaming\Onhe folder moved successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Phil

->Temp folder emptied: 652196 bytes

->Temporary Internet Files folder emptied: 118510 bytes

->Java cache emptied: 0 bytes

->Google Chrome cache emptied: 229892758 bytes

->Flash cache emptied: 2332 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 9266 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 49621 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 220.00 mb

OTL by OldTimer - Version 3.2.17.3 log created on 11302010_143738

Files\Folders moved on Reboot...

C:\Users\Phil\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File\Folder C:\Windows\temp\JET819D.tmp not found!

Registry entries deleted on Reboot...

Link to post
Share on other sites

Sorry about taking so long to respond. I'm unsure of what you mean by the Phil userprofile being loaded.

I can look into the Phil desktop folder and see the files in there, that is, the icons. It should be mentioned that before this virus issue, I was able to send icons to my desktop. That is, I could right click and send it to the desktop as a short cut. Oddly enough now, the only "icons" remaining are my Windows Dock and a roxio cd burn icon.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.